For the 4th time, a Belgian police website has been defaced last weekend (news in French). That leads me to several questions… In Belgium, there are several (196!) Police zones and Federal police services. I can totally understand that those services does not have the same needs in terms of
Category: Security
Do You Trust Your Applications?
Internet is a infinite source of free software! If you are looking for a small tool to automate tasks, convert files or make your life easier, there are chances that somebody around the world already wrote some code and distributed it for free on the Net. But, on a security
carprss.php Exploit
Since 29 February, this blog was hit by 400+ attempts to compromize the server and install an IRC bot. There is a new exploit of SiteBuilder in the wild. Hits came from the following compromized hosts: # awk ‘{ print $1 }’ <carprss.tmp | sort -nu 64.128.80.82 64.185.237.176 64.22.112.178 64.255.254.10
Common Belgian Platform Against Financial Security Threads
Good initiative from the Belgian banks: A campaign will start soon to warn the end-users about risks of financial fraud on the Internet (in association with Febelfin (Fédération belge du secteur financier), the FCCU (Federal Computer Crime Unit) and the CBFA (Commission bancaire, financière et des assurances). The banks will
BGP DoS
On 25th February, YouTube was unreachable on the Internet for more than one hour. The problem came from Pakinstan! Pakistan authorities decided to filter an “offending” video. There are two major Internet providers overthere. The good one decided to redirect YouTube traffic to a proxy and ban the video. The
Brrrrrrr!
In a previous post, I talked about whole disk encryption. More and more security incidents are reports by medias were laptop are stolen or list in the nature with thousands of ultra-confidential-top-secret-data. That’s why disk encryption becomes a hot topic at the moment. A “hot” topic? In fact, it’s more
You said “Goolag”?
The Cult of the Death Cow team is back with a new toy called Goolag. One more time, the Google search engine power is diverted to help webmasters to find security breaches in their web site(s). Of course, as a good boy, you will always use Goolag against your own
More TrueCrypt Stress Tests
Now that I’ve a fully encrypted disk… Let’s stress it! Just after the encryption process, I started Windows Update and installed 22 (!) patches. This operation generated lot of I/O. The system speed was “normal” (well, slow but normal for a P3 system). No big issue! No software complaint. It’s
TrueCrypt Whole Disk Encryption Test
In my previous post, I spoke about the new feature introduced in TrueCrypt 5.0: the whole disk encryption. This is a killer feature for all of us who carry lot of sensitive data on our notebook hard drives. The data mobility became a hot topic in IT security for the
TrueCrypt 5.0 Released
A new release of TrueCrypt is out! For those who still do not know this product, its a free open-source disk encryption software for Windows Vista, Windows XP , Mac OS X, or Linux. Full partitions or storage devices (USB sticks) can be encrypted or virtual disk can be created