Monday, April 21st, 2008
Almost everyone knows what CSRF or better unauthorized requests are. I never really embraced CSRF as the correct term for unauthorized request issues, because the term is outdated and inadequate to contemporary hacking. For me, an unauthorized request is the layer or automation of a hacking procedure without direct interference ...
Posted in Internet, Privacy, Security | No Comments
Monday, April 21st, 2008
In a security alert last week, Microsoft reported a vulnerability which allows local users and users signed on with access to an Internet Information Server (IIS) or MS SQL server to escalate their privileges. Server operators such as hosting providers who allow user code to be executed, for example on ...
Posted in Coding, Privacy, Security, Windows | No Comments
Monday, April 21st, 2008
It seems like Microsoft are starting to get serious about security, in a very progressive move they have said they are ok with ethical hackers finding security flaws in their online services.
It’s been fairly ok so far to hack away at software installed on your own hardware, but hitting remotely ...
Posted in Coding, Internet, Networking, Privacy, Security, Software | No Comments
Monday, April 21st, 2008
In January, I posted some Incident Response tips on how to deal with a Vista system with Bitlocker enabled. You can read the initial post here. I was recently doing some training and we discussed Bitlocker techniques in depth and decided to post a follow up with some additional tips.
The ...
Posted in Privacy, Security, Windows | No Comments
Saturday, April 19th, 2008
Back in the '60s, when the spy craze first hit, would-be snoops had to satisfy their desire for spy gear with products like 007 cologne and aftershave, when what they really wanted was the bug Bond hid beneath the bumper of a quarry's car, or the greenscreen mapping device mounted ...
Posted in Hardware, Networking, Privacy, Security | No Comments
