Tag: security

  • Exploiting NIC firmware

    From Ben Laurie: Bypass the firewall by bypassing everything but the PCI bus.

  • USENIX has made its full conference proceedings available…

    USENIX has made its full conference proceedings available to the public. USENIX, the Advanced Computing Systems Organization, holds many, many technical conferences each year, primarily on system and network administration and security, including LISA, the Large Installation System Administration conference. Previously, access to the conference proceedings required a USENIX membership.

  • Social engineering with USB keys

    A comment on a Reg story about USB-key malware led to a great story from about a year ago about a tiger team hired to audit a credit union, who launched a successful social-engineering attack dropping trojan-infected USB keys around the parking lot: Once I seeded the USB drives, I decided to grab some coffee […]

  • Nifty keypad attack

    What do you do if you want to steal someone’s door code, bank card PIN, safe combination, etc., when you can’t watch them enter it, and checking fingerprints afterwards is too inconvenient? Just take a thermal image after they’ve left.

  • Secure FTP backwards through a firewall

    Hoping the lazyweb can come up with a reasonably elegant solution to a securing-FTP problem I’ve run into. I have a setup like so: [ftp-server]—[broker]—|firewall|====[ftp-client] ^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^ intranet internet I need to establish an FTP session from the ftp client to the ftp server. —- is intranet, ==== is internet. broker is a machine under […]