This is an interesting article by Jeremy Allison, one of the lead guys on the Samba Team. He discusses the recently discovered security flaws in Samba, including some in software that he originally wrote. It’s interesting to hear his opinions on how the bugs were introduced, why they weren’t found sooner, and why it will [...]
As far as I can tell, people will always be the greatest security challenge. Technology is a lot easier to understand and control. I doubt we will ever get to the point where no one is falling for phishing scams, such as the ones recently reported by salesforce.com.
We learned that a salesforce.com employee had been [...]
Also filed in
|
|
This is a great presentation on the Storm worm. It talks about the basics, but the interesting part is the crawler that was used to map the peer-to-peer network. The researcher even includes Perl source code and the data he captured.
Also filed in
|
|
This is a great little article on the various tools/add-ons you can get for Firefox to do web security assessments. In the past I’ve had to hunt for stuff like this myself, so having it all in one list is handy. Here are the tools mentioned in the article:
Tamper Data
Web Developer
User Agent Switcher
Firebug
SwitchProxy
And the two [...]
Apparently, Cisco has decided it doesn’t need to invest that much into security research. It has closed the doors on its Critical Infrastructure Assurance Group. CIAG was focused on research in some really critical areas, such as the security of SCADA systems, DNS attacks, VOIP threats, and the Common Vulnerability Scoring System.
Considering how important protecting [...]
