In this day and age, the title rarely says it all. But today is different. Our CTO has become a SANS Certified Instructor, a title that not many people haveAfter years, even decades, of dedicated work, Bojan Ždrnja, CTO, pen test team le
The latest vulnerability to hit Windows got us all riled up. And rightfully so – a serious bug in the code prevents proper verification of ECC (Elliptic Curve Cryptography) certificates, and it took only few hours for people to release proof of
During one of our penetration tests we have found a critical security vulnerability in Currency Switcher for WooCommerce – the new, improved, version is out so upgrade ASAPOur intrepid researcher Luka Sikic was exploring a Currency
Our CTO Bojan Ždrnja is back with a SANS ISC blog post about testing TLSv1.3.As you could read some time ago, Bojan has already wrote about SSL/TLS configuration verification, but as the TLS (Transport Layer Security) version 1.3 is currently
One of very important steps when performing penetration tests is to verify SSL/TLS services configuration - here is how it's done.Straight from the mouth, or better still - fingertips, of our CTO Bojan Zdrnja, there is a great SANS ISC diary on
New vulnerability discovered by our pen test team member Antonio Zekić. Simple but cool. Another proof that old school stuff is still around. The vulnerability allows unauthorized directory listing as well as reading of arbitrary files as long as th