News Archives - 7ASecurity Blog

7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award

Admin — Fri, 27 Mar 2026 09:37:21 +0000

OSTIF selected CVE-2025-31484 from 7ASecurity’s conda-forge audit as its 2025 Bug of the Year, recognizing Szymon Grzybowski’s high-impact supply-chain finding.

The post 7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award appeared first on 7ASecurity Blog.

How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification

Admin — Fri, 06 Feb 2026 06:24:49 +0000

A clear, practical walkthrough of the 7ASecurity audit process: threat-model driven scoping, a dedicated communication channel with interim findings, and free fix verification—so issues are fixed, not just reported.

The post How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification appeared first on 7ASecurity Blog.

What ‘Quality Pentests’ Really Mean: Interview with OWASP Executive Director Andrew van der Stock

Admin — Fri, 23 Jan 2026 06:41:47 +0000

OWASP Executive Director Andrew van der Stock interviews 7ASecurity CEO Abraham Aranguren on what “quality pentesting” really means: threat-model driven scoping, researcher-led testing, interim findings, and free fix verification.

The post What ‘Quality Pentests’ Really Mean: Interview with OWASP Executive Director Andrew van der Stock appeared first on 7ASecurity Blog.

Security Weekly News 22 June 2011 - Summary

Admin — Wed, 22 Jun 2011 10:16:00 +0000

In case you missed it, I put together a blog post last week on the OWASP AppSec EU Security Conference in Trinity College, Dublin, Ireland with slides, pictures and experience Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: "I would recommend to store at least half a …

The post Security Weekly News 22 June 2011 - Summary appeared first on 7ASecurity Blog.

Security Weekly News 22 June 2011 - Full List

Admin — Wed, 22 Jun 2011 10:03:00 +0000

Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Cloud Security Crytography Privacy Security FAIL General Outrageous Funny / Hilarious Hacking Incidents / Cybercrime Document claims LulzSec has obtained 2011 UK Census records [www.v3.co.uk] Infamous hacking group LulzSec is claiming to have obtained the entire 2011 …

The post Security Weekly News 22 June 2011 - Full List appeared first on 7ASecurity Blog.

Security Weekly News 17 June 2011 - Summary

Admin — Fri, 17 Jun 2011 06:12:00 +0000

Smile! it's Friday! 🙂 In case you missed it I put together a blog post last week regarding my personal experience on the CISSP certification process, etc: CISSP exam, materials, preparation and experience Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: "A pen test should be a …

The post Security Weekly News 17 June 2011 - Summary appeared first on 7ASecurity Blog.

Security Weekly News 17 June 2011 - Full List

Admin — Fri, 17 Jun 2011 04:53:00 +0000

Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Forensics / Reverse Engineering Cryptography Wireless Security Mobile Security Cloud Security Privacy / Censorship Security FAIL Off Topic Funny Hacking Incidents / Cybercrime Incident Analysis: Million Dollars Lost In A Minute [carnal0wnage.attackresearch.com] Dudes, I and two other …

The post Security Weekly News 17 June 2011 - Full List appeared first on 7ASecurity Blog.

Security Weekly News 3 June 2011 - Summary

Admin — Fri, 03 Jun 2011 07:39:00 +0000

Thanks to Tadek and Shaun for contributing to this security bulletin NOTE: I am still trying to catch up, some news items are a bit dated but worth mentioning, I tried to put newer items at the top of each section so that if you see something dated you already saw you can skip the …

The post Security Weekly News 3 June 2011 - Summary appeared first on 7ASecurity Blog.

Security Weekly News 3 June 2011 - Full List

Admin — Fri, 03 Jun 2011 07:14:00 +0000

Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Cloud Security Privacy / Censorship General Security FAIL Funny Hacking Incidents / Cybercrime Bank of America data leak destroys trust [www.latimes.com] The far-reaching fraud serves as a cautionary tale for all consumers who …

The post Security Weekly News 3 June 2011 - Full List appeared first on 7ASecurity Blog.

Security Weekly News 13 May 2011 - Summary

Admin — Fri, 13 May 2011 18:05:00 +0000

Feedback and/or contributions to make this better are appreciated and welcome For those interested, there was also a technical article posted over the weekend: SSH Service: How to set it up in Backtrack without getting pwned Remember, sometimes the funny section has some food for thought 🙂 Highlighted quotes of the week: '"You have won …

The post Security Weekly News 13 May 2011 - Summary appeared first on 7ASecurity Blog.