847.221.0200  Main Office

Halock Blog


CVE-2014-4980 Parameter Tampering in Nessus Web UI – Remote Information Disclosure »

Title: CVE-2014-4980 Parameter Tampering in Nessus Web UI – Remote Information Disclosure
Product: Nessus
Vendor: Tenable Network Security
Version: Nessus 5.2.3-5.2.7 – Web UI 2.3.4 (potentially lower)
Vendor Notified Date: June 24, 2014
Vendor Resolved Date: June 25, 2014
Release Date: July 18, 2014
Risk: Medium
Authentication: Not Required
Remote: Yes

A parameter tampering vulnerability exists in Nessus 5.2.7 and potentially below that allows remote … Read More »


Code Spaces Spaced Out On Data Security »


The information security community is abuzz with the news of Code Spaces closing its doors after having all of its client’s data erased by an attacker who gained access to their environment. Code Spaces offered their clients a “code repository” service – think Subversion-as-a-Service – and convinced their clients that their code was safe … Read More »


Beyond Target®: Why Vendor Risk Management is Getting All of the Hype »

The Target® Breach in November 2013 lives infamously in our memories and has served as a pivot point for all businesses with regard to third party vendor management.  After all, who could have imagined that the giant retailer would have been breached through a seemingly insignificant third party that didn’t seem to have direct … Read More »


Cyber-Espionage: Every Business is a Target »

For those of us in the world of information security, the news of Attorney General Eric Holder bringing a first-of-its-kind criminal cyber-espionage case against Chinese military officials is no surprise at all. For years, the Chinese have been known for launching cyber-attacks on American industrial and military targets to steal prized military secrets and … Read More »


HALOCK’s Eve Adams Named One of Business Insider’s 100 Most Influential Tech Women on Twitter »

Eve Adams (@HackerHuntress), Senior Talent Acquisition Expert, was recently named one of Business Insider’s 100 Most Influential Tech Women on Twitter. As the team lead of HALOCK’s information security recruiting function, Eve uses Twitter to engage with clients and candidates, research industry trends, publicize HALOCK’s hot infosec jobs, and have fun with … Read More »

View Older Posts