2011
2010
The Real Lessons Of Gawker’s Security Mess
by marco
Making unnecessary statements of bravado, statements potentially divorced from reality, changes the equation for an attacker, it suddenly makes compromising your environment worth more of his or her time.
Google Online Security Blog: Do Know Evil: web application vulnerabilities
by marco
Web Application Exploits and Defenses
Can Apple Safari avoid another Pwn2Own embarrassment?
by marco
List of remote code execution flaws fixed with the new Safari 4.0.5
Operation Aurora
by marco
Operation Aurora was a cyber attack conducted in mid-December 2009 and continuing into early January 2010.
Tous coupables ? Hadopi menace les réseaux Wi-Fi
by marco
WiFi présumé coupable. Hadopi est une loi inapplicable, coûteuse, et qui crée des injustices.
2009
One bug to rule them all
by marco
Calling the select() method with a large integer, results in continuous allocation of x n bytes of memory exhausting memory after a while
Les Fast-Flux Networks : comment remonter à la source des attaques ?
by marco
Ca flux pour toi mec ?
The Problem With HTTPS SSL Runs Deeper Than MD5
by marco
To move forward, we first need to acknowledge that the current HTTPS SSL mechanism is completely broken.
RapidSSL CA - MD5 and detailed info about the problem
by marco
Not all CAs using MD5 are automaticaly broken [...] Only with these 4 things in place it was possible to pull this off.
2008
Compromising Electromagnetic Emanations of Wired Keyboard
by marco
Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive information such as keystrokes
Adobe Flash ads launching clipboard hijack attack
by marco
In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine’s clipboard and using a hard-to-delete URL that points to a fake anti-virus program
