Did you know that two thirds of all phishing attacks are sourced from a single group? This seems like a staggering statistic, except for the fact that we’ve already seen this before. Maybe those plans for world domination just might pay off… This whole Facebook privacy scare seems to finally be taking its toll on the general public as it seems Google is showing a major increase in trends data sourced from people wanting to delete their accounts. This doesn’t really surprise me much either, as we’ve talked numerous times about how to secure yourself within Facebook. Let’s hope that emergency meeting that was supposed to take place today actually accomplished something. One of the pioneers of PKI, Whit Diffie,[…]
Author: Tim Donaworth
Vavada - это онлайн-казино, предоставляющее широкий выбор азартных игр, включая слоты, рулетку, блэкджек и другие. Vavada привлекает игроков разнообразными бонусами и акциями.
I recently found out about Netsparker through Darknet. They released an update to their community edition (free). The main thing about Netsparker that caught my eye is its fundamental approach at eliminating false positives in its web application scanning. I completely agree with the developers’ approach. The developers thought that if you need to investigate every single identified issue manually what’s the point of having an automated scanner? So I decided to check out Netsparker a little further and put it to the test. I first started by running its array of scans against a few local web applications I had on my system. Most are either internal development projects or just sandbox sites I use for testing random stuff,[…]
Pwn2Own winner Charlie Miller is taking a different approach this year when it comes to releasing the vulnerabilities he used to the vendors, in this case Apple, Microsoft, and Adobe. In an interview with Computerworld Charlie stated: “We find a bug, they patch it, we find another bug, they patch it. That doesn’t improve the security of the product. True, [the software] gets incrementally better, but they actually need to make big improvements. But I can’t make them do that.” From this observation Charlie decided he’s not just going to hand over the vulnerabilities to the vendors. Instead, he’s going to sit down, show them the method he used to find them, and let them do the actual work to[…]
Let’s face it. There are a lot of broken web apps and software out there. These web apps and software can oftentimes lead to major security holes being opened up due to their vulnerabilities. You don’t want to be the guy/girl responsible for the next major security breach just because you forgot to sanitize some input, or check that your sessions were secure. I would love to provide you a great tutorial on how to avoid many of the hardships that developers face, especially in security these days, but I don’t think I could do it better than the people over at the OWASP WebGoat project. It’s a web application that purposefully has many vulnerabilities right out in the open.[…]
The first night of ShmooCon is a wrap, at least for the presentations. First off, my shout-outs to all those that actually made it this year. The DC weather hasn’t been too kind to any of us, especially those traveling in specifically for this Con. But to those who made it, I salute you (even more so to those who had to walk a couple miles to get to their hotel because they didn’t make or take reservations at the Marriot).
Seems the new year has brought out a few new findings. One being the newly discovered “God Mode” feature in Microsoft’s Windows 7 based operating systems. At its core, it’s basically a glorified control panel. It takes all the hard to get to, or annoying multiple right click -> properties -> options -> submenu -> etc. -> etc. parts out of some of the common administrative tasks. So, how do you get this miracle “God Mode”?