Unix Command-Line Kung Fu

I was discussing with a friend a few weeks ago how challenging is to teach folks that come in from the exclusive Windows-world on advanced Unix topics. Yes, I mean the kind of user that ends up rebooting a Unix box after changing a conf file instead of just restarting the appropriate services 🙂 .

I’m sure those, both Unix beginners and their managers, will appreciate the following presentation I came across a few weeks ago: “Unix Command-Line Kung Fu“. It’s author, Hal Pomeranz, presented it at SANS 2008 Orlando as part of the @Night talk conferences.

Continue reading Unix Command-Line Kung Fu

Cracking into embedded devices and beyond!

As promised in my previous post, I have  just uploaded Cracking into embedded devices and beyond, Adrian Pastor’s presentation at ‘Hack in The Box’ Dubai 2008.

Thanks Adrian for your promptly response when asked for the slides and congratulations for your excellent contribution to the security community. Hope we can share a pint next time I’m in London. Un abrazo!

Continue reading Cracking into embedded devices and beyond!

Cerrudo’s talk prompts Microsoft to admit serious flaw on Windows

Hack in the Box???It’s Sunday evening and I have spent the last hour going through the slides of Cesar Cerrudo’s talk at HiTBSecConf 2008 that took place this week in Dubai. I know it’s sad, but the title of this blog is “passionate about information security”, isn’t it?

Let me give you a bit of background before going further. It’s been almost a month since Cesar Cerrudo, security researcher and CEO of Argeniss publicly warned that the latest Microsoft operating system, Windows Server 2008, might not be as secure as it seems. On an advisory released on March 24, he stated:

“The problem discovered by Argeniss results from design issues that were not identified by Microsoft engineers during the Security Development Lifecycle (SDL), and allows accounts commonly used by Windows services (NETWORK SERVICE and LOCAL SERVICE) to bypass new Windows services protection mechanisms and elevate privileges to achieve complete control over the operating system.”

Continue reading Cerrudo’s talk prompts Microsoft to admit serious flaw on Windows