Anyone else a bit nervous?
Federal Court Hands Record Companies Decisive Verdict In Usenet.com Lawsuit
WASHINGTON - A federal district court late Tuesday afternoon issued a decisive ruling in favor of the record companies in the lawsuit against Usenet.com. A copy of that ruling is available upon request. Below is a comment on the favorable ruling from Steven M. Marks, Executive Vice President & General Counsel, Recording Industry Association of America:
I will be posting interesting video on SecurityTube in this thread. It is important to note that these are videos which people have submitted / referred to SecurityTube and have not been made by me.
Read more »The term hacker may be used to describe people who steal information from computers, but that's just the dark side of the story.
Like the cowboy heroes of childhood, there are white hats as well as black, and the former are legal hackers: security professionals who aim to make the wilds of the internet a safer place for us all, tracking down and rounding up the exploits that endanger our computers.
Read more »Emails from the Argentine mistress of married South Carolina Governor Mark Sanford were leaked to the press by a hacker, according to the Latin American siren at the centre of a political scandal in the US Deep South.
The emails were obtained by South Carolina newspaper The State back in December but kept on ice while the paper investigated their authenticity. Last week Sanford's political aides confirmed that the emails were authentic, allowing the paper to publish the intimate exchange of correspondence between Sanford and the mother of two, initially identified only as Maria.
Read more »So it looks like Google Voice has finally begun to send out invites, and I admit that I have been waiting for mine for a while and can't wait to use it. For those that don't know what Google Voice is:
You get a single Google provided phone number that you can use. It will then handle all of your voice mail and other text messages. You can also change how your phones ring. Which is all really useful for people that have a huge amount of phones.
Will you guys use it? Do you have concerns about the security and the privacy of Google Voice?
Read more »So how exactly do you calculate a 4 byte hash?
// CalcDLLHash.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include
#include
#include
#include
char * CalcHash(unsigned char * MyString)
{
unsigned int h;
unsigned char *c=MyString;
while(*c)
{
h=((h<<5)|(h>>27))+*c++;
}
printf("Done");
return 0;
SQL Server 2005 provides easier functions for encrypting and decrypting user sensitive information such as credit card numbers or bank account details, so as to deter any hacking attempts.
Data encryption in SQL Server 2005 can be done either by using password mechanism or by making use of keys and certificates. These methods are as follows:
1.Encryption by PassPhrase
This is a simple method in which we use the SQL method EncryptByPassPhrase('password','original_value') with our insert,update,select queries.
Quantum cryptography has been a Holy Grail for security researchers since the idea was proposed, the promise of a new standard in absolutely unbreakable communications. But it's a new standard in the Microsoft sense: "Use our brilliant new system, because we're making sure the old one doesn't work anymore."
The most common security algorithm used online is RSA, an encryption system designed by MIT researchers Ron Rivest, Adi Shamir and Leonard Adlemen in 1977 (hence RSA, Rivest-Shamir-Adlemen). The idea is that any numerical code can be cracked, so rather than try to invent one
Read more »I was aghast to notice that the Jericho Foundation’s completely faulty concept of deperimeterization had made its way into a high level document created by the Defense Sciences Board . I know IT executives feel frustrated by the seeming deluge of new security products. I was approached at a conference by the CIO of a branch of the military and dressed down, in my role of evangelist for the security industry, for not providing a simple solution that solves all of security once and for all.
Read more »A darknet is a private virtual network where users connect only to people they trust, or they connect to other unknown anonymous peers under cloaked conditions. Many F2F networks are classified as Darknets, even if they aren’t self-described as such. Two examples are WASTE and Freenet. Even RetroShare and CSpace are considered darknets.
One thing is certain about darknets: They are anonymous and uncensored. And they are also unpoliced - this is not a metaphor or a figure of speech. Real-world cops can access a darknet, but there is nothing any policing agency in the world can do about it.
Read more »And it only takes one "dirty" program to compromise your PC - but the bad guys got a dozen shots on average!
Read more »Adobe Systems Inc. on Tuesday issued a software update to fix a critical security flaw in its Shockwave Player, a commonly installed Web browser plug-in. According to Adobe, a malicious or hacked site could use the security hole to install malicious software if the visitor merely browses the site with a vulnerable version of the media player software. The flaw exists in Shockwave Player (also known as Macromedia Shockwave Player) version 11.5.0.596 and earlier. To find out whether Shockwave is installed and which version may be on your PC, visit this site.
Read more »NetWitness Corporation and MIS Training Institute released the results of an information data loss survey conducted at the 6th Annual CISO Executive Summit in Lisbon, Portugal this month. The survey i...
Read more »The agenda for the second SANS WhatWorks Summit in Forensics and Incident Response has been posted. I am really happy to see I am speaking on Tuesday, because I will not be available Wednesday. Day 1 appears mainly technical, and day 2 is mainly legal.
Read more »Recently, Pedro Bueno wrote about “dumb” malware authors hardcoding their login credentials into their password stealing trojan. The malware he referenced, PWS-Banker.gen.i, ostensibly came from Brazil.
Read more »This is a continuation of multiple educational video demonstrations
related to Web application attacks. This video is focused on Cookie Poisoning. The definition can be found in the Imperva ADC Glossary.As always, these videos are in HD.
The operators have disabled the access to all plug-ins to check for potential manipulations. Reportedly, SquirrelMail's source code has not been compromised
Read more »Less than two weeks after the last vulnerabilities were closed, Google has released version 2.0.172.33 of Chrome, a security update fixing another critical vulnerability
Read more »To all of the hackers,crackers and just plain old techno geeks, who have (contrary to what the media feels is possible) miraculously found a way to spawn ourselves. Keep that spark of curiosity alive by training your brood to do the same!
Read more »The U.S. Department of Homeland Security announced the launch of a blog it calls The Blog @ Homeland Security.
It’s described as a new way for DHS to offer an inside-out view of what they’re doing each day to secure the nation.
The blog features a video message from Secretary Napolitano outlining the Department’s five overarching responsibilities, an invitation for visitors to comment and the latest “tweets” from @dhsjournal.
Read more »So, Iran had elections this weekend. Some people don’t agree with the results. As consequence, some people are organizing DDoS attacks against Iranian websites, more precisely:
http://www.leader.ir/
http://president.ir/
http://www.irib.ir/
http://www.iribnews.ir/
and some specific URLs on those domains.
Read more »FinallySecure uveiled version 7.0 of Secure SignOn, which comes with enhanced support for Web, Windows, Java and Terminal applications as well as a brand new learning wizard for user convenience and e...
Read more »Security Focus: Multiple Kaspersky Products PDF File Scan Evasion Vulnerability
Read more »A recent set of spam emails were seen abusing yet another Google search feature:
The URL in the spam email above uses the search feature q=site: in order to direct the user clicking on the link to a Google results page returning the spam site:
Read more »HP has recently contracted Symantec to bundle its security software into all of the new HP notebook and desktop packages.
In line with the new deal all pre-installed JP systems will contain Norton Online Backup and customers will have access to a thirty day free trial of the Norton 5GB backup service.
HP has been selling desktop backup software for many years but has started to refocus its efforts on online backup as people are turning to online solutions over hardware solutions.
Read more »I was happy to see the last posts from Alan Shimel Read more »
I figure that since I have to tell you where to look for last month's juicyness, I may as well go on about what's going on outside this freakish Internet.
We have a new kitty named мясо, Russian for meat. Yeah. Keep it to yourself. Our other cat is deathly ill; had her forever, like 13 years. Found her as a stray, fed her from a bottle as a kitten, had her ever since.
I bought a classical electric acoustic guitar.
Read more »Social networking site Facebook has put trade mark protections in place ahead of a move this weekend to allow users to register domain names for their profile pages. One trade mark expert has said that the measures are more than adequate.
Read more »Recently I gave a presentation at the “SANS Penetration Testing Summit ” titled "Zen and The Art Of An Internal Penetration Testing Program". This presentation outlines the steps required to create a successful program and perform internal penetration testing. There are several key components that must exist to create a successful program:
Read more »
Recent comments
4 hours 18 min ago
1 day 8 hours ago
4 days 18 hours ago
1 week 6 days ago
2 weeks 5 days ago
3 weeks 20 hours ago
5 weeks 22 hours ago
5 weeks 5 days ago
6 weeks 3 days ago
6 weeks 3 days ago