Archive for the 'Computers' Category

The Web never forgets: Persistent tracking mechanisms in the wild

Tuesday, July 29th, 2014

Stop Fixing All The Things – Our BSidesLV Talk | The Risk I/O Blog

Saturday, August 10th, 2013

Recent parer shows that it make sense to focus only on vulns that have ready exploits in metasploit and exploitdb

Stop Fixing All The Things – Our BSidesLV Talk | The Risk I/O Blog

Saturday, August 10th, 2013

Recent parer shows that it make sense to focus only on vulns that have ready exploits in metasploit and exploitdb

Microsoft Security Advisory (2876146): Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure

Saturday, August 10th, 2013

Recent security hole in wifi authentication — fix requires a roll-out of PKI (i.e. certificate-based auth ) for all devices . (Great ?! )

Microsoft Security Advisory (2876146): Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure

Saturday, August 10th, 2013

Recent security hole in wifi authentication — fix requires a roll-out of PKI (i.e. certificate-based auth ) for all devices . (Great ?! )

CRIME (security exploit) – Wikipedia, the free encyclopedia

Sunday, July 14th, 2013

from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript …

CRIME (security exploit) – Wikipedia, the free encyclopedia

Sunday, July 14th, 2013

from http://tech.slashdot.org/story/13/07/09/1455200/ It works like this. You visit a site that has malicious JavaScript which sends a HTTPS request to some site (like your bank). This request will include whatever known plain-text that the JavaScript …

The Legitimate Vulnerability Market – Inside the Secretive World of 0-day Exploit Sales [.pdf]

Sunday, July 14th, 2013

Old (2007 ) paper by Charlie Miller about trading of 0-day exploits

The Legitimate Vulnerability Market – Inside the Secretive World of 0-day Exploit Sales [.pdf]

Sunday, July 14th, 2013

Old (2007 ) paper by Charlie Miller about trading of 0-day exploits

[wikileaks ]PRISM – DHS PRISM 2004 – Requirements for Installation (original doc)

Saturday, June 8th, 2013

original PRISM docs from wikileaks