Lobbying for Internet warfare

Posted by & filed under /dev/random, Security News.

Susan Crawford has some very interesting thoughts in a recent blog post about how certain agencies seem to be lobbying for increased funding to “cyber war capabilities” and increased Internet control by feeding the mainstream media with news. FTA: [...] the agencies that are most interested in forwarding cyberattack abilities, surveillance, guaranteed back doors for encrypted… Read more »

Unknown Unknowns

Posted by & filed under /dev/random.

I’m currently reading the book “The Black Swan” by Nassim Nicholas Taleb, and it’s been a while since I have been this captured by a book. Taleb convincingly argues that we all (humans, that is) are failing to recognize the great events that change history – aka the “black swans”. He is exploring these highly… Read more »

A good CVE database: www.cvedetails.com

Posted by & filed under /dev/random, Tools & Methodology.

Finally found a good Common Vulnerability and Exposures (CVE) database: http://www.cvedetails.com/. There are several (seemingly) similar databases that pretty much lists up all vulnerabilities that are included in CVE, but these guys takes it one step further with plenty of drill-down options and easy searches. Among its features, the site has graphs of types and… Read more »

Zero-day in Internet Explorer 6-8

Posted by & filed under /dev/random, Security News.

Interresting story from Symantec about a new critical 0-day vulnerability that affects IE6-8. The interresting part about it is really that Symantec was able to capture the command sequence of a live hacker in action, performing a sequence of commands at the victim computer through encrypted .gif files. Nice find.