vulnerability-research
Vulnerability value modifiers
There are a few globally and truly external modifiers to the marketplace-defined value of a vulerability.
vulnerability-research
cybersecurity
Practical prepping for Hacker Summer Camp
Here are some last-minute security and general “staying vertical” notes I shared with a few folks who are headed to B-Sides/Diana/Queercon/Blackhat/DEF CON. There are lots of other posts on Vegas survival, and I’ll post a list of them in a little bit… This one is
cybersecurity
What's in a name? Defining "hacker" in 2018
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet badness. In reality, the word “hacker” applies to
vulnerability-disclosure
Thoughts on the vault7 CIA/Wikileaks disclosures
Wikileaks’ release of thousands of confidential CIA documents today is yet another demonstration of our just how vulnerable the cybersecurity domain is. Unless we do a better job identifying our vulnerabilities, attackers – be they criminals, hacktivists, hobbyist, or nation state agencies – can and will take advantage of them. What’s
vulnerability-disclosure
disclose.io - Driving safety, simplicity, and standardization in vulnerability disclosure.
disclose.io is a collaborative and vendor-agnostic project to standardize best practices around safe harbour for good-faith security research. The project expands on the work done by Bugcrowd and CipherLaw’s Open Source Vulnerability Disclosure Framework, Amit Elazari’s #legalbugbounty, and Dropbox’s call to protect security researchers. Our framework
cybersecurity
mysqlcheck.com – in Ur mysql, Checking ur… mysql.
Check out this website by Mark Wickendam. Let it be said first up that I think this site is awesome. I lol’d hard, visited it again, lol’d hard again, and so on. As one of the guys behind http://rdpcheck.com (a legit site and I suspect one
vulnerability-research
Why the Smb Is Most at Risk from ms12-010
There’s a lot of hubbub going around about the recent vulnerability from Microsoft. It’s called MS12-020 and it affects the Remote Desktop Protocol (a.k.a. RDP or Terminal Services if you are old school). The hubbub is warranted… Once researchers get code working to exploit this vulnerability
vulnerability-research
Rdpcheck Checks Your Network for the New Rdp Vulnerability
We’ve created a tool at RDPCheck to help you test your exposure to an attack from the outside on Microsoft’s recent MS12-020 Windows Remote Desktop Protocol security flaw.The flaw affects every version of Windows so this DOES apply to you (unless you’re on a Mac…) So
cybersecurity
More on Skimming in Australia – Now an Official Epidemic
It turns out that a large percentage of recent fraud is being traced back to a single type of PIN pad: the Ingenico PX328. Here’s a piccy for you all…  It probably
cybersecurity
What Are You Really Sharing
I’ve noticed a lot of people putting up quizzes on Facebook lately, I did one of my own as well (although I can’t seem to find it now…). I got to thinking the kind of information people put in a quiz… What is the name of your childhood