Security Summit 2010
So, it’s that time of the year again – Security Summit 2010 in Sandton, Johannesburg. Items on the agenda include: The business of security – Threat horizon 2010 and beyond, legislation (P ...
Category Archives: security
How to remove yourself from Facebook by deactivating your account
Facebook — now will accounts up for sale ($25 / 1000 where there are less than 10 friends, and $45 / 1000 where there are more than 10 friends) – has again changed their privacy approach & ...
clamav 0.94 finally reaches end of life
clamav finally sent the end-of-life payload yesterday evening – 0.96 is the current version, so it’s been a good run 🙂 Possible symptons you experienced: Repeated notifications:WARNING: ge ...
Clamav errors on upgrade to 0.96 clamd and clamav-milter
Some updates to the yum-sent clamav-milter.conf and (to a lesser extent) clamd.conf may be necessary. After an automatic yum-update of the clamd family on RHEL, there’s a disparity in the way cl ...
Step-by-step virus disassembly
Over at SkullSecurity they’ve done a great job of a step-by-step disassembly of the Energizer Trojan using IDA. Using a sterile/insight environment, they go through the code to give you an insig ...
OpenSSL v1 released after 11 years of development
After a long, hard struggle of 11 years, which started with these two entries: 23-Dec-1998: Released OpenSSL 0.9.1c 23-Dec-1998: Official start of the OpenSSL project we are now at the point of “ ...
Security Summit 2010
Moxie Marlinspike will be at the Security Summit 2010 this year at the Sandton Convention Centre – well, at least he’s on the lineup – and should give some insights; Jeremiah Grosman ...
Cracking passwords fast with rainbow tables on SSD
A Swiss firm, Objectif Sécurité, makers of Ophcrack_Office (for Word and Excel files) and Ophcrack Open Source (over at sourceforge.net), has tweaked their application to crack XP passwords with up to ...
Excel 2007 password, cell and sheet protection removal – unprotect/remove password easily
Elmcomsoft has a variety of really good brute-force and dictionary-based password attacks on the full Office suite, including a distributed version to run in the cloud (which I wrote about some time a ...
An update on Operation Aurora
The attack (Operation Aurora) on around 20 companies in the US, including Google, Adobe, Juniper Networks and others using the zero-day exploit of Internet Explorer is partly linked to social engineer ...
Y2K vs 2010 vs 2016 — year rollover still an issue
Ain’t that a kick in the head! Rollover from 2009 to 2010 has not been processed correctly on many systems, including Symantec’s Endpoint Protection Manager, they have confirmed in a state ...
Google Analytics unzulässig nach deutschem Recht?
Die Zeit berichtet, daĂź DatenschĂĽtzer, auch mittels BuĂźgelder bis zu €50 000, von dem Gebrauch Google Analytics abraten möchten. “Google Inc. räumt sich ausdrĂĽcklich, in seinen beim Einsatz zu a ...
Zombie postings with Captcha automation
Just got another comment posting request relating to a version 5.0 release of automated forum/blog spamming software which is guaranteed to get your customers ‘closer to your products’ by ...
Flash Exploit Protection
The folks over at www.foregroundsecurity.com have discovered (another) Flash exploit that makes use of a same-origin policy interpretatino malformation in the application. This vulnerability allows th ...
And we’re on 2.8.6
Another quick upgrade to make it safe — 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. Not really pertinent here but good to ...
Cloud Computing – on Crack
There are a range of ways that cloud computing can be used to leverage the power of a range of machine to achieve cheaply what you wouldn’t necessarily invest physically in. And to crack PGP or ...
A note on WordPress security…
There’s a note on why to keep patching – How To Keep WordPress Secure over at the WordPress dev blog – definately worth a read. Good sense. ...