Jan 28 2013
A popular ESPN app appears to be affected by two security issues. A cross-site scripting (XSS) flaw in the ESPN ScoreCenter app could be exploited to circumvent access controls to gain access to user data. The app is also reportedly vulnerable to an attack that could expose account usernames and passwords, which could be problematic…..
Continue Reading
Nov 8 2012
We covered penetration testing, its types and benefits in our previous posts. In this post, we will deal with phases of penetration testing. As already explained, a penetration test should closely mimic the activities of an attacker. The test is carried out typically in three phases, namely: 1. Pre-attack Phase 2. Attack Phase 3. Post-attack…..
Continue Reading
Nov 7 2012
If we search in internet for types of penetration testing, we may mainly land up in getting two sources of classification as given below: The first source classifies penetration testing as “Internal” and “External” types and they talk about the variations of these types of testing based on the information available to the testing team…..
Continue Reading