I lost count of how many times I have used Google Drive to convert a document to one format and download it as another. This generally means firing up a browser, logging into a random Google account, uploading the document, re-downloading it and then deleting to save space. Sure, there are utilities to do...
Read more →I saw earlier in the week that McAfee had disclosed a information leak through one of the PDF JavaScript APIs. While it wasn’t exactly spelled out, I recognized the bug description as one I had reversed back in May of 2012. Why didn’t it hit the public then? Well, it wasn’t that interesting and...
Read more →Last month I was fortunate enough to attend the 2013 Cyber Dialogue conference hosted in Toronto, Canada. Despite much of the conference centering around policy, privacy and governance, I really enjoyed myself and surely plan to go back next year....
Read more →Over the past few weeks, I have been fortunate to watch the birth of a new CVE-2012-0158 builder that demonstrates original technique with excellent results (not for long). What is a builder you ask? Well, some attackers/researchers/whatever like ...
Read more →When I read Mandiant's report, I was pleased to see such a heavy hit to the infamous comment crew, but I had issues with some of the conclusions they ultimately settled on. Much like Kai Roer, I felt like several details in the report were a stret...
Read more →Earlier today I accidently opened up Twitter and saw this tweet: Some may disagree with the statement, but looking at targeted files on a daily basis, I would say it's pretty accurate. Truth be told, it only takes one person to open up the infecte...
Read more →A few weeks ago I needed a way of grabbing a bunch of different articles based on a set of basic keywords for one of my projects. Essentially what I wanted was a way to feed a whole bunch of different RSS feeds into a program, have it download the...
Read more →I am doing my best at keeping the blog alive and have some projects I will be pushing out in the next week or so, but until then, I thought I would share this quick hack of a script I put together. If you don't automate in the field of security re...
Read more →