all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode Ep. 173 - Enumeration Attacks!

Add to bookmarks
May 24, 2022, 6 p.m. |

Absolute AppSec absoluteappsec.com

Yet ANOTHER episode of Absolute AppSec with Seth and Ken! User enumeration vulnerabilities are the order of the day. Seth digs in on an interesting #talesfromconsulting where security questions, and the different way they appeared for real users and invalid users, revealed valid user accounts on an application. Further enumeration flaws using WAF bypasses in production systems. A story from Ken on a case where an application only checked that password-reset token was valid, but not tied to an account, …

attacks enumeration

Visit resource

More from absoluteappsec.com / Absolute AppSec

Episode 241 - Secure Defaults, Using LLMs for Code Review 2 days, 6 hours ago | absoluteappsec.com
code code review listening llms +9
Episode 240 - Code Smells, XZ Backdoor, Hallucinations 1 week, 2 days ago | absoluteappsec.com
backdoor code code review conferences +16
Episode 239 - AppSec Intel, CVEs, Authorization 3 weeks, 2 days ago | absoluteappsec.com
applications appsec authorization blog +18
Episode 238 - AppSec vs. Enterprise Sec, Supply Chain Tool Analysis 4 weeks, 2 days ago | absoluteappsec.com
analysis application appsec back +14
Episode 237 - Security 101, Nation State Hackers, Malicious Code 1 month ago | absoluteappsec.com
breaches chinese code hackers +10
Episode 236 - Memory Safe Languages, LLM Supply Chain Security 1 month, 1 week ago | absoluteappsec.com
back basics internet languages +16
Episode 235 - 2023 Top 10 Web Hacking Techniques, LLM Agent Hacking 1 month, 4 weeks ago | absoluteappsec.com
agent digest dynamic engine +10
Episode 234 - Password Analysis, GitHub Copilot 2 months ago | absoluteappsec.com
administrators analysis copilot github +7
Episode 233 - Scammers, Deep Fakes, Data Exposure 2 months, 1 week ago | absoluteappsec.com
apps appsec article can +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN
View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico
View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London
View on infosec-jobs.com
View more jobs