-
How efficient are non-standard configurations in combating the malware problem?
Very. Thank you for reading this article, hope to see you soon. Just kidding :-), you won’t get off this easy. You’ll have to read my ramblings about the topic. It isn’t a new idea to model the malware problem using methods borrowed from the field of the biology, more specifically the study of diseases…
-
“Remote” turn-off switch
And now for something completely different: a hardware hack. Warning! Don’t attempt this at home unless you have at least some experience with electricity! Also, applying this hack directly on consumer electronics will most probably void the warranty! The problem: having a 2.1 (yes, I know, lame, real people use at least 5.1 :-)) speaker…
-
Consider the source before ranting
or else you could look foolish. Full disclosure: I work in the AV industry, however this post (and all of my posts, unless stated otherwise) do not necessarily reflect the opinion of my current or past employers. They are my own personal opinions / views of things. Getting back to the topic: some time ago…
-
Hostile JS Debug
I was looking through a presentation delivered by a McAfee employee during an Indian security conference (Club Hack 2007) and there it was: a reference to a little project of mine dedicated to ease the debugging of obfuscated javascript. Neat. (Or, I could use the the word of the year and say: w00t 🙂
-
Sunbelt is using Symantec in-house
This is quite old (it has been sitting in my to-do list for a while) but still fun: What can screenshots reveal about your company? This blog posting from the Sunbelt blog from Friday, November 16, 2007 entitled Some new twists in the Storm worm contains the screenshot which can be seen below with the…
-
VNC – (almost) zero security
I mentioned it previously, but just wanted to be sure that everyone has seen this: the "standard" VNC protocol does not offer any encryption of the data (ie. using a packet capture you can reconstruct the screen content and the action of the user). There are unofficial extensions, but they are not widely supported During…
-
Tangled Web
The World Wide Web has become the main target for much of the computer usage these days. This has several consequences, one of which is that more economic value is placed in it, attracting more attacks. XSS, CSRF, RIF and so on. These are all terms which are used daily by the security research community.…