Robert Hensing's Blog

Software Security . . . and stuff.

September, 2007

  • Blogging from Bluehat V6 . . .

    So I'm in the speakers lounge and so far today we've had MarkRuss talk at some length about what are and are not considered 'security boundaries' in Windows. For example, user sessions are a security boundary. Virtual Machines are a security boundary...
  • MIT gets their Halo3 fan-boy groove on!

    Friggin' awesome M.I.T.!!!! http://hacks.mit.edu/Hacks/by_year/2007/halo3_john_harvard/
  • Targeted Attacks continue . . .

    Gee - I wonder who's behind this? http://www.first.org/newsroom/globalsecurity/153958.html http://www.news.com/Trojan-attack-targets-top-executives/2100-7349_3-6209930.html?tag=txt.alert.hed
  • MMPC on Storm Worm

    MMPC == Microsoft Malware Protection Center They blog. They release the MSRT (Malicious Software Removal Tool) They wrote an entry on Storm: http://blogs.technet.com/antimalware/archive/2007/09/20/storm-drain.aspx It's interesting. :)
  • Bill Gates

    It's hard being a Microsoft employee. These days it seems that everyone loves to hate us. When I get down - all I need to do is read something like this: http://www.msnbc.msn.com/id/20920343/site/newsweek/page/0/ And it makes me proud to be working...
  • Adobe 0-day . . .

    I've talked a lot this year about Office documents that were used in very limited targeted attacks against our customers . . . Office documents make a great vehicle for delivering malware because most people don't realize that Office documents can be...
  • The State of the Intertubes (according to Arbor)

    Their 3rd annual world-wide report and stuff: http://www.arbornetworks.com/en/news-releases/arbor-s-worldwide-infrastructure-security-report-highlights-growing-threats-to-2.html
  • Uninformed.org

    So this web site has quickly become my favorite source of hard-core technical reading material covering a wide range of topics (from rootkits, to patchguard and now pwning OSX). In fact - I will admit - I favor uninformed.org over just about any other...
  • Indeed we do . . .

    On national 'Talk Like a Pirate' day I think we should all take a moment to reflect on how we address pirates every day: http://www.dieselsweeties.com/shirts/buccaneer-americans/
  • Office 2003 SP3 RTW's!!!!

    If you are running Office 2003, please install service pack 3 NOW. If you are hesitant, I encourage you to please . . . think of the kittens. Here's the download URL: http://www.microsoft.com/downloads/details.aspx?FamilyId=E25B7049-3E13-433B-B9D2-5E3C1132F206&displaylang...
  • Cool shirt - I want one. :)

    Ahem. :) http://www.splitreason.com/productdetail.php?id=468
  • Blue Monster - Change the world or go home!

    So I was not aware of the 'Blue Monster' phenomenon within Microsoft or how it even started . . . but its awesome and a surprisingly acccurate summation of the attitude and motivation of most employees I know! Well now it looks like we'll have our...
  • Skype worm - Microsoft AV write-up

    So our MSAV folks have been working really hard this year to come on-line and our external virus encyclopedia is finally starting to kick ass! Here's a link to our write-up of the Skype worm you may have read about recently: http://www.microsoft.com...
  • Sweep the leg Johnny!

    Man - first the Transformers movie, and now this: http://www.sweeptheleg.com/ Just goes to show you're never too old to have a great childhood! Seriously though - Karate kid came out when I was a kid and I've seen it . . . well more times than...
  • Hacked by Chinese? (again)

    " Hacked by Chinese " - a phrase made popular back in 2001 by the now infamous Code Red worm . For many this was the first time the words 'hacking' and 'China' came to be associated with each other. It is with that in mind that I give you this interesting...
  • I can feel it coming . . .

    Okay - it’s as if someone got inside my head and decided to make a commercial out of what’s playing in there all day every day. It was sort of . . . terrifying (for me) . . . to see my inner psyche so accurately portrayed like this: http://www.aglassandahalffullproductions...
  • NSA@Home

    Okay this is hilarious: http://nsa.unaligned.org/
  • Mr. Bean - 733t h4x0r!!??

    I dunno why I find this so funny - probably because Mr. Bean - well that's just comedy at its finest right there!. :) http://blog.spywareguide.com/2007/09/compromised_emails_lead_to_ie.html Make sure you read through to the end. :)