Steganography is a technique used to hide a message in another one. This word has a Greek origin: “steganos” means “covered or protected“. A well-known application of steganography is hiding a picture into another one. In information security, it can be useful as an evasion technique. But people have a
Month: March 2011
Escaping Censure with Tor Hidden Services
Tor aka “The Onion Router” is a well known network running on top of the regular Internet. It protects the confidentiality of communications between users and regular online services. As the multiple layers of an onion, Tor is a worldwide decentralized network based on layers. When you need to connect
mysql.com pwn3d… so what?
This is probably the breaking news of this weekend on security blogs and websites: mysql.com and other related sites have been compromised! This was disclosed via an e-mail sent to the full-disclosure mailing list (copy here). If you take the time to read the message, you will learn that the
InfoSecurity.be
Just after BlackHat Europe, InfoSecurity Belgium was organized in Brussels this week. Something completely different: other atmosphere, other people, business oriented. It is the place to be for Belgian people working in information security. To make a rough comparison, suits and ties are at InfoSecurity what t-shirts are at BlackHat.
Are You “NG” Ready?
“Next Generation” or “NG“… Two magic letters used by more and more v€ndor$ to promote new versions of their products… Next Generation firewalls, Next Generation SIEM, Next Generation IDS. They are many examples. Google reports 34M of hits while searching for “next generation security“! In my humble opinion, “next generation”
#BlackHatEU Day-2 Wrap-up
BlackHat Europe 2011 is already over! I’m waiting for my flight at Barcelona airport with Peter from Corelan Team, writing my wrap-up for the second day! It started with a talk by Sebastian Muniz & Alfredo Ortega: “Fuzzing and Debugging Cisco IOS“. Cisco IOS images are huge binary compressed files
#BlackHatEU Day-1 Wrap-up
The first day started (too) early with Rafal Los’s (@Wh1t3Rabbit) briefing about “Defying Logic – Theory, Design, and Implementation of Complex Systems for Testing Application Logic“. Rafal explained some techniques not “brand new” but which are really interesting. The goal of application logic testing is to discover what an application
BlackHat Europe 2011
BlackHat stopped in Barcelona for the 2011 European edition. Second time at the same place, the “Palau de Congressos de Catalunya“. Same format as the previous editions: two days of trainings and two days of briefings. Strange, lot of trainings were canceled! Is it due to the crisis and less
BSidesLondon is on its Way!
The first edition of BSides London is moving forward at good speed. The crew of volunteers worked hard and announced today the schedule. During the call for papers, 54 submissions were submitted then registered visitors were invited to vote for their preferred subjects. Fifty-four submissions for the first edition of
You Like? Spammers Like You Too!
Our best worst friend Facebook is full of resources. Not only for attackers but also spammers. The “I like” button became very popular on many personal (blogs) and professional websites. Basically, the purpose is simple and efficient: If you are logged on Facebook and visit a website which proposes an