The title of this quick post says all… evenmore in the security field! This story has been reported by a friend of mine. His wife would like to dispute a transaction made with her credit card. Never a funny story but it may always happen! (my own card was also
Tag: Security
Malicious DNS Traffic: Detection is Good, Proactivity is Better
It looks that our beloved DNS protocol is again the center of interest for some security $VENDORS. For a while, I see more and more the expression “DNS Firewall” used in papers or presentations. It’s not a new buzz… The DNS protocol is well-known to be a excellent vector of
The Social Impact of Malware Infections
I just had a good experience today about the “social impact” of malware infections and I would like to share it with you. For most infosec people, it is part of the game to play the fireman for family and friends when they are in trouble with their computer. The
First Belgian Internet Security Conference Wrap Up
Yesterday I attended the first edition of a new event: The Belgian Internet Security Conference. It was organised by some key players from Belgian Federal organisations like the CERT.be, Belnet, FedICT. The goal of this one-day conference was to provide some security awareness to managers or deciders. This time, no
SANS London 2012 Quick Wrap Up
I wrote a quick wrap-up of the SANS London 2012 edition while waiting for my train back to Belgium on Saturday evening but I published it only today… Tomorrow was an off-line day! This was my first edition and, honestly, I hope not the last one! This event was
Database Tables and Rows: Security by Obscurity Is Sometimes Helpful!
“Security by obscurity is bad!“… Most infosec professionals will tell you this. The principle is to implement security by hiding stuff in the installation of tools or solutions. Often, people using security by obscurity believe that their stuff will be properly protected (not found by the attackers). But this technique
Manage an Efficient List of Open Proxies
Open proxies… Everybody likes them! Please don’t immediately think about malicious activities… Of course, open (and chained) proxies can be useful to make you anonymous on the Internet but they can also by very interesting for “good” purposes. As a pentester, they can help you to distribute your reconnaissance phase
Are You Using Strong E-mail Addresses?
Today was a bad day for Skype Microsoft: A vulnerability was discovered on the Skype website which allowed an attacker to hijack the account of a Skype user. The Skype client itself (the software) is not affected. When successfully performed, the account was not only stolen but, worse, it looks
Hashdays Wrap-Up Day #2
Yesterday evening, I went with friends to a traditional Swiss restaurant then we passed by the party to have a few drinks. Thanks to the sponsor for the open bar! That’s why it was difficult to wake up this morning… But, anyway, I had a wrap-up to write for you!
Hashdays Wrap-up Day #1
I’m in Luzern for a few days but the Hashdays security conference started today! w00t! This is the first edition for me. A very nice opening session performed by the defcon-switzerland group which organises this event. They gave funny stats about this edition in terms of registration, paper used, exchanged