Yesterday, I wrote a post about TwitPic and Twitter. According to the blog of TwitPic, we can read this: Yesterday we were made aware of a vulnerability with our email posting system that would allow someone to brute force someone’s Twitpic email PIN by trying every combination until one worked. A fix has been put [ Read More ]
Web vulnerabilities are lame and web developpers too. We all know this. And here is what you can read on @britneyspears twitter. Basically, TwitPic allows Twitter users to upload + post pictures on their Twitter status. How? You have to login on the TwitPic website with your login+password, then upload your picture and that’s it. [ Read More ]
(Honolulu, HW) – Here is a quick post to provide ressources presented this afternoon at Shakacon 2009. This talks aims at showing to win32dd users (forensics engineers, investigators, incident response engineers, ..) why physical memory analysis is important, and mainly covers how to rethink memory acquisition and exploitation in a more efficient way. Slides are [ Read More ]
This week Im going to give a talk at Shakacon entitled Challenge of Windows physical memory acquisition and exploitation — then I think it’s time to release a new version of win32dd. Two major bugs fixed in this release are: System cache size was growing because the output file was mapped, then it filled the [ Read More ]
In fact, this new key category appearred for the first time in Windows XP, formely called Whistler, in early 2001. Yes, almost 9 years ago. But its structure CM_BIG_DATA had been removed from Microsoft Windows XP public symbols but not from Windows Vista and later symbols. Basicaly, this “secret” registry key had been briefly introduced [ Read More ]
