Archive for News
Today, another vulnerability has been making the headlines, various industry security professionals predicting apocalyspe, genocide and famine along with everything in between. It first started earlier this summer, back when Dan Kaminsky, in a [...]
Posted by Marcin on Wednesday, October 1, 2008 in
News,
People and
Security.
The bad: It's a front-end to WebKit much like Safari, with no bells-or-whistles The only add-ons are Web Inspector (from WebKit), Chrome's own Task Manager, and Chrome's own Java Debugger (they could have at least used Drosera which comes with Web [...]
Posted by Dre on Tuesday, September 2, 2008 in
News,
Security and
Tech.
Yesterday we celebrated tssci-security.com's two-year anniversary. I started this site on August 23rd, 2006 during my first internship, and oh my, how the time flew by. A lot of good things have come my way -- most as a direct result of this blog. The [...]
Posted by Marcin on Sunday, August 24, 2008 in
Conferences,
News,
People,
Security and
Work.
My good friend Arshan Dabirsiaghi at Aspect Security released an interesting paper today on Bypassing VBAAC with HTTP Verb Tampering. For those who don't know what VBAAC is, it stands for "Verb-Based Authentication Access Control." Unfortunately, most [...]
Posted by Marcin on Wednesday, May 28, 2008 in
News and
Security.
Not to be outdone by Neohapsis Labs, NSS Labs also enters the fray with their blog, Security Product Testing. Again, I think that NSS Labs (like Neohapsis Labs) has been blogging for awhile, but it has picked up more pace lately. In the past, the TS/SCI [...]
Posted by Dre on Monday, May 5, 2008 in
News,
Privacy and
Security.
At last year's Blackhat US 2007, the dominant discussion was around Joanna Rutkowska and Alex Tereshkin's "New Blue Pill" vs. Peter Ferrie, Nate Lawson, and Tom Ptacek's VT-x Rootkit Detection techniques. This included some follow-up material on the [...]
Posted by Dre on Tuesday, April 29, 2008 in
News and
Security.
The fine folks over at Neohapsis Labs appear to have a new blog focused on security related information. Technically, I guess they've had it up since January, but the posts are more frequent now. I just added them to my RSS feeds. Both Mike Murray and [...]
Posted by Dre on Monday, April 28, 2008 in
News,
Privacy and
Security.
What started as a simple DoS against the RIAA through a SQL injection vulnerability, originally posted to Reddit in tinyurl form. UNION ALL SELECT BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20-- led an attacker on to dump their entire database. [...]
Posted by Marcin on Sunday, January 20, 2008 in
Hacking and
News.
In my earlier article on Using Google Analytics to Subvert Privacy, I demonstrated how dangerous free tools could be to match privacy information to web clicks. But now that Google has updated their Analytics service to support internal search queries, [...]
Posted by Dre on Wednesday, October 17, 2007 in
Conferences,
News,
People,
Privacy,
Security and
Tech.
Recently, we've heard a lot of talk about P2P apps and data leakage concerning various members of Congress. It started with this article over at NetworkWorld, followed up by the guys at nCircle, directing criticism towards Congree from Techdirt, comments [...]
Posted by Marcin on Sunday, July 29, 2007 in
News,
Politics,
Security and
Tech.
I've been real busy lately, but I came across several blogs and articles this week that I'd like to share, Andrew Hay style. =) CEO Crime & Punishment -- Ben Horowitz, CEO of Opsware Inc., shares his thoughts on what entices executives to commit white [...]
Posted by Marcin on Thursday, June 28, 2007 in
News,
Privacy,
Security and
Tech.
Andrew Hay writes: Dell & Google Secretly Installing Software to Make Money Off Your Typos Those bastards, how is this business practice not illegal? New Dell machines that include the Google toolbar as part of a marketing agreement also include a secret [...]
Posted by Marcin on Thursday, May 24, 2007 in
News,
Privacy,
Security and
Tech.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Posted by Marcin on Wednesday, May 2, 2007 in
News and
Tech.
People panic! Last night, TurboTax was unavailable for people to file their taxes. The problems have been since resolved, but let it be a lesson to all of us that we cannot depend entirely on technology. Technology will eventually fail us, like it did so [...]
Posted by Marcin on Wednesday, April 18, 2007 in
News and
Tech.
I have been getting just as furious as paperghost lately over the whole Julie Amero case. By now you've all heard about it, a substitute teacher was surfing the internet and then bombarded with porn advertisements she couldn't get away. People debate her [...]
Posted by Marcin on Friday, February 16, 2007 in
News and
Politics.
Linus released kernel v2.6.20 (tar.bz2) to the public today, adding virtualization support through KVM and relocatable kernel support for x86, among other changes. The latter feature is an interesting one from a security perspective and for kdump users. [...]
Posted by Marcin on Sunday, February 4, 2007 in
News,
Security and
Tech.
Once again, we're comin' to ya from Ditka's Restaurant in the heart of Chicago, the city of the big shoulders, and home to a certain team, which come January will run roughshod over the competition in Super Bowl XLI. A team that is known as.....Da Bears!
Posted by Marcin on Sunday, February 4, 2007 in
News.
Literally right after RSA, SCALE is happening February 10th and 11th. I plan on making the drive out with several other friends from school. The presentations I'm looking forward to: New & Improved: How a More Modern IT Security Model Can Better Protect [...]
Posted by Marcin on Tuesday, January 30, 2007 in
News,
Security and
Tech.
I am not 100% positive or if this just merely coincidence, but I have a feeling my sister has fallen victim to the TJX security breach reported last week. Fraudulent transactions originating in France (of all places) began January 10th, comprosing four [...]
Posted by Marcin on Friday, January 26, 2007 in
News,
Privacy and
Security.
The time is nearing and I will have to move my site to a new host. Along with the move, we'll undergo a domain name change to www.tssci-security.com as well. Currently we're hosted on a dedicated FreeBSD server running Apache, and I'm pretty happy with [...]
Posted by Marcin on Monday, January 15, 2007 in
News and
Other.
Thank you very much InformationWeek! I was reading an IW article, Adobe Patches Acrobat And Reader XSS Bug, 3 Other Flaws, hoping to get some useful information from it. The article contains 15 links, two of which are other IW articles and three direct [...]
Posted by Marcin on Wednesday, January 10, 2007 in
News and
Security.
Happy New Year everyone! I had a great night with my friends and a lot of unneeded drama, but oh well. I'm disappointed I wasn't able to snag ShmooCon tickets for $75; they sold out in under three minutes! I'm still organizing a trip with several other [...]
Posted by Marcin on Monday, January 1, 2007 in
News,
School and
Security.
A new case in my coverage of espionage stories, the Houston Chronicle is reporting this time a Chinese engineer working in Silicon Valley is indicted on 36 felony counts, including economic espionage to benefit a foreign government and various military [...]
Posted by Marcin on Friday, December 15, 2006 in
Intelligence and
News.
Remember the college student who had a website that allowed you to create fake boarding passes to get past TSA security checkpoints at the airport? Well, according to his blog, the FBI raided his home and left a warrant and a list of items for seizure [...]
Posted by Marcin on Sunday, October 29, 2006 in
News.
According to news sources, the USGS in its seismic activity study, claims North Korea has conducted a nuclear test. At the moment, the Pentagon is working to confirm these claims, the South Korean stocks drop like rocks on their stock exchange, and Japan [...]
Posted by Marcin on Monday, October 9, 2006 in
Intelligence and
News.
Alright, so the US Navy is marking this week as the end of line for the F-14 Tomcat. The Tomcat has been showing its age, becoming more expensive to maintain, and slowly being replaced by F/A-18 Super Hornets. As sad as it is to finally see the Tomcat [...]
Posted by Marcin on Saturday, September 23, 2006 in
Defense and
News.
CAIRNS, Australia - Steve Irwin, the hugely popular Australian television personality and conservationist known as the "Crocodile Hunter," was killed Monday by a stingray while filming off the Great Barrier Reef. [`news.com.au [...]
Posted by Marcin on Monday, September 4, 2006 in
News.
No... not the International Space Station (for you Slashdotters...) ARMONK, NY & ATLANTA - 23 Aug 2006: IBM (NYSE: IBM) and Internet Security Systems, Inc. (NASDAQ: ISSX) today announced the two companies have entered into a definitive agreement for IBM [...]
Posted by Marcin on Thursday, August 24, 2006 in
Links,
News and
Security.
I decided to create a page dedicated to what I'm thinking about and the projects I'm currently working on. The page is still being worked on, so the default images are going to go and be more customized to my liking. So, if you want to see what I've been [...]
Posted by Marcin on Wednesday, August 23, 2006 in
News.
