All Stories

Changing Email Addresses For Spam

While looking back at some of my old speeches, and after writing the last blog post it occurred to me there is another attack I haven’t heard anyone talk about. Often times spammers w...

In Apr 05, 2011

Hiding Services from NMAP Using Non-Standard Ports

Most system administrators know that using non-standard ports for some services can be a useful way to hide ports from both automated attacks and less determined attackers. In additio...

In Feb 01, 2011


DNS Rebinding in Java

Stefano Di Paola has an interesting article about DNS Rebinding in Java. Apparently he’s found a way to bring back some of the older exploits that were supposedly fixed in Java back i...

In Feb 10, 2010

Myspace was a hotbed for 0-day exploits

I laughed out loud when I read this. Kuza55 found another issue in MySpace again today using the exact same exploit that we have been trying to get them to close FOUR separate times n...

In Jan 02, 2010

What are the odds of a small wordpress site getting hacked?

The blackbox security analysis is worth discussing further, since I don’t think I went into enough detail on my last post, so here it is:

In Jan 01, 2010

Start to security

Is is a start to SECURITY not hacking . Remember thatAnd have a great time reading this…

In Jan 01, 2010

PlayStation 3 Hacking

Anathema sent me a link to a few posts he made to discuss PlayStation 3 hacking.

In Jan 01, 2010

Minimalistic UI Decisions in Browsers

I’ve tried to talk about this a few times to people over the last year or so, but I think it’s hard to explain without pictures. So I gathered a bunch of screen shots that should help...

In Jan 01, 2010


Bypass Geo-Blocking With PureVPN. Best VPN