For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.
About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.
There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
4 March 2015 - Hunk is able to process any data format that has a RecordReader a.k.a pre-processor. In previous posts, we showed you how to use pre-processors to search image data with Hunk and how you can write your own RecordReader. In this post, you’ll learn how you can use existing Hadoop RecordReader&…
2 March 2015 - One of the great things about Splunk is that it is such a powerful platform that can be used in many different ways (see Splunk at Nordstrom Part 2: Nordstrom and Mobile POS), so you can get the most bang for your buck. At Nordstrom, Splunk was initially used to monitor website performance – page…
26 February 2015 - We’re back with the latest installment of our .conf2014 highlight series. Today, we revisit one of our most popular sessions of last year’s conference, “What’s New in Search Head Clustering.” Skill Level: Intermediate Solution Area: Deploying Splunk Splunk: Splunk E…
26 February 2015 - Hello Splunk community and welcome to the 12th installment of Smart AnSwerS. I had just come back from eating lunch and what do I find 10 feet away from my desk? Over 15 boxes of leftover pizza from a meeting of course. I fight the urge to grab a slice or five and I take a break for the gym instea…
25 February 2015 - If you’re heading to Mobile World Congress this year, be sure to visit us at booth 8.0I27 in Hall 8.0! Over the past two decades, Mobile World Congress has become THE event where companies – including communications service providers, makers of next-generation mobile devices and mobi…
4 March 2015 - Just released:Snort Subscriber Rule Set Update for 03/03/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 29 new rules and made modifications to 16 additional rules. There were no changes made to the snort.conf in this release. Talos woul…
2 March 2015 - Snort++ build 140 is now available. This is the second monthly update of the downloads. You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.Continued code sync with Snort 2.9.7:sync 297 http xff, swf, and pdf updatessync ftp with 297; replace strea…
26 February 2015 - One of the major undertakings for Snort 3.0 is developing a completely new HTTP inspector. It is incomplete right now but you can examine the work-in-progress. You can configure it by adding: new_http_inspect = {}to your snort.lua configuration file. Or you can read it in the source code under sr…
26 February 2015 - Just pushed build 139 to github (snortadmin/snort3):sync 297 http XFF, SWF, and PDF updatesadditional http_inspect cleanupdocumented gotcha regarding rule variable definitions in Lua…
26 February 2015 - Just released:Snort Subscriber Rule Set Update for 02/26/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 43 new rules and made modifications to 199 additional rules. There were no changes made to the snort.conf in this release.Talos's ru…
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
