Browse by Tags
All Tags »
Security (
RSS)
Earlier today it was published that Turkish hackers managed to grab a list of user details (32k) including emails and password. (add to this 72k email accounts that were hacked) When will site owners learn to use hash codes instead of password ??? From my point of view the owner of the site should be blamed for the damage as much as the hackers who did it, you can expect someone to build a site not to mention a leading site and treat security as an after thought ! For anyone wondering who is effected...
For the last couple of hours… and only now recovering several of Microsoft sites with co.il (Israel) ending were hacked. Among these sites you were able to see: www.msn.co.il www.hotmail.co.il www.live.co.il blogs.microsoft.co.il A group of Turkish hackers took responsibility of changing the dns register… now how this could have happened… it might be that some domain register helped the hackers to accomplish their task… i wonder if someone from Microsoft is going to investigate to the source of this...
What is an E-mail storm ? From Wikipedia : An e-mail storm is a sudden spike of Reply All messages on an email distribution list, usually caused by a controversial or misdirected message. Such storms start when multiple members of the distribution list reply to the entire list at the same time in response instigating message. Other members soon respond, usually adding vitriol to the discussion, asking to be removed from the list, or pleading for the cessation of messages. If enough members reply...
While cleaning my room today i found a hard copy of an ebook from Microsoft titled "Developer Highway Code" this ebook includes lots of tips regarding how to develop secured application. While thinking if to save the book or give it away I've decided to search and see if there is still a copy of this book available to the public. Not only that it is available.. there is also a new chapter regarding securing Windows Communication Foundation. Direct download Microsoft UK - Developer...
Microsoft just released a line of tools based on technology that was acquired about 10 months ago when Microsoft bought the Israeli startup Secured Dimensions . The Microsoft SLP Services includes .NET Code Protector which helps protect .NET code against disassembling and decompilation & Licensing Services (also Online ) which allows software vendors and publishers to more flexibly and effectively monetize their software. If you want to test drive these technologies check the following : Software...
On the 24.1.2007 Microsoft Israel hosted John Carddock & Sally Storey who gave some cool sessions about Building End to End Infrastructure Security. If you've been to the event and want to see the demos again or if you haven't been there and would like to see really good sessions about End2End Security checkout the following video sessions P.s. The Videos are in English through in the first session there is a small intro in Hebrew :-) Is Your It Infrastructure Secure ? [ 1hr 26min 1024x768 627kbps...
An article that was published yesterday by DarkReading demonstrate how easy it is these days to hack into system even into credit unions ! I hope next time you’ll find a USB key somewhere around your work you’ll bring it straight to the company security officer and don't try to plug it into your comp. [Thanks Rick for the link to the article]
Would you run an EXE file downloaded from the net without running it through an Anti Virus ? I guess the answer is no. Would you open a source code i.e. Visual Studio Solution downloaded from the net in Visual Studio ? I guess the answer is yes. Well Think Again or just download this source code and double click the .sln file. What you will witness is a Visual Studio exploit that enables a hacker to execute arbitrary code on your station as soon as you open the .sln file. Following is the full explanation...
TechEd Eilat 2006 Presentations are starting to appear on the official TechEd Eilat Site My Beat Box presentation have already been submitted and will be on the list soon. I’ll update with the direct link later on.
Thanks to Alik Levin I found out about this cool Application Security document from Microsoft… Check it out ! To build software that meets your security objectives, you must integrate security activities into your software development lifecycle. This handbook captures and summarises the key security engineering activities that should be an integral part of your software development processes. These security engineering activities have been developed by Microsoft patterns & practices to...