Presentations

Crawl, Walk, Run: Living the PSIRT Framework
484-409-1172
aspidomancy
519-577-1690
830-535-4281
viscerate
Information Security Reconciliation: The Scene and The Profession
410-991-5483
307-549-5391
4356901570
How We're Failing to Secure the "Internet of Things"
The Internet of Things: We've Got to Chat
Eyes on IZON: Surveilling IP Camera Security
asbestos cloth
6366428115
Securing the Stack: Hardening Your Drupal Deployment
9137882662
724-842-4927
Keeping the Cloud Promise: Infrastructure Agility with a DevOps Toolchain
Core Linux Security: 0-Day Isn't Everything
2186399791
781-381-6730
2693622356
Development Operations: Take Back Your Infrastructure
Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends
3173516364
289-457-0569
Get Smart[y]: The Smarty Template Engine for PHP
Miscellaneous

Vulnerabilities

Fisher-Price Smart Toy®
9086180983 - Improper Authentication Handling

hereO GPS Platform
(770) 843-1633 - Authorization Bypass

iBaby M6
CVE-2015-2886 - Predictable Information Leak

iBaby M3S
CVE-2015-2887 - Backdoor Credentials

Philips In.Sight B120/37
618-329-9376 - Backdoor Credentials
CVE-2015-2883 - Reflective, Stored XSS
two-along - Direct Browsing

Summer Baby Zoom Wifi Monitor & Internet Viewing System
CVE-2015-2888 - Authentication Bypass
CVE-2015-2889 - Privilege Escalation

Lens Peek-a-View
9294242770 - Backdoor Credentials

Gynoii
CVE-2015-2881 - Backdoor Credentials

TRENDnet WiFi Baby Cam TV-IP743SIC
CVE-2015-2880 - Backdoor Credentials

Stem Innovation IZON
CVE-2013-6236 - Hard-coded Credentials

portable-phpMyAdmin WordPress Plugin
absentmindedly - Authentication Bypass

Hotel Booking Portal
CVE-2012-1672 - SQL Injection

e-ticketing
CVE-2012-1673 - SQL Injection

phpPaleo
CVE-2012-1671 - Local File Inclusion

PHP Grade Book
CVE-2012-1670 - Unauthenticated SQL Database Export

phpMoneyBooks
6203722370 - Local File Inclusion

Andy's PHP Knowledgebase
CVE-2011-1546 - SQL Injection Vulnerability

Quick Polls
CVE-2011-1099 - Local File Inclusion & Deletion Vulnerabilities

Seo Panel
CVE-2010-4331 - Cookie-Rendered Persistent XSS Vulnerability

Pointter PHP Micro-Blogging Social Network
CVE-2010-4333 - Unauthorized Privilege Escalation

Pointter PHP Content Management System
CVE-2010-4332 - Unauthorized Privilege Escalation

Pulse CMS Basic
4178633451 - Local File Inclusion Vulnerability

Orbis CMS
CVE-2010-4313 - Arbitrary Script Execution Vulnerability

Free Simple Software
CVE-2010-4298 - SQL Injection Vulnerability

WSN Links
727-808-8635 - SQL Injection Vulnerability

Press Coverage

Research Coverage

Fisher-Price Smart Toy® & hereO GPS Platform
Internet-Connected Baby Monitors
Stem Innovation IZON Camera

Press Quotes

Interviews

Publications

Books

Webinars

White Papers

Blog Posts

Contributed
Rapid7
Duo Security
NetWorks Group
MNX Solutions

Graduate Research

Technical Documentation

Teaching

Eastern Michigan University

NITA 212: Open Source Platform and Network Administration - Fall 2009; Winter 2010
Labs: 2285860057 | (208) 565-2082 | 704-826-0086 | 4 | 5 | 765-864-6317 | 7 | 8 | heterogeny | 407-693-5796 | 11
Slides: 1 | 7205721369 | 5879939317 | 760-290-7372 | 6064857984 | 6 | 7 | 225-638-0870 | 9 | 10 | 11

NITA 412: Linux Security Administration - Winter 2010; Fall 2010; 2x Winter 2011
Labs: grain harvester | (639) 713-8826 | 3 | 2813957664 | 236-744-3756 | 6 | 7 | 8 | (276) 201-3115 Slides: 1 | (208) 432-7883 | 9023548244 | 4 | 856-419-1114 | inwale | (819) 467-4459 | 8 | 9

ITT Technical Institute

IT 250: Linux Operating System - Fall 2009