all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode 173 - Enumeration Attacks!

Add to bookmarks
May 24, 2022, 6 p.m. |

Absolute AppSec absoluteappsec.com

Yet ANOTHER episode of Absolute AppSec with Seth and Ken! User enumeration vulnerabilities are the order of the day. Seth digs in on an interesting #talesfromconsulting where security questions, and the different way they appeared for real users and invalid users, revealed valid user accounts on an application. Further enumeration flaws using WAF bypasses in production systems. A story from Ken on a case where an application only checked that password-reset token was valid, but not tied to an account, …

attacks enumeration enumeration attacks

Visit resource

More from absoluteappsec.com / Absolute AppSec

Episode 243 - w/ Bryan Schmidt 2 weeks, 3 days ago | absoluteappsec.com
absolute appsec bryan engineering +14
Episode 242 - LLMs Exploiting Vulns, State of DevSecOps 3 weeks, 3 days ago | absoluteappsec.com
analysis article autonomous backing +13
Episode 241 - Secure Defaults, Using LLMs for Code Review 1 month ago | absoluteappsec.com
code code review listening llms +9
Episode 240 - Code Smells, XZ Backdoor, Hallucinations 1 month, 1 week ago | absoluteappsec.com
backdoor code code review conferences +16
Episode 239 - AppSec Intel, CVEs, Authorization 1 month, 3 weeks ago | absoluteappsec.com
applications appsec authorization blog +18
Episode 238 - AppSec vs. Enterprise Sec, Supply Chain Tool Analysis 1 month, 4 weeks ago | absoluteappsec.com
analysis application appsec back +14
Episode 237 - Security 101, Nation State Hackers, Malicious Code 2 months ago | absoluteappsec.com
breaches chinese code hackers +10
Episode 236 - Memory Safe Languages, LLM Supply Chain Security 2 months, 1 week ago | absoluteappsec.com
back basics internet languages +16
Episode 235 - 2023 Top 10 Web Hacking Techniques, LLM Agent Hacking 2 months, 3 weeks ago | absoluteappsec.com
agent digest dynamic engine +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

IT Security Engineer

@ People Profilers | Singapore, Singapore, Singapore
View on infosec-jobs.com

Consultant - DFIR - EMEA (SA)

@ Control Risks | Johannesburg, Gauteng, South Africa
View on infosec-jobs.com

Consultant Sénior Cyber Sécurité H/F

@ Hifield | Lyon, France
View on infosec-jobs.com