Good one to read and put on the shelf.
I think I will go Kindle edition this time around.
0 Comments
RSS Feed
Email a friend
http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412
This is an interesting trail, from what I am reading VMWare was not necessarily the intended target. It all started with a dump of accounts from http://www.sina.com/, from these a group broke the hashes and started sifting through the accounts looking for items of interest.
That got them in to CEIEC ( see post http://www.ceiec.com/news/554 ). Interesting paper trail to cover in the story. I do find the posting interesting and I am not sure how to read it, the attack did not happen but they reserve the right to go after anyone who did it?
0 Comments
RSS Feed
Email a friend
bio passports, digital age spy, spook
http://www.wired.com/dangerroom/2012/04/cia-spies-biometric-tech/
Kinda hard to be Jason Bourne when they already know who you are. As bad is this seems after reading this, I wonder how hard it would be to really ‘fix’ for a determined attacker as they say. It would have to be pretty specific and I am sure there would be some sort of audit trail to clean up and maybe a few copies of the entry.
I would love to be in that room as this problem is worked out, I am pretty sure they did not go with the ‘we give up’ solution.
0 Comments
RSS Feed
Email a friend
facebook police officers, under cover police facebook
It’s a little old,
http://www.techworld.com.au/article/398599/social_media_could_render_covert_policing_impossible_/
I have never really put this in to perspective if you think the number of pre-eighteen year olds there are in facebook and other sites like flickr with kindly tagged faces. It makes for a small pool of under cover offices.
Some related I have been thinking about is I wonder if anyone has done any large scale indexing of the faces on the internet. What I mean by that is there is all of these tagged photos with a name and face. You could possible search the internet by face and not just by photo like what Google does now. Oh go try that drag a photo in to the search bar.
0 Comments
RSS Feed
Email a friend
nissan data breach, nissan spy
Espionage is real and happens far more then it is reported, partly because companies don’t want to report such a thing. It can damage a companies reputation and in some of the other cases they have no idea what has even happened.
Would you know if there is malicious software running in your network?
Creating something that will not be detected by AV is pretty simple, and what about the C&C and data channel?
What about skype? or maybe an ad hosted on a legit site? what if it only looks while a logged on user is surfing? could you see it then?
This stuff can get nasty, then start throwing SSL in the mix and watch your IDS signatures work.
0 Comments
RSS Feed
Email a friend
Lots of good information.
http://www.microsoft.com/security/sir/de…
I am still reading, but I just read the section about targeted and determined attacks. This has been happening more and more in the last few years. Also I think it has to do with more of them being reported then there was in the past.
Given a determined attacker there is almost nothing you can do to stop them short of cutting wires. Cyber warfare is like any other, and it does not give advantage to the defender. Just as in a siege time is not on your side.
0 Comments
RSS Feed
Email a friend
smashthestack logic level 1, smashthestack logic level1, smashthestack solution level 1, logic level 1, smashthestack, smash the stack
A couple more things to mention, just running the basic commands from the web page will only give you a single line of output. You could just guess which is what I did or if you really need to see the output of the commands I would redirect them to the upload directory and from there you can view them. The other thing you could have done is uploaded nc directly to the server ( I did not try this, I did not want to break anything) and execute it in to a listening loop against /bin/sh, insta shell. Or you could do the same thing by creating a service.
0 Comments
RSS Feed
Email a friend
Alan Turning, if that name sounds a little unfamiliar he was one of the leads on the enigma machine during the second world war. He was very interesting I would just look him up if you wanted some reading.
http://www.bbc.co.uk/news/technology-17771962
I could not find a digital link, and they mention the national archives so you might have to go for a drive to see them. There might still be valuable information in the papers, but they were focused on preparing settings on the enigma machine to ready it for work.
0 Comments
RSS Feed
Email a friend
the hurt locker torrent, the hurt locker bit torrent, the hurt locker, torrent
No really,
http://torrentfreak.com/hurt-locker-makers-return-to-sue-2514-bittorrent-users-120423/
The movie was released in 2008 and they are still filing new lawsuits.
I think this studio has found a new source of revenue, they must be making something off these or they would not continue.
0 Comments
RSS Feed
Email a friend
Ha,
Funny story about WolframAlpha.
0 Comments
RSS Feed
Email a friend
My first computer was purchased in 1986, a Tandy 1000. A lot of my initial time on computers was spent on surfing BBS's and gaming. In the mid 90's I started to get exposure to Linux, and spent significant amounts of time in the schools computer lab.
Professionally for the last 10 years I have been administering Microsoft Windows, Linux and UNIX servers. I have experience in the design and deployment of custom tools and application developed in Perl and C, for packet sniffing, network services and data mining.
I have an in-depth understanding of TCP/IP and its related protocols, and regularly as a hobby I do forensic analysis of malware.
READ MORE
