Web App Security

  • Most Topular Stories

  • Darkleech Update – November 2014

    Unmask Parasites. Blog.
    Denis
    27 Nov 2014 | 3:10 am
    Just wanted to document some latest changes in Darkleech behavior that may help you detect it. I’d like to thank internet security enthusiasts who share their findings with me. Without you, I could have easily missed these new (?) details. Quick recap Darkleech is a root level server infection that installs malicious Apache modules. The modules inject invisible iframes into server response when it is already prepared (linebreaks added for readability). <style>.a4on6mz5h { position:absolute; left:-1376px; top:-1819px} </style> <div class="a4on6mz5h"> <ifr ame…
  • Compromised Wordpress sites serving multiple malware payloads

    Zscaler Research
    rubin azad
    21 Dec 2014 | 9:58 pm
    During our daily log monitoring process, we observe many interesting threat events. One such event led to a compromised WordPress site campaign, which was found to serve multiple malware families including Upatre/Hencitor/Extrat Xtreme RAT/Vawtrak. The URLs which were serving malware were found to adhere to a particular pattern. Infected WordPress sites observed, included URLs with "/1.php
  • Save the Web – Be a Ford-Mozilla Open Web Fellow

    Mozilla Hacks - the Web developer blog
    Hannah Kane
    26 Nov 2014 | 8:42 am
    This is a critical time in the evolution of the Web. Its core ethos of being free and open is at risk with too little interoperability and threats to privacy, security, and expression from governments throughout the world. To protect the Web, we need more people with technical expertise to get involved at the policy level. That’s why we created the Ford-Mozilla Open Web Fellowship. Photo: Joseph Gruber via Flickr What it is The Fellowship is a 10-month paid program that immerses engineers, data scientists, and makers in projects that create a better understanding of Internet policy…
  • oledump: Extracting Embedded EXE From DOC

    Didier Stevens
    Didier Stevens
    22 Dec 2014 | 4:00 pm
    RECHNUNG_vom_18122014.doc (6a574342b3e4e44ae624f7606bd60efa) is a malicious Word document with VBA macros that extract and launch an embedded EXE. This is nothing new, but I want to show you how you can analyze this document with oledump.py. I also have a video on my video blog. First we have a look at the streams (I put the Word document inside a password (= infected) protected ZIP file to avoid AV interference, oledump can handle such files): Stream 7 contains VBA macros, let’s have a look: Subroutine v45 is automatically executed when the document is opened. It creates a temporary…
  • Cybersecurity Seen as DoD Priority Under Carter

    CERIAS Combined Feed
    CERIAS Webmaster
    5 Dec 2014 | 4:12 am
    Though not schooled in IT and IT security, cyber is an area of interest for Carter in which he has been involved in for many years. “He knows enough about [cyber] that he likely knows when he should call on domain experts for more information, something not all of our national leaders have done,” says Gene Spafford, founder and executive director of the Center for Education and Research in Information Assurance and Security at Purdue University. More information »
  • add this feed to my.Alltop

    Unmask Parasites. Blog.

  • Darkleech Update – November 2014

    Denis
    27 Nov 2014 | 3:10 am
    Just wanted to document some latest changes in Darkleech behavior that may help you detect it. I’d like to thank internet security enthusiasts who share their findings with me. Without you, I could have easily missed these new (?) details. Quick recap Darkleech is a root level server infection that installs malicious Apache modules. The modules inject invisible iframes into server response when it is already prepared (linebreaks added for readability). <style>.a4on6mz5h { position:absolute; left:-1376px; top:-1819px} </style> <div class="a4on6mz5h"> <ifr ame…
  • Most Contradictive Doorway Generator

    Denis
    12 Sep 2014 | 11:57 am
    Check this thread on WordPress.org forum. The topic starter found a suspicious PHP file and asked what it was doing. The code analysis shows that it’s some sort of a spammy doorway. But it’s a very strange doorway and the way that it works doesn’t make sense to me. First of all, this script has a random text and code generator. The output it generates is [kind of] always unique. Here is a couple of output pages: http://pastebin.com/ymwMZMWP http://pastebin.com/Y6B7WM2T ... <title>Is. Last spots brows: Dwelling. Immediately moral.</title> </head>…
  • Google -> Doorway -> Google -> Spam

    Denis
    11 Jun 2014 | 11:32 am
    Just a few thoughts about an interesting behavior of a black-hat SEO doorway. Typically hackers create doorways on compromised sites to make search engines rank them for certain keywords and then, when searchers click on the links in search results, those doorways redirect them further to a site that hackers really promote. Sometime that redirect may go through some TDS (traffic directing service) but the whole scheme remains pretty much the same: Search results -> doorway -> beneficiary site Today, when doing a backlink research of one of such pharma doorways, I encountered a different…
  • Working With the Darkleech Bitly Data

    Denis
    10 Feb 2014 | 9:08 am
    Data Driven Security took the time to analyze the raw data that I published in my recent post on Sucuri blog about how I used Bitly data to understand the scale of the Darkleech infection. In their article, they have a few questions about data formats, meaning of certain fields and some inconsistencies, so I’ll try to answer their questions here and explain how I worked with the data. So I needed to get information about all the links of the “grantdad” bitly account. I checked the API and somehow missed the “link_history” API request (it was the first time I…
  • Invasion of JCE Bots

    Denis
    27 Jan 2014 | 2:47 am
    Joomla has been one of the most popular CMS for a long time.  It powers a huge number of sites.  That’s great! The flip side of this fact is Joomla has been very popular for a long time and there are still very many sites that use older versions of Joomla as well as older version of Joomla components. For example, the 1.5.x branch of Joomla (2008-2010) still has a noticeable share in live Joomla sites. Old versions may work well for your site but they have multiple well known security holes, so they are the low hanging fruit for hackers. Let me show this using a real world example.
 
  • add this feed to my.Alltop

    Zscaler Research

  • Compromised Wordpress sites serving multiple malware payloads

    rubin azad
    21 Dec 2014 | 9:58 pm
    During our daily log monitoring process, we observe many interesting threat events. One such event led to a compromised WordPress site campaign, which was found to serve multiple malware families including Upatre/Hencitor/Extrat Xtreme RAT/Vawtrak. The URLs which were serving malware were found to adhere to a particular pattern. Infected WordPress sites observed, included URLs with "/1.php
  • Top Security Features Added to Android Lollipop

    viral
    21 Dec 2014 | 8:31 pm
    As Google officially rolls out it's new operating system Lollipop, let's review some of the enhanced security features added to Android 5.0. Lollipop Kill switch The most interesting new security feature is the Factory Reset Protection option, which is also known as the “kill switch.” To aid corporate and personal users dealing with
  • Trojanized and Pirated Assassins Creed app

    viral
    11 Dec 2014 | 8:56 pm
    During our daily research, we recently came across Android malware disguising itself as an Assassins Creed app, which is a popular paid gaming application. The malware in question will install a pirated version of the Assassins Creed game that functions normally, making end user oblivious to the malicious activities it performs in background. Application information: File MD5 :
  • Defaced websites leading to Dokta Chef Exploit Kit and CVE-2014-6332

    Chris Mannon
    26 Nov 2014 | 1:37 pm
    Defacing websites has been the main stay for hacktivist groups to spread their message.  During recent research, we found multiple compromised websites containing a malicious link to a "lulz.htm" page, which in turn leads the user to a Dokta Chef Exploit Kit (EK) hosting site. This appears to be  a new tactic whereby a hacktivist group has escalated their activities by attacking users who visit
  • Beware of Phishing Attacks and Other Scams during the Thanksgiving Shopping Season

    rubin azad
    25 Nov 2014 | 12:08 pm
    Thanksgiving Day is one of the major holidays celebrated in the United States on the fourth Thursday in November. The following Friday, referred to as Black Friday, marks the start of the Christmas holiday shopping season. Almost every retailer large and small offers huge discounts on Black Friday, often extending through the weekend and the following Monday, now known as Cyber Monday. As
  • add this feed to my.Alltop

    Mozilla Hacks - the Web developer blog

  • Save the Web – Be a Ford-Mozilla Open Web Fellow

    Hannah Kane
    26 Nov 2014 | 8:42 am
    This is a critical time in the evolution of the Web. Its core ethos of being free and open is at risk with too little interoperability and threats to privacy, security, and expression from governments throughout the world. To protect the Web, we need more people with technical expertise to get involved at the policy level. That’s why we created the Ford-Mozilla Open Web Fellowship. Photo: Joseph Gruber via Flickr What it is The Fellowship is a 10-month paid program that immerses engineers, data scientists, and makers in projects that create a better understanding of Internet policy…
  • Visually Representing Angular Applications

    David Aden
    13 Nov 2014 | 7:39 am
    This article concerns diagrammatically representing Angular applications. It is a first step, not a fully figured out dissertation about how to visual specify or document Angular apps. And maybe the result of this is that I, with some embarrassment, find out that someone else already has a complete solution. My interest in this springs from two ongoing projects: My day job working on the next generation version of Desk.com‘s support center agent application and My night job working on a book, Angular In Depth, for Manning Publications 1: Large, complex Angular application The first…
  • interact.js for drag and drop, resizing and multi-touch gestures

    Taye Adeyemi
    12 Nov 2014 | 6:53 am
    interact.js is a JavaScript module for Drag and drop, resizing and multi-touch gestures with inertia and snapping for modern browsers (and also IE8+). Background I started it as part of my GSoC 2012 project for Biographer‘s network visualization tool. The tool was a web app which rendered to an SVG canvas and used jQuery UI for drag and drop, selection and resizing. Because jQuery UI has little support for SVG, heavy workarounds had to be used. I needed to make the web app more usable on smartphones and tablets and the largest chunk of this work was to replace jQuery UI with interact.js…
  • jsDelivr and its open-source load balancing algorithm

    Dmitriy Akulov
    11 Nov 2014 | 6:44 am
    This is a guest post by Dmitriy Akulov of jsDelivr. Recently I wrote about jsDelivr and what makes it unique where I described in detail about the features that we offer and how our system works. Since then we improved a lot of stuff and released even more features. But the biggest one is was the open source of our load balancing algorithm. As you know from the previous blog post we are using Cedexis to do our load balancing. In short we collect millions of RUM (Real User Metrics) data points from all over the world. When a user visits a website partner of Cedexis or ours a JavaScript is…
  • Mozilla Introduces the First Browser Built For Developers: Firefox Developer Edition

    Dave Camp
    10 Nov 2014 | 6:09 am
    Developers are critical to the continued success of the Web. The content and apps they create compel us to come back to the Web every day, whether on a computer or mobile phone. In celebration of the 10th anniversary of Firefox, we’re excited to unveil Firefox Developer Edition, the first browser created specifically for developers. Ten years ago, we built Firefox for early adopters and developers to give them more choice and control. Firefox integrated WebAPIs and Add-ons to enable people to get the most out of the Web. Now we’re giving developers the whole browser as a hard-hat area,…
 
  • add this feed to my.Alltop

    Didier Stevens

  • oledump: Extracting Embedded EXE From DOC

    Didier Stevens
    22 Dec 2014 | 4:00 pm
    RECHNUNG_vom_18122014.doc (6a574342b3e4e44ae624f7606bd60efa) is a malicious Word document with VBA macros that extract and launch an embedded EXE. This is nothing new, but I want to show you how you can analyze this document with oledump.py. I also have a video on my video blog. First we have a look at the streams (I put the Word document inside a password (= infected) protected ZIP file to avoid AV interference, oledump can handle such files): Stream 7 contains VBA macros, let’s have a look: Subroutine v45 is automatically executed when the document is opened. It creates a temporary…
  • Introducing oledump.py

    Didier Stevens
    16 Dec 2014 | 4:07 pm
    If you follow my video blog, you’ve seen my oledump videos and downloaded the preview version. Here is the “official” release. oledump.py is a program to analyze OLE files (Compound File Binary Format). These files contain streams of data. oledump allows you to analyze these streams. Many applications use this file format, the best known is MS Office. .doc, .xls, .ppt, … are OLE files (docx, xlsx, … is the new file format: XML insize ZIP). Run oledump on an .xls file and it will show you the streams: The letter M next to stream 7, 8, 9 and 10 indicate that the…
  • YARA Rules

    Didier Stevens
    15 Dec 2014 | 4:00 pm
    Here are some YARA rules I developed. contains_pe_file will find embedded PE files. maldoc is a set of rules derived from Frank Boldewin’s OfficeMalScanner signatures, that I also use in my XORSearch program. Their goal is to find shellcode embedded in documents. yara-rules-V0.0.1.zip (https) MD5: 4D869BD838E662E050BBFCB0B89732E4 SHA256: 0CA778EAD97FF43CF7961E3C17A88B77E8782D082CE170FC779543D67B58FC72
  • router-forensics.net

    Didier Stevens
    15 Dec 2014 | 2:20 am
    Together with Xavier Mertens I proposed a Brucon 5×5 project. Our project was accepted, and we bought 23 Cisco routers to teach memory forensics on network devices. 21 routers are used for workshops, and 2 routers are online. If you want to practice memory forensics with real Cisco IOS devices, go to http://router-forensics.net.
  • XORSelection.1sc

    Didier Stevens
    12 Dec 2014 | 8:09 am
    This is an update to my XORSelection 010 Editor script. You can select a sequence of bytes in 010 Editor (or the whole file) and then run this script to encode the sequence with the XOR key you provide. The XOR key can be a string or a hexadecimal value. Prefix the hexadecimal value with 0x. Here is an example of an XOR encoded malicious URL found in a Word document with malicious VBA code. Although this is an update, it turns out I never released it on my site here, but it has been released on the 010 Editor script repository. XORSelection_V3_0.zip (https) MD5:…
  • add this feed to my.Alltop

    CERIAS Combined Feed

  • Cybersecurity Seen as DoD Priority Under Carter

    CERIAS Webmaster
    5 Dec 2014 | 4:12 am
    Though not schooled in IT and IT security, cyber is an area of interest for Carter in which he has been involved in for many years. “He knows enough about [cyber] that he likely knows when he should call on domain experts for more information, something not all of our national leaders have done,” says Gene Spafford, founder and executive director of the Center for Education and Research in Information Assurance and Security at Purdue University. More information »
  • Sensors Everywhere Could Mean Privacy Nowhere, Expert Says

    CERIAS Webmaster
    18 Sep 2014 | 5:34 am
    Eugene Spafford, professor of computer science at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security (CERIAS), says the so-called “Internet of Things” will see small microprocessors and sensors placed seemingly everywhere, and these devices will collect much data about us - often without our knowledge. More information »
  • National Cyber Security Hall of Fame announces Final Selectees for the Class of 2014

    CERIAS Webmaster
    10 Sep 2014 | 7:25 am
    PRESS RELEASE - Baltimore, MD (September 1, 2014) (http://www.cybersecurityhalloffame.com/) Mike Jacobs, Chairman of the Advisory Board for the National Cyber Security Hall of Fame, released the names of 5 innovators who will be enshrined in the Hall of Fame on Thursday, October 30th at a gala at the Four Seasons in Baltimore. In announcing the inductees, Jacobs, the first Information Assurance Director for the National Security Agency (NSA) and a respected cybersecurity consultant to government and industry said, “these honorees continue to advance our goal of “respecting the past” in…
  • What is wrong with all of you? Reflections on nude pictures, victim shaming, and cyber security

    Gene Spafford
    4 Sep 2014 | 8:06 pm
    [This blog post was co-authored by Professor Samuel Liles and Spaf.] Over the last few days we have seen a considerable flow of news and social media coverage of untended exposure of celebrity photographs (e.g., here). Many (most?) of these photos were of attractive females in varying states of undress, and this undoubtedly added to the buzz. We have seen commentary from some in the field of cybersecurity, as well as more generally-focused pundits, stating that the subjects of these photos “should have known better.” These commentators claim that it is generally known that passwords/cloud…
  • CERIAS Researchers Win Student Paper Award

    CERIAS Webmaster
    26 Aug 2014 | 11:23 am
    CERIAS researchers won the Best Student Paper award at the 23rd USENIX Security Symposium, a top-tier computer systems security conference. The paper, “DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse,” was co-authored by Ph.D. students Brendan Saltaformaggio and Zhongshu Gu, with CS Professors Xiangyu Zhang and Dongyan Xu. This award was presented at the conference on August 20 in San Diego. (Photo: Brendan Saltaformaggio accepting the award from Dr. Kevin Fu, Chair of the conference.) Figure 1. DSCRETE is a memory forensics tool for…
 
  • add this feed to my.Alltop

    Security Bloggers Network

  • TweetSniff.py – a Python Tweets Grabber

    Xavier
    22 Dec 2014 | 3:36 pm
    For me, Twitter is not only a social network, it’s also a tool that I use daily to track and exchange news about information security with a large worldwide community of infosec profesionals. For a while, Twitter is my main source of information. When you are relying on a service like Twitter to collect information, you must have the right tools to handle the huge … Read More →
  • 3 tips for a quieter Christmas than Sony

    Paul Ducklin
    22 Dec 2014 | 2:41 pm
    What can you do, when you return from your vacation, to reduce the chance of having a 'Sony moment' all of your own? Here's our advice...
  • North Korea falls off the internet – is the United States to blame?

    Graham Cluley
    22 Dec 2014 | 2:28 pm
    Barack Obama promises that the United States will respond to the Sony hack, and North Korea drops off the internet. Could there be a connection? Read more in my article on the We Live Security blog.
  • North Korea falls off the internet – is the United States to blame?

    Graham Cluley
    22 Dec 2014 | 2:22 pm
    Barack Obama promises that the United States will respond to the Sony hack, and North Korea drops off the internet. Is there a connection? The post North Korea falls off the internet – is the United States to blame? appeared first on We Live Security.
  • Let’s Go Vishing

    Social-Engineer.Org
    22 Dec 2014 | 1:24 pm
    Vishing, or eliciting information over the phone, is a common social attack vector. It’s proven to be one of the most successful methods of gaining information needed to breach an organization, even when used by an inexperienced attacker. When you can’t hack your way through your pentest, when you can’t break in with your red-team, Continue Reading > The post Let’s Go Vishing appeared first on Security Through Education.
  • add this feed to my.Alltop

    blog.hotspotshield.com

  • Wearable Tech and Personal Security Breaches: 6 Things to Know

    Peter Nguyen
    16 Dec 2014 | 10:28 pm
    Wearable technology is growing rapidly in popularity, with the consulting firm Deloitte predicting as many as 100 million wearable gadgets on the market in 2020. These devices track users’ behavior, lifestyle, and performance, creating what’s known as a “quantifiable self” from the data. While maintaining this quantifiable self can help users follow a fitness regime or track personal goals, it also makes them vulnerable to hackers in a number of ways. Bluetooth Transmissions are Vulnerable to Remote Tracking Wearable devices usually use Bluetooth synchronization to…
  • VPN Prevents Google Queries from Being Linked Publicly to an IP Address

    Peter Nguyen
    14 Dec 2014 | 11:09 pm
    The majority of your search history is probably not all that sensitive; perhaps you Googled where to buy tickets for the latest Hunger Games flick or how to get rid of belly fat. Search queries like these don’t really require the utmost confidentiality, but consider the other topics that you search. Thinking your search anonymous, you may have Googled highly sensitive material that you believed would be no one’s business but your own. The disquieting truth is that, in the last year, several websites have made users’ entire Google search histories public and associated them…
  • The Masque Attack iOS Security Flaw: Latest Details and Staying Safe

    Peter Nguyen
    9 Dec 2014 | 11:25 pm
    The threat of a Masque Attack has made big headlines in recent weeks, warning iOS users of this potentially dangerous security flaw. While this type of attack does have the potential to compromise a user’s data, it’s not as malicious or as pressing of a concern as it may seem. The key to avoiding a Masque Attack is as simple as understanding how it works and taking common sense precautions to protect yourself. What is the Masque Attack? At first glance, the headlines about a Masque Attack security flaw are alarming. However, it’s important to understand that a Masque Attack…
  • 10 ways to Keep your Mobile Data safe from mCrime

    Robert Siciliano
    3 Dec 2014 | 11:23 pm
    A smart thief will go after smartphones: a portal through which to gain access to your money, accounts, data and social. Few people think they’re not smart enough to prevent a crime involving their precious mobile phone, but it happens to even the highly educated who think they can’t be outwitted. mCrime is big business and knowing how to protect yourself is a big deal. Texts, e-mails, social media and so much more contain enormous amounts of private information. And crooks know how to get this information. One trick is to send a phishing e-mail: a scam that’s designed to sucker the…
  • Is the Chromebook Really Just a “Google Spyware Machine”?

    Peter Nguyen
    2 Dec 2014 | 12:09 am
    A lawsuit filed in 2014 against Google has reignited the debate over the company’s controversial email-scanning practices. Represented by the Electronic Privacy Information Center (EPIC), two of the suit’s nine plaintiffs accuse Google of data-mining student emails sent and received through Google Apps for Education on Chromebooks. They contend that Google violated student privacy laws by using email scanning to compile secret profiles of students and target them with ads. The plaintiffs seek class certification to recover damages for all Gmail users subject to the allegedly…
  • add this feed to my.Alltop

    Blog - CloudEntr

  • IT Pros Speak: Top 3 Priorities for Your IT Security Budget in 2015

    Macey Morrison
    17 Dec 2014 | 4:00 am
    The year is wrapping up quickly (can you believe its mid December?!), meaning we’re all scrambling to finalize budgets and plans for next year. And cyber theft is certainly on our minds with the recent Sony Pictures Entertainment hack and the sheer fallout of confidential data exposure the company is currently experiencing.With Sony poised to be making some IT security changes in the near future and giants like Target and Home Depot making investments to improve their security in the wake of their breaches in the last year, can the same be said for the not so giant companies in 2015?From…
  • [Feature Release] Extend Your Active Directory Service Security and Access Controls to the Cloud

    Ella Segura
    24 Nov 2014 | 6:50 am
    Ella Segura serves as the Product Manager for CloudEntr, guiding the product road map and all new features and developments. One switch to manage employee resource access: on-boarding, off-boarding, and day-to-day. When it comes to controlling access to local business applications, let’s face it, Microsoft’s Active Directory (AD) is the de facto standard.  For years, businesses like yours (and ours) have been investing in their AD infrastructures.  AD provides an identity and access management framework, giving us the tools to centrally manage users, set policies, and…
  • [Report] 77% of SMB IT Pros Cite Employees as Weakest Link in Cloud Security

    Macey Morrison
    13 Nov 2014 | 4:00 am
    IT pros give us their take on the state of SMB cybersecurity moving into 2015.Now that we are in the sixth “year of the hack,” IT professionals, even at smaller companies, are recognizing that cloud security is not someone else’s problem. In fact, it seems that IT pros at SMBs see the headlines of the breach du jour and are turning their gaze inward toward their employees rather than outside to the hackers. They see employees as their weakest link!At CloudEntr, we're excited to share with the IT community our inaugural State of SMB Cybersecurity report. We set out to find what SMBs were…
  • 4 reasons why your client's data is your data

    Christopher Bartik
    17 Oct 2014 | 12:03 pm
    If information is power, let’s face it, you’re getting closer and closer to super-man/woman status, but before you step inside that booth and go about your day saving lives, you may want to brush up on what today’s grateful citizens are expecting of you. After all, they have entrusted you with all sorts of sensitive information, including their customers’ and clients’ files, applications, credential data, etc.As the number of data breaches continues to rise, service organizations and others who deal in high volumes of privileged information may find themselves yearning for the days…
  • Don't become a breached whale: Password tips to keep you afloat

    Christopher Bartik
    26 Aug 2014 | 6:30 am
    It’s late at night. You’ve just gotten home from a long day at work and the last thing you want to think about is anything requiring you to well, think. The couch beckons and soon enough you’re flipping through your DVR looking for your Game of Thrones fix. Most days you’ll fall into detached, trancelike viewing, but today something on the news sparks your attention: There was a robbery in your neighborhood. The news reporter says the thief is taking advantage of all the people who leave their doors unlocked. From the couch, you look to your own front door and see that it is, indeed,…
 
  • add this feed to my.Alltop

    Quotium

  • Quotium and VersionOne Announce a Partnership to Deliver Secure Agile Software

    Quotium Research Center
    15 Dec 2014 | 2:13 am
    Quotium Seeker is now integrated with the VersionOne ALM platform to integrate security testing into the ongoing development and testing cycles. With Seeker and VersionOne, all stakeholders can now work together towards the common goal of Hacker-proof software. The post Quotium and VersionOne Announce a Partnership to Deliver Secure Agile Software appeared first on www.quotium.com
  • Regional Sales Manager US

    Quotium Research Center
    1 Dec 2014 | 1:12 pm
    Quotium is seeking a talented Software Regional Sales Manager to support our Sales and Business Development activities worldwide. In this high-profile role, you will manage multiple sales opportunities and accounts in your assigned region as we grow our business in the US.  Responsibilities Develop comprehensive sales and business plans to acquire new Clients Manage expectations through contact and […] The post Regional Sales Manager US appeared first on www.quotium.com
  • Field Sales Engineer US

    irene
    1 Dec 2014 | 2:03 am
    Job Description We are looking for Field Sales Engineers. Quotium is seeking talented Field Sales Engineers to support our Sales and Business Development activities in the US. You will be working in tandem with our sales team as a technical advisor and product advocate. The ideal candidate must be able to articulate technology and product […] The post Field Sales Engineer US appeared first on www.quotium.com
  • Quotium Joins F5’s Technology Alliance Program to Deliver Rapid Mitigation of Vulnerabilities

    irene
    26 Nov 2014 | 6:04 am
    Quotium partners with F5 to help mutual customers implement highly efficient, optimized, and easy-to-manage application security workflow The post Quotium Joins F5’s Technology Alliance Program to Deliver Rapid Mitigation of Vulnerabilities appeared first on www.quotium.com
  • Inside sales specialist

    Quotium Research Center
    17 Nov 2014 | 12:45 pm
    Quotium is looking for Inside sales specialists to support our sales managers. The role will be focused on the identification (and generation) of leads through research, networking, cold calling and the development of contact/prospect relationships. Responsibilities: - Lead generation, prospecting and qualification– engage in different activities to identify new opportunities and generate relevant sales leads – qualify leads by active […] The post Inside sales specialist appeared first on www.quotium.com
Log in