| Oracle GlassFish Server 3.1.1 Cross Site Request Forgery |
|
Roberto Suggi Liverani |
Advisory |
19 Apr 2012 |
View |
| Oracle GlassFish Server 3.1.1 Multiple Cross Site Scripting Vulnerabilities |
|
Roberto Suggi Liverani |
Advisory |
19 Apr 2012 |
View |
| Adrian Hayes To Speak At OWASP AppSec Asia Pacific 2012 |
OWASP AppSec Asia Pacific |
|
News |
14 Apr 2012 |
View |
| Paul Craig Will Be Speaking At Syscan 2012 |
Syscan 2012 |
|
News |
20 Mar 2012 |
View |
| Mozilla Firefox ‘shlwapi.dll’ Use-after-free |
|
Scott Bell and Blair Strang |
Advisory |
14 Mar 2012 |
View |
| Scott Bell and Roberto Suggi Liverani To Present At HITB Amsterdam |
Hack In The Box 2012 |
|
News |
02 Mar 2012 |
View |
| AVID Media Composer Phonetic Indexer Remote Stack Buffer Overflow |
|
Nick Freeman |
Advisory |
29 Nov 2011 |
View |
| Final Draft 8 Multiple Stack Buffer Overflows |
|
Nick Freeman |
Advisory |
29 Nov 2011 |
View |
| Muster Render Farm Management System Arbitrary File Download |
|
Nick Freeman |
Advisory |
29 Nov 2011 |
View |
| StoryBoard Quick 6 Stack Buffer Overflow |
|
Nick Freeman |
Advisory |
29 Nov 2011 |
View |
| Hacking Hollywood |
Ruxcon 2011 |
Nick Freeman |
Presentation |
19 Nov 2011 |
View |
| Anton Bolshakov to Present at ZeroNights |
ZeroNights 2011 |
|
News |
18 Nov 2011 |
View |
| Nick Freeman To Present At Ruxcon 2011 |
Ruxcon 2011 |
|
News |
11 Nov 2011 |
View |
| Destination Search Admin Console Access Control Bypass |
|
Drew Calcott |
Advisory |
13 Oct 2011 |
View |
| Security-Assessment.com Kiwicon V Presentations |
Kiwicon V |
|
News |
13 Oct 2011 |
View |
| Metasploit Modules Released by Blair Strang and Nick Freeman |
Metasploit Framework |
|
News |
22 Sep 2011 |
View |
| Wordpress 3.1.2 and Prior Clickjacking Susceptibility |
|
Andrew Horton |
Advisory |
20 Sep 2011 |
View |
| Clickjacking for Shells |
OWASP Wellington, New Zealand Chapter Meeting |
Andrew Horton |
Presentation |
20 Sep 2011 |
View |
| Adobe RoboHelp 9 DOM XSS |
|
Roberto Suggi Liverani |
Advisory |
11 Aug 2011 |
View |
| Paul Craig To Present at DEFCON 19 |
DEFCON 19 |
|
News |
08 Aug 2011 |
View |
| Internet Kiosk Terminals |
DEFCON 19 |
Paul Craig |
Presentation |
08 Aug 2011 |
View |
| ICONICS WebHMI ActiveX Stack Overflow |
|
Scott Bell and Blair Strang |
Advisory |
28 Apr 2011 |
View |
| OWASP New Zealand Day 2011 Announced |
OWASP |
|
News |
20 Apr 2011 |
View |
| Bridging the Gap - Security and Software Testing |
ANZTB Test Conference 2011 |
|
News |
28 Mar 2011 |
View |
| Bridging the Gap - Security and Software Testing |
ANZTB Test Conference |
Roberto Suggi Liverani |
Presentation |
28 Mar 2011 |
View |
| Oracle WebLogic Session Fixation Via HTTP POST Request |
|
Roberto Suggi Liverani |
Advisory |
09 Mar 2011 |
View |
| BroadWorks Call Detail Record Disclosure Vulnerability |
|
Nick Freeman |
Advisory |
02 Nov 2010 |
View |
| Oracle JRE java.net.URLConnection SOP Bypass |
|
Roberto Suggi Liverani |
Advisory |
18 Oct 2010 |
View |
| Oracle Siebel eBusiness Application Multiple Cross Site Scripting |
|
Roberto Suggi Liverani |
Advisory |
18 Oct 2010 |
View |
| Oracle Sun Java System Web Server HTTP Response Splitting |
|
Roberto Suggi Liverani |
Advisory |
18 Oct 2010 |
View |
| Leveraging XSRF with Apache Web Server “Compatibility with older browser” feature and Java Applet |
|
Roberto Suggi Liverani |
Whitepaper |
18 Oct 2010 |
View |
| PCI DSS – Illuminating the Grey |
Security-Assessment.com Breakfast Briefing |
Roger Greyling |
Presentation |
25 Aug 2010 |
View |
| Forensics – What to do when you get Hacked |
Security-Assessment.com Breakfast Briefing |
Paul Craig |
Presentation |
25 Aug 2010 |
View |
| Microsoft Help 'Locked File' Bypass |
|
Paul Craig |
Advisory |
23 Jun 2010 |
View |
| Skype URI Handler Input Validation |
|
Paul Craig |
Advisory |
10 May 2010 |
View |
| Cross Context Scripting with Firefox |
|
Roberto Suggi Liverani |
Whitepaper |
21 Apr 2010 |
View |
| Exploiting Cross Context Scripting Vulnerabilities in Firefox |
|
Nick Freeman |
Whitepaper |
21 Apr 2010 |
View |
| Multiple Adobe Products XML External Entity and XML Injection |
|
Roberto Suggi Liverani |
Advisory |
22 Feb 2010 |
View |
| ChemviewX ActiveX Multiple Stack Overflows |
|
Paul Craig |
Advisory |
11 Feb 2010 |
View |
| Fixed lines vulnerable to attack |
TechDay |
|
News |
02 Feb 2010 |
View |
| Yoono Firefox Extension Privileged Code Injection |
|
Nick Freeman |
Advisory |
13 Jan 2010 |
View |
| Zero-day vulnerabilities in Firefox extensions discovered |
Help Net Security |
|
News |
20 Nov 2009 |
View |
| Security-Assessment Uncovers DSL Vulnerabilities |
Scoop.co.nz |
|
News |
20 Nov 2009 |
View |
| Case Study - Direct Payment Solutions assured of greater data integrity on credit card transactions |
|
Security-Assessment.com |
Whitepaper |
25 Sep 2009 |
View |
| Browser extensions may be used by cybercriminals |
Digital Journal |
|
News |
08 Sep 2009 |
View |
| Browser extensions may be used for attacks |
ZDNet |
|
News |
03 Sep 2009 |
View |
| Update Scanner Firefox Extension Privileged Code Injection |
|
Roberto Suggi Liverani |
Advisory |
25 Aug 2009 |
View |
| CoolPreviews Firefox Extension Privileged Code Injection |
|
Roberto Suggi Liverani |
Advisory |
25 Aug 2009 |
View |
| WizzRSS Firefox Extension Privileged Code Injection |
|
Nick Freeman |
Advisory |
24 Aug 2009 |
View |
| Feed Sidebar Firefox Extension Privileged Code Injection |
|
Nick Freeman |
Advisory |
24 Aug 2009 |
View |
| ScribeFire Firefox Extension Privileged Code Injection |
|
Nick Freeman |
Advisory |
24 Aug 2009 |
View |
| Abusing Firefox Extensions |
Defcon 17 |
Nick Freeman and Roberto Suggi Liverani |
Presentation |
14 Aug 2009 |
View |
| The unwelcome guest in your machine |
TechDay |
|
News |
01 Aug 2009 |
View |
| CodeScan takes security scanning to the masses |
Computerworld |
|
News |
22 Jul 2009 |
View |
| Payments firm backs card security standard |
Computerworld |
|
News |
10 Jul 2009 |
View |
| Google Analytics Stored Cross Site Scripting |
|
Roberto Suggi Liverani |
Advisory |
08 Dec 2008 |
View |
| Linux beats Windows for kiosk security, says developer |
Computerworld |
|
News |
01 Dec 2008 |
View |
| None More Black - The Dark Side Of SEO |
Ruxcon 2008 |
Roberto Suggi Liverani |
Presentation |
29 Nov 2008 |
View |
| Kiwi hacker develops kiosk attack tool |
Computerworld |
|
News |
24 Nov 2008 |
View |
| Kiwi security pros claim DSL is vulnerable |
Computerworld |
|
News |
18 Nov 2008 |
View |
| CodeScan targets US with security audit apps |
Computerworld |
|
News |
12 Nov 2008 |
View |
| Opera Stored Cross Site Scripting |
|
Roberto Suggi Liverani |
Advisory |
28 Oct 2008 |
View |
| Multiple Flash Authoring Heap Overflows |
|
Paul Craig |
Advisory |
16 Oct 2008 |
View |
| Black SEO Exposed |
Kiwicon 2008 |
Roberto Suggi Liverani |
Presentation |
26 Sep 2008 |
View |
| Phree As In Phone Call |
Kiwicon 2008 |
John McColl |
Presentation |
26 Sep 2008 |
View |
| Waste Not, Want Not |
Kiwicon 2008 |
Nick Freeman |
Presentation |
26 Sep 2008 |
View |
| Kiwi's Defcon contest challenges AV vendors |
Computerworld |
|
News |
19 Aug 2008 |
View |
| Acrobat Distiller Malformed "joboptions" File |
|
Paul Craig |
Advisory |
05 May 2008 |
View |
| SugarCRM Local File Disclosure |
|
Roberto Suggi Liverani |
Advisory |
29 Apr 2008 |
View |
| Crackstation |
BlackHat Europe 2008 |
Nick Breese |
Presentation |
27 Mar 2008 |
View |
| GCSB clamps down on government networks |
Computerworld |
|
News |
25 Feb 2008 |
View |
| Adobe PDF exploit infects 'many thousands,' says researcher |
Computerworld |
|
News |
12 Feb 2008 |
View |
| Risky Business podcast - x.25 security |
ITRadio.com.au |
|
News |
17 Jan 2008 |
View |
| Datacraft acquires Security-Assessment.com |
|
|
News |
14 Jan 2008 |
View |
| Playstation hacker’s dream |
theAge.com.au |
|
News |
29 Nov 2007 |
View |
| Kiwicon in detail |
SearchSecurity |
|
News |
23 Nov 2007 |
View |
| Intrusion Detection - This Is Not The Packet You Are Looking For |
Kiwicon 2007 |
Declan Ingram |
Presentation |
17 Nov 2007 |
View |
| SCADA - Fear, Uncertainty, and the Digital Armageddon |
NZISF Breakfast 2007 |
Morgan Marquis-Boire |
Presentation |
11 Nov 2007 |
View |
| Information Security Industry Overview |
TPN Meeting, Auckland |
Peter Benson |
Presentation |
11 Nov 2007 |
View |
| Payment Card Industry Data Security Standards |
NZISF Breakfast 2007 |
Carl Grayson |
Presentation |
11 Nov 2007 |
View |
| Classroom breaches of top enterprises spur industry debate |
Computerworld |
|
News |
19 Oct 2007 |
View |
| Cart32 Arbitrary File Download |
|
Paul Craig |
Advisory |
10 Oct 2007 |
View |
| ZDNet security news |
ITRadio.com.au |
|
News |
01 Oct 2007 |
View |
| Experts cast doubts on Chinese hacking scare |
Computerworld |
|
News |
24 Sep 2007 |
View |
| Data-breach guidelines welcomed — by govt, at least |
Computerworld |
|
News |
07 Sep 2007 |
View |
| Ethical hackers doubt ethical hacking |
MIS Financial Review |
|
News |
07 Sep 2007 |
View |
| Privacy Commissioner boosts breach disclosure drive with guidelines |
Computerworld |
|
News |
27 Aug 2007 |
View |
| Credit card security standard largely ignored |
SearchSecurity |
|
News |
02 Aug 2007 |
View |
| Pregnant pause OK for Microsoft |
theAge.com.au |
|
News |
13 Jul 2007 |
View |
| Tippingpoint IPS Signature Evasion |
|
Paul Craig |
Advisory |
11 Jul 2007 |
View |
| Multiple .NET Null Byte Injection Vulnerabilities |
|
Paul Craig |
Advisory |
11 Jul 2007 |
View |
| Next Generation .NET Vulnerabilities |
Syscan 2007 |
Paul Craig |
Presentation |
03 Jul 2007 |
View |
| Social Engineering - Attacks Against People |
Human Factors In Security 2007 |
Declan Ingram |
Presentation |
01 Jul 2007 |
View |
| Incident Management |
Brightstar 12th Annual IT Security Summit 2007 |
Carl Grayson |
Presentation |
01 Jul 2007 |
View |
| Web Application Security - Methods and Demos of Attacks |
Brightstar 12th Annual IT Security Summit 2007 |
Paul Craig |
Presentation |
01 Jul 2007 |
View |
| Secure Web Applications |
Cyber Crime In Focus 2006 |
Declan Ingram |
Presentation |
01 Jul 2007 |
View |
| New Trojan shows return of script kiddies |
Computerworld |
|
News |
29 Jun 2007 |
View |
| Data-breach disclosure law gets thumbs-up from IT |
Computerworld |
|
News |
05 Jun 2007 |
View |
| NZ security guru calls for data breach disclosure |
Computerworld |
|
News |
26 Mar 2007 |
View |
| EasyMail Objects EasyMail IMAP - Connect Method Stack Overflow |
|
Paul Craig |
Advisory |
16 Feb 2007 |
View |
| Lizardtech DjVu Browser Plugin - Multiple Buffer Overflows |
|
Brett Moore |
Advisory |
15 Feb 2007 |
View |
| (MS07-005) Microsoft Interactive Training - Buffer Overflow |
|
Brett Moore |
Advisory |
14 Feb 2007 |
View |
| DEMO woman scopes New Zealand tech |
Computerworld |
|
News |
07 Feb 2007 |
View |
| Auditor warns: Beware of security vendors selling PCI compliance |
Computerworld |
|
News |
30 Jan 2007 |
View |
| PCIDSS Compliance Products Require Diligence |
SANS NewsBites |
|
News |
23 Jan 2007 |
View |
| Simplifying the Payment Card Industry Data Security Standard |
|
Security-Assessment.com |
Whitepaper |
01 Jan 2007 |
View |
| HyperAccess - Multiple Vulnerabilities |
|
Brett Moore |
Advisory |
19 Dec 2006 |
View |
| SiteKiosk - File System Access |
|
Brett Moore |
Advisory |
19 Dec 2006 |
View |
| ColdFusion MX7 - Multiple Vulnerabilities |
|
Brett Moore |
Advisory |
19 Dec 2006 |
View |
| Asterisk Remote Unauthenticated Heap Overflow |
|
Adam Boileau |
Advisory |
19 Oct 2006 |
View |
| Security conference to debut Windows firewire crack |
theAge.com.au |
|
News |
19 Sep 2006 |
View |
| Hit by a Bus: Physical Access Attacks with Firewire |
Ruxcon 2006 |
Adam Boileau |
Presentation |
06 Sep 2006 |
View |
| Unpacking Malware, Trojans and Worms: PE Packers Used in Malicious Software |
Ruxcon 2006 |
Paul Craig |
Presentation |
01 Sep 2006 |
View |
| Low Down and Dirty: Anti-Forensic Rootkits |
Ruxcon 2006 |
Darren Bilby |
Presentation |
01 Sep 2006 |
View |
| Access over Ethernet: Insecurities in AoE |
Ruxcon 2006 |
Morgan Marquis-Boire |
Presentation |
01 Sep 2006 |
View |
| Wireless Networks: Success, Failure & Insecurity |
Sydney Breakfast Brief 2006 |
Adam Boileau |
Presentation |
01 Sep 2006 |
View |
| Practical WLAN Attack & Defense: A Pragmatic Hacker's Primer |
802.1x Roadshow 2006 |
Adam Boileau |
Presentation |
01 Sep 2006 |
View |
| Defeating Live Windows Forensics |
Auscert Security Conference 2006 |
Darren Bilby |
Presentation |
01 Sep 2006 |
View |
| Access over Ethernet: Insecurities in AoE |
|
Carl Purvis and Morgan Marquis-Boire |
Whitepaper |
21 Aug 2006 |
View |
| VMware Possible Incorrect Permissions On SSL Key Files |
|
Nick Breese |
Advisory |
25 Jul 2006 |
View |
| (MS06-034) ASP.DLL Include File Buffer Overflow |
|
Brett Moore |
Advisory |
19 Jul 2006 |
View |
| Kiwi security expert finds flaw in Skype |
Computerworld |
|
News |
06 Jun 2006 |
View |
| Skype - URI Handler Command Switch Parsing |
|
Brett Moore |
Advisory |
22 May 2006 |
View |
| Training lags in race to secure the enterprise |
Computerworld |
|
News |
09 May 2006 |
View |
| CodeScan formalises distro deal with Security-Assessment.com |
Computerworld |
|
News |
07 Apr 2006 |
View |
| Rootkits - Advanced Malware |
BrightStar 11th Annual IT Security Summit 2006 |
Darren Bilby |
Presentation |
01 Apr 2006 |
View |
| Violating The Corporate Database |
BrightStar 11th Annual IT Security Summit 2006 |
Dan Cornforth |
Presentation |
01 Apr 2006 |
View |
| Unifying framework for Identity Management |
Security-Assessment.com March 2006 Breakfast Seminar |
Stephan Overbeek |
Presentation |
28 Mar 2006 |
View |
| Companies pass the buck on IP protection |
Computerworld |
|
News |
02 Mar 2006 |
View |
| Information Management |
Security-Assessment.com February 2006 Breakfast Session |
Chris Joscelyne |
Presentation |
01 Mar 2006 |
View |
| Exploiting Freelist[0] On Windows XP Service Pack 2 |
|
Brett Moore |
Whitepaper |
07 Dec 2005 |
View |
| Rockliffe Express Webmail Vulnerabilities |
|
Paul Craig |
Advisory |
28 Oct 2005 |
View |
| (MS05-049) Explorer Webview - Code Execution |
|
Brett Moore |
Advisory |
11 Oct 2005 |
View |
| WebArchiveX - Unsafe Methods |
|
Brett Moore |
Advisory |
07 Sep 2005 |
View |
| Scanning tool looks to wipe out vulnerable code |
Computerworld |
|
News |
14 Jul 2005 |
View |
| (MS05-031) Buffer Over In MS Interactive Training |
|
Brett Moore |
Advisory |
14 Jun 2005 |
View |
| Invalid banking cert spooks only one user in 300 |
Computerworld |
|
News |
16 May 2005 |
View |
| Bugger The Debugger - Pre Interaction Debugger Code Execution |
|
Brett Moore |
Whitepaper |
09 Apr 2005 |
View |
| Internet Banking Security questioned |
TVNZ |
|
News |
29 Mar 2005 |
View |
| Payment card compliance deadline a boon for penetration testers |
Computerworld |
|
News |
29 Mar 2005 |
View |
| Major companies team on vulnerability rating system. |
Computerworld |
|
News |
21 Feb 2005 |
View |
| Air is thick with vulnerable wireless networks |
Computerworld |
|
News |
09 Feb 2005 |
View |
| Breaking Tradition |
Sydney Morning Herald |
|
News |
01 Feb 2005 |
View |
| SBDA - Same Bug, Different App |
Ruxcon 2005 |
Brett Moore |
Presentation |
01 Jan 2005 |
View |
| Voice over IP VOIP (In) Security |
New Zealand Information Security Forum 2005 Auckland |
Darren Bilby |
Presentation |
01 Jan 2005 |
View |
| From the Trenches (Australia) |
F5 Security Event 2005 Melbourne & Sydney |
Peter Benson |
Presentation |
01 Jan 2005 |
View |
| Internet Security and Fraud - Current Online Trends |
Financial Services Federation 2005 Risk Meeting |
Nick von Dadelszen |
Presentation |
01 Jan 2005 |
View |
| Exposing Web Vulnerabilities |
BrightStar 10th Annual IT Security Summit 2005 |
Nick von Dadelszen |
Presentation |
01 Jan 2005 |
View |
| VOIP - What You Don't Know Can Hurt You |
BrightStar 10th Annual IT Security Summit 2005 |
Darren Bilby |
Presentation |
01 Jan 2005 |
View |
| From the Trenches |
IDC's Asia/Pacific Security and Continuity Conference 2005 |
Nick von Dadelszen |
Presentation |
01 Jan 2005 |
View |
| (MS04-043) Buffer Over In HyperTerminal |
|
Brett Moore |
Advisory |
15 Dec 2004 |
View |
| Hackers exploit critical Winamp flaw - VUNET.com |
V3.co.uk |
|
News |
30 Nov 2004 |
View |
| WinAmp blows another security fuse |
Computerworld |
|
News |
25 Nov 2004 |
View |
| SecureCRT - Remote Command Execution |
|
Brett Moore |
Advisory |
23 Nov 2004 |
View |
| Winamp IN_CDDA Buffer Overflow |
|
Brett Moore |
Advisory |
23 Nov 2004 |
View |
| (MS04-032) SetWindowLong() Shatter Attacks |
|
Brett Moore |
Advisory |
14 Oct 2004 |
View |
| (MS04-033) Buffer Over In Microsoft Excel |
|
Brett Moore |
Advisory |
14 Oct 2004 |
View |
| Feeling Vulnerable? Try Assessment Tools |
CSO |
|
News |
27 Jul 2004 |
View |
| (MS04-023) CHM File Heap Overflow |
|
Brett Moore |
Advisory |
14 Jul 2004 |
View |
| 0x00 vs ASP File Uploads |
|
Brett Moore |
Whitepaper |
13 Jul 2004 |
View |
| (MS04-022) Unchecked Buffer In mstask.dll |
|
Brett Moore |
Advisory |
14 Jun 2004 |
View |
| (MS04-011) Utility Manager Loads Winhlp32 As SYSTEM |
|
Brett Moore |
Advisory |
14 Apr 2004 |
View |
| Wireless Security |
NZ Computer Society |
Nick von Dadelszen |
Presentation |
01 Jan 2004 |
View |
| A Day in the Life of a Hacker |
BrightStar IT Security Conference 2004 |
Brett Moore |
Presentation |
01 Jan 2004 |
View |
| (MS03-051) FrontPage Extensions Remote Command Execution |
|
Brett Moore |
Advisory |
11 Nov 2003 |
View |
| (MS03-045) Listbox and ComboBox Overflow Advisory |
|
Brett Moore |
Advisory |
15 Oct 2003 |
View |
| (MS03-028) ISA Server XSS Advisory |
|
Brett Moore |
Advisory |
16 Jul 2003 |
View |
| (MS03-022) Windows Media Services Overflow #2 Advisory |
|
Brett Moore |
Advisory |
25 Jun 2003 |
View |
| (MS03-019) Windows Media Services Overflow #1 Advisory |
|
Brett Moore |
Advisory |
30 May 2003 |
View |
| A Step into the Computer Underworld |
BrightStar IT Security Conference 2003 |
Brett Moore |
Presentation |
01 Jan 2003 |
View |
