Archive for the 'Security' Category
Kernel.org hacked ! // From: J.H. <[email protected]> Subject: [kernel.org users] [KORG] Master back-end break-in
Monday, September 12th, 2011Kernel.org machines were hacked into, possibly via stolen credentials. Investigation is underway.
Thanks to GIT crypt-signing each commit, there is no danger to linux kernel code.
Penetration Testing Policy for Amazon EC2
Thursday, August 25th, 2011read this if you need to conduct pen and security testing on / from EC2 instances
Penetration Testing Policy for Amazon EC2
Thursday, August 25th, 2011respawn_redux [presistent cookies based on If-Modified or Etag headers]
Saturday, August 20th, 2011An article that describes a method to create a permanent cookie based on If-Modified and Etag HTTP headers. Currently this is used in “the wild” by several banner and add networks. The method is possible because of the simplified implementation of …
respawn_redux [presistent cookies based on If-Modified or Etag headers]
Saturday, August 20th, 2011Help: I Got Hacked. Now What Do I Do? [by Jesper M. Johansson, Security Program Manager Microsoft Corporation]
Wednesday, May 11th, 2011Help: I Got Hacked. Now What Do I Do? [by Jesper M. Johansson, Security Program Manager Microsoft Corporation]
Wednesday, May 11th, 2011LastPass : The last password you’ll have to remember: LastPass Security Notification
Thursday, May 5th, 2011Online password keeping service LastPass.com reports that it is possible that they were 0wned. (how nice!) In the same time, PastPass seems to be doing the right things: they had a monitoring in place, so they have detected an anomaly in traffic. As …
Dropbox Lack of Security – Miguel de Icaza
Thursday, April 21st, 2011“This announcement means that Dropbox never had any mechanism to prevent employees from accessing your files, and it means that Dropbox never had the crypto smarts to ensure the privacy of your files and never had the smarts to only decrypt the files f…