Commentary & Insight From S?nnet Beskerming
Covering news on emerging threats, advice on good security practices, analysis, explanation of technical news items, and brief, accurate, non-biased synopsis of security-focussed technology trends, S?nnet Beskerming commentary is many things.
Whether you call it a blog, online journalism, or commentary on events, this is where you can find and search all relevant articles published by S?nnet Beskerming.
All articles will eventually be made available free of charge, however some content is initially only available to paying subscribers.
Available entries
When AntiVirus Products (and Internet Explorer) Fail you
Posted in: Information Security
When Didier Stevens recently took a closer look at some Internet Explorer malware that he had found, something surprised him somwehat. He discovered that the IE-targeted malware had been obfuscated with null-bytes (0x00) and when run against VirusTotal, he found that fewer than half of the products....
Posted: 29 October 2007 18:31
Internet Bubble 2.0
Posted in: Information Security
Microsoft's purchase of 1.6% of social networking site Facebook for $240 million USD has only added to fears that there is a significant overvaluation in the market for major websites and related companies - basically that there is an Internet Bubble 2.0 in the works. With Facebook valued now at u....
Posted: 29 October 2007 13:19
Hiding the Truth About Breaches
Posted in: Information Security
Despite increased attention and publicity being given to reports of identity related data thefts and losses from American (and now global) companies, including legislation to force the notification of individuals affected, sometimes the true extent of a breach does not surface for some time after th....
Posted: 29 October 2007 11:59
Companies Trying to get it Right
Posted in: Information Security
Several days ago, British telecommunications provider BT disabled support for the "Remote Assistance" feature on their "Home Hub" router, that had been supplied to around 2 million UK homes based on vulnerability reporting that had emerged over the previous several days.
Despite a seemingly rapid....
Posted: 28 October 2007 18:57
PhD Student Claims 200x Improvement for Copper Broadband
Posted in: Information Security
A news.com.au article is claiming that an Australian PhD graduate has achieved the seemingly-impossible by developing algorithms to allow a speed gain of up to 200 times over the limit of current copper broadband networks.
It is claimed that the performance increase obtained through the developed....
Posted: 24 October 2007 16:15
Free Kevin's Website
Posted in: Information Security
Even notoriety as a hacker and social engineer (con artist) isn't enough to keep people from trying to hack you, as well-known hacker Kevin Mitnick found out today when he had his site defaced.
This sort of bravado is fairly standard fare for website defacers, but at least this particular attacke....
Posted: 22 October 2007 18:42
RealPlayer 0-Day Shows ActiveX Still an Issue
Posted in: Information Security
News has been spreading rapidly of an actively-exploited vulnerability affecting RealPlayer, activated via Internet Explorer. Based on the available reporting, it appears that at least one major victim has been targeted with this exploit (NASA), with the first information being made public on Wedne....
Posted: 20 October 2007 15:10
Waiting and Watching is Sometimes the best Course of Action
Posted in: Information Security
A recent clustering of disclosures that affected how a number of third party applications on Windows could be manipulated to open other applications through the modification of seemingly innocuous URIs led some (but not many) to sit back and question whether there was some other, more critical probl....
Posted: 17 October 2007 18:13
A Lesson on why Reporting Security Problems can be Dangerous
Posted in: Information Security
After the increasing public and market awareness over the last few years of the need for efficient handling of reported security vulnerabilities and related issues, it is still distressing to see reports of companies, government agencies, and educational institutions that persist in attacking those ....
Posted: 9 October 2007 14:23
On the Internet, Everyone Hates you
Posted in: Information Security
Our recent article about the difficulty of determining the source of vulnerabilities has drawn some complaint - from the researcher who was responsible for discovering the iPhone Safari problem.
To clear up the confusion for anybody who is still wondering what is going on, the complaint centres o....
Posted: 8 October 2007 19:27
Even Political Sites Leak
Posted in: Information Security
Australia is set to go to the polls later this year for what could be the closest Federal election for some years. Almost all parties and politicians have turned their attention to establishing, consolidating or increasing their online presence, with both major parties (Liberal and Labor) making us....
Posted: 8 October 2007 01:51
When Identifying Problem Sources is Difficult
Posted in: Information Security
When security researchers butt heads with companies, the resulting disagreements can sometimes fester into ongoing dispute that doesn't quite seem to work out either way (for the record, the linked iPhone Safari exploit doesn't seem to work on OS X).
Apple is probably the most famous company for ....
Posted: 8 October 2007 01:18
Gateway to Your Data
Posted in: Information Security
In a series of posts to the GNUCitizen blog, security researcher pdp demonstrates just some of the risks that can come from Citrix Gateways.
Based on the available information (and it is still early in the information lifecycle), there is significant potential for this to become the next major at....
Posted: 8 October 2007 00:48
Staying on top of Security
Posted in: Information Security
SANS' Internet Storm Centre have been running interesting daily stories on their diary to highlight various Information Security issues and problems for Cyber Security Awareness Month (this October), starting with an excellent lesson on how self confidence can be the first step towards critical fail....
Posted: 8 October 2007 00:25
The Difference Between Theory and Practice
Posted in: Information Security
McAfee's Avert Labs recently provided some very enlightening insight into the very real difference between what people believe is going on, and what is really happening - specifically with respect to how their systems are protected by a current antivirus product.
While the figures demonstrate an ....
Posted: 7 October 2007 22:58
Microsoft Security Patch Advance Notification - October 2007
Posted in: Information Security
With the second Tuesday in October rapidly approaching, Microsoft have provided 'Advance Notification' of the patches that they are expecting to release as part of the monthly security patch release cycle.
This month there will be seven patches for Windows and Office users:
*Five patches....
Posted: 7 October 2007 10:25
Chinese Internet Security Response Team Under Attack
Posted in: Information Security
A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag.
Injected IFRAME tags are not a new means of using legitimate s....
Posted: 3 October 2007 00:46
Posts from December, 2024.