SecurityRatty: tag: wtf

Oklahoma Department of Corrections SQL exposure

2008-04-21 11:23:45 by Evan Francen in The Breach Blog

...WTF ComputerWeekly The Register SecurityProPortal Report Credit Alex Papadimoulis, The Daily WTF Response From the online sources cited above Residents of Oklahoma State have reportedly been hit this week with the bad news that tens of thousands of their names, social security numbers and allied data were effectively available on the Web...

Tags: social security, oklahoma, sql, residents, oklahoma residents, bad, bad news, department, sql query

New Unit of Reviewed Code Quality

2008-02-05 16:14:53 by Chris Wysopal in Zero in a bit

Now I can finally tell my non-technical friends and family what Veracode does. We offer a globally accessible, on-demand automated version of WTF reporting. However since our technology is automated we report quality in kiloWTF/sec

Tags: non-technical friends, report quality, on-demand, version, offer, veracode, kilowtfsec, wtf, technology

HP Corners the Market on Hackers

2008-02-12 00:31:42 by Bill in Grumpy Security Guy

...WTF Post from: Grumpy Security Guy HP Corners the Market on Hackers

Tags: top, worlds top, hackers, alicia, alicia key, security hackers, security consultant, pci sets, mark potts cto

ScanAlert - XSS is Cool with Us

2008-01-21 20:58:57 by Bill in Grumpy Security Guy

...WTF Ok I didn't see this one coming but when I think about it, it makes some sense. On one side you hav Top 10 Security Stories of 2007 This is my list of the Top 10 security stories of 2007. Since I am a web application security guy th My Review of Tiger Team That was not what I expected but that is mostly due to my definition of penetration...

Tags: scanalert, xss, people, crazy people, mcafee acquires scanalert, security stories, bad people, xss vulnerabilities, underground security resources

Reverse Compliance or "Logs as Proof of Incompetence?"

2008-05-06 17:27:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...WTF is "reverse compliance Reverse compliance" is a motivation to purposefully avoid technologies that have a chance of telling you that you are NOT in compliance. Sadly , logging is featured very high on the list of such technologies that a) tell you about all the problems with your compliance posture (e.g. direct violations of regulatory...

Tags: compliance, reverse compliance, logs, pci dss, pci dss requirements, pci dss compliance, compliance posture, compliance issues, issues

Beware the Zangobot!

2008-05-16 09:01:00 by Russ McRee in HolisticInfoSec.org

While this news is likely speculative and unfounded, it has ramifications I couldn't resist. My good friend Steve and I have, for the last couple of years, jokingly inferred that Zango must have some form of bot, be it a crawler or IRC/P2P. Now this was stated entirely in jest, mind you, but I have to throw the phrase open now that to a story...

Tags: deploy zango adware, zango, zangobot, zango adware, zangobot graphic, storm, information security book, winner receives mention, adware company notorious

I just paid more than $4 bucks a gallon for the first time!

2008-05-22 00:38:16 by HASH0x8472a6c in StillSecure, After All These Years

...WTF? Why are prices going up daily like this? I used to think it was due to fears that another war in the Persian Gulf would break out, but I think it is beyond that now. I really feel like the markets are being manipulated and it is time for intervention If this does not give us as a country the will to do something about our dependence on...

Tags: oil, remember oil, time, persian gulf, analyst report, octane gas, barrel, dollar range, country

Myrcurial gets placed in the Leaders Quadrant - Gartner Days 1&2

2008-06-03 14:23:04 by Myrcurial in Liquidmatrix Security Digest

...WTF? Flying in to the DC area is practically a strip search. Conferencing is getting harder as the airline industry squeezes - and if Ive got to fly, I want as little friction as possible Its been a blast, but I need to pay attention and watch the countdown to my airport transfer at 1600 Tags: Gartner , Gartner IT Security Summit ,...

Tags: security, gartner, security blogger, security conferences, security architecture, security summit, gartner analysts, food, commercial grade food

Will Idiocy Ever End?

2008-06-25 06:15:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...WTF is going on the real world of operational security before you do ANYTHING? The maybe you stop saying things like "in general, IDS is considered to be a security tool" as if it was some kind of Zen wisdom (a quote from a pathetic excuse for a paper that I reviewed recently About me: http://www.chuvakin.org

Tags: research, academic security research, people, people tackle real, bizarre crap continues, typical conference discussion, research physicist, academic security papers, fast flux networks

11 Signs That Your SIEM Is A Dog or "Raffy, You Killed SIM!"

2008-06-25 14:40:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...WTF? Are we at the cemetery or what? Is "dead" dead? Yeah, but it came back as a zombie :-) So, "dead" is a "living dead" "dead" now. Ha*3 Finally, think! Why were you thinking of buying a SIEM? 'Cause

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo