Archive for August, 2007
In this paper, we examine client-side attacks and evaluate methods to defend against client-side attacks on web browsers.
Users of Skype for Linux have just found out that it reads the files /etc/passwd, firefox profile, plugins, addons, etc, and many other unnecessary files in /etc.
Tom Wood, 16, said it took him just over 30 minutes to bypass the Government’s filter, released on Tuesday.
The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device.
There has been a lot of buzz around the topic of virtualized rootkits. Joanna Rutkowska has been working on a new version of Blue-Pill, her proof of concept invisible rootkit, while a team made by three prominent security experts (Thomas Ptacek, Nate Lawson, Peter Ferrie) challenged her that there is not an “invisible” rootkit.
1.6 million records with personal info uploaded to remote webserver.
Mark Burnett has a few good articles on the CAPTCHA. Check the articles out here and here. They do a good job at explaining some of the high level problems with CAPTCHAs but don’t be fooled, this is only the tip of the iceburg as I’m sure Matt would agree.
Entry level certifications such as the Cisco Certified Network Associate (CCNA) have become the source of many jokes to people in the industry, largely because of the seemingly inept people that proudly display their certifications. This is made worse by the volume of books geared only to get people through the exam. Network Warrior bills itself as the exact opposite — if the subtitle is to be believed it contains “Everything You Need to Know That Wasn’t on the CCNA Exam”. I actually bought this book the other day but havn’t read it yet – looking forward to it though.
Veteran tester Andreas Marx has done another major test of 29 anti-virus and anti-malware products, and it’s worth taking a look at — notwithstanding the caveat that it’s only using the on-demand capabilities of the scanner (as opposed to real-time protection, which is another bulwark in an antivirus program’s defense of a system).
In this article I comment on a few misconceptions about ARP cache poisoning that I come across from time to time, even from people who know what ARP cache poisoning is and (more or less) how it works.
A child with a chocolate-smeared shirt says, “I didn’t do it.” The phone rings, and Mom assures you, “There’s nothing to worry about.” A systems administrator carrying a box of tapes says, “We’ll have everything back up in a few minutes.” Sometimes the first words you hear — despite their distance from the truth — tell you everything you need to know.
The UK government has unveiled its latest weapon in the fight against crime – designers. Police are confident that innovative design can help reduce the risk of theft and burglary.
LLDP is a Layer 2 protocol which allows network devices to advertise their identity and capabilities on the local network, it helps to keep track of devices and the packets are multi-casted.
This research paper describes some of the threats when companies or a private person uses Online Social Networks.
A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery.
DNS rebinding attacks subvert the same-origin policy and convert browsers into open network proxies. These attacks can circumvent firewalls to access internal documents and services and require less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers.
DNS redirection is not a new phenomenon: it is widely used to manage parked domains, and in some cases to direct mistyped URLs to splash pages that carry adverts. Cox were already experimenting with redirection in May this year, but the present redirection is the first on record that has been aimed at cleaning out bots.
Bulk e-mail using attachments in the Portable Document Format (PDF) has begun to decline just a month after it first appeared, and spammers are moving on to Excel files, security firms said this week.
Wireshark/Ethereal, ARPSpoof, Ettercap, ARP poisoning and other niceties.
Aussie software can get around 64-bit Vista’s signed-code requirement.