Loading ...-
-
-
BlogInfoSec.com Sponsors
-
BlogInfoSec.com Partners
Tag Archives: Uncategorized
Blue Pill Rootkits = 100% Undetectable?
June 28, 2006 – 11:16 am
–
This is a very cool idea:
“All the current rootkits and backdoors, which I am aware of, are based on a concept. For example: FU was based on an idea of unlinking EPROCESS blocks from the kernel list of active processes, Shadow Walker was based on a concept of hooking the page fault…
A Thanks to AT&T ISNN!
June 28, 2006 – 12:00 am
–
I'd like to thank all those at AT&T ISNN for a great time taping my presentation, “Case Studies in Finding Previously Unknown Vulnerabilities in Web Applications.”
I met a very diverse group of professionals with lots of talent and positive energy.
Should the opportunity…
Ipswitch Works Well with Vulnerability Researchers
June 27, 2006 – 10:03 pm
–
My experience was very positive working with Ipswitch to handle some verbiage relating to the Web UI NmConsole vulnerability reporting and disclosing credits.
It was a very positive sign that they recognized I did my best to do the correct thing when handling this vulnerability. My hats off to…
Might Users Want Malware?
June 25, 2006 – 9:14 pm
–
Here is an interesting paper from the Economics of Information Security.
Here are two key quotes:
“A key point is that… it has been assumed that users are the enemies of the malware which (nearly by definition) acts against their interests.”
“…malware can provide…
The Microsoft Security Response Center Violates a Fundamental Security Principle?
June 24, 2006 – 11:27 am
–
Wow! Well if the MSRC shares accounts….
Stephen Toulouse writes, “When we originally set it up we used my user account and it's been our communal account for making posts.” OUCH!
Tell me I am misinterpreting something here, please!
Microsoft, you've taken great…
