Our Blog

Honey, I’m home!! – Hacking Z-Wave & other Black Hat news

Reading time: ~7 min
You’ve probably never thought of this, but the home automation market in the US was worth approximately $3.2 billion in...

Twitter killed the (infosec) Blogging Star ?

Reading time: ~1 min
Like it, hate it or just plain struggling to understand it, Twitter has made a huge impact across a wide...

2 pieces of coolness…

Reading time: ~1 min
a) was the politely dropped kaminsky firefox bug [http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070620.html] It still requires a click for command execution, but considering its...

John Viega’s “the myths of security”.. Really??

Reading time: ~4 min
i go through a ton of books. Over the past 10 years, this has been dominated by books on computer...

Apple gets some clue points?

Reading time: ~1 min
At [DeepSec] last year i had the pleasure of hearing Ivan Krsti? speak. While some of his arguments had (small)...

Episode 9 of the ITSecurity Pubcast..

Reading time: Less than a minute
Yvette Du Toit (E&Y – UK/ZA) featured on the latest ITSecurity Pubcast and spoke about her role in CREST. SensePost...

Should InfoSec companies be betting on PCI ?

Reading time: ~3 min
The United States committee on Homeland Security’s Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology recently held a hearing...

Like deja-vu (all over again)

Reading time: ~1 min
Those of you who were around in 2001 will recall http://anti.security.is (anti-sec f.a.q).. The sentiment pops up periodically (in different...

Top Ten Web Hacking Techniques of 2008

Reading time: Less than a minute
(aka – Whoot! we are almost famous!!) Jeremiah Grossman’s panel of judges (Rich Mogull, Chris Hoff,  HD Moore and RFP)...

HITB08 – Marcus Ranum Keynote on CyberWar..

Reading time: ~1 min
I just managed to pull the HackintheBox torrents for their [2008 talks]. (SensePosters can grab a local copy [here]).  I...

Dont look now, but it seems they broke the Interwebs again..

Reading time: ~1 min
Those pesky hackers! Alex Sotirov (of heap feng shui fame, famous for breaking everything from Vista, to web browsers, to...

Wired Article on DNSGate..

Reading time: Less than a minute
Wired magazine has covered the DNSGate saga with full dramatic details like: “never, ever repeat what you just told me...

“Unix Terrorist” in trouble over TJX ?

Reading time: Less than a minute
Anyone who was around for Defcon-10 will have an opinion on the infamous Gobbles-Silvio-UnixTerrorist talk in which mail spools where...

Sarah Palin, a yahoo email account, and something more shocking…

Reading time: Less than a minute
By now everyone knows that John McCain’s running mate Sarah Palin had her yahoo email account hacked. I guess a...

these tubes are quick

Reading time: Less than a minute
Kaminsky’s thunder has all but evaporated into a fine mist, and Ptacek has gone all silent. In the meantime, the...

What? no comment on the DNS thing ??

Reading time: ~1 min
Mostly we have stayed silent, because too many people have commented too much already.. It was interesting however how Ptacek...

Carpet Bombing and eating Crow…

Reading time: ~1 min
The recent Safari Carpet Bombing bug reported by Nitesh Dhanjani and ignored by Apple had all the makings of an...

If you run Debian (or a Debian Derivative, like Ubuntu)…

Reading time: Less than a minute
Then you probably should get on this one… [Problems with Random Number Generator] While it looks like an arb openssl...

The Peltier Effect – Year in Review..

Reading time: Less than a minute
Peltier and Associates have released their massive “Peltier Effect – Year in Review 2007“. The collection comes in at a...

SNMP Joins Dark Side in New XSS Attack

Reading time: Less than a minute
-sigh- the topic is stolen directly from the [DarkReading Article] -snip- Itâ€s yet another new spin on a pervasive attack...

Dino Dai Zovi is such a Rock Star..

Reading time: ~1 min
Dino is the guy who added much shellcode coolness to MetaSploit, gave the world Karma, released the first virtualization rootkit...

reddit: exploit publisher?

Reading time: Less than a minute
saw this in my RSS reader, the null poison byte makes a comeback! Until it gets fixed, you can view...

How Gentoo got hacked.. holy #@^%&!!

Reading time: Less than a minute
If a picture is worth a 1000 words, then i dont want to know what this reads…

Probably the best book dedication i have ever seen….

Reading time: Less than a minute
Richard Bejtlich didnt give the pre-release a glowing review but i know at least a few people waiting eagerly to...

and then there was one….

Reading time: ~1 min
First IBM announced their interest in Watchfire, and now HP announces their interest in SPI Dynamics. “Consolidation in the industry”...

Safari on Win32, and browser choices in general..

Reading time: ~2 min
Gareth linked to David Maynor’s blog where he documents the results of some simple fuzzing against the new Win32 port...