SOURCE Barcelona
BruCON
EuroTrashSecurity Website

Demystify the URL Shorteners

URL shortener on-line services are very helpful. You probably already use them every day. With mobile Internet and micro-blogging services like Twitter , it’s much more convenient to use short URLs. But the downside is, once again, the bad guys who quickly understood the opportunity of new type of attacks. It’s so easy to hide [...]

QOTD: “HTTP Became the New TCP”

I heard the following quote today in a online video about a commercial product and I found it so true: “HTTP became the new TCP!” TCP, or “Transmission Control Protocol“, runs at the transport layer (4th) of the OSI model. HTTP runs on an upper one, the application layer. Historically, HTTP was used to access [...]

Information about Microsoft Projects Leaked

What a coincidence! Yesterday I posted an article about protecting your brand in the web 2.0 jungle and today a nice story was reported on Slashdot. A very nice example of bad communication on the web 2.0. Robert Morgan, a Microsoft Research employee, wrote on his LinkedIn profile: “Working in high-security department for research and [...]

Protect your Brand in the Web 2.0 Jungle

This afternoon I followed a webcast about the protection of your brand in the web 2.0 jungle. A fact is that the reputation of a brand built during years can be destroyed in only a few minutes! Think about that! Just to remind you, the “web 2.0″ is the huge amount of last generation websites [...]

Easy Geolocalization of IP Addresses

If there was only one annoying operation for me, it will be to search contact information about IP addresses! Often, network administrators and security guys have to found out to who is assigned a given IP address (example: when analysis logs or doing forensics searches). Useful information linked to IP addresses are contact information (technical, [...]

Facebook Cybersquatting Soon?

Will Facebook once again make a buzz? Saturday, June 13th starting at 06:01am, Facebook users will be able to choose a username to customize their profile URL. Something like http://www.facebook.com/username/. After DNS cybersquatting, will we see a new effect of Facebook cybersquatting? There is already a FAQ available about this new feature and Facebook also [...]

Follow Several Security Threat Levels via Twitter

Twitter, the micro blogging platform, attracts a larger audience days after days. According to recent studies, lot of accounts stay un-updated for long periods of time. On the other side, there are more and more huge communities of active users who tweet on specific topics: The IT security is represented by a lot of security [...]

Virtual Banking, Real Risks?

Announced on BBC News, Mindark, the developers of Entropia, get their license to perform on-line banking! Entropia is an online game defined as “The first virtual universe with a real cash economy”. The Swedish Financial Supervisory Authority accepted and issued a license to Mindark. It allows players to convert their PEDs (“Project Entropia Dollars“) into [...]

Introduction to SEAT

SEAT – Search Engine Assessment Tool – is a tool dedicated to security professionals and/or pentesters . Using popular search engines, it search for interesting information stored in their caches. It also uses other types of public resources (see later). Popular search engines like Google or Yahoo! (non-exhaustive list) use crawlers (or robots) to surf [...]

Oups! Gmail Undo Function

Gmail Labs are back with a new feature for Gmail… A few months ago, they introduced a feature to help users to not send e-mails at the wrong moment (late night, after a party, …) Now, there are back with a new protection: An undo function! It’s very simple: once you pressed the magic “Send” [...]