OWASP Testing Guidelines 2014 In software development there are 5 stages: Define, Design, Develop, Deploy, and Maintain. OWASP released some more overall testing methodology. When to test is the question? Ideally one tests at all stages of the SDLC (Software Development Life Cycle). But where is it most optimal to test? If … Read more
Arstechnica has the story Browsers are generally designed to prevent a script from one site from being able to access content from another site. They do this by enforcing what is called the Same Origin Policy (SOP): scripts can only read or modify resources (such as the elements of a webpage) that come from the … Read more
Taosecurity has an interesting post. Is your network a jumble of wires andnetwork equipment but not yet ordered? Hiring a 19 year old hacker without an Associates degree and some hacking knowledge does not make a secure corporate environment. The ststaement by blogger Richard Bejtlich “Young has repeatedly assigned Brewer to hack into Butler’s computer system. … Read more
The computer said the following (Image below) The customer did not actually give out money, but the person on the phone was very cryptic, yet was saying your computer is bad, you have to return it etc. (Customer just bought computer-2 months ago) It says www.repair-warnings.com/computerHelp.html Please do not go to this site, as it … Read more
Krebsonsecurity has the story again. C&K Systems performs a portion of Credit card and Debit card transaction processing. The most disturbing aspect of this breach knowledge is that they did not learn anything for 18 months. The problem with the head in the sand – no problems in my backyard method of management is eventually … Read more
