-
Unofficial VirusTotal uploader
Update: this script has been update and renamed to OVScan. Please use the new version. VirusTotal is a free service offered by Hispasec systems which scans the submitted files with a large number of AV engines (currently more than 30) and shows you the result. Disclaimer: I have no affiliation with them or any other…
-
Getting ahead of the curve
I was listening to episode 103 of SecurityNow, and all in all it was a good episode. However one thing that baffled me (ok, maybe not so much because I didn’t have high expectations), is the fact that nowhere in the process did they ask about man-in-the-middle type attacks (although they mentioned it briefly when…
-
Hack the Gibson #92
Read the reason for these posts. Read Steve Gibson’s response. The podcast kicks off again with a SpinRite story with no mention about the importance of backups and changing the failing drives, but I digress. Steve says: Now, you could be running through multiple layers onion routing, or any other kind of proxy server. So…
-
Hack the Gibson #91
Read the reason for these posts. Read Steve Gibson’s response. This was an interview episode, so there is not much I can comment on. SpinRite appears again to save the day, again without the notification that backups are important and that a hard-drive which had a physical failure is very probable to fail completely in…
-
As one podcast goes away an other one starts
I’m Cd-MaN and I’m a podcast addict 🙂 I listen to many podcasts, most of them related to technology, but the Linux podcasts have always had a special part on my mp3 player, because I’m a beginner with Linux and I want to learn as much as possible about it. So here are the Linux…
-
Hack the Gibson #90
Read the reason for these posts. Read Steve Gibson’s response. Towards the start of the show Leo mentions that SSL certificates used by the sites to authenticate themselves to the users are single-factor. And this is true, however one has to add that there is nothing wrong with single-factor authentication as long as good security…
-
Hack the Gibson #89
Read the reason for these posts. Read Steve Gibson’s response. Related to the SpinRite story (which are present in every episode): again, I don’t know WTF (pardon my language) people are doing with their computers, but in my 15 years of computer usage I never (knock on wood) had a hard-drive fail on me or…
-
Vulnerabilities and hype
Take some vulnerabilities, don’t investigate the conditions which are needed to exploit them, and you got a good old fashioned security hype. The gist of it: there are some flaws in the ActiveX controls VMWare installs. The possible attack scenario for these vulnerabilities looks like this: The user has VMWare (or VMWare Disk Mounter for…
-
Mixed links and commentary
Via rootkit.com: a tool to load arbitrary unsigned drivers under Vista without playing with the boot parameters. Very nice. I didn’t play with it, but I assume that it does this by loading its (signed) driver, then using that to perform the load from kernel mode. The question remains: can’t Microsoft revoke their certificate, so…
-
The Cisco challenge
Today being (very probably – there is an oxymoron for you) the last day I play the Cisco Networking Academy challenge (but the first day you might play it), I thought it may be useful to share some thoughts (cough-cough brag) about it. The challenge is very simple: you can answer fifty questions each day…