Month: March 2013

Who are We: James Jardine

To continue on with the series of “who we are” here at secure ideas, here is the second profile post. Please feel free to reach out to each of us with any comments or questions you may have! Who am I: James Jardine, Principal Security Consultant at Secure Ideas. What do I do at Secure …

Who are We: James Jardine Read More »

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed

Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information.  The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information.  Kevin Johnson, CEO, …

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed Read More »

Looking for Malicious PHP Files

A while back I had to deal with a compromised web server for some folks.  They had some WordPress sites with a vulnerable plugin and found that attackers were putting up malicious web pages for other victims to view.  The owners of the sites were understandably upset. The malicious files names didn’t follow much of …

Looking for Malicious PHP Files Read More »

Admin Consoles, Default Creds, and Sweet Pwnage

When performing internal network penetration tests, one thing that really gets us excited is finding administrative consoles.  Tomcat and PHPMyAdmin are two of the most common that I’ve found from my experience.  The reason we get excited is that many of these consoles have never had the default credentials changed.  Why?  Because they’re on the …

Admin Consoles, Default Creds, and Sweet Pwnage Read More »

Scroll to Top