February 21, 2010
10:35 pm
February 19, 2010
4:59 pm
February 15, 2010
10:34 pm
February 12, 2010
10:27 am
If you try to use your credit card out of state to buy a cup of coffee, they’ll freeze your account,” she said. But wiring $150,000 to Croatia, when you’ve never sent a dime there before? That’s not going to set off any alarms.
10:00 am
February 10, 2010
reDuh is actually a tool that can be used to create a TCP circuit through validly formed HTTP requests. Essentially this means that if we can upload a JSP/PHP/ASP page on a server, we can connect to hosts behind that server trivially
8:33 am
February 9, 2010
11:41 am
January 30, 2010
6:47 pm
January 26, 2010
The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were. The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent.
4:57 pm
January 25, 2010
Numb3rs’ description of IRC: This is EXACTLY how it is to do an Cyber Investigation. I can’t believe they got this so right. Amazing research they do for TV shows now.
6:52 pm
January 24, 2010
How many of these large security product vendors employ even one full-time person to play the role of a dedicated attacker attempting to bypass or defeat their defensive systems? Or have even hired one attack-oriented consultant on a contract for an independent assessment of the efficacy of their product or solution? Don’t let the same product vendors who failed to protect the victims of Operation Aurora turn right around and sell you those same products as a solution to “the APT threat.
10:41 pm
January 21, 2010
10:09 am
January 16, 2010
Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files.
5:09 pm
January 15, 2010
Yesterday, a copy of the unpatched Internet Explorer exploit used in the Aurora attacks was uploaded to Wepawet. Since the code is now public, we ported this to a Metasploit module in order to provide a safe way to test your workarounds and mitigation efforts.
5:13 pm
January 14, 2010
This is how Nation States Pwn
8:49 pm
