This years Blackhat featured a talk about reverse engineering IPS signatures. The talk demonstrated that vulnerabilities can be reverse engineered from signatures, which is especially interesting with zero-day signatures. The talk got alot of attention and Tippingpoint, who was the IPS which the condition was demonstrated on, apperently changed their way of distributing their zero-day signatures. I’m looking forward to getting my hands on the talk itself or the slides to get a glimpse of the methodology.

My friend Johnny has posted a series of posts related to work, being effective, organised and awake (which is actually harder than you would think). Check them out..

Enews has reported on an interesting incident of a focused Denial of Service attack. According to the article, a number of British companies has been attacked with heavy IP-traffic just at the quarterly draftings, and that’s the moment where downtime hurts the most. This is yet another evidence that you have to, if not calculate with the most drastic scenario, at least take it in to account.