Blog
Defcon-17 – Clobbering the Cloud
Our DC-17 video (of the “Clobbering the Cloud” talk) is now available on the the new look DefCon download site: [here]
All of the other DC17 videos can be found [here]
(if you are a senseposter, you can grab them with descriptions from [here])
Twitter killed the (infosec) Blogging Star ?
Like it, hate it or just plain struggling to understand it, Twitter has made a huge impact across a wide range of fields. We use it fairly heavily internally for simulated water-cooler chatter and quick link-exchange. (like any piece of sp-geek-over-engineering we also have a tweet-bot to convert tweets to emails, and convert blog notifications to tweets). It’s pretty clear though, that once we started tweeting internally, people started blogging less. There’s something liberating about saying “here’s a link”, as opposed to taking the time to formulate your thoughts into a full blown posting.
Spammers need love too..
-snip-
From: Haroon Meer <haroon@sensepost.com>
To: Marc Schneider <marcs@mplw.net>
Subject: Re: http://www.sensepost.com – Contact needed
Hi Dr Schneider.
* Marc Schneider [marcs@mplw.net] seemed to say:
>I am Dr. Marc Schneider and I work for Multilingual Search Engine
>Optimization Inc. in Washington DC ( Tel: 1 202-250-3645) – I would
>like to speak with the person in charge of your international
>clientele. Who is my contact? Who should I speak to??
>
>In fact, after visiting http://www.sensepost.com , I have noticed that your
>website
>cannot be found on foreign search engines (I tested it on Hispanic
>search engines, German search engines, Asian search engines, etc.) Our
>company is specialized in multilingual search engine promotions in 28
>languages . From the Japanese Google to the German Yahoo, from the AOL
>in Spanish to the MSN in Chinese, we can show you how to develop a
>true international online presence by promoting your website on
>foreign search engines.
Dvorak, on Windows 7, Microsoft and attention to details..
The other day i tweeted a link from John Dvorak reviewing Windows 7. He basically said that Microsoft was dying, and said the product was “made with the same cheap Microsoft vodka.”
Dvoraks not new to this[1], (i recall reading his columns in PC magazine in the early 90’s, so he has been around). He slates Microsoft, not because of the code in windows7, but because (he feels) Microsoft has stopped paying attention to details:
Sensepost’s Developer and Bootcamp Security courses (November)
Hi All
SensePost will be running their next Developer and Bootcamp courses for 2009, scheduled for November. Please drop me an email if you know of anyone in your area that would like to attend.
– 1) Hacking by Numbers – Developer Edition (16-18 November 2009)
– 2) Hacking by Numbers -Extended (Bootcamp) Edition (10-13 November)
Information about courses:
1) HBN – Developer Edition
‘Hacking By Numbers – Developer Edition‘ is a course aimed at arming web application developers with knowledge of web application attack techniques currently being used in the ‘wild’ and how to combat them. Derived from our internationally acclaimed ‘Hacking By Numbers’ security training, this course focuses heavily on two questions: “What am I up against?” and “How can I protect my applications from attack?” During the course sample applications will be dissected to discover security related bugs hidden within the code. The class will then consider prevention, detection & cure.
*sigh* alas poor kindle…
my wife might have a kindle, which i might have bought in the US, which she might have loved dearly.. Buying books might have been possible using the “gift card hack” or the “US Postal Address hack” – but alas! It seems as if i can no longer transfer my money from me to Amazon this way..
Must our beautiful friendship end this way amazon? Will this geofilter come between us after all these years?
SensePost again accredited as a PCI ASV
SensePost is proud to announce that they have retained their status as an Approved Scanning Vendor for PCI DSS purposes.
This letter of acknowledgement was gladly received:
Truth be told, we did pop the bubbly for this one.
MS Threat Modeller
Just arbitrary coolness regarding Microsoft’s Threat Modeller. It’s XSS-ible…
Since this all works in file:///, not overly sure what the benefits of these things will be, but I suppose since different folks may have different privilege levels for different protocol handlers (ie: file:// http:// etc), one might be able to instantiate previously unusable OCX’es, or even redirect to site for exploiting browser vulnerabilities.
Never happened unless there are pictures, so refer below…
2 pieces of coolness…
a) was the politely dropped kaminsky firefox bug [http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070620.html]
It still requires a click for command execution, but considering its multi platform firefox ownage sans shellcode, i think its cool.. i think its even cooler that dan dropped it sans any fanfare..
b) has to be Pusscat‘s attack on the SMBv2 Remote bug published on [the VRT blog..]
From the post:
“we get lucky here as well in that there is a pointer srv!pSrvStatistics which also points to srvnet!SrvNetStatistics, and counts the number of requests that have been made to a specific call (as well as other things).
Fasm2009 – Videos online..
The “Fasm conference is an informal meeting of coders interested in x86 assembly programming.”
Some of the videos can be grabbed [sp_local|Other]
/mh