News and Press


Google Nest Findings

• U.S Department of Homeland Security - Daily Reports as of Sept. 16 — http://www.dhs.gov/sites/default/files/publications/nppd/ip/daily-report/dhs-daily-report-2014-09-16.pdf (#34)
• Maryland Coordination and Analysis Center — http://www.mcac.maryland.gov/newsroom/Cyber%20News/vulnerabilities-found-in-website-of-google-owned-nest
• EMC Corporation - Community Network News Feed as of Sept. 16 — https://community.emc.com/message/838147#838147
• The Gotham Blog - Gotham Security Daily Threat Alerts — http://blog.gothamtg.com/2014/09/16/gotham-security-daily-threat-alerts-295/
• Security Week — http://www.securityweek.com/vulnerabilities-found-website-google-owned-nest
• ISVOC - Information Security Awareness Training Center — http://biweekly.isvoc.com/201409178833-vulnerabilities-found-in-website-of-googleowned-nest.html#.VBk8UFdT7f0
• ID Resolution — http://idresolution.net/vulnerabilities-found-in-website-of-google-owned-nest/
• SysInfosec - Systems and Network Information Security — http://sysinfosec.net/article.php/201409161173225794
• IT Security News — http://itsecuritynews.info/2014/09/15/vulnerabilities-found-in-website-of-google-owned-nest/
• Security National Bank — http://www.snbconnect.com/fraud-alerts.aspx (9/16/2014)
• Three Pilars Technology — http://threepillarstechnology.com/department-of-homeland-security-cyber-security-highlights/
• Hackerstorm U.K — http://hackerstorm.co.uk/denman/news/article/vulnerabilities-found-in-website-of-googleowned-nest
• Global Security Industry Alliance — http://www.gsialliance.com/industry.html (Under Security Week Category)
• Lumension Security, Inc. — http://leic.lumension.com/news/379866119ff3d9c1fd1a16daf8fb0731.html
• Silobreaker Ltd. — http://news.silobreaker.com/vulnerabilities-found-in-website-of-googleowned-nest-5_2268229839561425177
• Data Protection Center - Tech and Security — http://www.dataprotectioncenter.com/security/vulnerabilities-found-in-website-of-google-owned-nest/
• Cryto RSS — http://cryptorss.com/news/vulnerabilities-found-website-google-owned-nest
• IT Security Today E.U — http://itsecuritytoday.eu/vulnerabilities-found-in-website-of-google-owned-nest/
• Gabinete Nacional de Segurança - Portugal (Cyber Newsletter) — www.gns.gov.pt/media/5881/20140918.pdf

Featured in Pinoy Hack News

• Pinoy Hack News — http://www.pinoyhacknews.com/xss-in-natgeo-playstation-and-barack-obama

CKEditor 4.4.6 with a Security Patch Released

• CKEditor — http://ckeditor.com/blog/CKEditor-4.4.6-Released

Blesta Security Advisory – Cross-site scripting vulnerabilities

• Blest Security Advisory (Core-931) — http://www.blesta.com/2013/12/20/security-advisory-cross-site-scripting-vulnerabilities-2/


Testimonials


Dominic Yeadon
Managing Director at Data Harvesting U.K

"Evan helped us by identifying a vulnerability in our public website, and thanks to Evan's professional standards he did so in accordance with our Responsible Disclosure Policy. Evan is one of the good guys."


Corina Mansueto
Director of Social Media & Customer Service at Lavasoft

"Evan assisted in identifying a vulnerability on our website. He was extremely easy to work with to have this issue resolved in a timely and professional manner. Thanks for all your help Evan, we greatly appreciate it."


Max Hunter
Web Development Team Lead at Electronic Frontier Foundation (EFF)

"Evan's responsible disclosure helped keep our nonprofit's servers secure."