SecurityRatty: tag: lot

You have to take your (white) hat off to these hackers.... and a lot else too!

2007-11-05 12:20:00 by Allen Baranov, CISSP in Security Thoughts

...lot of negative points but they have been rather effective The new malware is essentially a picture of a blond lady who will do a strip show for you. The catch is that you need to decipher some captchas, for each one she has less and less clothing. This sounds like a nice trade-off but each captcha that you enter basically signs a spammer up...

Tags: email account, free email account, prevent spammers, human, captchas, spammers, prevent hackers, blond lady, server owners

Security the key for IE 8 in beta version 2

2008-08-28 00:00:00 by HASH0x84734c8 in Network World on Security

...lot like IE 7, but Microsoft has made a good number of changes. However, you may have seen some of the new features in its no-longer-upstart competitor, Mozilla Firefox 3

Tags: internet explorer, mozilla firefox, microsoft, net standards, features, beta, surface, lot, compatible

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle

...lot of variants of things called threat modeling processes at Microsoft, and a lot more in the wide world. People sometimes want to argue because they think Microsoft uses the term threat modeling differently than the rest of the world. This is only a little accurate. There is a community which uses questions like whats your threat model to...

Tags: threat, threat models, threat model, reasons threat, service threat, term threat, threat effectively, playsound threat model, development process

The Austin Project

2008-01-21 22:45:39 by RSnake in ha.ckers.org web application security lab

...lot that I could share with people given enough time. A one hour speech isnt enough time. Its barely enough time to gloss over a topic, let alone go down to any level of detail that would allow someone to think they are proficient in a topic. I really feel like I could share a lot more of what I know to a willing participant if we made it a...

Tags: people, competent people, project, helps people focus, austin project, austin project web-page, security, web application security, site

Black Hat : Got2 Luv the H8ers

2008-08-07 05:07:02 by jrjones in Jeff Jones Security Blog

...lot of feedback on that, but the UAC security changes in Windows Vista encompass a pretty wide range of options designed to make it easier for most users to run as non-admin. Plus, we've incorporated some of the feedback into SP1 and I think it is a lot better. Have you tried SP1 h8er MSFT guy: (still trying) Let me ask it a different way. A...

Tags: guy, msft guy, windows vista encompass, windows vista, report, uac, uac security, security intelligence report, security

Making Threat Modeling Work Better

2007-10-17 00:23:53 by sdl in The Security Development Lifecycle

...lot more prescriptive than the one about flow. It explains exactly how and why I changed a couple of elements of the process. The first is the brainstorming meeting, and the second is the way trust boundaries may be placed The brainstorming meeting is a mainstay of expert threat modeling. Its pretty simple: you put your security experts in a...

Tags: threat, process, process helps ensure, developers threat model, database design process, security, trust boundaries, threat model, security experts

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle

...lot of security vulnerabilities that needed fixing once a product had shipped. Admit it. Come on; admit it, that's a lot of bugs. I don't care how big a Linux distro is, or how many IM clients Ubuntu ships with, or the merits of UAC vs su. That's a lot of security vulnerabilities Now ask yourself this question - how many people involved in...

Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...lot of fun questions from the audience during our "Log Management Thought Leadership Roundtable Webcast" ( recording , some comments ). Since they would be useful to my readers, I am answering some of them here (questions are anonymous and slightly rewritten for clarity Q1: When you mention "forensics", are you speaking in term of legal...

Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team

On Travel and Airlines

2008-04-30 13:23:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...lot (especially lately), but I am still amazed when smart people follow the logic of "weather delay + wet luggage = airline sucks." Admittedly, I had fun travel stories ( here and overall here ), but I never bitch about airlines. I guess I am funny that way. To top it off, I like US Airways (gasp!), which definitely makes me a weirdo among...

Tags: travel, high-travel cognocenti, fun travel stories, travel happiness, lot, airline sucks, airline, airlines, smart people follow

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo