Finding Sensitive Data With Freeware

June 20, 2008 by Juan Aguilar 1 Comment

When an organization’s network grows to a certain size, its difficult to keep track of every single piece of sensitive information like credit card numbers or social security numbers. In order to find and secure this data, companies often turn to data loss prevention (DLP) services. This is not a viable option for many organizations, though, as DLP services can often be expensive and time-consuming to deploy.

Such organizations are not entirely without options: a recent article on Dark Reading lists several DLP tools authored by teams from various universities, all free to download and use. Programs like The University of Texas at Austin’s Sensitive Number Finder and Virginia Tech’s Find_SSN were designed to find pieces of data on computers and servers formatted in ways typical to sensitive information (xxx-xx-xxxx for SSNs, for example). This approach can often lead to false positives, so some measure of human control is required. They are also incapable of scanning application servers or other forms of data in transit. Cornell’s Spider can scan various application server types using different protocols. When used in conjunction, all of these apps can help secure your data without the expense of outsourcing the job.

The Last HOPE Full Speaker List Released

June 19, 2008 by Eliot No comments

The Last HOPE has just released a list of all the schedule talks at the conference. 97 different talks will be divided over three tracks during the course of the three day conference. It looks like a lot of interesting events will be going down. The Cold Boot encryption attack tools will be released. Representatives from Graffiti Research Lab will be showing The Complete First Season and unveiling their One Laser Tag Per Child system. Virgil Griffith from WikiScanner will be mining even deeper into the wretched hive of scum and villainy. Karsten Nohl will present why hardware obfuscation is an impossibility and how they defeated the MiFare crypto. The Last HOPE will be in New York City July 18-20, 2008

Check Washing Vulnerabilities

June 19, 2008 by Will O'Brien 9 Comments

[vector] sent in some of his other work, but I found his posts(part 1, part 2, part 3 and final thoughts) on check washing experiments pretty interesting. His results should be enough to make you think twice about writing checks. He tested a few different pens and tested them on real check using Acetone and Alcohol as solvents.

DecaffeinatID: Simple Security Log Monitor

June 18, 2008 by Eliot 11 Comments

Irongeek put together a simple program for monitoring network shenanigans when you’re on an untrusted network like the coffee shop. It sits in the Windows Systray and notifies you about a variety of events. It alerts you when it sees the MAC address of the IP gateway change. It watches the security log and warns you of any attempted or successful logins. The firewall log is also monitered. Try it out and send him any bug reports/feature requests you might have.

Anonymizing Clothing

June 17, 2008 by Juan Aguilar 8 Comments

Though much of [citizenFinerran]’s intent in designing a suit that camouflages the wearer from security camera footage was philosophical, it is designed with a very tangible purpose in mind. The suit does not provide true camouflage (to say nothing of true invisibility), but it does create enough moving visual obstructions to make the wearer completely anonymous on film. More details on this and other invisibility cloaks after the break.

Continue reading “Anonymizing Clothing” →

Exploit-Me Firefox XSS And SQL Scanning Addon

June 14, 2008 by Eliot 7 Comments

[youtube=http://www.youtube.com/watch?v=RbL2ptbjoSA&hl=en&rel=0&color1=0x3a3a3a&color2=0x999999]
One of the best tools we saw at LayerOne was the Exploit-Me series presented by [Dan Sinclair]. Security Compass created these tools to help developers easily identify cross site scripting (XSS) and SQL injection vulnerabilities.

Continue reading “Exploit-Me Firefox XSS And SQL Scanning Addon” →

How-To: Make An RGB Combination Door Lock (Part 1)

June 12, 2008 by Adam Harris 70 Comments

Part 2 can be found here

Putting a custom designed electronic lock on your space seems like a geek right of passage. For our latest workspace, we decided to skip the boring numbered keypad and build a custom RGB backlit keypad powered by an Arduino. Instead of typing in numbers, your password is a unique set of colors. In today’s How-To, we’ll show you how to build your own and give you the code to make it all work.

Continue reading “How-To: Make An RGB Combination Door Lock (Part 1)” →

Hackaday

security

471 Articles

Finding Sensitive Data With Freeware

The Last HOPE Full Speaker List Released

Check Washing Vulnerabilities

DecaffeinatID: Simple Security Log Monitor

Anonymizing Clothing

Exploit-Me Firefox XSS And SQL Scanning Addon

How-To: Make An RGB Combination Door Lock (Part 1)

Search

Never miss a hack

If you missed it

Japan’s Forgotten Analog HDTV Standard Was Well Ahead Of Its Time

Medieval Iron, Survivorship Bias And Modern Metallurgy

Lithium-Ion Batteries: WHY They Demand Respect

Expert Systems: The Dawn Of AI

Analog Surround Sound Was Everywhere, But You Probably Didn’t Notice

Our Columns

Share Your Projects: Imperfectionism

The Deadliest US Nuclear Accident Is Not What You Think

Jenny’s Daily Drivers: ReactOS 0.4.15

This Week In Security: Vibecoding, Router Banning, And Remote Dynamic Dependencies

The Time Of Year For Things That Go Bump In The Night

Search

Never miss a hack

Subscribe

If you missed it

Our Columns