Black Hat Las Vegas Baby

So, Black Hat is next week. Great! I will be happy to see you all there. You may even join me on the 6th at 13:45 – the Client-side Security talk. The details of my talk are here, which btw is the improved version of what I have over here.

I am still working on my slides, trying to add that edge-ness I am always striving to achieve combined with a severe doze of simplicity. Don’t you know? Simple is the new black.

This time around I am visiting the conference as a tourist. [...]

more | comments | comments rss | posted by

Landing Blogsecurify

During the last couple of days, we combined forces with Blogsecurity.NET in an effort to improve their online WordPress vulnerability scanner. The result of these efforts is our new initiative called Blogsecurify.

Blogsecurify was created to help individuals and organization to secure their social media infrastructure by running a set of security checks. [...]

more | comments | comments rss | posted by

Google and Wildcard Domains

Basically, Google allows you to use custom domains for your Google for Applications, Blogspot, Mashup Editor and of course App Engine accounts. I think this is an excellent feature and I use it for several of my domains. Although, some of the Google applications ask you to verify the ownership of the domain you are about to use by instructing you to place a special CNAME record on your nameserver, others don’t. [...]

more | comments | comments rss | posted by


Here is a thought for you: The entire information security industry today is based on fear. The fear of getting hacked and your integrity and reputation being publicly jeopardized and challenged.

This is what gives security vendors the power to sell you useless products which you don’t really need.

more | comments | comments rss | posted by

Tomorrow’s Malware

My favorite tech quote is from Giorgio Maone. It goes like this: If today’s malware mostly runs on Windows because it’s the commonest executable platform, tomorrow’s will likely run on the Web, for the very same reason. Because, like it or not, Web is already a huge executable platform, and we should start thinking at it this way, from a security perspective.

Part of my job at GNUCITIZEN is to spot trends. [...]

more | comments | comments rss | posted by

Ghost Busters

A special guest blogger for this month is Eduardo Vela, also known as sirdarckcat, a security researcher from Mexico. Eduardo has been on the field for a couple of years, mainly focusing on web-app based vulnerabilities, privilege escalation, and IDS/filter evasion. Today, he is a student of computer sciences, does some research on his free time, and works for an important website as a security engineer. [...]

more | comments | comments rss | posted by

QuickTime 0day for Vista and XP

A remote vulnerability exists in the QuickTime player for Windows XP and Vista (latest service packs). Other versions are believed to be affected as well. For now, no details will be released regarding the method of exploitation.

The video above demonstrates the issue on Windows Vista and Windows XP. The Windows Vista demo is rather slow because it runs from a 512MB VMWare machine.

more | comments | comments rss | posted by


Here is the story. The other day I was messing with some crypto. After going through some pretty interesting stuff, I’ve suddenly realized something which is very, very obvious when you think about it. Indeed, obvious and simple things are harder to grasp. It is a paradox, I know.

It is again another case of using security technologies for criminal purposes. Let’s take HTTPs as an example. [...]

more | comments | comments rss | posted by

Kiosk Hacking: When there is nothing else left

I often end up breaking through the least interesting systems. If you ask AP, a password-cracking ninja and master of hacking through simplicity, the leass interesting the system is, the higher the chances to be insecure. A successful exploitation of these systems often leads to successful exploitation of the network and other adjacent systems. This post will concentrate on some theory and practicalities around what to do when penetration testing Kiosks when nothing else is left.

Why Kiosk? [...]

more | comments | comments rss | posted by


A darknet is any routed network which does not have visible servers/hosts, apart from a transparent machine which acts as a blackhole, i.e any packet sent to that network will be logged by the machine for further analysis. The network is dark because no traffic should have resulted naturally in its segments due to the fact that there is nothing interesting there. [...]

more | comments | comments rss | posted by