Archives

Go back to Resources
Title Event or Publication Author or Presenter Type Date
F5 Unauthenticated rsync access to Remote Root Code Execution Thomas Hibbert Advisory 29 Aug 2014 View
Aerohive Hive Manager and Hive OS Multiple Vulnerabilties Denis Andzakovic Advisory 28 Aug 2014 View
Phil Doole new leader of SA.com News 30 Jun 2014 View
New Security Consultants in SA.com, New Zealand News 07 Jun 2014 View
Accellion SFTP Satellite Remote Root Code Execution Thomas Hibbert Advisory 26 May 2014 View
Bypassing SSL Pinning on Android via Reverse Engineering Denis Andzakovic Whitepaper 19 May 2014 View
Solarwinds SAM Multiple Vulnerabilities Denis Andzakovic Advisory 03 Mar 2014 View
Zenoss Cross Site Request Forgery to Code Execution Denis Andzakovic Advisory 28 Nov 2013 View
Up.Time Agent 5.0.1 Stack Overflow Denis Andzakovic Advisory 28 Nov 2013 View
Kaseya Arbitrary File Upload Thomas Hibbert Advisory 18 Nov 2013 View
DesktopCentral Arbitrary File Upload Thomas Hibbert Advisory 18 Nov 2013 View
Up.Time Arbitrary File Upload Denis Andzakovic Advisory 18 Nov 2013 View
NagiosQL Core Config Manager SQLi Denis Andzakovic Advisory 13 Nov 2013 View
Disrupting the Norm with Supernatural Shenanigans Kiwicon VII Nick Freeman Presentation 09 Nov 2013 View
Automating Advanced XPath Injection Attacks Kiwicon VII Paul Haas Presentation 09 Nov 2013 View
ENTERPRISEENTERPRISEENTERPRISEENTERPRISE..SEGFAULT Kiwicon VII Denis Andzakovic and Thomas Hibbert Presentation 09 Nov 2013 View
Paul Craig to speak at SysScan 360 SysScan 360 - Beijing News 22 Sep 2013 View
Mozilla Firefox 'HTMLFormElement' Use-After-Free Vulnerability Scott Bell Advisory 20 Sep 2013 View
Ryan Baxendale to speak at Xcon Xcon - Beijing News 22 Aug 2013 View
Microsoft Internet Explorer ‘ellipsis’ Use-After-Free Vulnerability Scott Bell Advisory 13 Aug 2013 View
Microsoft Internet Explorer ‘UnicodeBidi’ Use-After-Free Vulnerability Scott Bell Advisory 13 Aug 2013 View
Paul Craig to speak at the Information Security Seminar A Career as a Professional Hacker News 24 Jul 2013 View
Microsoft Internet Explorer ‘CTextDisplayBox’ Use-After-Free Scott Bell Advisory 09 Jul 2013 View
Microsoft Internet Explorer ‘SetupDisplayBox’ Use-After-Free Scott Bell Advisory 11 Jun 2013 View
Microsoft Internet Explorer textNode Use-After-Free Vulnerability Scott Bell Advisory 06 Jun 2013 View
Paul Craig to speak at RSA 2013 Asia/Pacific RSA News 05 Jun 2013 View
Denis Andzakovic to speak at AusCERT AusCERT News 23 May 2013 View
Gallery Server Pro File Upload Filter Bypass Drew Calcott Advisory 14 May 2013 View
Microsoft Internet Explorer SLayoutRun Use After Free Vulnerability Scott Bell Advisory 14 Feb 2013 View
Microsoft Internet Explorer 'CObjectElement' User-After-Free Scott Bell Advisory 12 Feb 2013 View
Polycom HDX Telnet Authorization Bypass Paul Haas Advisory 24 Jan 2013 View
Paul Craig to speak at TetCon 2013 TetCon News 15 Jan 2013 View
Avant Multiple Vulnerabilities Roberto Suggi Liverani Advisory 05 Dec 2012 View
Maxthon Multiple Vulnerabilities Roberto Suggi Liverani Advisory 05 Dec 2012 View
Mozilla ‘str_unescape’ Heap Overflow Scott Bell Advisory 21 Nov 2012 View
Ghost Riders in your WLAN Kiwicon 2012 Denis Andzakovic Presentation 18 Nov 2012 View
Login Timing Attacks for Mischief and Mayhem Kiwicon 2012 Adrian Hayes Presentation 17 Nov 2012 View
A Rojak of Singapore Web Exploits OWASP Singapore Ryan Baxendale Presentation 14 Nov 2012 View
The Dos and Don'ts of Web Application Frameworks New Zealand OWASP Day 2012 Denis Andzakovic Presentation 31 Aug 2012 View
Paul Craig to speak at XCon 2012 XCon 2012 News 06 Jul 2012 View
WordPress Authenticated File Upload Authorisation Bypass Denis Andzakovic Advisory 21 Jun 2012 View
iOS Applications and the Lion City SysScan 2012 Paul Craig Presentation 29 May 2012 View
Window Shopping: Browser Bug Hunting in 2012 Hack in the Box 2012 Roberto Suggi Liverani and Scott Bell Presentation 23 May 2012 View
Oracle GlassFish Server 3.1.1 Cross Site Request Forgery Roberto Suggi Liverani Advisory 19 Apr 2012 View
Oracle GlassFish Server 3.1.1 Multiple Cross Site Scripting Vulnerabilities Roberto Suggi Liverani Advisory 19 Apr 2012 View
Adrian Hayes To Speak At OWASP AppSec Asia Pacific 2012 OWASP AppSec Asia Pacific News 14 Apr 2012 View
Paul Craig Will Be Speaking At Syscan 2012 Syscan 2012 News 20 Mar 2012 View
Mozilla Firefox ‘shlwapi.dll’ Use-after-free Scott Bell and Blair Strang Advisory 14 Mar 2012 View
Scott Bell and Roberto Suggi Liverani To Present At HITB Amsterdam Hack In The Box 2012 News 02 Mar 2012 View
AVID Media Composer Phonetic Indexer Remote Stack Buffer Overflow Nick Freeman Advisory 29 Nov 2011 View
Final Draft 8 Multiple Stack Buffer Overflows Nick Freeman Advisory 29 Nov 2011 View
Muster Render Farm Management System Arbitrary File Download Nick Freeman Advisory 29 Nov 2011 View
StoryBoard Quick 6 Stack Buffer Overflow Nick Freeman Advisory 29 Nov 2011 View
Hacking Hollywood Ruxcon 2011 Nick Freeman Presentation 19 Nov 2011 View
Anton Bolshakov to Present at ZeroNights ZeroNights 2011 News 18 Nov 2011 View
Nick Freeman To Present At Ruxcon 2011 Ruxcon 2011 News 11 Nov 2011 View
Destination Search Admin Console Access Control Bypass Drew Calcott Advisory 13 Oct 2011 View
Security-Assessment.com Kiwicon V Presentations Kiwicon V News 13 Oct 2011 View
Metasploit Modules Released by Blair Strang and Nick Freeman Metasploit Framework News 22 Sep 2011 View
Wordpress 3.1.2 and Prior Clickjacking Susceptibility Andrew Horton Advisory 20 Sep 2011 View
Clickjacking for Shells OWASP Wellington, New Zealand Chapter Meeting Andrew Horton Presentation 20 Sep 2011 View
Adobe RoboHelp 9 DOM XSS Roberto Suggi Liverani Advisory 11 Aug 2011 View
Paul Craig To Present at DEFCON 19 DEFCON 19 News 08 Aug 2011 View
Internet Kiosk Terminals DEFCON 19 Paul Craig Presentation 08 Aug 2011 View
ICONICS WebHMI ActiveX Stack Overflow Scott Bell and Blair Strang Advisory 28 Apr 2011 View
OWASP New Zealand Day 2011 Announced OWASP News 20 Apr 2011 View
Bridging the Gap - Security and Software Testing ANZTB Test Conference 2011 News 28 Mar 2011 View
Bridging the Gap - Security and Software Testing ANZTB Test Conference Roberto Suggi Liverani Presentation 28 Mar 2011 View
Oracle WebLogic Session Fixation Via HTTP POST Request Roberto Suggi Liverani Advisory 09 Mar 2011 View
BroadWorks Call Detail Record Disclosure Vulnerability Nick Freeman Advisory 02 Nov 2010 View
Oracle JRE java.net.URLConnection SOP Bypass Roberto Suggi Liverani Advisory 18 Oct 2010 View
Oracle Siebel eBusiness Application Multiple Cross Site Scripting Roberto Suggi Liverani Advisory 18 Oct 2010 View
Oracle Sun Java System Web Server HTTP Response Splitting Roberto Suggi Liverani Advisory 18 Oct 2010 View
Leveraging XSRF with Apache Web Server “Compatibility with older browser” feature and Java Applet Roberto Suggi Liverani Whitepaper 18 Oct 2010 View
PCI DSS – Illuminating the Grey Security-Assessment.com Breakfast Briefing Roger Greyling Presentation 25 Aug 2010 View
Forensics – What to do when you get Hacked Security-Assessment.com Breakfast Briefing Paul Craig Presentation 25 Aug 2010 View
Microsoft Help 'Locked File' Bypass Paul Craig Advisory 23 Jun 2010 View
Skype URI Handler Input Validation Paul Craig Advisory 10 May 2010 View
Cross Context Scripting with Firefox Roberto Suggi Liverani Whitepaper 21 Apr 2010 View
Exploiting Cross Context Scripting Vulnerabilities in Firefox Nick Freeman Whitepaper 21 Apr 2010 View
Multiple Adobe Products XML External Entity and XML Injection Roberto Suggi Liverani Advisory 22 Feb 2010 View
ChemviewX ActiveX Multiple Stack Overflows Paul Craig Advisory 11 Feb 2010 View
Fixed lines vulnerable to attack TechDay News 02 Feb 2010 View
Yoono Firefox Extension Privileged Code Injection Nick Freeman Advisory 13 Jan 2010 View
Zero-day vulnerabilities in Firefox extensions discovered Help Net Security News 20 Nov 2009 View
Security-Assessment Uncovers DSL Vulnerabilities Scoop.co.nz News 20 Nov 2009 View
Case Study - Direct Payment Solutions assured of greater data integrity on credit card transactions Security-Assessment.com Whitepaper 25 Sep 2009 View
Browser extensions may be used by cybercriminals Digital Journal News 08 Sep 2009 View
Browser extensions may be used for attacks ZDNet News 03 Sep 2009 View
Update Scanner Firefox Extension Privileged Code Injection Roberto Suggi Liverani Advisory 25 Aug 2009 View
CoolPreviews Firefox Extension Privileged Code Injection Roberto Suggi Liverani Advisory 25 Aug 2009 View
WizzRSS Firefox Extension Privileged Code Injection Nick Freeman Advisory 24 Aug 2009 View
Feed Sidebar Firefox Extension Privileged Code Injection Nick Freeman Advisory 24 Aug 2009 View
ScribeFire Firefox Extension Privileged Code Injection Nick Freeman Advisory 24 Aug 2009 View
Abusing Firefox Extensions Defcon 17 Nick Freeman and Roberto Suggi Liverani Presentation 14 Aug 2009 View
The unwelcome guest in your machine TechDay News 01 Aug 2009 View
CodeScan takes security scanning to the masses Computerworld News 22 Jul 2009 View
Payments firm backs card security standard Computerworld News 10 Jul 2009 View
Google Analytics Stored Cross Site Scripting Roberto Suggi Liverani Advisory 08 Dec 2008 View
Linux beats Windows for kiosk security, says developer Computerworld News 01 Dec 2008 View
None More Black - The Dark Side Of SEO Ruxcon 2008 Roberto Suggi Liverani Presentation 29 Nov 2008 View
Kiwi hacker develops kiosk attack tool Computerworld News 24 Nov 2008 View
Kiwi security pros claim DSL is vulnerable Computerworld News 18 Nov 2008 View
CodeScan targets US with security audit apps Computerworld News 12 Nov 2008 View
Opera Stored Cross Site Scripting Roberto Suggi Liverani Advisory 28 Oct 2008 View
Multiple Flash Authoring Heap Overflows Paul Craig Advisory 16 Oct 2008 View
Black SEO Exposed Kiwicon 2008 Roberto Suggi Liverani Presentation 26 Sep 2008 View
Phree As In Phone Call Kiwicon 2008 John McColl Presentation 26 Sep 2008 View
Waste Not, Want Not Kiwicon 2008 Nick Freeman Presentation 26 Sep 2008 View
Kiwi's Defcon contest challenges AV vendors Computerworld News 19 Aug 2008 View
Acrobat Distiller Malformed "joboptions" File Paul Craig Advisory 05 May 2008 View
SugarCRM Local File Disclosure Roberto Suggi Liverani Advisory 29 Apr 2008 View
Crackstation BlackHat Europe 2008 Nick Breese Presentation 27 Mar 2008 View
GCSB clamps down on government networks Computerworld News 25 Feb 2008 View
Adobe PDF exploit infects 'many thousands,' says researcher Computerworld News 12 Feb 2008 View
Risky Business podcast - x.25 security ITRadio.com.au News 17 Jan 2008 View
Datacraft acquires Security-Assessment.com News 14 Jan 2008 View
Playstation hacker’s dream theAge.com.au News 29 Nov 2007 View
Kiwicon in detail SearchSecurity News 23 Nov 2007 View
Intrusion Detection - This Is Not The Packet You Are Looking For Kiwicon 2007 Declan Ingram Presentation 17 Nov 2007 View
SCADA - Fear, Uncertainty, and the Digital Armageddon NZISF Breakfast 2007 Morgan Marquis-Boire Presentation 11 Nov 2007 View
Information Security Industry Overview TPN Meeting, Auckland Peter Benson Presentation 11 Nov 2007 View
Payment Card Industry Data Security Standards NZISF Breakfast 2007 Carl Grayson Presentation 11 Nov 2007 View
Classroom breaches of top enterprises spur industry debate Computerworld News 19 Oct 2007 View
Cart32 Arbitrary File Download Paul Craig Advisory 10 Oct 2007 View
ZDNet security news ITRadio.com.au News 01 Oct 2007 View
Experts cast doubts on Chinese hacking scare Computerworld News 24 Sep 2007 View
Data-breach guidelines welcomed — by govt, at least Computerworld News 07 Sep 2007 View
Ethical hackers doubt ethical hacking MIS Financial Review News 07 Sep 2007 View
Privacy Commissioner boosts breach disclosure drive with guidelines Computerworld News 27 Aug 2007 View
Credit card security standard largely ignored SearchSecurity News 02 Aug 2007 View
Pregnant pause OK for Microsoft theAge.com.au News 13 Jul 2007 View
Tippingpoint IPS Signature Evasion Paul Craig Advisory 11 Jul 2007 View
Multiple .NET Null Byte Injection Vulnerabilities Paul Craig Advisory 11 Jul 2007 View
Next Generation .NET Vulnerabilities Syscan 2007 Paul Craig Presentation 03 Jul 2007 View
Social Engineering - Attacks Against People Human Factors In Security 2007 Declan Ingram Presentation 01 Jul 2007 View
Incident Management Brightstar 12th Annual IT Security Summit 2007 Carl Grayson Presentation 01 Jul 2007 View
Web Application Security - Methods and Demos of Attacks Brightstar 12th Annual IT Security Summit 2007 Paul Craig Presentation 01 Jul 2007 View
Secure Web Applications Cyber Crime In Focus 2006 Declan Ingram Presentation 01 Jul 2007 View
New Trojan shows return of script kiddies Computerworld News 29 Jun 2007 View
Data-breach disclosure law gets thumbs-up from IT Computerworld News 05 Jun 2007 View
NZ security guru calls for data breach disclosure Computerworld News 26 Mar 2007 View
EasyMail Objects EasyMail IMAP - Connect Method Stack Overflow Paul Craig Advisory 16 Feb 2007 View
Lizardtech DjVu Browser Plugin - Multiple Buffer Overflows Brett Moore Advisory 15 Feb 2007 View
(MS07-005) Microsoft Interactive Training - Buffer Overflow Brett Moore Advisory 14 Feb 2007 View
DEMO woman scopes New Zealand tech Computerworld News 07 Feb 2007 View
Auditor warns: Beware of security vendors selling PCI compliance Computerworld News 30 Jan 2007 View
PCIDSS Compliance Products Require Diligence SANS NewsBites News 23 Jan 2007 View
Simplifying the Payment Card Industry Data Security Standard Security-Assessment.com Whitepaper 01 Jan 2007 View
HyperAccess - Multiple Vulnerabilities Brett Moore Advisory 19 Dec 2006 View
SiteKiosk - File System Access Brett Moore Advisory 19 Dec 2006 View
ColdFusion MX7 - Multiple Vulnerabilities Brett Moore Advisory 19 Dec 2006 View
Asterisk Remote Unauthenticated Heap Overflow Adam Boileau Advisory 19 Oct 2006 View
Security conference to debut Windows firewire crack theAge.com.au News 19 Sep 2006 View
Hit by a Bus: Physical Access Attacks with Firewire Ruxcon 2006 Adam Boileau Presentation 06 Sep 2006 View
Unpacking Malware, Trojans and Worms: PE Packers Used in Malicious Software Ruxcon 2006 Paul Craig Presentation 01 Sep 2006 View
Low Down and Dirty: Anti-Forensic Rootkits Ruxcon 2006 Darren Bilby Presentation 01 Sep 2006 View
Access over Ethernet: Insecurities in AoE Ruxcon 2006 Morgan Marquis-Boire Presentation 01 Sep 2006 View
Wireless Networks: Success, Failure & Insecurity Sydney Breakfast Brief 2006 Adam Boileau Presentation 01 Sep 2006 View
Practical WLAN Attack & Defense: A Pragmatic Hacker's Primer 802.1x Roadshow 2006 Adam Boileau Presentation 01 Sep 2006 View
Defeating Live Windows Forensics Auscert Security Conference 2006 Darren Bilby Presentation 01 Sep 2006 View
Access over Ethernet: Insecurities in AoE Carl Purvis and Morgan Marquis-Boire Whitepaper 21 Aug 2006 View
VMware Possible Incorrect Permissions On SSL Key Files Nick Breese Advisory 25 Jul 2006 View
(MS06-034) ASP.DLL Include File Buffer Overflow Brett Moore Advisory 19 Jul 2006 View
Kiwi security expert finds flaw in Skype Computerworld News 06 Jun 2006 View
Skype - URI Handler Command Switch Parsing Brett Moore Advisory 22 May 2006 View
Training lags in race to secure the enterprise Computerworld News 09 May 2006 View
CodeScan formalises distro deal with Security-Assessment.com Computerworld News 07 Apr 2006 View
Rootkits - Advanced Malware BrightStar 11th Annual IT Security Summit 2006 Darren Bilby Presentation 01 Apr 2006 View
Violating The Corporate Database BrightStar 11th Annual IT Security Summit 2006 Dan Cornforth Presentation 01 Apr 2006 View
Unifying framework for Identity Management Security-Assessment.com March 2006 Breakfast Seminar Stephan Overbeek Presentation 28 Mar 2006 View
Companies pass the buck on IP protection Computerworld News 02 Mar 2006 View
Information Management Security-Assessment.com February 2006 Breakfast Session Chris Joscelyne Presentation 01 Mar 2006 View
Exploiting Freelist[0] On Windows XP Service Pack 2 Brett Moore Whitepaper 07 Dec 2005 View
Rockliffe Express Webmail Vulnerabilities Paul Craig Advisory 28 Oct 2005 View
(MS05-049) Explorer Webview - Code Execution Brett Moore Advisory 11 Oct 2005 View
WebArchiveX - Unsafe Methods Brett Moore Advisory 07 Sep 2005 View
Scanning tool looks to wipe out vulnerable code Computerworld News 14 Jul 2005 View
(MS05-031) Buffer Over In MS Interactive Training Brett Moore Advisory 14 Jun 2005 View
Invalid banking cert spooks only one user in 300 Computerworld News 16 May 2005 View
Bugger The Debugger - Pre Interaction Debugger Code Execution Brett Moore Whitepaper 09 Apr 2005 View
Internet Banking Security questioned TVNZ News 29 Mar 2005 View
Payment card compliance deadline a boon for penetration testers Computerworld News 29 Mar 2005 View
Major companies team on vulnerability rating system. Computerworld News 21 Feb 2005 View
Air is thick with vulnerable wireless networks Computerworld News 09 Feb 2005 View
Breaking Tradition Sydney Morning Herald News 01 Feb 2005 View
SBDA - Same Bug, Different App Ruxcon 2005 Brett Moore Presentation 01 Jan 2005 View
Voice over IP VOIP (In) Security New Zealand Information Security Forum 2005 Auckland Darren Bilby Presentation 01 Jan 2005 View
From the Trenches (Australia) F5 Security Event 2005 Melbourne & Sydney Peter Benson Presentation 01 Jan 2005 View
Internet Security and Fraud - Current Online Trends Financial Services Federation 2005 Risk Meeting Nick von Dadelszen Presentation 01 Jan 2005 View
Exposing Web Vulnerabilities BrightStar 10th Annual IT Security Summit 2005 Nick von Dadelszen Presentation 01 Jan 2005 View
VOIP - What You Don't Know Can Hurt You BrightStar 10th Annual IT Security Summit 2005 Darren Bilby Presentation 01 Jan 2005 View
From the Trenches IDC's Asia/Pacific Security and Continuity Conference 2005 Nick von Dadelszen Presentation 01 Jan 2005 View
(MS04-043) Buffer Over In HyperTerminal Brett Moore Advisory 15 Dec 2004 View
Hackers exploit critical Winamp flaw - VUNET.com V3.co.uk News 30 Nov 2004 View
WinAmp blows another security fuse Computerworld News 25 Nov 2004 View
SecureCRT - Remote Command Execution Brett Moore Advisory 23 Nov 2004 View
Winamp IN_CDDA Buffer Overflow Brett Moore Advisory 23 Nov 2004 View
(MS04-032) SetWindowLong() Shatter Attacks Brett Moore Advisory 14 Oct 2004 View
(MS04-033) Buffer Over In Microsoft Excel Brett Moore Advisory 14 Oct 2004 View
Feeling Vulnerable? Try Assessment Tools CSO News 27 Jul 2004 View
(MS04-023) CHM File Heap Overflow Brett Moore Advisory 14 Jul 2004 View
0x00 vs ASP File Uploads Brett Moore Whitepaper 13 Jul 2004 View
(MS04-022) Unchecked Buffer In mstask.dll Brett Moore Advisory 14 Jun 2004 View
(MS04-011) Utility Manager Loads Winhlp32 As SYSTEM Brett Moore Advisory 14 Apr 2004 View
Wireless Security NZ Computer Society Nick von Dadelszen Presentation 01 Jan 2004 View
A Day in the Life of a Hacker BrightStar IT Security Conference 2004 Brett Moore Presentation 01 Jan 2004 View
(MS03-051) FrontPage Extensions Remote Command Execution Brett Moore Advisory 11 Nov 2003 View
(MS03-045) Listbox and ComboBox Overflow Advisory Brett Moore Advisory 15 Oct 2003 View
(MS03-028) ISA Server XSS Advisory Brett Moore Advisory 16 Jul 2003 View
(MS03-022) Windows Media Services Overflow #2 Advisory Brett Moore Advisory 25 Jun 2003 View
(MS03-019) Windows Media Services Overflow #1 Advisory Brett Moore Advisory 30 May 2003 View
A Step into the Computer Underworld BrightStar IT Security Conference 2003 Brett Moore Presentation 01 Jan 2003 View