theReformed

Worth Reading

robert hansen [rsnake] (sectheory)

• XSSFilter Released - You may have already seen the news about the new XSSFilter in IE8.0 but I wanted to echo it here as well, because it’s a pretty major new release. It does a great job of preventing most of the
  Read more...  




chris eng, chris wysopal [weldpond] &
christien rioux [dildog] (veracode)

• The Government?s Top Hackers? - Popular Mechanics recently published an article about the NSA Red Team, which caught my interest, having been a part of that organization for a short stint back in early 2000. The article does a
  Read more...  




amrit williams

• AV Industry on the Run - All too accurate cartoon from Ikarus Security Software, brought to my attention from Dancho Dankev (here), who has become one of my favorite bloggers to read.
  Read more...  




dave goldsmith, jeremy rauch &
thomas ptacek [matasano chargen]

• CitySec Updates And Now More Ways To Stalk Us! - STLSec. Shawn @ Agurasec yelled at me for not letting everyone know that St. Louis has an active CitySec meetup: The next STLSec is July 10 @ the Fox and Hound. Be there or be square. We had a
  Read more...  




bruce schneier [bt]

• Friday Squid Blogging: Giant Squid Found off Santa Cruz Coast - It's twenty-five feet long, with tenticles the size of human legs....
  Read more...  




spacerogue

• CitiBank Card Numbers and PINS Stolen in Server Breach - Many years ago, (like ten or more) there was a major US bank (BoA, CitiBank I don’t remember) that had a major security breach. I don’t remember all the details, and Google has been less
  Read more...  




dino dai zovi

• ARDAgent.app Vulnerability Analysis - Apple recently released Mac OS X 10.5.4 with accompanying security updates for 25 vulnerabilities.  Notably absent, however, is a fix for the recently brouhaha’d ARDAgent.app local privilege
  Read more...