Category Archives: Security

A security proposal to Microsoft, something like UAC, but for the network

Remember UAC (User Account Control)? It is a part of Windows since Vista, but when it was first introduced, it caused quite a bad stir. People did not like because it was way too annoying. It kept pestering users for … Continue reading

Posted in Security

Review for Osanda Malith’s Browser Freak utility

Automation is a practice and a skill that every IT professional should exercise. In penetration testing and security checks, automation is more than that; it is essential. Boring, tiring, repeated tasks, and tasks with many steps, if not left to … Continue reading

Posted in Security

Now with the Gauss malware, the cat is out of the bag

The Gauss malware contains an encrypted payload. This payload is only activated during specific circumstances and those circumstances are not yet known and it is possible that they may not be found in the near future. Come to think of … Continue reading

Posted in Security

Hotmail’s dirty little secret

It has been a few days since I noticed what I am about to describe and since no one (as far as I know) has brought this issue forth, I guess it is up to me to address the elephant … Continue reading

Posted in Security

The purpose of the collision attack used in the Flame malware

Title: The purpose of the collision attack used in the Flame malware Alternative title: Why did the Flame malware use a hash collision? When news about the Flame malware broke out, a lot of information became available, including that Flame … Continue reading

Posted in Security

About the security breach at RSA

Here is what I think about the security breach at RSA: First of all, since no details have been published about what was stolen, it would be wise to assume the worst. And the worst is that not only the … Continue reading

Posted in Security

The need for a POP POP RET instruction sequence

The purpose of this post is to explain the need for a POP POP RET instruction sequence. You often read or hear that exploit writers search for this instruction sequence because it is an essential part of their exploit. But … Continue reading

Posted in Security