Bil Corry · Mar 17, 2010 · 7:01 AM UTC

Bil Corry

Bil Corry @bilcorry

17 Mar 2010

A five-line Python script finds 20 critical security vulnerabilities in Apple's Preview application http://is.gd/aLvDi (via @wkandek)

Bil Corry · Mar 17, 2010 · 6:42 AM UTC

Bil Corry @bilcorry

17 Mar 2010

RT @hypatiadotca: RT @thorstenholz: Twitter Spamdetector Service: http://bit.ly/bC7HFG (see @spamdetector) - please RT

Bil Corry · Mar 17, 2010 · 6:33 AM UTC

Bil Corry @bilcorry

17 Mar 2010

"Top Ten particularly well crafted [targeted malware] messages of 2009-2010" http://is.gd/aLumN

Bil Corry · Mar 17, 2010 · 12:11 AM UTC

Bil Corry @bilcorry

17 Mar 2010

Replying to @jeremiahg

@jeremiahg This is probably as close as to 'delete' for MySpace as you're going to get: http://suicidemachine.org/

Bil Corry · Mar 16, 2010 · 9:16 PM UTC

Bil Corry @bilcorry

16 Mar 2010

Note to self, do not send fake Facebook password reset emails to phishing-report@us-cert.gov when the email contains malware - it bounces

Bil Corry · Mar 16, 2010 · 3:05 PM UTC

Bil Corry @bilcorry

16 Mar 2010

New IETF list 'certid' - verify the identity of application servers in TLS transactions http://is.gd/aKDaK (I-D http://is.gd/aKDlo)

Bil Corry · Mar 16, 2010 · 12:52 AM UTC

Bil Corry @bilcorry

16 Mar 2010

RT @jeremiahg: Bay Area WASC Meet-Up Tomorrow Night (Mar. 16 @ 6pm) at FireHouse in Downtown Sunnyvale. - http://bit.ly/bcAx5J

Bil Corry · Mar 16, 2010 · 12:50 AM UTC

Bil Corry @bilcorry

16 Mar 2010

RT @miscsecurity: SiliSec, Silicon Valley's Security Meetup, is this Thursday. http://bit.ly/c529rv

Bil Corry · Mar 15, 2010 · 6:21 AM UTC

Bil Corry @bilcorry

15 Mar 2010

"I don't understand the connection between CSRF and what the site superadmin is doing. " <- More security education needed for developers

Bil Corry · Mar 14, 2010 · 5:13 AM UTC

Bil Corry @bilcorry

14 Mar 2010

RT @lithium: Cyber-criminals don't need technical skills - http://bit.ly/90wUV7 "The three men, authorities said, were no computer geniuses"

Bil Corry · Mar 14, 2010 · 5:11 AM UTC

Bil Corry @bilcorry

14 Mar 2010

Stanford research: "Automated Black Box Web Application Vulnerability Testing" http://is.gd/ayEeF Paper to be published later this year.

Bil Corry · Mar 14, 2010 · 4:50 AM UTC

Bil Corry @bilcorry

14 Mar 2010

RT @gollmann: RT @rgaucher: "Haven't found that software glitch, Toyota? Keep trying" - http://bit.ly/dpiLrl <- crazy subtle bugs e.g. 2+2=5

Bil Corry · Mar 13, 2010 · 7:45 PM UTC

Bil Corry @bilcorry

13 Mar 2010

RT @mckt_: RT: @0x6D6172696F: "Strokejacking" - valid name :D http://lcamtuf.coredump.cx/focus-webkit/ Indeed amusing PoC by Michal Zalewski

Bil Corry · Mar 13, 2010 · 6:35 PM UTC

Bil Corry @bilcorry

13 Mar 2010

RT @gollmann: Why DRM doesn't work... http://www.bradcolbow.com/archive.php/?p=205

Bil Corry · Mar 12, 2010 · 6:10 PM UTC

Bil Corry @bilcorry

12 Mar 2010

RT @jeremiahg: XSS PW theft http://bit.ly/bYx5cK slashdot http://bit.ly/b0jQaB FIX bugzilla http://bit.ly/dbhzOY PoC http://bit.ly/bg8Qpk

Bil Corry · Mar 12, 2010 · 4:26 PM UTC

Bil Corry @bilcorry

12 Mar 2010

RT @ebellis: interesting business logic abuse use case: verifying bank acct numbers through micro transfers http://bit.ly/9AiDMy #SilverTail

Bil Corry · Mar 12, 2010 · 4:22 PM UTC

Bil Corry @bilcorry

12 Mar 2010

U-Prove offers improved privacy in financial transactions http://is.gd/am6KW

Bil Corry · Mar 12, 2010 · 4:05 PM UTC

Bil Corry @bilcorry

12 Mar 2010

RT @miscsecurity: 10 ways you COULD be breaking the law with your computer http://bit.ly/bTPXVX <- No. 9 sends innocent people to jail

Bil Corry · Mar 12, 2010 · 6:08 AM UTC

Bil Corry @bilcorry

12 Mar 2010

Digg moving from MySQL to Cassandra to improve performance and scalability http://is.gd/aiCd7 (Cassandra: http://is.gd/aiDlt)

Bil Corry · Mar 11, 2010 · 5:39 PM UTC

Bil Corry @bilcorry

11 Mar 2010

RT @jeremiahg: RSAC slides posted, "2010: A Web Hacking Odyssey - Top Ten Hacks of the Year" http://bit.ly/b7yz8Q