Information Security

The report comes as a review of ePrivacy Directive (2002/58/EC) implementation and is provoked by "recent high profile incidents of personal data loss across Europe".

I accidentally found a new Wikileaks documentary called Wikirebels and since it was nice made i decided to blog it. The movie itself doesn't say anything new but is really good induction for people that didn't followed the whole story (if any) or are missing the big picture.

Enjoy!
http://topdocumentaryfilms.com/wikirebels/

While I was reading the shallow description of the plugbot (http://theplugbot.com/about) I was wandering if those guys are making the hardware itself. A bit of googleing answer my question - pretty sure they don't. There is a separate project called Plugcomputer (plugcomputer.org) that gives an answer to most of my questions regarding the device.

Bug hunting programs seem to gain more and more popularity those days. The new kid on the block is the Mozilla one, which official guidelines can be find on https://www.mozilla.org/security/bug-bounty.html

So for all of you hunters I would like to wish you good luck and happy hunting ;)

Enjoy!

To miss the target and to hit someone else instead can happen easily in a mil operation, but to deface a site believing that it is your real target and to make a mistake should be a shame for every so called hacker.

The lesson from the story:
http://www.itproportal.com/portal/news/article/2010/9/1/algerian-hackers...

Do your homework!

No algorithm should be kept secret; only the key should be the secret component

Adobe still fights with the vulnerability announced on 15.12.2009. All the versions prior 9.2 are vulnerable to malicious Javascripts that allow shell execution attack to be successfully performed.

The colleagues from Trend Micro had spotted a new malware able to exploit this particular vulnerability.
More info on:
http://blog.trendmicro.com/unpatched-adobe-vulnerability-is-still-being-...

Just found by accident one very nice article in SANS website with the following cool title:
"How to suck at IT security". The list writen down by Lenny Zeltser is worthy to be red so ... have fun!

Target software: Skype for Windows/Linux

What's all about?

Did you ever tried to export all your Skype history? It's a little bit boring to copy and paste every conversation in separate text file, isn't it? It's even worse if you use the Linux version of this famous chat client.

Did you ever wondered if it's possible to read your Skype chat history without having to be logged into your Skype account? And did you ever wondered if it's possible to read someone else's chat history without having to use Skype client and without knowing Skype account passwords?

NOSEC anonced a new DB security testing tool, called Pangolin. The free version of the product is able to test only Microsoft databases - have to find a way to crack it. Let's hope that Pangolin will behave better than Matrix assessment tool.

Enjoy
http://www.nosec.org/en/pangolin.html