Posted on Apr 28th, 2009
Now that I’ve got your attention.. the headline is totally sensationalist. I’m only attempting to draw your eye to this great article from a seasoned pentester. While I encourage you to read the whole thing, I’ll sum it up: Unlike the millions of other posts on the subject, the author isn’t arguing OS design. He’s [...]
Posted on Apr 26th, 2009
Last month I blogged a rant about Adobe. It was really just venting because of the vuln situation at the time but it got picked up on Reddit and generated some discussion.. mostly in agreement. Then, on Tuesday, a world leading security expert from F-Secure spoke at the RSA security conference urging people to drop [...]
Posted on Apr 9th, 2009
It’s April 9th and Conficker (aka DownAdup) is beginning to come out of its shell. Last night, reports of Conficker’s P2P communications (aside from its famous list-generated HTTP communications) becoming active began to surface. Shortly thereafter, reports of a new payload trickled in. At first, some AV vendors were expecting a new variant. The consensus [...]