Addressing the IT Skills Gap Part V: Deepening the Talent Pool

In order to strengthen the average talent in the cybersecurity labor market, we first need to address a major problem that faces the cybersecurity sector. Cybersecurity as a career field is overwhelmingly male and overwhelmingly Caucasian. In fact, according to a recent article from bankinfosecurityt.com citing government statistics, “Whites, who account for about 80 percent of the American workforce, make up 70 percent of the IT security workforce. About 7…

Addressing the IT Skills Gap Part IV: Utilizing Managed Security Services

By Jeremy Wittkop, InteliSecure CTO My previous posts have touched on hiring and cultivating talent as two of the three main strategies organizations can employ to build their cybersecurity team. Hiring well is difficult and time consuming even when cybersecurity hiring is your primary responsibility and when your business is cybersecurity. However, most people hiring cybersecurity professionals are in the business of doing something else, which makes the task of…

Addressing the IT Skills Gap Part III: Cultivating and Retaining Team Members

By Jeremy Wittkop, InteliSecure CTO For many large organizations, there are people on the inside who possess both the technical skill and the willingness to learn to become cybersecurity professionals. In order to effectively pursue this strategy, it is key to ensure that there are enough qualified and experienced team members on staff to mentor the newer professionals being groomed to fill out the team. Therefore, if you choose this…

Addressing the IT Skills Gap Part II: Hiring to Win

By Jeremy Wittkop, InteliSecure CTO “The secret of my success is that we have gone to exceptional lengths to hire the best people in the world.”  – Steve Jobs The first instinct of many executives is that they want to hire the talent they need in all aspects of their business. This approach gives the organization maximum flexibility and control with respect to those resources, but it comes at a…

Addressing the IT Skills Gap Part 1: Understanding the Current State

By Jeremy Wittkop, InteliSecure CTO People, process, and technology. Where do we turn when it is the people side of the equation we most need to address? An increasing number of organizations are asking this question as the shortage of cybersecurity talent continues to become more dire. There are more threats evolving every day and it seems there are legions of cyberattackers ranging from divisions of cyber militaries on the…

SNMPPLUX

InteliSecure continually develops new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providing SNMPv1 and v2c community dictionary attacks is will also provide username and password dictionary attacks…

Finding and Exploiting Same Origin Method Execution vulnerabilities

Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to visiting a malicious web-page which…

[IRCCloud] History and Another XSS Bug Bounty

Personally, I have been a user of IRC since 2004 on some private networks and some other well-known ones such as Freenode. However, it was always inconvenient to have to set up an IRC Bouncer, so when IRCCloud came around, I was excited to try it and see if it provided me with a method of staying connected to all the required networks without having to download a new client…

[IRCCloud] Inadequate input validation on API endpoint leading to self denial of service and increased system load

So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “to”: “#treehouse”, “msg”:”test”, “method”:”say”} I thought,…