-
(CVE-2017-14020) Automation Direct Multiple Software Vulnerabilities
Background: In late July 2017, I discovered vulnerabilities in a number of AutomationDirect’s industrial control products, particularly around the programming and interaction software. These vulnerabilities can be exploited by placing a crafted DLL file in the software search path which is loaded prior to a valid DLL, allowing an attacker to hijack the DLL and […]
-
Your broker is a pimp…
The year was 1999; what an awesome year!! The Y2K bug made us all rich (or poor)… we all started to see dead people using our Sixth Sense … and primary coloured drugs became all the rage as we followed the white rabbit into The Matrix. On top of all that excitement, a couple of […]
-
Obfuscation is no longer sexy
I know I like to spin a good yarn and write war and peace on subjects; it’s a bad habit. So for something different I will keep this post short and sweet. When it comes to passwords, we are all lazy. Passwords are a pain in the proverbial, and that “remember password” prompt we get […]