Friday, October 16th, 2009 Let’s quickly recap the Evil Maid Attack. The scenario we consider is when somebody left an encrypted laptop e.g. in a hotel room. Let’s assume the laptop uses full disk encryption like e.g. this provided by TrueCrypt or PGP Whole Disk Encryption.Many people believe, including some well known security experts, ...
Posted in Hardware, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Thursday, October 8th, 2009 VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software.Sun today released VirtualBox 3.0.8, a maintenance release of VirtualBox 3.0 which improves stability and performance.Download:
http://www.virtualbox.org/wiki/DownloadsChangeLog:
http://www.virtualbox.org/wiki/Changelog
Posted in Hardware, Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, October 6th, 2009 Researchers have come up with host-based security software that blocks distributed denial-of-service attacks (DDoS) without swamping the memory and CPU of the host machines.The filtering, called identity-based privacy-protected access control (IPCAF), can also prevent session hijacking, dictionary attacks and man-in-the-middle attacks, say researchers at Auburn University in their paper, "Modeling ...
Posted in Internet, Networking, Security | No Comments
Wednesday, September 30th, 2009 On the Noisebridge hacker mailing list, security specialist Jacob Appelbaum has published an SSL certificate and pertinent private key that together allow web servers to avoid triggering an alert in vulnerable browsers - irrespective of the domain for which the certificate is submitted. Phishers, for example, could use the certificate ...
Posted in Internet, Networking, Privacy, Security | No Comments
Tuesday, September 29th, 2009 A fully functional exploit for the security vulnerability in the SMB2 protocol implementation has been published. It can be used to discover and attack vulnerable Windows machines remotely. By integrating the exploit into the Metasploit exploit toolkit, attackers have access to a wide range of attack options, ranging from issuing ...
Posted in Internet, Networking, Security, Windows | No Comments
