What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
LiquidMatrix.webp 2019-12-11 15:51:53 Exploring Legacy Unix Security Issues (lien direct) Sometimes after looking at web application security, IoT botnets, and various malware I long for the pre-2000 hacking days. Where, instead of looking for XSS or SQL injection vulnerabilities, you would be hunting for server-side vulnerabilities. This summer, I was gifted an SGI Indy R5000. I’d mentioned on Twitter a while back that I’d love […] Malware
LiquidMatrix.webp 2019-07-14 05:51:03 We Don\'t Take Vendor Pitches (lien direct) This site has been online for more than a couple decades now. I removed all advertising from the site a couple years ago to maintain as impartial of an approach as I can. ★★★
LiquidMatrix.webp 2019-07-14 05:26:03 (Déjà vu) War Stories: Just Shut Off Telnet (lien direct) >Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was rather neat. One of the things that I discovered was that […]
LiquidMatrix.webp 2018-10-18 19:24:01 Having The Security Rug Pulled Out From Under You (lien direct) >Apache .htaccess changes led to arbitrary file upload vulnerabilities in jQuery project I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY.   I expected better weather to wander around the city while enjoying the conference and the neighborhood’s wide selection of food. I had been so confident of clear skies […] Malware
LiquidMatrix.webp 2018-09-29 23:27:03 Long Term Security Attitudes and Practices Study (lien direct) >What makes security practitioners tick? That’s a simple question with a lot of drivers underneath it. We want to find out; please help us by signing up for our study. The Ask We’re launching a long term study of security practitioners to understand how they approach security, please sign up for our Long Term Security Attitudes […]
LiquidMatrix.webp 2018-08-16 14:47:04 Fortnite: When Dollars and Cents Trumps Security! (lien direct) >When Epic Games recently announced and subsequently released Fortnite for Android, it took the decision to bypass the Play Store and ask users to side-load the app. After I read that Epic Games' brilliant idea was to ask Android users to essentially downgrade the security on their devices, there was a lot of head-on-desk action. […]
LiquidMatrix.webp 2018-07-26 10:55:02 “Here Be Dragons”, Keeping Kids Safe Online (lien direct) Sitting here this morning sipping my coffee, I watched fascinated as my 5-year-old daughter set up a VPN connection on her iPad while munching on her breakfast out of absent-minded necessity. It dawned on me that, while daughter has managed to puzzle out how to route around geofencing issues that many adults can’t grasp, her […]
LiquidMatrix.webp 2018-07-18 10:57:02 When Disaster Comes Calling (lien direct) >There are times like this when I can’t help but wonder about disaster recovery plans. A large number of companies that I have worked at or spoken with over the years seemed to pay little more than lip service to this rather significant elephant in the room. This came to mind today while I was […]
LiquidMatrix.webp 2018-07-17 10:55:00 Never patch another system again (lien direct) >Over the years I have been asked a curious question numerous times. ‘If we use product x or solution y we wouldn’t have to patch anymore, right?” At this point in the conversation I would often sit back in my seat and try to look like I was giving their question a lot of thought. […]
LiquidMatrix.webp 2018-07-16 18:00:04 InfoSec Recruiting – Is the Industry Creating its own Drought? (lien direct) >The InfoSec industry has a crippling skills shortage, or so we're told. There's a constant stream of articles, keynotes, research and initiatives all telling us of the difficulty companies have in finding new talent. I've been in the industry for over 30 years now and through my role as one of the directors of Security […]
LiquidMatrix.webp 2018-07-11 10:56:00 IoT And Your Digital Supply Chain (lien direct) >While there is a mad rush to stake claims across the Internet for things like connected toasters, coffee makers and adult toys it seems security falls by the way side.
LiquidMatrix.webp 2018-07-10 16:21:00 (Déjà vu) Blackhat, BSidesLV and DEF CON Parties 2018 (lien direct) >Back once again for the Blackhat, BSidesLV and DEF CON Parties 2018. Here is the list. Please note that this is a work in progress and I'll be sure to add more as I become aware of them.
LiquidMatrix.webp 2018-07-10 13:37:05 (Déjà vu) If An Infosec Policy Falls In The Forest (lien direct) >When you are building an Information Security practice you need a solid governance structure in place. For those of you who might not be familiar we can look at it a more accessible way. If you are building a house you need a solid foundation otherwise the thing will collapse. Much in the same vein, if you do not have a solid set of policies, you are destined to fail.
LiquidMatrix.webp 2018-05-23 19:11:04 Repost: Hacking the power grid through air conditioners (lien direct) This is a repost of a blog that Joe Marshall (@ImmortanJo3) and I wrote on February 22, 2016 and @da_667 posted to his blog (which is now defunct, but he has given me permission to post here). It's not that easy.. Ladies and gentlemen, I am proud to host another guest work on blindseeker. This article was […]
LiquidMatrix.webp 2018-03-23 17:34:01 Life Cycle of a Web App 0 Day (lien direct) Summary Over the past few months, I've been monitoring the proliferation of exploits for some of my disclosed WordPress Plugin and Joomla Extension vulnerabilities against Akamai customers. I started this observation process which leads to an expected conclusion – severe vulnerabilities like SQL Injection, RFI and LFI would receive the most attention for any CMS […] Guideline
LiquidMatrix.webp 2017-12-25 04:03:05 Liquidmatrix Security Digest Podcast – Episode 73 (lien direct) Episode 0x73 Surprise! Happy Holidays Are you having a happy holiday? Listen to us and you’ll have a happy holiday. Upcoming this week… Lots of News Breaches SCADA / Cyber, cyber… etc. finishing it off with DERPs/Mailbag (or Deep Dive) And there are weekly Briefs – no arguing or discussion allowed And if you’ve got […]
LiquidMatrix.webp 2017-08-08 15:28:11 Sql Injection using SQLmap with multipart/form-data Encoding (lien direct) I've spent a fair amount of my time examining code for vulnerabilities, I recently began to focus specifically on SQL injection. While investigating this specific type of vulnerability in web applications, I ran across a few examples where the injection point was in a POST request but it wasn’t your straightforward content-type application/x-www-form-urlencoded form.  The […]
LiquidMatrix.webp 2017-06-08 12:01:16 Blackhat, BSidesLV and DEF CON Parties 2017 (lien direct) Parties Back once again for the Blackhat, BSidesLV and DEF CON Parties 2017. Here is the list. Please note that this is a work in progress and I’ll be sure to add more as I become aware of them. Please note that this sched should work fine in most smart phone browsers. RSVP Be sure […]
LiquidMatrix.webp 2017-05-22 15:19:21 Liquidmatrix Security Digest Podcast – Episode 72 (lien direct) Episode 0x72 SPECIAL ELECTION EDITION Vote Dave… please? Upcoming this week… We yammer about stuff with no real direction or point. And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It’s not that explicit, but you may want to use headphones if you’re at work. ADDITIONAL DISCLAIMER: In […]
LiquidMatrix.webp 2017-05-15 16:52:36 Unnecessary Doxing Of A Researcher (lien direct) Doxing and ransomware were unfortunate bedfellows this weekend when we saw the unnecessary doxing of a researcher during the massive WannaCry ransomware outbreak. I’m pissed and I’m looking at you The Sun UK, The Daily Mail and The Telegraph. A security researcher using the Twitter handle @MalwareTechBlog became an accidental hero when he managed to […] Wannacry
LiquidMatrix.webp 2017-05-08 19:03:17 Vote Dave Lewis For (ISC)2 Board of Directors (lien direct) Vote Dave Lewis For (ISC)2 Board Election! That’s right, I am looking for your vote! I’m starting my new campaign for the (ISC)2 Board of Directors because I want to help build the (ISC)2 for the members! I would like to add new (old) blood to the board in a bid to my lessons learned […]
LiquidMatrix.webp 2017-04-21 13:29:03 Vulnerability Researcher to Software Developer: The Dark Side of the Coin (lien direct) I’ve been finding bugs in software since 1999 or so, I’ve reported over 150 vulnerabilities in that time, ranging from format string vulnerabilities to XSS. I also started developing my own web server in C around 1994.  I did this to learn more about programming and not lose the skills I picked up during my […]
LiquidMatrix.webp 2017-03-09 21:21:23 Liquidmatrix Security Digest Podcast – Episode 71 (lien direct) Episode 0x71 Um… We’re back? I think it’s called falling off the wagon. We did that. We should get back on the wagon. Why is it always a wagon? Upcoming this week… /dev/random And if you’ve got commentary, please sent it to mailbag@liquidmatrix.org for us to check out. DISCLAIMER: It’s not that explicit, but you […]
LiquidMatrix.webp 2017-02-07 21:03:33 Deep Web, Dark Web, Darknet, Deepdeep, Darkdark… (lien direct)   Deep web, Dark web, Darknet… These terms are often used interchangeably despite representing distinct, but related segments of the Internet. The deep web (sometimes called the 'hidden' or 'invisible' web) refers to pages and services on servers that are accessible through standard Internet browsers and methods of connection, but not indexed by the major search engines. […]
LiquidMatrix.webp 2017-01-24 03:33:58 Liquidmatrix Nominated for Security Blogger Awards (lien direct) I was rather pleased to see that Liquidmatrix was nominated in the Best Security Podcast category for the Security Blogger Awards this year. While we would love nothing better than to break out of our Susan Lucci-esque rut, I do want to make sure that folks who are kind enough to vote for us…play by […]
LiquidMatrix.webp 2017-01-09 21:53:25 Jet Lag And The Road Warrior (lien direct) I've been a road warrior now for almost 4 years in my current role. I'd be lying if I said anything other than that I love it. But, it does manage to take a toll on the body and mind. Jet lag or, as the Mayo Clinic also calls it, Jet lag disorder is a […]
LiquidMatrix.webp 2017-01-06 16:33:49 RSA Parties 2017 (lien direct) RSA Parties 2017 List It is that time of year again and the RSA Parties 2017 list is back again! The RSA Security Conference approaches and this year it is back…smack in the middle of February…again. Wat? This is going to require some libations. Good thing there are parties to be had…if you’re into that […]
LiquidMatrix.webp 2016-11-18 22:22:43 Liquidmatrix Security Digest TV – mini0x1E (lien direct) Samy Kamkar – PoisonTap – https://samy.pl/poisontap/ RCMP want an iphone unlocker – http://www.cbc.ca/news/investigates/police-power-privacy-encryption-1.3856375 Discussion paper – https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/ntnl-scrt-grn-ppr-2016-bckgrndr/index-en.aspx
LiquidMatrix.webp 2016-11-17 15:36:14 Liquidmatrix Security Digest TV – mini0x1D (lien direct) Travels with Dave… The post Liquidmatrix Security Digest TV – mini0x1D
LiquidMatrix.webp 2016-11-16 13:57:33 Liquidmatrix Security Digest TV – mini0x1C (lien direct) The infosec implications of Walt Disney World… https://disneyworld.disney.go.com/ Disney’s $1 Billion Bet on a Magical Wristband http://www.rockwellautomation.com/global/industries/entertainment/overview.page http://dsicontrols.com/amusement.html
LiquidMatrix.webp 2016-11-15 14:00:01 Liquidmatrix Security Digest TV – mini0x1B (lien direct) Dave is alive, we have video proof. The post Liquidmatrix Security Digest TV – mini0x1B
Last update at: 2024-04-26 04:07:53
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter