Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

1. Xavier decided to fuzz his car. Good thing he didn’t do it when he was driving down the road.
   /dev/random >> Fuzzing a Car Multimedia System?
   Tags: ( fuzzing )
2. Want to some help on learning how to write windows stack-based exploits? Here you go. A whole mess of tutorials.
   The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS – Links/tutorials on writing windows (stack based) exploits
   Tags: ( exploit-writing )
3. An interesting exploration of the three-way TCP handshake process. Particularly, since it can be a four-way handshake. Very cool. It will be interesting to see what comes out of the research about to happen.
   TCP Portals: The Handshake’s a Lie! — BreakingPoint
   Tags: ( networking tcp-handshake )
4. There is a new vulnerability in Flash and Mike does a great job of explaining it.
   Skeptikal.org: Flash Origin Attack FAQ
   Tags: ( adobe flash vulnerability )
5. Thierry ZOLLER has put together a very nice document that describes and demonstrates the recent SSL/TLS vunerability. (Direct link to pdf)
   TLS and SSLv3 vulnerabilitys explained (PDF)
   Tags: ( ssl )
6. Jack makes some good points about customer data, where it came from and where it is going.
   Uncommon Sense Security: Whose customers are they?
   Tags: ( data-leakage )
7. Here is another resource to do some free monitoring of your websites.
   HolisticInfoSec.org: Sucuri NBIM: website integrity monitoring for free
   Tags: ( monitoring )
8. (IN)Secure Magazine issue 23 is out. (Link goes directly to pdf)
   INSECURE-Mag-23.pdf (application/pdf Object)
   Tags: ( magazine insecure )

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin