CERT and the United States Sectret Service published an insider threat research that focuses on both technical and behavioral aspects of actual compromises. The key findings are
Current and former employees carried out insider activities in nearly equal numbers.
Sixty-three percent of the insiders held technical positions within the targeted organizations.
The Certified Wireless Analysis Professional Official Study Guide is now free available for download. Very useful if you have to analyse wireless captures. Please take a look at the content:
A couple of weeks ago I read an british article about the fact, that thousands of illegal migrants may have been working for private security companies in the last three years in the UK. Badly enough, that up to 5,000 people without a proper background check and
The swiss based company Dreamlab Technologies has shown that it is possible to capture and decrypt keystrokes, meaning that user names, passwords, bank details or confidential correspondence can be very easily eavesdropped. According to [...]
The WabiSabiLabi founder was jailed, not for putting a bidding system for exploits online, but rather on spying charges. Italian news media reported that Roberto Preatoni was arrested on Nov. 5 and charged with unauthorized access to computer systems and wiretapping.
On uninformed.org you can find a whitepaper which describes several ways to get your code covertly executed in the Windows kernel.
The guys from ha.ckers.org web application security lab recently published ways to bypass browser proxies and de-anonymizing tor. Well,
Yet another SQL injection sheet for MySQL, Microsoft SQL Server, ORACLE and PostgreSQL database from
© 1995-2008 Alexander Geschonneck.
Feel free to contact
me for comments.
