Graeme Neilson, a security consultant working for Auro Software make a presentation during the last Ruxcon conference about a trojan developed for the ScreenOS running on Netscreen firewalls: “The presentation covered Graeme’s research on how he’s developed a trojan ScreenOS operating system that when loaded onto any Juniper Firewall turns
Month: December 2008
Strange Spam via Google Docs
During the last 24 hours, I started to received a lot of spam messages based on Google Docs. The e-mails look like: From: <random address> To: <me> Subject: Monthly Payments Keep Rising. If you are one of the many homeowners whose payments are high and home values are low, or
ISACA Belux Chapter Meeting – Emerging Threats for 2009
This evening, I attended an ISACA Belux Chapter meeting about the following topic: “One year after: what really happened and what didn’t. What do you expect next year?” (Read the announce). In December 2007, our local chapter performed an exercise: (try to) define the upcoming security threat for 2008 (meeting
Laptop Face Recognition Vulnerability
This following issue has been reported by Bkis: Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops. Modern laptops have often a small built in camera on top of the screen. Some vendors developed software’s to perform face recognition authentication. Theoretically, the principle is very attractive: the computer recognizes the
Enjoy Your Christmas Holiday
Christmas is close to us! It means a break for a lot of [net|sys]admins, business will slow down… Things break where no one is around (that’s the Murphy’s law). So be prepared and enjoy your EOY period! Make sure… Your backup procedures are up-to-date and operational (enough tapes?); Your file
“The” Drink for IT People!
Available here.
Firefox CPU Usage? Fail!
What’s the difference between this CPU usage: and this one: Only a website! After some investigations, the sites used “<marquee>” tags. It seems they are still not properly supported by Firefox! WTH!
Avoid “proxy.pac” Nightmares
Google saved my life today! I was busy to deploy a proxy.pac file at a customer premises. The problem with proxy.pac files is the difficulty to validate them. There are parsed by browsers and can quickly became a nightmare to be read by “poor humans”. There is a project on
Synjunkie: The Story of an Insider
Synjunkie is back with a new serie of very interesting posts. After The Story of a Hack [he explained how a penetration test was conducted against a fictive company], he will now explain the malicious activities of a rogue user from inside the company. It’s a real fact: the insider
Number of the Day: 1.91%
According to Secunia which grab nice data from its PSI application, only 1.91% of PC’s are fully patched: Read the report here.