In 2011, we saw a large increase in web site exploits that exposed private user data as well as a breakdown in the trust of SSL (for various reasons) and the introduction of real malware on to the OS X scene. If there were just three things I could ask Mac users to do in… Continue reading
Posts Tagged → Malware
DNSChanger Detector
The FBI made a tool to help you determine if you were a victim of the DNSChanger malware. If you’re like many casual Internet users, you have no idea how to get the information to plug into the input box. Unfortunately, the security model of most modern browsers makes it impossible to easily retrieve this… Continue reading
WEIS 2011 :: Session 1 :: Attacks :: The Impact of Immediate Disclosure on Attack Diffusion & Volume
Sam Ransbotham Sabayasachi Mitra Presentation [PDF] Twitter transcript #weis2011 Does immediate disclosure of vulns affect exploitation attempts? Looking at impact on risk/diffusion/volume #weis2011 speaker is presenting standard attack process & security processes timelines (slides will be in the blog post) #weis2011 the fundamental question is when from the vulnerability discovery to patch development is disclosure… Continue reading
“Web Development Is Dangerous”
Those were the words that greeted me within five minutes of checking out the Flask microframework for Python web applications. I feel compelled to inline those four, short paragraphs: I’m not joking. Well, maybe a little. If you write a web application, you are probably allowing users to register and leave their data on your… Continue reading