Home > Blogs > Seth Fogie

RSS FeedSubscribeRSS details

Using Fake GPS Coordinates to Spoof Facebook Places

With the release of Facebook Places, there has been a lot of discussion around the privacy issues. Seth Fogie takes a another position and looks at Facebook Places as the perfect way to create an alibi by spoofing the coordinates that Facebook uses to determine where you are located.

Continue reading...

By Seth FogieAugust 20, 2010
Topics: Information Technology, Security

Getting Owned for Fun and Experience

Over the last week, Paul and Larry from Pauldotcom.com joined forces with White Wolf Security to provide a 'unique, fun, and educational exercise' at SANS in Vegas.Specifically, Paul led up the 'bad guys' and Larry led the 'good guys' in an all out cyber war. The results? Lot's of getting owned, getting locked out, but the most valuable lesson had nothing to do with computers.

Continue reading...

Political Hack Jobs - Literally...

OK. So, most of the world knows that Sarah Palin had her Yahoo! account 'hacked'. Now, http://www.billoreilly.com/ has also been hacked. Why? How? Details? Read on...

Continue reading...

By Seth FogieSeptember 20, 2008
Topics: Information Technology, Security

Get Your Hack On - The Value of Cyber Excercises

I recently joined up with White Wolf Security, a company dedicated to security training and cyber exercises. To facilitate this, they have created a collection of systems that include everything you would expect to find out in the real world - including SCADA. Anyone who connects into the exercise network has an instant playground in which someone can either play attacker or defender, or just perform research in a safe environment.

Continue reading...

Cloud AV vs. Malware

A recent study and presentation at USENIX is making some waves in the AV world as the researchers claim their CloudAV is 35% more effective than tradition AV (note the slight abuse of statistical data there - 35% more effective means AV is at 73% and CloudAV is at 88%). I don't dispute their stats, but my question is...so?

Continue reading...

Mobile Malware - The Facts

Mobile Malware is a serious problem that has yet to be really understood or defined. Is it really an issue that we as IT professionals need to deal with proactively. However, where can you really turn? Well, here at InformIT we have some answers with out own Mobile Platform Malware Threat Overview.

More

Kaminsky DNS Forgery Attack Public - PATCH NOW!

In case you missed it, Dan Kaminsky, DNS and security guru discovered a MAJOR bug in DNS that is...well, no one really knew! However, it was bad enough for all DNS experts around the world and DNS software vendors to fix the problem in what has to be the biggest collective patch ever - without a single leak. Well, hackers being hackers don't need a leak to figure out a problem. They just need a rough idea to fuel the possibilities...

Continue reading...

Confessions of IT Staffer - Spying On Management

With great power comes great responsibility - and this is no more truer than in IT. Just think about it, they have the access and abilities to snoop into anything on the network, including you email, documents, web traffic, chat sessions and more. But what happens when this power is misappropriated? Well, for better or worse, we have our own confessional - with a surprise ending!

Continue reading...

Firefox 3 - Still possible to steal user credentials....

The Password Manager in Firefox is still broken. Using a bit of Javascript, it is relatively easy to steal a victims user/pass right out from under their noses. All it takes is a bit of XSS and a you can not only grab the user/pass, but you can also change the forms action value to one of your own - or just location.href the results to another site, and use the referrer to bounce back to the original site.

Continue reading...

By Seth FogieJune 19, 2008
Topics: Web Development, Security

The Eye-Fi LoJack

The Eye-Fi is a memory card with embedded wireless technology that allows it to connect up to an 802.11 network and transmit pictures back to a listening computer or website. We did a write up on it a while back that detailed a few ways such a solution could be abused. Ironically, the very same concerns we had actually worked out for the good!

Continue reading...

By Seth FogieJune 9, 2008
Topics: Security

WarGames - Redux

Many people in the security field have fond memories of the movie WarGames. This movie not only highlighted the value of war-dialing, but also went on to influence the term war-driving. Well, it has been years (decades?) since I have watched this film and my perspective on all things comsec has changed...

Continue reading...

Fired for 'whistle blowing' on security issues - right or wrong?

ha.ckers.org has a thought provoking post on a young man who posted about some sad security realities at TJX. Basically, the firewall was installed by someone who apparently didn't know what they were doing, password policies are horrible, etc. TJX figured out who he was and fired him...but for what?

Continue reading...

Page 1 2 3 4 Next >