Security Blog

Chris Larsen's picture
Chris Larsen's picture
Written by
Chris Larsen

This week, a new site popped up in the traffic logs of a shady ad network I was investigating: facebook-news.net. It's a plausible name, since many people do get their news from social networks.

Chris Larsen's picture
Written by
Chris Larsen
An interesting attack showed up in the logs this past weekend. The attack traffic was headed to rogue subdomains on a couple of sibling sites:
Waylon Grange's picture
Written by
Waylon Grange
Recently Google announced a new vulnerability in the SSL protocol used for web encryption. The vulnerability can only be triggered in a protocol from the 1990s, which has been replaced by more secure versions yet 98% of all web servers still support using the older protocol. Here is why we should be less worried about backward compatibility and be more concerned with implementing stronger web security protocols.
Chris Larsen's picture
Written by
Chris Larsen
Coincidentally, as I was winding up my trip to Japan -- doing a last look through the malware logs for something interesting before I went to bed -- I noticed a Japanese-looking domain name (kyokutou-tikka.com) showing up as a referrer into a malicious network. Sure enough, it was the site for a Japanese industrial company that specializes in metal treatment:
Kiel Wadner's picture
Written by
Kiel Wadner
There are two things I really enjoy about working in information security. One is the puzzle of connecting dots and looking for connections. It's like a whodunnit without looking at dead bodies! Second are the research connections between a variety of individuals and companies that occur. Sometimes officially and sometimes just getting ideas and pieces of the puzzle from each other. None of us see everything or have the whole picture.