I have an admittedly limited view of the exploit dev world. However,
from what I've seen devs have very few options: (Please correct me if
I'm wrong)
"Responsible Disclosure" =>
- Direct Contact => depending on the size of the vendor and their view
on security, this could result in anything from
Hi,
In the past year I have been working in collaboration with psychologists
Robert Cialdini and Rosanna Guadagno on a paper analyzing some of what I
saw from the social perspective in Estonia, when I wrote the post-mortem
analysis for the 2007 attacks, but didn't understand at the time.
We an
===
Ubuntu Security Notice USN-933-1 April 28, 2010
postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability
CVE-2010-0442
===
A security issue affects the following Ubun
Hello everyone:Tonight I was looking though some look information I had saved on a hard drive When I came across a few ip ranges.Ip ranges:212.143 *** i212.149212.159.0.2212.159.1.1212.159.1.4212.179.*** Israelis isp's)212.208.0.12213.8.***.***what I am not getting is did they update their Ip range
INVITATION:
=
Please consider to contribute to and/or forward to the appropriate
groups the following opportunity to submit and publish original
scientific results.
=
== ACCESS 2010 | Call for Papers ===
CALL FOR PAPERS, TUTORIALS, PANE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:332-1
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:085
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:078-1
http://www.mandriva.com/security/
> A = Spend money on compliance
>
'A' is *mandatory* if you choose to do certain operations in-house.
Why is this so hard to understand?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted a
ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-079
April 28, 2010
-- CVE ID:
CVE-2010-1317
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks Helix Server
-- Tippi
the GNAA seems to be alive and well once more, http://www.gnaa.eu/
http://encyclopediadramatica.com/Firefox_XPS_IRC_Attack
On Wed, Apr 28, 2010 at 5:09 AM, Anders Klixbull wrote:
> But aren't gnaa retired anyway?
>
>
>
>
> -Original Message-
> From: full-disclosure-boun...@lists.grok.or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:084
http://www.mandriva.com/security/
On Tue, Apr 27, 2010 at 08:58:24AM -0400, Honer, Lance wrote:
> > What's your choice:
> > Company A installs an anti-virus and updates it regularly (BTW
> regularly
> > includes once a year).
> > Company B has a recovery concept, incident response team,
> vulnerability
> > monitoring, patch manage
As Chen found out, simply stating "I'm a journalist" will not save your
computer when armed men come knocking on your door to execute a search
warrant.
I'm not sure your interpretation holds up; the protections that Wired
alluded to states an exception if "there is probable cause to believe that
t
It appears that the content of the security audit procedures (the PDF
download-able from
https://www.pcisecuritystandards.org/security_standards/pci_dss_download_agr
eement.html) still has not crept into this discussion by some who consider
PCI a waste of effort, merely a comment on the 12 section
But aren't gnaa retired anyway?
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Sandy
Vagina
Sent: 28. april 2010 11:59
To: Gary Niger
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure]
Nothing since 2006, a handful of personal emails, and a copy of her website?
That's a pretty lame tarball.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://se
Oh, Randi Harper! I see you're single now. It was going so well! What happened?
Many people thought it funny how you ran around calling yourself a FreeBSD
developer, when you're really just QA. We watch you suck enough dick to get
jobs via your boyfriends and then play WoW at work all day while
18 matches
Mail list logo