Archive for the 'Computers' Category

« Previous Entries
Next Page »

The Web never forgets: Persistent tracking mechanisms in the wild

Tuesday, July 29th, 2014

Posted in cookies, fingerprinting, paper, Security, tracking, web | Comments Off | permalink

Stop Fixing All The Things – Our BSidesLV Talk | The Risk I/O Blog

Saturday, August 10th, 2013

Recent parer shows that it make sense to focus only on vulns that have ready exploits in metasploit and exploitdb

Posted in analysis, infosec, paper, Security, vulns | Comments Off | permalink

Stop Fixing All The Things – Our BSidesLV Talk | The Risk I/O Blog

Saturday, August 10th, 2013

Recent parer shows that it make sense to focus only on vulns that have ready exploits in metasploit and exploitdb

Posted in analysis, infosec, paper, Security, vulns | Comments Off | permalink

Microsoft Security Advisory (2876146): Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure

Saturday, August 10th, 2013

Recent security hole in wifi authentication — fix requires a roll-out of PKI (i.e. certificate-based auth ) for all devices . (Great ?! )

Posted in Microsoft, Security, vulns, wifi | Comments Off | permalink

Microsoft Security Advisory (2876146): Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure

Saturday, August 10th, 2013

Recent security hole in wifi authentication — fix requires a roll-out of PKI (i.e. certificate-based auth ) for all devices . (Great ?! )

Posted in Microsoft, Security, vulns, wifi | Comments Off | permalink

CRIME (security exploit) – Wikipedia, the free encyclopedia

Sunday, July 14th, 2013

from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript …

Posted in binary, cooking, exploit, http, Security, ssl, tls, web | Comments Off | permalink

CRIME (security exploit) – Wikipedia, the free encyclopedia

Sunday, July 14th, 2013

from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript …

Posted in binary, cooking, exploit, http, Security, ssl, tls, web | Comments Off | permalink

The Legitimate Vulnerability Market – Inside the Secretive World of 0-day Exploit Sales [.pdf]

Sunday, July 14th, 2013

Old (2007 ) paper by Charlie Miller about trading of 0-day exploits

Posted in economics, infosec, paper, Security | Comments Off | permalink

The Legitimate Vulnerability Market – Inside the Secretive World of 0-day Exploit Sales [.pdf]

Sunday, July 14th, 2013

Old (2007 ) paper by Charlie Miller about trading of 0-day exploits

Posted in economics, infosec, paper, Security | Comments Off | permalink

[wikileaks ]PRISM – DHS PRISM 2004 – Requirements for Installation (original doc)

Saturday, June 8th, 2013

original PRISM docs from wikileaks

Posted in infosec, policy, politics, privacy, Security, wikileaks | Comments Off | permalink

« Previous Entries
Next Page »