Blog

A Week in the Life of a Pen Tester

A pen tester’s professional (and personal) life is one of great joys and great tragedies. There are ego-inflating accomplishments quickly followed by crushing sorrows. There are stacked cans of Red Bull, nights spent staring wide-eyed at a computer screen, and secretive shower crying sessions. Maybe when someone asks you “Well, what is pen testing anyway?” …

Examining The Impact Of Heartbleed

On April 10, Bishop Fox Security Analyst Tim Sapio was published in Dark Reading – hot on the tails of the discovery of the Heartbleed vulnerability. Tim discussed the vulnerability’s implications as well as how Internet users could take measures to protect themselves. Yesterday saw the beginning of the most significant breaches in Internet security …

An Introspection On Intro Security

We would like to thank everyone who read our original blog post and those of you who spent extra time examining the security and privacy issues at hand. A couple of more interesting analyses pointed out to us are from Jordan Wright and Troy Hunt – they do a great job of exploring …

LinkedIn ‘Intro’duces Insecurity

Don’t make the mistake of thinking you’re [the] customer, you’re not – you’re the product. – Bruce Schneier LinkedIn released a new product today called Intro.  They call it “doing the impossible”, but some might call it “hijacking email”.  Why do we say this?  Consider the following: Intro reconfigures your iOS device (e.g. iPhone, …

Guide to Hardening Your Firefox Browser in OS X

Your Mac systems and software might be safe – until they connect to the Internet. Here are some tips for securing Firefox in OS X. While many enterprises and end-users turn to Apple over Windows based on Apple’s reputation for security, there is little doubt that the web is the primary point of infection for …