Blog

/Blog/

Week 14 in Review – 2009

Tools: Metasploit updates keylogger, osx support XSS Rays – thespanner.co.uk Lynis – linux auditing tool – rootkit.nl OWASP Code Review Guide 1.1 – owasp.org Other News: Register.com DNS DDOS Register.com suffers DNS problems – theinquirer.net DNS Providers Under Attack – isc.sans.org ATM card skimmers A Man Finds an Actual Card Skimmer in the Wild, in [...]

2009-04-06T22:28:00-07:00 April 6th, 2009|Security Tools, Security Vulnerabilities|0 Comments

Information Security Events in March

Here are the information security events in North America this month: SANS 2009 – March 1-9 in Florida InfoSec World Conference and Expo 2009 – March 9-11 in Florida SOURCE Boston – March 9-13 in Massachusetts CanSecWest 2009 – March 16-20 in Vancouver We didn’t come across any information security events in the other parts [...]

2009-03-01T22:22:56-07:00 March 1st, 2009|Security Conferences|7 Comments

CanSecWest 2009 Speaker Lineup

Dragos Ruiu just announced the speaker lineup for this year’s CanSecWest conference, being held next month in Vancouver Canada. The Smart-Phones Nightmare - Sergio 'shadown' Alvarez Getting into the SMRAM: SMM Reloaded - Loíc Duflot Network design for effective HTTP traffic filtering - Jeff "rfp"  Forristal, Zscaler Ninja Scanning - Fyodor, Insecure.org On Approaches and [...]

2009-02-16T21:46:13-07:00 February 16th, 2009|Security Conferences|0 Comments

Offensive Security Certified Professional

This post is part of the security training review project, and is by Rob (mubix) Fuller. You can find his original post and other content at his blog at Room362. I recently obtained the status Offensive Security Certified Professional. It is one of the best courses I have ever taken. It challenged me to think [...]

2017-03-12T17:40:20-07:00 February 4th, 2009|Security Training|0 Comments

Information Security Events in February

Here are the information security events in North America this month: SANS Process Control & SCADA Security Summit – Feb 2-3 in Florida Shmoocon – Feb 6-8 in Washington DC Best of Open Source Security Conference – Feb 10-12 in Nevada Black Hat DC – Feb 18-19 in Virginia And here are the information security [...]

2009-02-01T13:50:00-07:00 February 1st, 2009|Security Conferences|0 Comments

HITB 2008 Malaysia Conference Videos

The official videos from Hack in the Box Malaysia conference are now online via torrent. There are two torrents, and you can find the the Day 1 and Day 2 videos on The Pirate Bay. For all presentation materials, check out our previous post – HITB 2008 Malaysia Presentations.

2009-01-21T14:18:00-07:00 January 21st, 2009|Security Conferences|0 Comments

Elcomsoft Wireless Security Auditor

A few months ago we mentioned that Elcomsoft was coming out with an application that utilizes Nvidia GPUs to crack WPA and WPA2 keys. That application is now available, and it can also utilize ATI GPUs as well. The $1,199 price tag is quite expensive when you compare it to pyrit, the FREE open source [...]

2009-01-19T22:19:41-07:00 January 19th, 2009|Security Tools|0 Comments

SQLiBENCH

SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases. There're a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql [...]

2017-03-12T17:40:21-07:00 January 15th, 2009|Security Tools|0 Comments