Fingerprinting 802.11 Implementations via Statistical Analysis of the Duration Field - [Paul] - By none other than Johnny Cache, a fantastic paper.
Safe Porn Browsing - [Larry] - How does onen browse for porn safely?
Local Root Exploit For OS X - [Paul] - and it works, really well, giving you a root shell. According to the comments released in the latest exploit, it works on a fully patched Mac OS X 10.3 system. A good write-up from Matasano ( By Dino Dai Zovi, the researcher who discovered this bug and also the author of our favorite wireless hacking tool Karma).
OS X 10.4.8 is out, holy patches!!!! - [Paul] - Many more patches have been released for OS X.
Global Hotspots Violate ISP agreements - [Paul] - So, maybe sharing your internet connection via FON wasn't such a good idea after all! Doh!
Nokia Phone Unlock - [Paul] - Sweet little hack to unlock a phone.
Top 11 Computer Attacks Against Celebrities - [Paul] - My favorite: "Hasslehoffed: This Germany-based virus is actually very popular in that country, as it plays continuous loops of David Hasslehoff's greatest hits."
Full Details on the SSdeep forensics tool have been released - Certain helps determine if someone has made minor changes, came to me when discussing md5 has collision, not that this will help that, but a cool tool none the less!
30 0Day flaws found in Firefox at Toorcon - [Paul] - One was released, all should be patching in the coming weeks. UPDATE: Researchers back off their claim that that found 30 vulnerabilities and admit that they can only crash browsers, not execute code. Full Story
Pact With The Devil - [Paul] - The basic premise is that you get access to someone's personal information, then blackmails you, threatening to rat you out. Fun stuff!
Threat Update From ISC - [Paul] - 0Day for firefox, upgrade to OpenSSH 4.4, and a PHPMyadmin bug pointed out all by Lenny Z. I hope that OS X updates OpenSSH as well, as I believe it is the same codebase.
Forensics Wiki Picking Up Steam - [Paul] - Does anyone use this resource on a regular basis? Supposed to be some good stuff, and have picked up a good amount of content recently.
ZERT releases VML patch - [Larry] - ...for Windowes 98!
BeEF - Browser Exploitation Framework - [Paul] - An entire framework dedicated to browser exploits and XSS.