-
-
Popular Posts
- Off to See the World 5 comment(s)
- Microsoft By Numbers 1 comment(s)
- About 0 comment(s)
- Cloud Computing: Benefits and Risks of Moving Federal IT into the Cloud 1 comment(s)
- A new Chief Security Advisor in the UK 3 comment(s)
Users and Hits
My Trips
Who's Online
1 visitors online now
1 guests, 0 members
Map of Visitors
Powered by Visitor Maps
Monthly Archives: May 2008
Microsoft Advisory for Safari Flaw
I posted yesterday on the Safari flaw (Why Apple has to fix the Safari flaw) as Apple did not acknowledge that this is a security vulnerability. Unfortunately we had now to release an advisory for this as we started to … Continue reading
Posted in Crime, Incidents, Technology
Leave a comment
New Guidance on the SQL Injection Attacks
We just published yesterday two new pieces of guidance for the latest SQL Injection attacks, which I want to make sure you saw it: Preventing SQL Injections in ASP SQL Injection Attack – which is a great piece of work … Continue reading
Posted in Incidents, Technology
Leave a comment
Why Apple has to fix the Safari flaw
Remember me talking about Is Security Research Ethical? I made a statement in there when it comes to responsible disclosure of vulnerabilities: And then, what does the vendor do with it? Does the company act on it? Now, we can … Continue reading
Posted in Incidents, Process, Security
Leave a comment
The latest SQL Injection Attacks
Well, there was quite some chatter over the last few weeks with regards to the massive defacements we saw based on SQL Injection Attacks. So, what was really new? Close to nothing. Well, this is not completely true. The new … Continue reading
Posted in Incidents, Process, Technology
Leave a comment
Researcher at Microsoft Research wins ACM award for Privacy Protection
I just read this article on Cryptography Expert Wins ACM Award for Advances in Protecting Privacy of Information Retrieval. This is really cool to see that research with do at Microsoft Research not “only” leads to advancements in our products … Continue reading
Posted in Microsoft
Leave a comment
How to Hack Windows Vista
No, no. For sure. I am not going to give you advise how to hack – but look at this video: http://www.offensive-security.com/movies/vistahack/vistahack.html. I am always amazed about these kind of videos, which still surprise people. If look years back, we … Continue reading
Posted in Cybercrime, Incidents, Processes, Products
Leave a comment
Two Important Whitepaper on Windows Server 2008
If you are planning to implement Windows Server 2008, there are two paper recently published that could help you with it: Active Directory Certificate Services Upgrade and Migration Guide Configuring and Troubleshooting Certification Authority Clustering in Windows Server 2008 Roger
Posted in Processes, Products
Leave a comment
How to sell security
I just read this essay by Bruce Schneier: How to Sell Security. This is definitely a must-read in my opinion. Not that it really tells you how to sell it but it helps you to understand the “mechanics” about it.Roger
Posted in Process, Security
Leave a comment
SANS Commits $1 Million to Fight Cybercrime in Developing Countries
You know that I criticize SANS from time to time. Especially when it come to their handlers, I am convinced that they are creating the problem rather than solving it. This time I have to say that I am impressed … Continue reading
Is Security Research Ethical?
Shoaib’s blog actually pointed me to a pretty interesting article called Face-Off: Is vulnerability research ethical? – Security Experts Bruce Schneier & Marcus Ranum Offer Their Opposing Points of View. Not surprisingly Bruce says “yes” and Marcus says “no”. If … Continue reading
Posted in Incidents, People, Policy
Leave a comment