Tor: Exploiting the weakest link
Since the birth of the internet, there has been censorship. People have always been looking for ways to anonymously access the internet, either by proxy or VPN, however these still (can) log traffic...
View ArticleExploiting ATMs: a quick overview of recent hacks
A few weeks ago, Kyle Rozendo asked a question on the IT Security StackExchange about Cracking a PCI terminal using a trojan based on the card. It caught my attention, so I started digging a little...
View ArticleAbout the recent DNS Amplification Attack against Spamhaus: Countermeasures...
A few weeks ago the anti-spam provider Spamhaus was hit by one of the biggest denial of service attacks ever seen, producing over 300 gbit in traffic. The technique used to generate most of the traffic...
View ArticleWiFi security: history of insecurities in WEP, WPA and WPA2
Recently I answered a question on security.stackexchange.com regarding security in wireless protocols. The OP wanted to know more about what methods were available to break into a wireless network and...
View ArticleAbout Secure Password Hashing
An often overlooked and misunderstood concept in application development is the one involving secure hashing of passwords. We have evolved from plain text password storage, to hashing a password, to...
View ArticleA short statement on the Heartbleed problem and its impact on common Internet...
On the 7th of April 2014 a team of security engineers (Riku, Antti and Matti) at Codenomicon and Neel Mehta of Google Security published information on a security issue in OpenSSL. OpenSSL is a piece...
View ArticleBusiness Continuity is concerned with information security risks and impacts
A Business Continuity Programme (BCP) is primarily concerned with those business functions and operations that are critically important to achieve the organization’s operational objectives. It seeks to...
View Article