A few days ago VMware released an update to their Workstation product to fix two major security issues. The latest version is now 6.0.4, Build 93057, and here you can download VMware Workstation. From the VMware Workstation 6.0 Release Notes: Workstation 6.0.4 addresses the following security issues: On Windows hosts, if VMCI is enabled, a [...]
Because Techno Security 2008 and the Access Data User's Conference was held during the same time as Hacker Halted, there were a decent amount of vendors on the expo floor. Most of the vendors were forensics oriented like Guidance and Access Data, but I was happy to see Core Security there. Even the NSA, FBI, [...]
This was my first time at the Hacker Halted conference, and it was quite enjoyable. I loved the venue, and the talks were informative. One major disappointment was that Howard Schmidt didn't talk as planned due to travel issues. It's not the conference's fault, but I thought his talk would be the highlight of [...]
Here are my notes from the third day of the Hacker Halted conference. An Ethical Hacker's Perspective to Network Access Control Antivirus software is just a checkbox to most companies Layered security is a must Ghosts in the Browser paper - Tons of drive by downloads Gartner said by the end of 2007, 75% of [...]
Here are my notes from the second day of the Hacker Halted conference. Inside the Storm Brandon Enright - Exposing Stormworm presentation Virtual Worlds - A Wild Frontier Or New World Order? NDU IRMC - Information Resources Management College Virtual worlds provide an easy environment for users to get profiled Many new virtual environments are [...]
Thanks to the folks at Blog Theme Machine, we now have a new site design! We are quite happy with the new design, and we hope that you like it as well. There are still a few minor tweaks that need to be done, but we hope they will be resolved shortly. Please let us [...]
Here are my notes from the first day of the Hacker Halted conference. Keynote Address - OSI Exposed & Examined Level 8 politics, level 9 religion, level 10 economics $200 per workstation is average for IT budget 10% of that budget should be the security budget at the least If no security budget, do one [...]
Here is what's going on this month in the information security space: Hacker Halted: June 1 - 3 GFIRST 2008: June 1 - 6 SANS WhatWorks in Penetration Testing & Ethical Hacking Summit: June 2 - 3 SANS WhatWorks in Web Application Security Summit 2008: June 2 - 3 Applied Cryptography and Network Security 2008: [...]
Foxit Software just released an update to their PDF reader to fix a security flaw. Secunia rated the util.printf() buffer overflow vulnerability as highly critical, so download and install the latest version now. The latest version is now 2.3 build 2923. Their download servers are very slow right now, but I was able to get [...]
Niels Provos mentioned it at today's Web 2.0 Security and Privacy workshop, and somehow everyone I knew missed Google's official announcement last week of the safe browsing diagnostic page. So what type of information is given back to the user? What is the current listing status for [the site in question]? We display the current [...]