Uncategorized

Looking to cut cost? Penetration testing will save you money. Here’s why.

Due to the current health crisis (and Saudi-Russian oil price war) the global economy teeters between recession and depression, and the duration of the down turn is unclear. Smart companies are looking for ways to save money to hunker down and weather the storm. Here are 6 reasons why penetration testing will actually save you …

Looking to cut cost? Penetration testing will save you money. Here’s why.Read More »

Remote-Workforce-Security

Remote Workforce Security: Self-Assessment Questionnaire

Offering options for remote work to all employees will help slow the spread of COVID-19, but may introduce risk if not a previously supported or planned policy. This self-assessment questionnaire allows organizations to consider high priority security risks potentially introduced by implementing new remote working strategies. And ways to mitigate them.

OmniCenter 12.1.1 SQL Injection

By Luis Rios OmniCenter 12.1.1 and below (and 12.0.8 and below) is affected by an unauthenticated SQL Injection (Boolean Based Blind). The injection allows an attacker to read sensitive information from the database used by the application. Background During the course of a penetration test, we encountered the OmniCenter application.  An Internet search showed no …

OmniCenter 12.1.1 SQL InjectionRead More »

ILLUMANT #1 Bug Bounty Hunter on Alibaba

In 2018 Illumant topped the list of bug hunters for Alibaba’s bug bounty program: To see this info on Alibaba, go the following link and select the year 2018: https://security.alibaba.com/top.htm?tab=1

Vulnerability Disclosure Policy

As a provider of security solutions, services, and research, ILLUMANT takes security issues very seriously. It is our policy to work and coordinate with other vendors with regards to discovered vulnerabilities, with the intention of keeping users and customers safe. This document will share our process for disclosure. Outreach ILLUMANT will reach out to the …

Vulnerability Disclosure PolicyRead More »