Alright, so... I logged into Facebook (yes I know.. and probably easy to find as well, whatever), checked my messages and noticed I received an invitation to a group called "watch out for this hacker." From the description: If somebody called [...]
Posted by Marcin on Sunday, September 30, 2007 in
Other.
A new release of Wordpress 2.3 was shipped last night. One of the features it sports is: Our new update notification lets you know when there is a new release of WordPress or when any of the plugins you use has an update available. It works by sending [...]
Posted by Marcin on Tuesday, September 25, 2007 in
Privacy.
Chris Eng of Veracode, attended the first PCI Community Meeting in Toronto, an organized panel that brings QSAs, ASVs and those subject to PCI together with the PCI DSS council, and lives toblog about it. Several days ago, I posted some thoughts on the [...]
Posted by Marcin on Friday, September 21, 2007 in
Security.
Get it here. Papers include: Real-time Steganography with RTP PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3 Getting out of Jail: Escaping Internet Explorer Protected Mode OS X Kernel-mode Exploitation in a Weekend A Catalog of Windows [...]
Posted by Marcin on Tuesday, September 18, 2007 in
Security.
When I finished reading through PCI DSS v1.1 the other night (for like the fifth time), several requirements continue to jump out at me. To understand the PCI requirements, we first need to understand what is subject to PCI. From the standard, PCI DSS [...]
Posted by Marcin on Sunday, September 16, 2007 in
Security.
Over the last few years I have been finding ways to tweak my FreeBSD systems for better security and performance. One of the techniques that I used most often was tweaking kernel parameters using sysctl. As you may have known from previous posts I am now [...]
Posted by Casey on Thursday, September 13, 2007 in
Apple and
Security.
Marcin decided to take the day off with pay and allow me to share with you a guest blog post. Thanks, Marcin! Hello, my name is Andre and I'm a blogoholic. On with the post! With the popularity of MySpace also came the desire to track others who look at [...]
Posted by Dre on Wednesday, September 12, 2007 in
Privacy and
Security.
Single-user mode by default is available on OS X without a password. This is not a desirable system behavior and to remedy this, all that is needed are a few simple commands. To enable a higher level of security we can set an "Open Firmware Password". On [...]
Posted by Casey on Wednesday, September 12, 2007 in
Apple and
Security.
In memory of those who died on September 11, 2001, and to those who have and are currently serving, we'll never forget. Thank you. In memory of September 11, 2001
Posted by Marcin on Tuesday, September 11, 2007 in
Other.
We try and secure our data, our systems, and people as best we can. We spend months evaluating and deploying firewalls, IDS, IPS, NAC, A/V, A/S, anti-spam, proxies, VPN, etc. Hopefully, you create matrices of each product you consider purchasing based on [...]
Posted by Marcin on Monday, September 10, 2007 in
Security.
I just read an excellent post by Mark Curphey on "The types of testing," part 2 in his 5 part series on "The Art of Scoping Application Security Reviews." Dre responded with some good commentary almost as long as the original post. One quote towards the [...]
Posted by Marcin on Tuesday, September 4, 2007 in
Security.