Blog

/Blog/

Black Hat Japan 2008 Presentations

Last month the Black Hat folks had their annual Japan conference. There were a few overlapping talks from the Black Hat USA 2008 conference, but also new presentations from the locals. The presentations are now online at the Black Hat Japan 2008 archives, and direct links are below. Enjoy! Black Ops of DNS 2008: Its [...]

2017-03-12T17:40:22-07:00 November 10th, 2008|Security Conferences|1 Comment

Adobe Reader 8 and Acrobat 8 Updates

A critical update to Adobe Reader 8.1.2 and Acrobat 8.1.2 has been released to address a remote exploit vulnerability. Version 9 of these products are not vulnerable. The advisory from Core Security notes that there is a stack buffer overflow when parsing PDF files, and the flaw could be exploited if a user is tricked [...]

2008-11-05T15:41:00-07:00 November 5th, 2008|Security Vulnerabilities|0 Comments

HITB 2008 Malaysia Presentations

The presentations from Hack in the Box Malaysia are now online and available to download on the HITBSecConf2008 Malaysia Conference page. All the presentations are in one directory, so it is easy download them all with something like wget or httrack. But for those that like direct links from this site, here they are: Keynotes [...]

2008-11-02T22:18:41-07:00 November 2nd, 2008|Security Conferences|0 Comments

Information Security Events in November

The number of information security events in North America is finally slowing down. This month there are only two events going on: Information Security Decisions Conference: November 5-6 CSI 2008: November 15-21 But there are a ton of other information security events around the world going on: OWASP EU Summit 2008: November 4-7 in Portugal [...]

2008-11-01T09:16:00-07:00 November 1st, 2008|Security Conferences|0 Comments

ToorCon X Presentations

The presentations from ToorCon X are now available to download on the ToorCon X Conference page. Below are direct links to the presentations. Hour Presentations Black Ops of DNS 2008: Its The End Of The Cache As We Know It by Dan Kaminsky How To Impress Girls With Browser Memory Protection Bypasses by Alexander Sotirov [...]

2008-10-24T20:57:00-07:00 October 24th, 2008|Security Conferences|1 Comment

Microsoft Exploitability Index

Starting this month, Microsoft will be providing exploitability information about their patches to everyone. The Microsoft Exploitability Index is designed to provide additional information to help customers better prioritize the deployment of Microsoft security updates. This index provides customers with guidance on the likelihood of functioning exploit code being developed for vulnerabilities addressed by Microsoft [...]

2017-03-12T17:40:22-07:00 October 21st, 2008|Security Vulnerabilities, Vendor News|0 Comments

WPA-PSK/WPA2-PSK Cracking With GPUs

There have been lots of buzz recently on new Elcomsoft software that utilizes Nvidia GPUs to crack WPA and WPA2 keys. The use of Nvidia GPUs result in cracking the keys 100 times faster! Lots of media picked up on this story, from Slashdot to Gizmodo to The Register. Unfortunately, none of the reporters did [...]

2017-03-12T17:40:22-07:00 October 18th, 2008|Security Tools|0 Comments

New NIST Special Publications

NIST continues to release good guidelines on security. Within the last month, they released three new special publications, and updated three special publications. New Releases SP 800-115 – Technical Guide to Information Security Testing and Assessment SP 800-121 – Guide to Bluetooth Security SP 800-124 – Guidelines on Cell Phone and PDA Security Updated SP [...]

2017-03-12T17:40:22-07:00 October 15th, 2008|Vendor News|0 Comments

OWASP NYC AppSec 2008 Video

For those that weren’t able to attend the OWASP NYC Appsec 2008 Conference, the video from all the presentations are now online! Intro OWASP 3.0 – Who We Are And How We Got Here by The OWASP Foundation Track 1 Analysis Of The Web Hacking Incident Database by Ofer Shezaf HTTP Bot Research by Steven [...]

2017-03-12T17:40:22-07:00 October 12th, 2008|Security Conferences|1 Comment

OWASP NYC AppSec 2008

This year we weren’t able to attend the annual OWASP AppSec conference. But Josh from the Web Admin Blog attended and did an amazing job at live blogging the event. Here are links to his various posts from the conference: Day 1 Keynote – OWASP AppSec NYC 2008 Web Application Security Roadmap OWASP Google Hacking [...]

2017-03-12T17:40:22-07:00 October 11th, 2008|Security Conferences|0 Comments