On Hiring a Hacker
One could argue that there are two crises in the IT world today. The first is the seeming inability of many (or even most ?) companies to secure their IT infrastructure, and the second is the shortage of talent to […]
Joe
Affinity IT Security Is Now An EC Council Accredited Training Center (ATC)
December 19, 2017 : Randolph, NJ Affinity IT Security announced today that they are now an official EC Council Accredited Training Center (ATC), and will now be offering cybersecurity training at their offices in Randolph, NJ. Starting in January, clients […]
What is Information Leakage ?
Information Leakage (CWE-200) is a category of software vulnerabilities in which information is unintentionally disclosed to end-users, potentially aiding attackers in their efforts to breach application security. The key criteria for Information Leakage is that the exposure is unintentional and […]
How To Test For Information Leakage
If you are not familiar with the concept of Information Leakage, we suggest that you review the article entitled “What is Information Leakage ?“. Keep Your Eyes Open During Testing In my experience, you don’t do much testing for Information […]
How To Prevent Information Leakage
If you are not familiar with the concept of CSV Injection, we suggest that you review the article entitled “What is Information Leakage ?“. If you are not familiar with how to detect CSV Injection, we suggest that you review […]