Symantec published its new Global Internet Security Threat Report Volume XIII. Inside the document, you can find some interesting information about the “market” of stolen data. Do you know what’s your full identify value? Your password or CC?
Category: Security
Just Type And I’ll Tell You Who You Are!
User authentication or “who is behind the keyboard” is one member of the “triple-A” or “AAA” trilogy in security: Authentication : Who are you? Authorization : Are you allowed here? Accounting : From where, how and when did you come here? Regarding the authentication, there are a lot of methods/technologies
Suspicious MSN Activity?
Today, I received a strange message from a friend on MSN. Just a link: http://xxxxx.0a8qmz.info where xxxxx was my friend’s name. Just the URL, nothing else. It was not a normal behaviour for him! For security (we never know what can happen), I started a new browser in a VM
ProxyStrike
Today, EdgeSecurity released a new tool: ProxyStrike. Like the WebScarab project supported by OWASP, its a web application proxy which will help you to find potential vulnerabilities in your web applications (don’t use it on third parties sites without the owner acknowledgement). Once started, it acts as a normal proxy:
Cisco Acquired Sguil
Announced on TaoSecurity, Cisco acquired Sguil. Sguil is a monitoring tool for network security anaylists. It provides realtime traffic analysis and goes deeper up to the raw packet level. Why is Sguild a nice opportinity for Cisco? It’s developed in TCL and high-end Cisco routers and switches have TCL builtin!
Crontab Security
All UNIX flavors have a command scheduler called cron. Each user can schedule repetitive tasks at regular interval. Example: files cleanup, backups, data synchronization or web sites checks. User space commands are provided for this purpose: crontab to easily schedule your tasks and at to schedule a one-shot command. A
Computer Hackers Attack People
Read on Wired, a forum about epilepsy has been hacked last weekend. Why worry? Such incidents happen every day. In this case, the hackers idiots injected JavaScript code to display flashing colors and images! For those who ignore it, people who suffer of epilepsy can have important headaches by just
Log Correlation For Free
Today, log files are everywhere! Each server or network component generates tons of log entries. All of them are interconnected to build complex infrastructures. Log files are often the first and only way to detect unusual events. The problem of security people is to be able the extract the right
“Surfons Tranquille” Information Campaign
The Belgian Authorities will soon start an information campaign about “safe surf on the Internet” [1]. Prevention messages will be broadcasted on well known websites and radios. It is a nice initiative. Helas, security professionals know that the weakest element will always remain the end user. User education is important
High Technology Snack?
Today I went with colleagues to a snack in Louvain-La-Neuve to pick up some food. This is a “standard” snack where students are employed like many others on university campus. But today, I saw a brand new box next to the door: It is a fingerprint scanner from Oytech, a