Arbor Networks has a blog post up today about Using RPKI to Construct Validated IRR Data.  Resource PKI (RPKI) is an extension to X.509 to allow for IP address (prefix) and AS identifiers (autonomous system numbers — the organization-based assigned number used by the Border Gateway Protocol to get you or your ISP “online”).
My first […]

In October of 2006, a vulnerability in IE7 known as the “mhtml:” Redirection Information Disclosure was discovered.  RSnake wrote up a post about how nasty it was.  The basics: it took over the entire browser experience.
Fortunately, the bug was patched quickly, it required access to the web server/application (or HTTP header injection), and it only […]

So the other day I get a call from the forensics team at work asking for help with some packet analysis. A client’s users had reported phishing activity, so they decided to run a full-content capture using Wireshark on the external and internal network interfaces. Upon doing so, they witnessed suspicious activity; commands such as […]

Not to be outdone by Neohapsis Labs, NSS Labs also enters the fray with their blog, Security Product Testing.  Again, I think that NSS Labs (like Neohapsis Labs) has been blogging for awhile, but it has picked up more pace lately.
In the past, the TS/SCI Security blog staff were invited as guests by Martin McKeay […]

At last year’s Blackhat US 2007, the dominant discussion was around Joanna Rutkowska and Alex Tereshkin’s “New Blue Pill” vs. Peter Ferrie, Nate Lawson, and Tom Ptacek’s VT-x Rootkit Detection techniques.  This included some follow-up material on the Matasano blog including Side-Channel Detection Attacks Against Unauthorized Hypervisors and some confusion by Rich Mogull which led […]