Friday, June 20, 2014

What I am reading 6/20/2014

Ars Technica - Should tech workers settle “no-poach” case for $324M? Judge has real doubts -

Koh told the attorneys pushing the deal that she has "concerns about whether this is really fair to the class," according to a Reuters report from today's hearing.

To me (not one of the plaintiffs) what would be even more important is getting an actual admission of wrongdoing.

SecLists.org - 'Anonymous' hackers threaten to target regional oil & gas firms tomorrow -

According to Symantec, this year’s attack is also called “Operation Petrol” and is directed against the US dollar being used as the currency to buy and sell oil.

The attach is actually supposed to be today 6/20/2014.

InfoSec Institute - What You Must Know About OS Fingerprinting - 

If an attacker can identify the operating systems that run on specific target machines, they can then learn which exact vulnerabilities to exploit. Each and every OS in deployment has unique bugs and vulnerabilities. When an exact OS is determined, it’s really easy to research what they are. That’s even often true when bug reports haven’t been sent to vendors already, and the corresponding patches have yet to be developed! So, hardening against OS fingerprinting can, in some cases, prevent zero-day attacks.

Knowing is half the battle.  The other half is red lasers and blue lasers.


Post a Comment

OSCP and Defcon26

First - I was thinking my OSCP course started on the 27th, nope it starts on the 19th.  I would have missed it except i decided to double ch...