POSTS
Creating Mayhem: Crashing MP3gain for Fun and CVEs
Creating Mayhem: Crashing for Fun and Profit The team at VDA Labs has been involved with hunting for vulnerabilities in software using a variety of methods for over 20 years. We use manual review, automated dynamic, and static analysis. One of our favorite ways to dig for really interesting flaws is fuzzing (we literally helped…
Read MoreAll of Your Data are Belong To Us: The Art of Imaging and Analysis
All of Your Data are Belong To Us: The Art of Imaging and Analysis VDA labs is brought into many different types of situation where a client may want imaging and analysis. From diagnosing patient zero during a malware outbreaks to employee espionage taking system images and doing analysis is a important part of the…
Read More
Why Business Email Compromise will Ruin your Business
Introduction: In the digital age, businesses are increasingly reliant on email communication for their daily operations. However, this dependence comes with significant risks, especially from a pervasive threat known as Business Email Compromise (BEC). This post delves into the reasons why BEC is not just a minor inconvenience but a serious threat that can ruin…
Read More
BurpSuite Pro Extensions: Some Favorites
Part of our internal mentoring and training culture at VDA includes Lunch and Learn events where engineers share helpful information about a relevant security topic. This past week, several of us discussed our favorite BurpSuite extensions, which are helpful additions during our various AppSec or IoT assessments. Extensions can be added to BurpSuite Pro by…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 4
Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 4 of a multi-part series covering a variety of topics, including the following items:…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 3
Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 3 of a multi-part series covering a variety of topics, including the following items:…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 5
Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 5 of a multi-part series covering a variety of topics, including the following items:…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 6
Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 6 of a multi-part series covering a variety of topics, including the following items:…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 7
No More Secrets: Logging Made Easy Through Graylog Part 7 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 7 of a multi-part…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 2
Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer series that VDA Labs is writing on Graylog. This is part 2 of a multi-part series covering a variety of topics, including the following items:…
Read MoreNo More Secrets: Logging Made Easy Through Graylog Part 1
Logging Made Easy Through Graylog Part 1 Logging is an important piece of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This is the start of a long series that VDA Labs is writing on Graylog. This will be a multi-part series covering a variety of topics including…
Read MoreLow-Hanging Fruit Series: Permissions
At VDA Labs we work with a variety of companies both large and small. During our engagements, we see many of the same reoccurring issues that allow us access to systems. To help combat these threats VDA is starting a blog series we are calling “Low-Hanging Fruit”. Throughout this series we will be talking about…
Read More- « Previous
- 1
- 2
- 3
- Next »