BLOG
While working with a client, VDA engineers encountered an interesting circumstance that allowed for the bypassing of Multi-factor Authentication for users who had already set this up on their accounts. This particular misconfiguration/vulnerability was possible due to the way Citrix ADC (formerly NetScaler ADC) handles user authentication. How does it work? Upon initial login attempts…
Read MorePart of our internal mentoring and training culture at VDA includes Lunch and Learn events where engineers share helpful information about a relevant security topic. This past week, several of us discussed our favorite BurpSuite extensions, which are helpful additions during our various AppSec or IoT assessments. Extensions can be added to BurpSuite Pro by…
Read MoreAt VDA Labs we work with a variety of companies both large and small. During our engagements, we see many of the same reoccurring issues that allow us access to systems. To help combat these threats VDA is starting a blog series we are calling “Low-Hanging Fruit”. Throughout this series we will be talking about…
Read More