RSA Conference 2021 with the presence of Char49 specialists

For almost 30 years, the RSA Conference has been an important meeting point in the cybersecurity community to share, learn and growth. A space for innovation and partnerships where, from the 17th to the 20th of May 2021, another edition takes place with the presence of specialists in cybersecurity from all over the world.

In this year's edition, the conference will be attended by two Char49 specialists, David Sopas (COO) and Pedro Umbelino (Senior Security Researcher), this in partnership with Erez Yalon (Director of Security Research, Checkmarx), Luis Gomes (Global Head of Information Security, OLX Group) and Tanya Janca (Founder & CEO, We Hack Purple Academy, Community and Podcast).

Segway Subdomain Takeover

During our research on the Segways’ domain space, we found a subdomain pointing to a third-party domain “pending for deletion” by its owner. Using a domain monitoring and backorder service, as soon as the third-party domain became available we got control over Segway’s subdomain.

According to responsible disclosure best practices, we provided Segway a detailed security advisory. This article is published after the security issue has been (silently) fixed by Segway.

Get Organized Now! Information Security Assessment Mindset Freebie

What to do? Where to begin? How to do it? Now you can relax and sit down. Thanks to David Sopas you can organize all your work with an assessment mindset available for free at Github. He did it to help him on his all-around assessments (pentest, bug bounty, red-team) keeping the workflow organized a...