Schneier on Security: Weaknesses in the PLAID Protocol
In 2009, the Australian government released the Protocol for Lightweight Authentication of Identity (PLAID) protocol. It was recently analyzed (original paper is from 2014, but was just updated), and...
View ArticleClik here to view.
Source Code in TV and Films: CSI Cyber – Season 1 Episode 5. Code was in...
CSI Cyber - Season 1 Episode 5. Code was in place so that if the sub routine was edited, a bomb would explode. Seems to be some basic syntax and gibberish with some random HTML thrown in. jgc says:...
View ArticleSANS Internet Storm Center, InfoCON: green: This Article is Brought to You By...
Recently, I managed to register the domain name comindex.jp. This domain name uses thejapanese character, which looks somewhat like aslash typically used at the end of the domain name. As a result, an...
View ArticleLWN.net: Friday’s security updates
Arch Linux has updated lldpd (denial of service), phpmyadmin (content spoofing), and wordpress (multiple vulnerabilities). Debian has updated virtualbox (multiple vulnerabilities) and wordpress...
View ArticleClik here to view.
Linux How-Tos and Linux Tutorials: An Introduction to Uncomplicated Firewall...
One of the many heralded aspects of Linux is its security. From the desktop to the server, you’ll find every tool you need to keep those machines locked down as tightly as possible. For the longest...
View ArticleDarknet - The Darkside: DAMM – Differential Analysis of Malware in Memory
Differential Analysis of Malware in Memory (DAMM) is a tool built on top of Volatility Framework. Its main objective is as a test bed for some newer techniques in memory analysis, including performance...
View ArticleRaspberry Pi: MozFest YouthZone Workshops
This year Mozilla Festival is taking place at Ravensbourne College in London (next to the O2 arena) on 6-8 November. Map here. This is Mozilla’s annual hands-on festival (affectionately known as...
View ArticleClik here to view.
AWS Security Blog: Test Resource-Level Permissions Using the IAM Policy...
To make it easier for you to test, verify, and understand resource-level permissions in your account, the AWS Identity and Access Management (IAM) policy simulator will now automatically provide a...
View ArticleBackblaze Blog | The Life of a Cloud Backup Company: Natasha Joins Backblaze...
Our Backblaze for Business team has been growing lately and the latest addition to the team is Natasha! She’s been working with Backblaze ever since 2011, but mostly remotely and always behind the...
View ArticleSchneier on Security: The Onion on the State of IT Security
"China Unable To Recruit Hackers Fast Enough To Keep Up With Vulnerabilities In U.S. Security Systems." It's only funny because it's true.
View ArticleTorrentFreak: YIFY/ YTS Shuts Down Forever – The End of a Piracy Icon
Popular torrent release group YIFY and its official YTS website have shut down permanently, trusted sources have confirmed to TorrentFreak. The unexpected shutdown marks the end of an era that started...
View ArticleSchneier on Security: Friday Squid Blogging: Baby Giant Squid Found
First ever examples of a baby giant squid have been found. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
View ArticleLWN.net: Denemo version 2.0 released
A major new release of Denemo, the GNU music-notation program, has been made available. Version 2.0 incorporates a significant refactoring of the user interface; the application now includes a...
View ArticleErrata Security: Yes, the CNBC moderation was biased
In anger over CNBC's left-wing bias, the Republican party has suspended them from moderating future debates. Is there something to this?Yes and no. CNBC, like most of the media, has a strong left-wing...
View ArticleErrata Security: Prez: donation numbers
I've given $10 to every candidate to monitor what they do. As I blogged before, just before the quarterly filing deadline, I got emails from all the candidates begging for money, to impress people how...
View ArticleErrata Security: Prez: Rick Perry selling his mailing list
I created separate email accounts to receive email from each of the 25 presidential candidates (and donated money to all them). This allows me to track their behavior -- or misbehavior.Rick Perry...
View ArticleSANS Internet Storm Center, InfoCON: green: Ransomware & Entropy: Your...
A couple of people expressed interest in the ransomed files I recovered in my last diary entry. I can not release those files, but I did create a similar file: ransomed-file.bin. If you want to try to...
View ArticleTorrentFreak: With Popcorn Time Faltering, Stremio Eyes the Top Spot
For more than a year, variants of the all-conquering Popcorn Time have made dozens of headlines as the smash-hit success story of Internet viewing. But now, with the main fork doomed and its major...
View ArticleGattaNegra's days: Размисли по Вси Светии
На стената на Козата Най е хубаво когато има препирняааааааа! Майка ми се е запасила с кутия бонбони и е намалила филма, да не би да не чуе звънеца. Съседката си го е разкачила. Вчера в офиса в...
View ArticleTorrentFreak: RIAA Wants $17 Million Damages From ‘New’ Grooveshark
The RIAA is asking a New York federal court to issue a default judgment against the 'reincarnation' of the defunct Grooveshark music service. The record labels are demanding more than $13 million in...
View Article