us-cert.gov

• TA10-068A: Microsoft Updates for Multiple Vulnerabilities
• TA10-055A: Malicious Activity Associated with "Aurora" Internet Explorer Exploit
• TA10-040A: Microsoft Updates for Multiple Vulnerabilities
• TA10-021A: Microsoft Internet Explorer Vulnerabilities
• TA10-013A: Adobe Reader and Acrobat Vulnerabilities
• TA10-012B: Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities
• TA10-012A: Oracle Updates for Multiple Vulnerabilities
• TA09-343A: Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR
• TA09-342A: Microsoft Updates for Multiple Vulnerabilities
• TA09-314A: Microsoft Updates for Multiple Vulnerabilities

breach-inv.blogspot.com

• Unpack Javascript
• Tool to list windows protected files
• Vanity
• Tubes Clogged, Internets are Broken II
• Tubes Clogged, Internets are Broken
• More fun with Chrome
• Google's Chrome Browsing History, a first pass
• Pre-boot authentication bypass techniques.
• /dev/mem for Windows, and other bits of memory goodness.
• P2P Marshall

• Note to marketing: If you want to sell to cops. . .
• Vista may be vulnerable to a local password bypass via firewire.
• Digging Deeper during analysis
• Black Bag pwnies
• Two ways to get around passwords - Windows
• Interesting tool - pdump.exe
• Blog, not dead
• Comment spam =+ moderation
• In keeping with the Internet security theme
• The final solution
• A couple of toughts and things to come
• Things that pain me
• Order on contents of RAM upheld
• I am the CEO of Fantasy Land
• You just got 0wned. Now what?

More »

blog.didierstevens.com

• Frisky Solitaire – Another Info Stealer
• PDF Info Stealer PoC
• Quickpost: NetworkMashup.xls
• Ping Shellcode
• MemoryLoadLibrary: From C Program to Shellcode
• Excel with cmd.dll & regedit.dll
• cmd.dll
• Quickpost: Quasi-Tautologies & SQL-Injection
• Quickpost: Shellcode to Load a DLL From Memory
• Quickpost: PDF Header %!PS-Adobe-N.n PDF-M.m

ddanchev.blogspot.com

• Don't Play Poker on an Infected Table - Part Three
• Summarizing Zero Day's Posts for February
• Don't Play Poker on an Infected Table - Part Two
• IRS/PhotoArchive Themed Zeus/Client-Side Exploits Serving Campaign in the Wild
• A Diverse Portfolio of Scareware/Blackhat SEO Redirectors Courtesy of the Koobface Gang
• Dissecting an Ongoing Money Mule Recruitment Campaign
• Keeping Money Mule Recruiters on a Short Leash - Part Two
• Tax Report Themed Zeus/Client-Side Exploits Serving Campaign in the Wild
• PhotoArchive Crimeware/Client-Side Exploits Serving Campaign in the Wild
• How the Koobface Gang Monetizes Mac OS X Traffic

• Summarizing Zero Day's Posts for January
• Facebook/AOL Update Tool Spam Campaign Serving Crimeware and Client-Side Exploits
• Follow Me on Twitter!
• Pushdo Serving Crimeware, Client-Side Exploits and Russian Bride Scams
• Outlook Web Access Themed Spam Campaign Serves Zeus Crimeware
• Top Ten Must-Read DDanchev Posts For 2009
• Top Ten Must-Read Posts at ZDNet's Zero Day for 2009
• Summarizing Zero Day's Posts for December
• The Koobface Gang Wishes the Industry "Happy Holidays"
• Koobface-Friendly Riccom LTD - AS29550 - (Finally) Taken Offline
• A Diverse Portfolio of Fake Security Software - Part Twenty Four
• Celebrity-Themed Scareware Campaign Abusing DocStoc
• Keeping Reshipping Mule Recruiters on a Short Leash
• Celebrity-Themed Scareware Campaign Abusing DocStoc and Scribd
• Pushdo Injecting Bogus Swine Flu Vaccine

More »

forensickb.com

• Updated Office 2007 Metadata EnScript
• EnScript to export all files based on condition criteria
• Triage Media
• Forensic Practical #3 - An *excellent* submission
• EnScript to make thumbnail photos from video files in EnCase
• Forensic Practical Exercise #3 - SOLVED
• Forensic Review of Windows 7 - Part V - Bitlocker
• Windows 7 Forensics - Part IV - Thumbcache_*.db
• Forensic Practical Exercise #3
• Forensic Review of Windows 7 - Part III

• Forensic review of Windows 7 - Part II - File system
• Forensic review of Windows 7 - Part I
• Export x Number of bytes around selected search hits - categorized by keyword hit
• EnScript to create thumbnails of selected video files
• EnScript to find Limewire download remnants.
• EnScript to display the number of search hits per file.
• EnScript to create LEF with files based on extension
• EnScript to export x bytes around search hits - UPDATED
• EnScript to obtain connected USB devices from System Restore Points (XP)
• EnScript to decode Yahoo chats in unallocated - UPDATED
• EnScript to decode Yahoo chats in unallocated
• EnScript to search unallocated for built-in File Signatures
• EnScript to Catagorize all files by their extension and then provide a count
• EnScript to find and bookmark foreign language files & folders
• EnScript to alert you if there is data in the unused disk area of a physical device

More »

darkreading.com

• Voluntary Breach Disclosure Rare But Valuable
• Ford Motor Rolls Out New Security Features To Prevent Car-Hacking
• Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick
• Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says
• New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security
• Smartphone Weather App Builds A Mobile Botnet
• At RSA, Some Security Pros Don't Practice What They Preach
• Tool Automates Targeted Attacks On Social Network Users
• New BlackEnergy Trojan Targeting Russian, Ukrainian Banks
• Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

• Another Botnet Gets Dismantled, But This Time With Arrests
• Cybersecurity Czar Outlines Priorities
• Product Watch: Secunia To Offer Free Application Updater Service To Consumers
• Securing The Link Between Web Applications And Databases
• New Cisco Architecture Attempts To Redefine Access
• Report Reveals Inaccuracies Of DHS' E-Verify System
• Product Watch: Free Tool Cleans Up 'Rusty,' Unsafe Firewall Settings
• Verizon Offers Up Its Data Breach Framework
• State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test
• Tech Insight: Preparing Your Enterprise For Cyberwar
• Database Security Metrics Project Needs Community Input
• Cryptome Back Online After Brief DMCA Battle
• At RSA Conference, Analysts Will Focus On Security's 'Big Issues'
• Comcast Goes DNSSEC, OpenDNS Adopts Alternative DNS Security
• FBI Investigating Web Spycam
• Attack Unmasks User Behind The Browser
• Researchers: Rootkits Work Nicely On Smartphones, Thank You
• Navy Planning Prototype Cyber-Network Security System
• Criminals Hide Payment-Card Skimmers Inside Gas Station Pumps
• Product Watch: HP, Fortify To Offer Hybrid Analysis Of Web App Pen Testing, Code Scanning
• SQL Injections Top Attack Statistics
• Spike In Power Grid Attacks Likely In Next 12 Months
• How To Handle Patch Overload
• DHS Three Years Behind On Smart Card Project
• Thousands Of Organizations Worldwide Hit By Widespread Malware Attack
• Czech Researchers Say 'Chuck Norris' Kicks Bots
• Product Watch: New Service Shuts Down Counterfeit-Brand Websites
• U.S. Fails Test In Simulated Cyberattack
• The Top 10 Enterprise Botnets
• Google Acknowledges Privacy Issues With Buzz
• New Report Examines Malware's Origins, Motivations
• Proposal Would Hold Software Developers Accountable For Security Bugs
• DoD To Issue Stronger Security Guidelines To Defense Vendors
• Tech Insight: Securing The Virtualized Server Environment
• New Technology Offers Secure Electronic Payment Via Mobile Phones
• Iran Shutters Google's Gmail Service
• Consumers Fighting Back Against Identity Fraud, Study Says
• 'Aurora' Attacks Still Under Way, Investigators Closing In On Malware Creators
• Workarounds Abound While Oracle Scrambles To Patch Zero-Day Flaw
• Healthcare Data Exposed In California Security Breach

More »

viaforensics.com

• Rogue PDFs account for 80% of all exploits, says researcher
• Great Mysteries To Be Revealed… – Picture Story – Tom’s Hardware
• Researchers: Rootkits Work Nicely On Smartphones, Thank You – wireless security/Security – DarkReading
• State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test – DarkReading
• Law.com – Step 1 for Legal Holds: Trigger Events
• Identity Theft Coming to a Mobile Device Near You
• viaForensics announces release of Open Source Android Forensics application
• Open Source Android Foreniscs application – beta released!
• Spike In Power Grid Attacks Likely In Next 12 Months – DarkReading
• viaForensics’ CIO to present Android forensics training at International Conference on Cyber Security 2010

blogs.zdnet.com

• Microsoft plugs dangerous Excel security holes
• New Microsoft IE zero-day flaw under attack
• Vodafone HTC Magic shipped with Conficker, Mariposa malware
• Researchers build 8,000-strong smartphone botnet
• 'Highly critical' flaw found in Opera browser
• Energizer battery charger contains backdoor
• Police arrest Mariposa botnet masters, 12M+ hosts compromised
• A Special Offer From Our Sponsor
• Microsoft Patch Tuesday heads-up: 2 bulletins, 8 vulnerabilities
• Mozilla's Window Snyder heads to Apple

• Googler ships exploit to defeat DEP

More »

itworld.com

• Twitter to begin screening some links for phishing
• Microsoft skips patch for PowerPoint add-on
• Excel vulnerabilities revealed on 'slower' Patch Tuesday
• Windows XP's built-in Wi-Fi Security Hole
• US Treasury as free speech purveyor
• IE 6 and 7 Bug Allows for Attacks via Poisoned Sites
• LifeLock to pay $12 million to settle FTC, states' complaint
• European Parliament debates anti-ACTA petition
• Just watching the network isn't enough
• Schneier: Fight for privacy or kiss it good-bye

f-secure.com

• PDF Based Targeted Attacks are Increasing
• Darkmarket Avatars
• Desperate Phishing Attempt
• The Morphing PDF
• SEO Poisoning Sites Use Flash for Redirection
• Another Bot Bites the Dust?
• I'm Feeling Lucky?
• Pwn2Own Interview with Charlie Miller
• RSA Conference 2010
• Analyzing PDF Files

• This you?? What's the point of phishing a Twitter account?
• R.I.P. Waledac?
• 60+ Compromised Sites with SEO Poisoning
• SC Magazine's Five to Follow

More »

rootkit.com

• lbs8901's blog: My RootKit Developer...
• lbs8901's blog: BsRootKit
• Kernel Sockets Module based on TDI and WSK
• Nostalgia: n00bk1t, an advanced ring3 rootkit in C
• hoglund's blog: HBGary is hiring RE's in 916
• DiabloNova's blog: 032: Rootkit Unhooker LE 3.8.386.589 SR1 + Some Stuff
• DiabloNova's blog: 031: Rustock 2010
• DiabloNova's blog: 030: Rootkit Unhooker LE 3.8.386.588 SR1
• Dreg's blog: Rootkit Arsenal, Installing a Call Gate
• DiabloNova's blog: 029: SpiDiE V2 or Good-Bye Dr.Web!

• DiabloNova's blog: 028: Happy new 2010 year :)
• Dreg's blog: Generating any DLL for PEB Hooking or replacing in disk, binary form
• DiabloNova's blog: 027: Speak No Evil, See No Evil
• DiabloNova's blog: 026: Dr.Web and SpiDiE – Final Stand
• gamingmaster's blog: Kernel Detective v1.3.1
• DiabloNova's blog: 025: Rootkit Unhooker LE 3.8.384.586 SR1
• DavidFracs's blog: 1st
• TDL3 - Why so serious? Let's put a smile on that face ..
• Access token stealing on Windows

More »

viruslist.com

• International cyber crime group charged
• Four year jail sentence for webcam hacker
• Credit card fraudsters jailed in UK
• Estonia arrests first hacker over cyberattacks
• Russian news sites suffer DoS attacks
• Spammers sued for $1bn
• Hackers target official Estonian portals in conflict over Soviet-era monument
• "Bumbling" hacker speaks out at Infosec
• Changes to UK cybercrime legislation are in the air
• Report shows Britons up for online risks

avertlabs.com

• Targeted Internet Explorer 0day Attack Announced (CVE-2010-0806)
• Apple Announces iPad Availability: Watch Out for Scams!
• Wiseguys Botnet First in Line for Concert, Sports Tickets
• On Olympics, St. Patrick’s Day, Screensavers, and Wallpaper
• Valentine’s Day Searches Lead to Malware
• McAfee Labs Quarterly Threat Report Posted
• Dave Marcus: Ready for an Oscar
• Protecting Privacy by Design
• Hackers Disrupt European CO₂ Market
• Be careful on help files

woany.co.uk

• Opportunities
• FireFoxForensics v1.0.4
• ChromeForensics v1.0.3
• FireFoxForensics v1.0.3
• FireFoxForensics v1.0.2
• FireFoxForensics v1.0.1
• PrefetchForensics v1.0.1
• NessusViewer v1.3.2
• FireFoxForensics v1.0.0
• sslciphercheck v1.2.1

addxorrol.blogspot.com

• Trainings class with SP and me at CSW !
• Tax evasion and welfare fraud
• The new, shiny, reverse-engineering-centric zynamics blog !
• Interesting Blog Posts
• Clarification to the previous post
• Why are most researchers not a fan of standards on "responsible disclosure"
• Low blogging frequency
• Looking for Memoryze dumps of malware
• Adventures in choosing what to vote
• Restaurant Review: "Le Surfing", Les Estagnots

• Open position :-)
• Klartext please !
• Poking around MSVIDCTL.DLL
• Las Vegas / Blackhat / DefCon
• Strange Cellphone Behavior
• Reverse Engineering / Bug hunting trainings in Amsterdam
• Diffing x86 vs ARM code
• Washington DC, Trainings, Demos :-)
• Correction: Clam *does* have some unpacking support
• ClamAV and unpackers
• TAOSSA blog post I didn't see but will comment on :-)
• Sometimes, diffing can remove obfuscation (albeit rarely)
• A good protocol attack ...
• BinDiff / BinNavi User Forum
• Malicious Office/PDFs

More »

blog.rootshell.be

• OpenSSH New Feature: “Netcat mode”
• SCADA, from a Security Point of View
• Ubuntu Will Introduce the “Social” Desktop?
• Applications White List by ISC/NIST
• BruCON 2010 CFP Announced!
• Importing Secunia Advisories into a SIEM/OSSEC
• Show Me Your Browser, I’ll Tell You Who You Are!
• Manifest for a Standard of Priorities Order
• FOSDEM Turns Ten!
• Grandma and her Banker!

wormblog.com

• Facebook Worm?
• Writing A Modular Universal XSS Worm
• VB2008 call for papers
• LEET '08 Call for Papers
• Diminutive XSS Worm Replication Contest
• The 5th ACM Workshop on Recurring Malcode (WORM 2007)
• Grey Goo hits Second Life
• Hacking the Malware– A reverse-engineer’s analysis
• A spread model of flash worms
• And you thought you were safe after SLAMMER, not so, Swarms not Zombies present the greatest risk to our national internet infrastructure

securityfocus.com

• News: Twitter attacker had proper credentials
• News: PhotoDNA scans images for child abuse
• News: Conficker data highlights infected networks
• News: Popular apps need better patching, says report
• Brief: Google offers bounty on browser bugs
• > Advertisement << Can you answer the ERP quiz? These 10 questions determine if your Enterprise RP rollout gets an A+. http://www.findtechinfo.com/as/acs?pl=…">Brief: Cyberattacks from U.S. "greatest concern"
• Brief: Microsoft patches as fraudsters target IE flaw
• Brief: Attack on IE 0-day refined by researchers
• News: Monster botnet held 800,000 people's details
• News: Google: 'no timetable' on China talks

• News: Latvian hacker tweets hard on banking whistle
• News: MS uses court order to take out Waledac botnet
• Infocus: Enterprise Intrusion Analysis, Part One
• Infocus: Responding to a Brute Force SSH Attack
• Infocus: Data Recovery on Linux and ext3
• Infocus: WiMax: Just Another Security Challenge?
• Gunter Ollmann: Time to Squish SQL Injection
• Mark Rasch: Lazy Workers May Be Deemed Hackers
• Adam O'Donnell: The Scale of Security
• Mark Rasch: Hacker-Tool Law Still Does Little
• More rss feeds from SecurityFocus

More »

blogs.zdnet.com

• Moving on
• Judge releases Wikileaks
• Oil field data loss just common theft
• Declan on Wikileaks
• Only 8,700 insecure ftp servers?
• You can keep on asking...
• Pakistan removed from the Internet
• Pakistan declares war on YouTube
• Pakistan takes out YouTube
• Get a clue Morocco

blog.tenablesecurity.com

• The Value Of Credentialed Vulnerability Scanning
• Tenable Network Security Podcast - Episode 25
• Your APT Anti-Hype
• Implementing "Perimeter Intrusion Detection"
• SecurityCenter 4 Introduction – Pushing the envelope for scanning and event management products
• Nessus Version 4.2.1 Released
• Tenable Network Security Podcast - Episode 24
• See SecurityCenter 4 at RSA 2010 - Booth 956
• Nessus Plugin Spotlight: Linksys Router Detection
• Not Just for Health Care Providers Any More - HITECH for Business Partners

• Tenable Network Security Podcast - Episode 23
• Shmoocon 2010 Security Conference
• Microsoft Patch Tuesday - February 2010 - "From Microsoft with Love" Edition
• Tenable Network Security Podcast - Episode 22
• Afterbytes with Marcus Ranum - Data Leakage
• Afterbytes with Marcus Ranum - Russian Stealth Fighters
• Afterbytes with Marcus Ranum - Under Constant Attack
• Risky Business and OWASP Podcast Interviews with Ron Gula
• HNAP Protocol Vulnerabilities - Pushing The "Easy" Button
• Tenable Network Security Podcast - Episode 21
• New Nessus Videos - Scanning With Credentials
• Understanding The New Massachusetts Data Protection Law
• Tenable Network Security Podcast - Episode 20
• Being Pro-Active Against the "0-Day" Threat
• Afterbytes - Ranum on Google Considering Leaving China
• Putting OSVDB to work for Nessus Vulnerability Management
• Finding and Stopping Advanced Persistent Threats webinar
• Tenable Network Security Podcast - Episode 19
• Microsoft Patch Tuesday - January 2010 - "Aged Cheese" Edition
• Afterbytes with Marcus Ranum - Using A Dedicated PC For Online Banking
• Tenable Network Security Podcast - Episode 18
• Airport Security: Don't Make The Same Mistakes
• Event Analysis Training – Analyzing Blacklisted Web Traffic
• Ranum's Rants: Cloud Forum Roundtable
• Top 10 Nessus Plugins For 2009
• Afterbytes: Thoughts on "Cyber Warfare"
• Tenable Network Security Podcast - Episode 17
• Risky Business Episode #136
• Afterbites with Marcus Ranum: Gartner & Two-Factor Authentication
• Tenable Network Security Podcast - Episode 16
• Microsoft Patch Tuesday - December 2009 - "Specially Crafted" Edition
• Tenable Network Security Podcast - Episode 15
• Plugin Spotlight: Movable Type mt-check.cgi Information Disclosure
• Tenable Network Security Podcast - Episode 14
• Nessus 4.2 Released!
• Video: Introduction To Using Nessus 4.2
• Tenable Network Security Podcast - Episode 13
• Auditing 100,000 Hosts or More with Nessus
• Marcus Ranum Named "Industry Pioneer" By SC Magazine
• Tenable Network Security Podcast - Episode 12

More »

volatility.tumblr.com

• Interested in a Sleuth Kit and Open Source Forensics Users Conference?
• EnCase Enscripts + Volatility = Takahiro Haruyama's Memory Forensics Toolkit
• BlackHat DC 2010 – Mac OS X Physical Memory Analysis
• DC3: Open Source Forensics Tools Training
• St. Louis in January?
• BackTrack 4 + Volatility
• Volatility's Output Rendering Functions
• Red Hat Linux Crash Memory Forensics
• Combining Static and Live Digital Forensic Analysis in Virtual Environments
• Before the Buffalo...

• MHL: Volatility Analyst Pack
• Incident Detection Summit
• MDD takes a bow.....
• ACM CCS 2009: Robust Signatures for Kernel Data Structures
• Windd 1.3 Final! (x86 and x64)
• Training: Tools and techniques for Windows Memory Analysis
• ForensicZone: Volatility Batch File Maker
• iDefense Malware Training in NYC and London
• Open Memory Forensics Workshop (OMFW) 2010
• VDP Update: "New" Contributions

More »

isc.sans.org

• What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th)
• Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th)
• March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th)
• Samurai WTF 0.8, (Mon, Mar 8th)
• Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th)
• Energizer Malware, (Tue, Mar 9th)
• SEO poisoning on TV show, (Mon, Mar 8th)
• Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx, (Mon, Mar 8th)

watchguard.com

• Microsoft Black Tuesday: Microsoft Excel and Movie Maker Files Threaten Windows Users.
• Don't press F1 if a website tells you to.
• Microsoft will only release a pair of non-Critical updates for March Patch Day
• The latest Firefox (3.6) already suffers from a mysterious zero day vulnerability
• Adobe Download Manager vulnerability could affect any Adobe software users
• Microsoft Black Tuesday: Thirteen security bulletins make for an unlucky February Patch Day
• Hackers in China rumored to have hacked Google with IE zero day
• Microsoft Black Tuesday: First Patch Day of 2010 not so black
• JUNOS DoS vulnerability can crash unpatched Juniper routers
• First 2010 Microsoft Patch Day primarily affects Win2K administrators

• Microsoft disables Indeo codec due to a serious security vulnerability
• Microsoft Black Tuesday: December updates correct Critical Windows, Office, IE flaws
• December's Microsoft Patch Day looks just like last month's
• Zero day IE 6 and 7 drive-by download vulnerability
• Microsoft confirms a minor Windows 7 DoS vulnerability

More »

offensivecomputing.net

• Rootkit Agent.adah Anatomy and Executables Carving via Cryptoanalytical Approach
• Vizsec 2010 CFP Now Open
• Spam and Abuse
• Trouble Unpacking
• One Million Samples
• PHP/Spy.Bull Cryptanalysis of Encryption used and Threat Analysis
• Good Guys Bring Down the Mega-D Botnet
• Siberia Exploit Pack. Another package of explois In-the-Wild
• Rule2Alert
• RussKill. Application to perform denial of service attacks

carnal0wnage.attackresearch.com

• VMWare Directory Traversal Metasploit Module
• Props on the Blog Spam
• metasploit getsystem command
• Ruby, Nmap XML, and Databases
• Various Online Password Crackers
• Koobface stealing Chase Bank credentials
• Twitter checking for 'bad apples'
• 2009 Blog Stats
• Metasploit and AR extravaganza 2010 in DC!
• Digging into SSL Cipher Checking

blog.metasploit.com

• Locate and Exploit the Energizer Trojan
• Automatically Routing Through New Subnets
• Postgres Fingerprinting
• Exploiting the Samba Symlink Traversal
• Reproducing the "Aurora" IE Exploit
• Safe, Reliable, Hash Dumping
• Exporting the Registry for Fun and Profit
• Exploiting Microsoft IIS with Metasploit
• Happy Holidays (Project Updates)
• Metasploit Framework 3.3.3 Exploit Rankings

• Meterpreter Pivoting, Web Scanning, Wireless, and More!
• Metasploit 3.3.1 + NeXpose Community Edition
• Metasploit Framework 3.3 Released!
• A refreshing new direction
• Joining the Team
• Metasploit Rising
• SMB2: 351 Packets from the Trampoline
• Metasploit 3.3 Development Updates
• Forcing Payloads Through Restrictive Firewalls
• NSS Labs Endpoint Protection Test Results
• !jutsu searchVtptr
• Mastering the Metasploit Framework
• SANS Penetration Testing Summit
• <<>+=
• Capturing Logon Credentials with Meterpreter

More »

blackhat.com

• Black Hat USA 2010 Training: Application Security: For Hackers and Developers
• Black Hat USA 2010 Training: Assaulting IPS
• Free Black Hat March Webcast - Pen Testing the Web with Firefox by Michael Schearer ("theprez98")
• Black Hat USA 2010 Registration Now Open!
• Black Hat USA 2010 Call for Papers Closes May 1
• Black Hat Europe 2010 Call for Papers Closes March 1
• Feb 18 Webcast
• Black Hat DC 2010 - News - Security chip that does encryption in PCs hacked
• Black Hat DC Keynote
• Black Hat Europe 2010 Registration Now Open

• Black Hat DC Reminder: Regular registration rate ends January 15
• Black Hat DC 2010 Hotel - Group Rate Extended
• Official Announcement: Black Hat Abu Dhabi 2010
• Black Hat DC 2010 Early Bird Registration
• Visit the Black Hat booth during the Dec 9th virtual event and have access to all 2009 Black Hat event presentations.
• Register for the Dec 9th Virtual Event & Save $250 for Black Hat DC 2010 Briefings
• Black Hat DC 2010 Hotel - Group Rate Available
• Black Hat & Dark Reading Virtual Event December 9th - IT Security The Next Decade
• Black Hat DC 2010 Briefings Call for Papers - Last Day to Submit
• Black Hat DC 2010 Speakers Selected - Round 1
• Black Hat Webcast #14 - New Frontiers in Forensics w/Matthieu Suiche
• Black Hat Webcast No. 13 - Privacy/Anonymity
• Black Hat DC 2010 Briefings Call for Papers Now Open
• Black Hat Webcast #12: USA 2009 Wrap-Up - Today - Thursday, Aug 27
• Black Hat Webcast #12: USA 2009 Wrap-Up - Thursday, Aug 27
• Black Hat Webcast #12: USA 2009 Wrap-Up - Rescheduled
• Black Hat Webcast #12: USA 2009 Wrap-Up
• Black Hat USA 2009 Speaker Presentation Materials - Alexander Tereshkin and Rafal Wojtczuk
• Black Hat USA 2009 Speaker Presentation Materials - Aug 12 - Added and Updated
• Black Hat USA 2009 Speaker Audio and Video - Aug 11 - Added and Updated
• Black Hat USA 2009 Speaker Presentation Materials - Aug 11 - Added and Updated
• Black Hat USA 2009 Speaker Materials Now Online
• Black Hat USA 2009 Onsite Registration Now Open
• Black Hat Online Registration Closes in 24 hours
• Black Hat Online Registration Closes on July 22
• Black Hat Breakouts Schedule
• Academic Pass Applications Closes Today
• Black Hat Breakouts
• Regular Registration Ends Tomorrow!
• USA 2009 Presentation Update: A 16 bit Rootkit and Second Generation Zigbee Chips by Travis Goodspeed
• USA 2009 Day 2 Keynote Announced
• Regular Registration Deadline Fast Approaching
• USA 2009 Briefings Track: Metasploit
• USA 2009 - Black Hat Post Webcast #11 Press
• USA 2009 Sneak Peek - Webcast #11 - Today
• Webcast #11 - USA 2009 Sneak Peek - Register Now!
• Third Annual Pwnie Awards
• USA 2009 Hotel Group Rate Extended
• Webcast #11 - USA 2009 Sneak Peek - Presenters Finalized
• USA 2009 Briefings Track: Testing/Exploitation
• USA 2009 Briefings Track: Legal/Management
• Homeland Security Secretary Appoints Jeff Moss, Founder of Black Hat and DEFCON, to the Homeland Security Advisory Council. Jeff Moss to provide recommendations directly to Secretary Napolitano on Homeland Security issues.
• USA 2009 Briefings Track: Cloud/Virtualization
• USA 2009 Briefings Schedule Now Online
• Webcast #10 - Mobility & Security - Audio Now Available
• Webcast #11 - USA 2009 Sneak Peek - Registration Now Open
• Final USA 2009 Briefings Speakers Selected
• Early Bird Registration Rate Ends Today - June 1 - at 11:59PM PST
• Academic Pass
• Webcast #11 - USA 2009 Sneak Peek
• Early Bird Registration Deadline Fast Approaching
• Stay at the Official Venue Hotel
• Hacker Court Returns For Its Eigth Appearance
• Hack Like You Mean It!
• Three New and Unique Class Offerings
• Second Round of USA Speakers Online Now
• Black Hat USA 2009 Training Course Update - New Hacking by Numbers Cadet Online Edition
• Last chance - Register for Webcast #10: Mobility and Security. Win a Free Conference Pass to Black Hat USA 09
• First Round of USA Speakers Online Now
• Follow Black Hat on Twitter and Win a Black Hat Track Jacket
• Win a Free Conference Pass to Black Hat USA 09
• USA 2009 Update: Early Registration Rate Extended to June 1
• USA 2009 CFP Updated: CFP Deadline Extended to May 5
• Registered for Black Hat USA 2009? Help us select this year's talks!
• USA 2009 CFP Reminder: CFP Closes May 1
• Black Hat Europe Video-Charlie Miller and Vincenzo Iozzo: Fun and Games with Mac OSX and iPhone Payloads
• Black Hat Webcast 10- Mobility and Security - May 21 1pm PDT
• Black Hat Europe Update: Keynote Speaker Lord Erroll
• Follow Black Hat on Twitter, Win a Black Hat Track Jacket
• Black Hat Webcast 9 Audio Now Online
• Black Hat Speakers in the News: Prajakta Jagdale
• Black Hat Speakers in the News: Joanna Rutkowska and Rafal Wojtczuk
• Video Update: Black Hat USA 2008
• Black Hat Webcast Reminder: Thursday, Mar 19 at 1pm PDT
• Black Hat USA Registration Reminder: Super Early Bird Rate Ends March 15
• Black Hat Webcast 8 Audio Online
• Jeff Moss Interviews Dan Kaminsky: Part 2 of 2
• Black Hat Free Webcast #9 - Black Hat Europe Preview
• Black Hat Speakers in the News: Rod Beckstrom Leaves DHS
• Europe 09 Briefings Schedule Online Now
• Jeff Moss Interviews Dan Kaminsky
• New Blackpage Update from Vincenzo Iozzo
• Jeff Moss interviews Duc Nguyen
• Paul B. Kurtz: DC 09 Keynote: The Move from Strategic Indecision to Leadership in Cyberspace
• Reminder - Last Chance to Register for Black Hat Free Webcast #8: Rich Internet Application Security
• Black Hat DC 2009 Video DVD Set Available from Source of Knowledge
• Winners announced in Jeremiah Grossman's Top 10 Web Hacks
• Rafal Wojtczuk and Joanna Rutkowska's presentation: Attacking Intel® Trusted Execution Technology
• Black Hat DC Press Coverage
• Moxie Marlinspike's Black Hat 2009 Presentation: New Techniques for Defeating SSL in Practice
• Interview with Black Hat DC speaker Moxie Marlinspike
• Presentations from DC 2009 Now Online
• Adobe Researcher Joins Black Hat RIA Webcast
• Black Hat Europe Speaker Selection Continued:More Speakers Added to Europe Lineup
• Black Hat Europe Speaker Selection: First Group of Accepted Speakers Online
• Black Hat USA 2009 CFP Open
• Black Hat USA 2009 Registration Open now - Super Early Bird rate in Effect.
• Black Hat Webcast #8: Rich Internet Application Security
• Hyatt Regency Crystal City Sold out February 13 and 14
• Black Hat DC Keynote: Paul B. Kurtz on "The Move from Strategic Indecision to Leadership in Cyberspace "
• Win a Free Pass to Black Hat Vegas: Jeremiah Grossman's 3rd Annual Top 10 Web Hacking Techniques Contest
• Black Hat DC Group Rate Extended : Now Valid Until February 2
• Audio Online for Black Hat Webcast 7 - OS X Security
• Black Hat Speakers in the News : Vincenzo Iozzo Reveals Stealthier Mac Attacks
• Black Hat Speakers in the News: Jesse D'Aguanno and Tiller Beauchamp
• Black Hat DC Rate Reminder
• Reminder: Black Hat Webcast #7 - Mac OS X Security
• Black Hat DC Speaker List Complete
• Black Hat Speakers in the News: Rafal Wojtczuk, Joanna Rutkowska and Intel Trusted Execution Technology
• Black Hat Speakers in the News: DC Keynote Speaker Paul Kurtz
• Black Hat Free Webcast #7: OS X Security
• Black Hat Speakers in the News: Alexander Sotirov on Creating Rogue CA Certs
• Beyond Document.Cookie - Another Presentation From BHUSA08 Now Online
• Black Hat Webcast #6 Audio Now Online
• A Few Early DC Speaker Announcements
• Black Hat Facebook Fan Page
• Black Hat DC rate reminder
• Reminder - Black Hat Free Webcast #6: Database Forensics with David Litchfield
• Black Hat Japan 2008 Audio Now Online
• New Blackpage Entry from Jeff Moss: General Black Hat Update
• Black Hat Webcast #6: Database Forensics with David Litchfield
• Black Hat Webcast #5 Now Online
• Black Hat Speakers in the News: IETF Ponders DNS Threat
• Black Hat Speakers in the News: Wysopal on Clickjacking
• Last chance to sign up for Black Hat Free Webcast #5: Clickjacking and Browser Security
• CFPs open for Black Hat DC and Black Hat Europe
• Black Hat Webcast #5 Scheduled
• Black Hat Webcast 4 Available Online Now
• Black Hat Japan Presentations and Whitepapers Online
• Black Hat Free Webcast #4 Thursday, Oct. 16 1pm PST: Trust Doesn't Scale: Practical Hijacking on the World's Largest Network
• Black Hat Japan 08 Online Registration Closes September 30
• Black Hat Free Webcast #3 - "How to Impress Girls with Browser Memory Protection Bypasses"
• Black Hat Japan Briefings Schedule and Speakers Online
• AV Tokyo Following Black Hat Japan
• Dan Kaminsky's Black Hat Presentation Video and Audio Now Online
• Black Hat USA 2008 Presentations Now Online
• Black Hat USA 2008 Flickr Feed
• EFF Launches Coders' Rights Project at Black Hat Conference
• Sign up to Black Hat USA 2008's Twitter Feed for Breaking News
• Black Hat Speakers in the News: Nate McFeters, John Heasman and Rob Carter in InfoWorld
• Black Hat Webcast #2 with Dan Kaminsky is Now Online
• EFF Is IN at Black Hat 2008!
• Pwnie Award Nominations Are Out
• Registration Now Open for BH Webcast number 2 With Dan Kaminsky
• Black Hat Speakers in the News: Dan Kaminsky Announces Massive, Multi-vendor DNS Issue
• Pwnie Awards Nominations Close July 14!
• Black Hat Japan 2008 Call for Papers Now Open
• Listen to Black Hat Webinar No. 1 Now
• Black Hat Webcast Mailing List
• Black Hat Speakers in the News: Mark Dowd 'Obliterates" Vista Security
• Regular Registration Rates Close July 1
• Last Chance to Register for Black Hat's First Webcast
• More Pwnie Awards News
• Black Hat Webcast No. 1 Makes the O'Reilly Radar Blog
• Wall of Sheep Coming to Black Hat
• Black Hat's First Webcast - Free Sneak Peek at BH USA 2008
• Black Hat USA Speaker Selection is Now Complete
• Certified Ethical Hacker (C|EH) Version 6 and ECSA/LPT Certification Preparation Open for Registration
• Black Hat Twitter Feed
• Black Hat Briefings USA 2008 Schedule Filling Up!
• Black Hat Speakers in the News: Sherri Sparks and Shawn Shawn Embleton
• Black Hat USA CFP Closes May 1
• Black Hat USA 2008 Early Bird Registration Closes May 1
• The Pwnie awards return to Black Hat USA
• Black Hat Speakers In the News: Matthew Lewis - "Biologger - A Biometric Keylogger"
• Presenations From Black Hat Europe 2008 Now Online
• New BlackPage Entry: CrowdSourcing the Black Hat CFP
• Black Hat Europe 08 Keynote Speaker Selected
• Black Hat Speakers in the News: Johhny Long on Forbes.com
• Black Hat Speakers in the News: David Hulton, Steve and "Cracking GSM"
• Presentations from Black Hat DC 2008 Online
• Black Hat USA 2008 CFP Now Open!
• Black Hat DC 08 Keynote Announced!
• Black Hat DC Speaker List Finalized.
• Black Hat DC 2008 Group rate extended.
• Black Hat DC Group Registration Rate Closing SOON!
• Black Hat Europe 08, Moevenpick group rate ends soon.
• Black Hat Europe 08,First round of speakers selected!
• Black Hat DC - Group Rate Ending Soon!
• Black Hat Attendee LinkedIn group
• Black Hat USA 2007 Audio Podcast now live
• Black Hat USA 2007 Video Podcast now live
• 'Electronic Jihad' Nothing hit our Radar.
• Black Hat Speakers: What are they up to now....
• David Litchfield : Nearly half a million Database Servers unprotected!
• Black Hat Europe 2008, CFP and Registration OPEN!
• More Common Sense from Bruce Schneier
• Black Hat DC 2008 Registration Now Open!
• Black Hat 2007 Japan Keynote, Suguru Yamaguchi !
• Black Hat 2007 Japan Final Line-up!
• Black Hat Japan Registration Closing soon!
• De-Anonymizing Tor
• Black Hat Speaker HD Moore Weighs In on the iPhone
• David Maynor Publishes Details of Apple Wi-Fi Attack
• Black Hat 2007 Japan Speakers have been selected
• Black Hat USA 2007 speaker Pedram Amini intereviewed about the Sulley Fuzzing framework
• Black Hat Speaker Thomas Ptacek profiled on Dark Reading
• Black Hat USA 2007 Media Updates
• New Trainings Added for Black Hat Japan
• Imitation is the sincerest form of flattery!
• Black Hat Japan 2007 Call for Papers!
• Black Hat Japan 2007 Training courses!
• Black Hat Japan 2007 Registration OPEN!
• Charlie Miller, attacking OS X and the iPhone.
• C++: A Cautionary Tale, or, 1 Hour Of Your Black Hat Trip is Spoken For by Thomas Ptacek, Matasano
• Black Page Update: Reverse Engineering
• Las Vegas concerts for Black Hat and DEFCON time frame
• Black Hat USA pricing reminder
• Black Page update: TPMKit redux
• Hacking by Numbers Combat Training adds a weekend session.
• Joe Grand's Hardware Hacking class now expanded
• On The BlackPage: C++
• OWASP and WASC Cocktail Party
• On The BlackPage: Timing
• Black Hat USA '07 Final Speakers Selected!
• Black Hat USA 2007 Regular Registration is now over
• Black Hat USA 2007 2nd Round of Speakers Selected!
• Black Hat USA 2007 First round of speakers selected!
• USA '07 Regular Registration Rate Ends SOON!
• Black Hat USA: Two New Training classes Announced!
• Black Hat USA 2007 Keynote Speakers
• Black Hat USA 2007 Call for Papers is now Closed!
• Audio from Black Hat USA'02 now on-line!
• Audio from Black Hat Europe '07 now on-line!
• Chris Paget's "RFID for Beginners" and the ACLU presents "Rights Chipped Away"
• Japan Spring Training, Early Registration rate Closing!
• Black Hat USA 2007 Call for Papers EXTENSION!
• Past Black Hat Speaker hijacks MacBook Pro for $10,000 bounty!
• Call For Papers for Japan 2007 will open May 1st!
• Black Hat USA 2007 New Training Classes Added
• Black Hat Europe 2007 online registration closing Soon!
• Black Hat USA 2007 Training Classes now open!
• Black Hat Europe 2007 Hotel rate extended.
• Online registration for Black Hat DC 2007 has closed
• Black Hat USA 2007 Call for Papers is now open!
• Black Hat Europe 2007 Speakers Now Selected!
• Hacking Exposed VoIP
• New Black Hat Europe 2007 Training classes
• Black Hat Europe 2007 Briefings and Training Update
• Black Hat Europe 2007 CFP Closing Soon!
• Black Hat Briefings DC speakers now selected .
• Audio from Black Hat Japan '06 now on-line!
• Audio from Black Hat Japan '05 now on-line!
• Audio from Black Hat Japan '04 now on-line!
• Five Hackers Who Left a Mark on 2006 by Ryan Naraine at eWeek
• Audio from Black Hat USA '06 now on-line!
• Video from Black Hat USA '06 now on-line!
• Black Hat DC 2007 Call for Papers is Closing soon!
• Black Hat USA '06 Audio and Video now on-line!
• Happy Holidays! USA 2007 Registration Open!
• Black Hat DC CFP Details
• Black Hat Europe 2007 Call For Papers is open
• Black Hat DC Registration and CFP open!
• Black Hat Japan 2006 Presentations now online!
• Black Hat Briefings Japan speakers now selected.
• Researchers hack Wi-Fi driver to breach laptop - by By Robert McMillan, IDG
• Black Page update: Forensics by Dominique Brezinski, Chuck Willis, Dr. Neal Krawetz, Johnny Long and Kevin Mandia
• Black Page update: VoIP Security by Dominique Brezinski, Doug Mohney, David Endler, Hendrik Scholz, Jay Schulman
• Audio from Black Hat USA '05 now on-line!
• Video from Black Hat USA '05 now on-line!
• From the MSRC Blog: Microsoft presenting at the Black Hat security conference in Las Vegas.
• BlueBag PC sniffs out Bluetooth Flaws - by Robert McMillan
• Black Hat USA 2006 Speakers Selection Complete!
• Black Hat USA 2006 Call for Papers has closed!
• Black Hat in '10 Infamous Moments In Security Research'
• RAIDE Rootkit Elimination Tool Hits Beta
• Web 2.0 Meets Virus 2.0
• Black Hat presenter finds Microsoft fingerprint reader insecure. Shocker!
• Black Hat Europe 2006 Online registration closed
• Black Hat USA 2006 Call for Papers Opens!
• Black Hat Europe 2006 Early Bird Registration Closing
• Comprehensive Black Hat Federal 2006 review by noted security author Richard Bejtlich
• Adversary characterization highlighted at Black Hat Federal 06
• BIOS Rootkit research explored at Black Hat Federal 06
• Washington Post reviews Black Hat Federal 06 Briefings
• Litchfield's Oracle 'Breakable' presentation stirs disclosure debate.
• PC World's Winners and Losers of 2005
• Black Hat Federal 2006 speakers selection now complete
• CNET highlights Anti-Anti Virus Research, Black Hat Speaker
• Black Hat Europe 2006 Briefings Speakers Selected
• BlackPage update: Kevin Mandia
• New training class added to Black Hat Europe
• Jennifer Granick writes about disclosure post ciscogate is "Dark Cloud Hovers Over Black Hat" wired.com
• Saumil Shah and Dave Cole "Adware Spyware" Audio
• Satoru Koyama "Botnet survey result: Our security depends on your security" Audio (Japanese)
• [Announcement] Black Hat acquired by CMP
• Michael Sutton and Adam Greene "The Art of File Format Fuzzing" Audio
• Kenneth Geers "Hacking in a Foreign Language: A Network Security Guide to Russia (and Beyond)" Audio
• Jeremiah Grossman "Phishing with Super Bait" Audio
• BlackPage update Implications of the Lynn Cisco Research, and Moving Forward
• Sherri Sparks and Jamie Butler "Shadow Walker: Raising The Bar For Rootkit Detection" Audio
• Hideaki Ihara "Forensics in Japan" Audio (Japanese)
• Jeff Moss Interviewed about Ciscogate wired.com
• Ejovi Nuwere "The Art of SIP fuzzing and Vulnerabilities Found in VoIP" Audio
• Dominique Brezinski "A Paranoid Perspective of an Interpreted Language" Audio
• David Maynor "Architecture Flaws in Common Security Tools" Audio
• Chris Hurley (Roamer) "Identifying and Responding to Wireless Attacks" Audio on-line
• Dan Kaminsky "Black Ops Of TCP/IP 2005" Audio on-line
• Black Hat Briefings and Training Federal Registration now open
• Black Hat Briefings and Training Europe Registration now open

More »

adamstiles.com

• Reviewing “The Noticer” by Andy Andrews
• Feeling Nostalgic… And The Next Five Years
• Graphing Total Daily Tweets
• Data Store Shards in Google App Engine?
• ur.ly - Dang Short Urls Powered by Google App Engine
• 2008 Pasadena Marathon Course Posted
• Volunteer Pumpkin
• Triple Buttons with Firefox 3.0 Beta 5
• Find Similar Links on LinkRiver
• What Powers the Aggregators?

taosecurity.blogspot.com

• Traffic Talk 10 Posted
• Einstein 3 Coming to a Private Network Near You?
• Making a Point with Pressure Points
• Keeping FreeBSD Applications Up-to-Date in BSD Magazine
• Bejtlich Teaching at Black Hat EU and USA 2010
• Bejtlich to Speak at FIRST 2010
• Information Security Jobs in GE-CIRT and Other GE Teams
• Reaction to Cyber Shockwave
• Review of Intelligence, 4th Ed Posted
• Offshoring Incident Response

• Advice for Academic Researchers
• Answers Regarding Military Service
• Max Ray Butler Sentenced (Again)
• Get the Divers Out of the Water
• A Hacker in Charge of Your Tax Dollars?
• Thor vs Clown
• Making Progress Matters Most
• So Much for China's "Peaceful Rise"
• APT Presentation from July 2008
• Review of The Book of Xen Posted
• Answering APT Misconceptions
• DFRWS, VizSec, and RAID 2010 Calls for Papers
• Google and NSA Fulfilling 2008 Predictions
• DNI Blair Leads with APT as a "Wake-Up Call"
• Traffic Talk 9 Posted

More »

bec0de.com

• How to enable Safe Mode and disable Functions
• How to install Perl Modules using CPAN
• Converting RPM packages to DEB using Alien
• Monitoring Hardware Temperature of Linux Systems

• http://music.bec0de.com Back and Working !!
• Disabling system Beeps in Ubuntu 8.10 Intrepid Ibex
• Reinstalling Grub Boot Loader without Reinstalling Linux
• Install more than 100 Linux Games using Djl
• Fast-Track - Pentesting in just a minute
• Irssi a Terminal based IRC client for UNIX Systems
• Installing Hydra and HydraGTK from BackTrack4 Packages on Ubuntu
• What is an IP Address
• How to Burn an ISO image in Ubuntu Linux the easiest way
• How to Crack Windows XP Password
• Customize The Clock of Gnome
• Glaxium Messenger - The Best Messenger for Linux
• How to Install Ubuntu Linux on a USB Drive
• Cracking WEP in 10 Minute
• Installing Windows Games in Linux
• Remote Cisco Router Sniffing Via GRE Tunnels
• Local Root Brute Forcer
• Hacking Telnet using Brute Force Attack
• Remote File Inclusion Exploitation and Securing
• Commands Description of Unix Systems
• Exploiting Weaknesses of PPTP VPN
• Complete Hacking Using Metasploit
• A Penetration Attack Reconstructed
• Change Your IP and Surf Anonymously Without any Proxy
• 128 Bit Wep Cracking With Injection
• Sql Injection
• Installing BackTrack To Hard Drive
• PPTP VPN Server with FreeBSD Based PopTop
• The Magic SysRq Key
• Top 30 Linux Games
• Copy Files from Damages Disks
• Linux Ubuntu Installation Guide
• Local File Inclusion Scanner
• SQL Injection Tool V0.5B
• Vbulletin Vulnerability Scanner
• Port Scanner
• Dns RPC Scanner
• Sql Rfi Lfi Scanner
• Find PHP Shells via Google
• Remote File Inclusion Scanner
• NetFTP a Ftp Password Cracker
• Mass Defacer V2.0
• IIS Scan 2002 A Unicode HTTP exploit for IIS Webservers
• Milw0rm Search Script
• Youtube Downloader Perl Script
• Youtube Downloader Python Script
• Hacking & Security Tools [ open ]
• New : Listen & Download MP3s For Free and Even Lyrics

More »