Staples Canada – The IDOR that just kept giving

Some of you are probably wondering, WHAT ON EARTH IS IDOR? IDOR, or insecure direct object reference, is a common vulnerability that is sometimes misunderstood by even some of the most seasoned security professional. The basic concept is that a user-controlled parameter is used to directly reference and access a resource, but the application does…Continue reading Staples Canada – The IDOR that just kept giving

FireEye HX Bypass – Have you tested your security tools lately?

* Updated October 13, 2020 In 2019, we were asked by some of our clients to perform an insider threat assessment to help them better understand their attack surface if a single system on their network were to be compromised. This is not a typical penetration test because we were given an asset, knowledge of…Continue reading FireEye HX Bypass – Have you tested your security tools lately?