Shifting Knowledge Left: Keeping up with Modern Application Security
Crawl, Walk, Run: Living the PSIRT Framework
Realizing Software Security Maturity: The Growing Pains & Gains
No Single Answer: Balancing Cybersecurity Insurance and a Strong Security Program
Smart City Security: The Real-World Risks & Challenges
Hide Yo' Kids: Hacking Your Family's Connected Things
The Hand That Rocks The Cradle: Hacking IoT Baby Monitors
Information Security Reconciliation: The Scene and The Profession
Cloud Security: There's a Storm Coming
The Internet of Fails: Where IoT Has Gone Wrong and How We're Making It Right
Security for the People: End-User Authentication Security on the Internet
How We're Failing to Secure the "Internet of Things"
The Internet of Things: We've Got to Chat
Eyes on IZON: Surveilling IP Camera Security
Two-Factor Authentication: A Primer
A Career in Information Security as Described by Animated GIFs
Securing the Stack: Hardening Your Drupal Deployment
How I Became an iOS Developer for Fun and Debt
So You Want to Hire a Penetration Tester?: 10 Tips for Success
Keeping the Cloud Promise: Infrastructure Agility with a DevOps Toolchain
Core Linux Security: 0-Day Isn't Everything
"It's Just a Web Site": How Poor Web Programming is Ruining Information Security
Cloud Disaster Recovery: Leveraging Cloud Computing for Cheap Hot Sites
Cloud Computing: Let's Clear the Air
Development Operations: Take Back Your Infrastructure
Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends
It's Vulnerable... Now What?: Three Tales of Woe and Remediation
What's a Linux?: Creating & Teaching College Courses at 24
Get Smart[y]: The Smarty Template Engine for PHP


Fisher-Price Smart Toy®
CVE-2015-8269 - Improper Authentication Handling

hereO GPS Platform
CERT VU#213384 - Authorization Bypass

iBaby M6
CVE-2015-2886 - Predictable Information Leak

iBaby M3S
CVE-2015-2887 - Backdoor Credentials

Philips In.Sight B120/37
CVE-2015-2882 - Backdoor Credentials
CVE-2015-2883 - Reflective, Stored XSS
CVE-2015-2884 - Direct Browsing

Summer Baby Zoom Wifi Monitor & Internet Viewing System
CVE-2015-2888 - Authentication Bypass
CVE-2015-2889 - Privilege Escalation

Lens Peek-a-View
CVE-2015-2885 - Backdoor Credentials

CVE-2015-2881 - Backdoor Credentials

TRENDnet WiFi Baby Cam TV-IP743SIC
CVE-2015-2880 - Backdoor Credentials

Stem Innovation IZON
CVE-2013-6236 - Hard-coded Credentials

portable-phpMyAdmin WordPress Plugin
CVE-2012-5469 - Authentication Bypass

Hotel Booking Portal
CVE-2012-1672 - SQL Injection

CVE-2012-1673 - SQL Injection

CVE-2012-1671 - Local File Inclusion

PHP Grade Book
CVE-2012-1670 - Unauthenticated SQL Database Export

CVE-2012-1669 - Local File Inclusion

Andy's PHP Knowledgebase
CVE-2011-1546 - SQL Injection Vulnerability

Quick Polls
CVE-2011-1099 - Local File Inclusion & Deletion Vulnerabilities

Seo Panel
CVE-2010-4331 - Cookie-Rendered Persistent XSS Vulnerability

Pointter PHP Micro-Blogging Social Network
CVE-2010-4333 - Unauthorized Privilege Escalation

Pointter PHP Content Management System
CVE-2010-4332 - Unauthorized Privilege Escalation

Pulse CMS Basic
CVE-2010-4330 - Local File Inclusion Vulnerability

Orbis CMS
CVE-2010-4313 - Arbitrary Script Execution Vulnerability

Free Simple Software
CVE-2010-4298 - SQL Injection Vulnerability

WSN Links
CVE-2010-4006 - SQL Injection Vulnerability

Press Coverage

Research Coverage

Fisher-Price Smart Toy® & hereO GPS Platform
Internet-Connected Baby Monitors
Stem Innovation IZON Camera

Press Quotes





White Papers

Blog Posts

Duo Security
NetWorks Group
MNX Solutions

Graduate Research

Technical Documentation


Eastern Michigan University

NITA 212: Open Source Platform and Network Administration - Fall 2009; Winter 2010
Labs: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Slides: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

NITA 412: Linux Security Administration - Winter 2010; Fall 2010; 2x Winter 2011
Labs: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Slides: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9

ITT Technical Institute

IT 250: Linux Operating System - Fall 2009