This following issue has been reported by Bkis: Vulnerability in Face Recognition Authentication Mechanism of Lenovo-Asus-Toshiba Laptops. Modern laptops have often a small built in camera on top of the screen. Some vendors developed software’s to perform face recognition authentication. Theoretically, the principle is very attractive: the computer recognizes the
Tag: Security
Enjoy Your Christmas Holiday
Christmas is close to us! It means a break for a lot of [net|sys]admins, business will slow down… Things break where no one is around (that’s the Murphy’s law). So be prepared and enjoy your EOY period! Make sure… Your backup procedures are up-to-date and operational (enough tapes?); Your file
Synjunkie: The Story of an Insider
Synjunkie is back with a new serie of very interesting posts. After The Story of a Hack [he explained how a penetration test was conducted against a fictive company], he will now explain the malicious activities of a rogue user from inside the company. It’s a real fact: the insider
Number of the Day: 1.91%
According to Secunia which grab nice data from its PSI application, only 1.91% of PC’s are fully patched: Read the report here.
Malicious Firefox Add-on Steals Passwords
It was reported by the French version of The Inquirer: it seems that a new malware is spread over the Internet presented like a false Firefox add-on! Discovered by BitDefender, the anti-virus editor, the malware was named Trojan.PWS.ChromeInject.A. It does not spread by itself and his installed in the local
The Duhs of Security
Security awareness video for everybody. Spread the word!
Protect Your WordPress Blog Using a “Sabre”
I hope it’s not the same for you, but I saw a dramatic increase of false registrations on my blog for a few days (spambots). I decided to take action and search for a solution. WordPress is a blogging system which can be extended by plugins. After some investigations, I
Secunia Monthly Binary Analysis (11/2008)
Secunia released its Monthly Binary Analysis for November: “The analyses issued this month cover vulnerabilities in interesting products like OpenOffice, IBM Tivoli Storage Manager Client, Adobe Acrobat/Reader, Microsoft XML Core Services, Trend Micro ServerProtect, and Symantec Backup Exec for Windows Servers.” Read the whole post: http://secunia.com/blog/36/.
Software Easter Eggs and Security?
An interesting thread started last Friday on /.: Would You Add Easter Eggs To Software Produced At Work? Easter eggs are hidden message present in movies or softwares (or any kind of medias). It’s a tradition for developers to code some funny features or messages in their softwares. To show
VoIP Sniffing with UCSniff
As the acronym says VoIP (Voice over IP) is based on IP networks! It means that the protocols used by this technology travel across links and routers like HTTP, SMTP or any other IP based protocols. With classic telephony (based on copper cables), tapping was very easy to perform but