Blogs

Climate Change and Information Assurance -- and how they are bullshit

In the course of presenting any form of analysis or research, the details of how you come to your conclusions must be indisputable. The scrutiny faced by your peers should be enough to validate your claims as being reasonable before presenting them in any forum.

But this is not always the case in the lives of professionals, as notoriety can blind the path of virtue. How many of us would trade an honest position, to present an idea that is based on falsehoods, or is an evasion of the truth, to make more money, or gain the spotlight?

Here enters, global warming.

Threat Intelligence Project (TIP) Update!

After much waiting and anticipating, we are excited to announce that we will be releasing a client for those that wish to participate in the TIP project.

The initial release will have the option to obfuscate the IP addresses and potentially the payload, though we don't think that this really is in the spirit of things and does not afford the world the intelligence that could be derived were this data not obfuscated.

We updated our snorby

For your viewing pleasure: http://snorby.rootedyour.com

l: guest
p: guest

enhanced

Pulledpork v0.2.5 - Released

A new and updated version of pulledpork is out, this version adds functionality and also addresses a number of previously reported bugs, a few simple examples:

- Improved and cleaned up code for efficiency and speed
- Do not overwrite local.rules on run
- Do not attempt to copy . and .. as rules files
- Much more...

Snort SID Information URL

To combat the recent influx of "where is the Snort SID documentation" on the Snort mailing lists, I have created the following URL that you can use to update your BASE or whatever it is that you are using to view your Snort events.

Simply use the following url in your reference config:
http://rootedyour.com/snortsid?sid=xxxxx (where xxxx is the SID number itself)
i.e. http://rootedyour.com/snortsid?sid=234

Thank you for your time,
please drive fast and take chances

E

Funny Vulnerability Disclosure

There are a number of things to laugh at in this vulnerability disclosure, beyond the bug itself.

Thierry Zoller notified Apple to resolve this issue, but things were never handled correctly. Along the way, Apple sent a message, encrypted with their own public key to Zoller, which was worth a lulz.


Advisory: Apple Safari & Quicktime DoS


DX Studio Player Firefox plug-in command injection -- Complete with built-in Shell command

Nothing like having the API do the work for you:

shell.execute("cmd.exe","/k cls|@echo this is wrong, very wrong.")

[Core Security Advisory]

Microsoft Fixes Record Number Of Vulnerabilities

It's curious... and I really don't know how good or bad it is that MS released fixes for 31 security issues in a single day.

I mean, does this speak more to their security issues, or does it speak more to their security practices and patching program?

Microsoft Fixes Record Number Of Vulnerabilities - The company's June Patch Day included 10 security bulletins to fix 31 threats in Microsoft products.


Why CISSP's are ruining security - An interesting parallel to MCSE's ruining Information Technology

It is just one of those things, that eventually happens, but I want to take everyone back to 1999/2000. You have the Y2K bug, so people were focused on this as it affected applications in their enterprises. But after this paranoid (Black Sabbath reference, and not a misspelling of paranoia) subsided, I began to see advertisements, and hear about Microsoft Certified Training. I was working in a help-desk at the time and several of my co-workers actually had this MCSE in Windows NT. Windows 2000 ... was released and now all of them had to upgrade their certification and retake the test.

Verizon Beefs Up Handset Security

Verizon Beefs Up Handset Security - The over-the-air authentication service enables workers to securely access business networks from handsets nearly anywhere in the world.



Syndicate content