Welcome to MSDN Blogs Sign in | Join | Help

Eric Jarvi

the bug stops here

security (RSS)

2008 Pwnie Award Nominees
The Pwnie Awards are like Blackhat's version of the SANS Top 20 . Categories include Best Client-Side Bug, Best Server-Side Bug, Most Epic FAIL, Mass Øwnage, etc... Check it out at: http://pwnie-awards.org/2008/awards.html Read More...
ch-ch-ch-ch-changes
One big change that I haven't posted about yet was my transition from Visual Studio Diagnostics to Office Security a few months ago. Here's an article published yesterday in "Dark Reading" that covers my team and the pen test system we're building: Microsoft Read More...
security & perf videos
J.D. Meier has posted a decent index of videos covering performance testing, ASP.NET 2.0, and VSTS: http://blogs.msdn.com/jmeier/archive/2007/11/22/videos-security-performance-testing-and-visual-studio-team-system.aspx Read More...
Information Assurance
The Unintended Consequences of the Information Age Lecture Series: Our Infrastructures: Online and Vulnerable? Jointly sponsored by The Center for Information Assurance and Cybersecurity, UW-INSER, the MS Program in Strategic Planning for Critical Infrastucture, Read More...
Patterns & Practices Security Videos
"Click Here" http://blogs.msdn.com/jmeier/archive/2007/03/24/patterns-practices-security-videos.aspx Read More...
drive-by pharming
I'm preaching to the choir here, but if your wireless router still has the default password you might want to do something about it. Locally grown: Good! Drive-by Pharming: Baaaaddddd. http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_pharming_how_clicking_1.htm Read More...
Michael Howard on the Silver Bullet Security Podcast
Here's the link... http://www.cigital.com/silverbullet/show-006/ Read More...
CERT Secure Coding Standards
"This web site exists to support the development of secure coding standards for commonly used programming languages such as C and C++. " https://www.securecoding.cert.org/confluence/display/seccode/CERT+Secure+Coding+Standards Read More...
MSRC Stories
This article has an interesting peek into life at the Microsoft Security Response Center: http://redmondmag.com/features/article.asp?EditorialsID=616 "I'm at the shop and over the radio I hear: 'The Internet was taken down today by a worm affecting SQL Read More...
computer security rant of the day
Exercise your mind: Let me introduce you to the six dumbest ideas in computer security. What are they? They're the anti-good ideas. They're the braindamage that makes your $100,000 ASIC-based turbo-stateful packet-mulching firewall transparent to hackers. Read More...
port 25 is open on port 80
Here's an interesting blog to watch courtesy the Open Source Software Lab @ Microsoft - http://port25.technet.com/ (for RSS - http://port25.technet.com/rss.aspx ) Read More...
bluehat links
Some good links if you want to check out some of the speakers and topics addressed at the last Microsoft bluehat conference: http://blogs.technet.com/bluehat/archive/2006/03/21/422707.aspx Read More...
running with least privilege
"In the ongoing battle to fight internal and external threats on the corporate desktop, IT staffers may be forgetting one very potent weapon in their arsenal—system lockdown." http://www.thechannelinsider.com/print_article2/0,1217,a=166172,00.asp If you Read More...
development related security tools at SecureWorld
There were two vendors at SecureWorld conference today in Bellevue that might be worth checking out if you are looking for developer/tester related security products. They should also be there tomorrow as well - free registration if you are just walking Read More...
Reducing Browser Privileges
"a simple yet little-known approach exists for users to avoid many of these vulnerabilities in any web browser" http://www.securityfocus.com/infocus/1848 Read More...
More Posts Next page »
Page view tracker