Clik here to view.
Some Thoughts about Office Open XML and Malware Detection
Last week I have been googling around for comments and reactions from my report Malware Detection Rate in Alternative Word Formats which was posted in the ISC diary on August 23rd, 2006. To sum it up...
View ArticleClik here to view.
Enforcing Java Security Manager in Restricted Windows Environments?
Lately I came across several Citrix and Terminal Server projects which provide a restricted set of applications to their users. This is achieved using Windows Software Restriction Policies or AppSense...
View ArticleClik here to view.
Trends at Black Hat USA 2006 and DEFCON 14
Black Hat USA and DEFCON in Las Vegas are amongst the biggest IT security conferences in the world. This year Walter Sprenger and I had the opportunity to attend. Both events have been very...
View ArticleClik here to view.
Ruining Security with java.util.Random
In my review practice I often have to look at Java source code which is used to generate passwords, authentication tokens or session ids. Ever so often this code uses the Java API class...
View ArticleClik here to view.
Skype Trojan Protection - Disable Skype API and File Transfer
This week Websense reported the first Trojan using the Skype API as part of its evil workings. The currently available information does not tell us what the Trojan uses the Skype API for. As already...
View ArticleClik here to view.
A Visit to the Canadian Parliament and Confiscated Items
Last year I traveled through Canada. One of my stopovers was in Ottawa. Very nice friends of mine have recommended that I shall pay a visit to the Parliament Hill and take a tour through the Center...
View ArticleClik here to view.
DAVIX - A Look Behind the Scene
Although it has been very quiet on this blog for quite a while, lots of activities in the background have been keeping me busy. During the last six months I have been working on my new pet project...
View ArticleClik here to view.
DAVIX 1.0.1 Officially Launched
After months of building and testing, the long anticipated release of DAVIX - The Data Analysis & Visualization Linux® - arrived last week during Blackhat/DEFCON in Las Vegas. It is a very exiting...
View ArticleClik here to view.
Blackhat/DEFCON Visualization Retrospective
From a data mining and visualization perspective the conferences in Las Vegas offered a couple of highlights for me. First of all Raffy’s book Applied Security Visualization was finally launched and I...
View ArticleClik here to view.
iX Magazine Security Special with DAVIX
After the DAVIX Visualization Workshop in Las Vegas, Christoph Puppe approached us and asked if we were interested in having DAVIX bundled with the upcoming information security special edition of the...
View Article
