Jason Xie found an authenticated SQL injection vulnerability in the Cisco Cloud Web Security (CWS) web application. If exploited an attacker could extract or modify values stored in the underlying database.
BSides San Francisco is a non-profit organization designed to advance the body of Information Security knowledge by providing an annual, two-day, open forum for discussion and debate for security engineers and their affiliates. Presenters at BSides SF conferences are engaging the participants and getting the discussions started on the “Next Big Thing”, not preaching at you from the podium about last month’s news.