NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

2.28.2008

 
Position Open for SCADA Analyst - Contact me if interested.



2.27.2008

 
Diebold Accidentally Leaks Results Of 2008 Election Early from John

 
HP Application Security Resource Library



2.25.2008

 
Invisible dots left by printers may breach EU privacy laws

 
If you have not yet read the paper posted on 2-21 "Lest We Remember: Cold Boot Attacks on Encryption Keys", at least check out this video.

 
cDc Releases Goolag - from Jamie



2.24.2008

 
Cisco confirms vulnerability in 7921 Wi-Fi IP phone



2.22.2008

 
Wiretapping GSM cellphones



2.21.2008

 
Lest We Remember: Cold Boot Attacks on Encryption Keys

 
Microsoft: Vista SP1 will break these programs

 
Design flaw in wireless VoIP handsets endanger the enterprise - Vendors skip verification of digital certificates "because of the processing overhead required"



2.20.2008

 
NTFS File System References [More]

 
Future of Japan's E-Voting in Doubt



2.19.2008

 
Saboteurs may have cut Mideast telecom cables: UN agency

In a completely unrelated story, where in the world is the USS Jimmy Carter?



2.18.2008

 
Shmoocon Notes: The Presentation by Sandy Clark (Mouse) on EVEREST (Evaluation and Validation of Election Related Equipment, Standards and Testing) was quite good. Unsurprisingly, the problems of E-Voting are as bad as ever.

 
Flawfinder is a program that examines source code and reports possible security weaknesses (``flaws'') sorted by risk level. - From Dale

 
Friendly 'worms' could spread software fixes - This is by no means new. Dave Aitel developed a framework for beneficial worms called Nematodes and HP researched beneficial worms in the early 00s (most evidence of which has disappeared). [Daily Dave]



2.14.2008

 
InsomniaShell is a tool for use during penetration tests, when you have ability to upload or create an arbitrary .aspx page. This .aspx page is an example of using native calls through pinvoke to provide either a reverse shell or a bind shell. It has the added advantage of searching through all accessible processes looking for a SYSTEM or Administrator token to use for impersonation.



2.13.2008

 
Airforce Cyber Command



2.12.2008

 
Adobe Reader and Acrobat JavaScript methods buffer overflow vulnerabilities - Adobe Reader EScript.api arbitrary code execution - Securing Your Web Browser

 
NIST 500-267 - A Profile for IPv6 in the U.S. Government



2.11.2008

 
NIST Budget Slashed



2.08.2008

 
New Authentication Scheme Proposed



2.06.2008

 
MayDay! Sneakier, More Powerful Botnet on the Loose - from John

 
Diebold voting machine key copied using a photo from their website!

 
truecrypt 5.0 released



2.05.2008

 
Google Blamed For Indexing Student Test Scores & Social Security Numbers

 
Carolinacon regional technology conference - Who needs an excuse to go to Chapel Hill?



2.04.2008

 
Cyber Security and Information Intelligence Research Workshop



2.03.2008

 
Universities fend off phishing attacks



2.02.2008

 
Who's Cutting the Cables?



2.01.2008

 
Italian Parliament To Mistakenly Legalize MP3 P2P [Original Italian]

 
DFRWS 2008 Forensics Challenge Overview





This page is powered by Blogger.


Site Meter Locations of visitors to this page