It is not uncommon for seasoned (or heavily burdened) information security (infosec) professionals to look at the mornings’ security alerts and see a flood of the same old-same old. A few years ago, it was buffer overflows, and now in 2006 it is SQL injection attacks and cross-site scripting (XSS) vulnerabilities.
Typically, the deluged infosec professional [...]
I got an interesting phish this morning for Amazon. What makes it interesting is that it uses not one but two different redirectors, one from Yahoo! and one from Google, and then what appears to be a bot in Chinese IP space before it finally lands on the phishing site. The URL in the mail [...]
So, a couple of months back, we interviewed Peter Markowsky for a position within the Arbor Security Engineering & Response Team (ASERT). I’m glad to see that he eventually ended up @ Google, which, by the way, is on a security hiring frenzy, it seems. Anyway, Peter briefly blogged about his interview experience with us, [...]
