main

Attack Types & VectorsSecurity

What’s Lurking in Your CDN?

October 30, 2015 — by Patrick McNeil1

I was able to get to DerbyCon V this year for the first time – an annual conference founded by David Kennedy that is held at the end of September in Louisville, KY.  One of the talks that I attended was also given at Blackhat 2015, “Bypass Surgery – Abusing Content Delivery Networks with Server Side Request Forgery, Flash, and DNS” by Mike Brooks from Bishop Fox and Matthew Bryant from Uber.

Security

Beyond Free Calls — Protecting Your Business from Phone System Fraud

September 8, 2014 — by Patrick McNeil3

Denial of Service (DoS) has reigned as the most headline-grabbing network attack over the past three years.  However, the truth is that attacks come in all different flavors ranging from Distributed DoS (DDoS) to low-volume application-layer attacks that target user credentials, financial information, trade secrets, or abuse of services to commit fraud.  At the application layer we most often think of HTTP, however, there are almost an immeasurable number of Layer 7 applications available for exploit.