Poor Scoping Disastrous for Security
The limited scope afforded to your security staff and contractors could
harm your business, writes Metlstorm...
By metlstorm
April 14, 2009 --
Building security testing into your project lifecycle is one of those
critical growing-up points for a business.
I find this address near the top of my web logs every month:
hiss.niceguysfinishlast.com
Resolved niceguysfinishlast.com to 64.81.66.218
Unable to resolve hiss.niceguysfinishlast.com
Resolved 64.81.66.218 to roar.parasite.com
parasite.com is a parked domain
Just a minor curiosity, anyone know w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here are some write-ups on it... Good 'ol XSS attacks..
http://www.f-secure.com/weblog/archives/1653.html
http://dcortesi.com/2009/04/11/twitter-stalkdaily-worm-postmortem/
http://mashable.com/2009/04/11/stalkdaily-twitter/
Andre' M. Di Mino - S
More on the story: http://www.bnonews.com/news/242.html
Daniel
Jon Kibler wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> SANS ISC is reporting a twitter worm (XSS):
>http://isc.sans.org/diary.html?n&storyid=6184
>
> Jon
> - --
> Jon R. Kibler
> Chief Technical Officer
> Advanc
On Mon, 13 Apr 2009 23:26:26 +0300, Juha-Matti Laurio said:
> "In just 12 hours, one bot alone sent out 42,298 spam messages,"
That's almost exactly 1 per second. They either have a really shitty
SMTP implementation or they're trying to fly under the wire. Meanwhile,
we try to send out that man
Dumpster Diving. You'd think this would be a thing of the past,
especially at a bank. Nope.
http://www.csoonline.com/article/484847/A_Real_Dumpster_Dive_Bank_Tosses_Personal_Data_Checks_Laptops
- Paul -
___
Fun and Misc security discussion for OT po
"Windows PCs infected with the Conficker worm have turned into junk
mail-spewing robots
capable of sending billions of spam messages a day, a security company warned
today.
According to Kaspersky Lab, a Moscow-based antivirus firm, yesterday's update
to Conficker,
which in some cases was accom
valdis.kletni...@vt.edu wrote:
> Now taking bets whether this sucker waltzed onto the campus via a USB stick
> rather than Internet. ;)
...and propagated from that point via some Active Directory "One Big
Happy Family" shared resource?
Jeff
___
Fun and
On Sun, 12 Apr 2009 10:13:56 PDT, Paul Ferguson said:
> Information technology staff shut of Internet access for up to six hours at
> some campus locations Friday so they could isolate the virus. They were
> expected to work through the weekend to eradicate it from the system.
Now taking bets whe
Paul Ferguson wrote:
> Maybe I've been living under a rock (I don't think so, since I'm also
> geeked for Star Trek), but I had not even heard of this until I saw a
> trailer while watching "Rescue Me" tonight.
>
> Looks pretty awesome. :-)
I saw a preview for this movie during the Super Bowl.
I
Paul Ferguson escribió:
> Maybe I've been living under a rock (I don't think so, since I'm also
> geeked for Star Trek), but I had not even heard of this until I saw a
> trailer while watching "Rescue Me" tonight.
>
> Looks pretty awesome. :-)
>
> http://terminatorsalvation.com/
>
> I'm just say
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Maybe I've been living under a rock (I don't think so, since I'm also
geeked for Star Trek), but I had not even heard of this until I saw a
trailer while watching "Rescue Me" tonight.
Looks pretty awesome. :-)
http://terminatorsalvation.com/
I'm jus
12 matches
Mail list logo