Dan Kaminsky’s DNS Black Hat video

August 25, 2008 By 2 Comments


Black Hat has published the media from Dan Kaminsky’s infamous DNS vulnerability talk. You can get the full video (101MB) or just the audio.

The full archive of slides and white papers from this year has been posted too.… Read the rest

Filed Under: downloads hacks, security hacks Tagged With: , , , , , ,

SIGGRAPH 2008: The quest for more pixels

August 20, 2008 By 8 Comments


Long before we started reporting on [Dan Kaminsky]‘s DNS chicanery, he contributed a guest post about one of our favorite sources of new technology: SIGGRAPH. The stars have aligned again and we’re happy to bring you his analysis of this year’s convention. [photo: Phong Nguyen]

So, last week, I had the pleasure of being stabbed, … Read the rest

Filed Under: cons, news Tagged With: , , , , , , , ,

Black Hat 2008: Pwnie Award Ceremony

August 6, 2008 By 9 Comments


The first night of Black Hat briefings concluded with the Pwnie Award Ceremony. The awards reward achievements in security… but mostly failures. Notably, this was the first year anyone accepted an award in person. Hack a Day took home an early victory by producing a MacBook mini-DVI to VGA adapter (pictured above). The ceremony was fairly straight forward after … Read the rest

Filed Under: cons, security hacks Tagged With: , , , , , ,

Black Hat 2008: Dan Kaminsky releases DNS information

August 6, 2008 By Leave a Comment


[Dan Kaminsky]‘s much anticipated talk on his DNS findings finally happened at Black Hat 2008 in Las Vegas today. [Dan] has already uploaded the complete slides from his talk as well as posted a short summary to his site. New information in the slides since our previous coverage includes “Forgot My Password” attacks and new attacks on internal network vulnerabilities … Read the rest

Filed Under: cons, misc hacks, news Tagged With: , , , , , , , , ,

Securing DNS on OSX

July 31, 2008 By 5 Comments


It’s been a few weeks since [Dan Kaminsky] announced the nature of the DNS vulnerability and allowed 30 days of non-disclosure for patches to be applied before details of the exploit went public. Unfortunately, the details were leaked early and it didn’t take long for a functional exploit to be released into the wild. Since then, many ISPs have … Read the rest

Filed Under: security hacks Tagged With: , , , , , , ,

DNS cache poisoning webcast

July 24, 2008 By 4 Comments


UPDATE: Full audio of the webcast is now available

Today Black Hat held a preview webcast with [Dan Kaminsky] about the massive DNS bug he discovered. On July 8th, multiple vendors announced a patch for an undisclosed DNS vulnerability. [Dan Kaminisky] did not release the details of the vulnerability at that time, but encouraged security researchers to not release … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , , , , ,

DNS exploit in the wild

July 23, 2008 By 4 Comments


We’ve been tracking Metasploit commits since Matasano’s premature publication of [Dan Kaminsky]‘s DNS cache poisoning flaw on Monday knowing full well that a functional exploit would be coming soon. Only two hours ago [HD Moore] and [I)ruid] added a module to the Metasploit Project that will let anyone test the vulnerability (with comment: “ZOMG. What is this? >:-)“). … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , ,
« Older Posts