Home page logo
  • Nmap Security Scanner
  • Security Lists
  • Security Tools
  • Site News
  • Advertising
  • About/Contact
  • Sponsors:





/
dailydave logo
Daily Dave Mailing List

This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

List Archives

Jan–MarApr–JunJul–SepOct–Dec
20127045
2011401139087
201086685556
200914314612974
2008161136252134
2007324209176193
2006270220315318
2005352399408281
2004247204294361
200384

Latest Posts

New INFILTRATE 2012 Movie is up! With surprise introduction by Halvar! Dave Aitel (May 14)
OH: "So....static analysis! Let's talk about it!" (Long pause follows.)

That's pretty much straight out of most parties I go to! Luckily, there
are a few people who can go into static analysis to great levels of
depth, and some of them give talks at INFILTRATE. :>

http://www.immunityinc.com/infiltratemovies/movies/JulienVanegue.mp4

-dave

Re: Mobile Phone Security Survey Hamid (May 14)
There were some issues regarding some optional questions that has been
marked as mandatory mistakenly. Thanks to quick feedbacks they are
fixed now.

Hamid

Mobile Phone Security Survey Hamid (May 11)
Hello DD!

Few weeks ago I had a writeup about (in)security trends in mobile phones
and now I've reached to a point that I need results of a survey to
validate and confirm some facts that are going to be covered in paper.

I would appreciate your help by participating in this survey, or be even
more awesome and spread it among your friends that are not security geeks!

Survey link:

http://goo.gl/pQO02

Thank you!
Hamid

With a real team, it's not about the numbers Dave Aitel (May 01)
I find articles like the recent one in Forbes
<http://www.forbes.com/sites/andygreenberg/2012/03/21/meet-the-hackers-who-sell-spies-the-tools-to-crack-your-pc-and-get-paid-six-figure-fees/>
quite funny in a way - and likewise talks about "rootite" and bug mining and so forth. Part of this is because
philosophically I know that teams who focus on the money tend to lose. Obviously you need a lot of money to get things
done in...

72 hours Shari Bermudez (Apr 26)
Just a reminder that there are only 72 business hours remaining before
registration closes for the WebHacking and Master training classes.
Sign up today. Call 786-220-0600 or email training () immunityinc com
The 20% discount offer for re-tweeting still stands.

http://immunityinc.com/education-currentschedule.shtml

Spooked at RSA 2012 Dave Aitel (Apr 26)
So we put my RSA 2012 talk up, along with the comments from the viewers that RSA collected.

I 100% agree with every comment in the feedback form, which include such bon mots such as "You reek of pride". Frankly,
I am quite proud of what the offensive community has been able to do over the last ten years. And I was a bit hurried
during the actual talk (the one below is from my 6am-dry-run-in-hotel-room since they didn't record...

What's happening at SyScan'12 Singapore Thomas Lim (Apr 25)
Dear Dailydave readers

Do you know what's going to happen at SyScan'12 Singapore next week?

BEER, BEER, BEER, BEER, BEER, BEER, BEER, BEER....

13 AWESOME SPEAKERS:
a. Stefan Esser (i0n1c)
b. Chris Valasek (nudeaberdasher)
c. Tarjei Mandt (kernelpool)
d. Alex Ionescu
e. Edgar Barbosa (0pC0de)
f. Jon Oberheide
g. Brett Moore (antic0de)
h. James Burton (Jayji)
i. Seung Jin Lee (Beist)
j. Ryan MacArthur (Backpacker)
k. Loukas (snare)
l....

Save yourself 20% by tweeting Shari Bermudez (Apr 23)
Want to come to our June Master or WebHacking class but do not want to
pay full price? You can save yourself 20% in ~5 minutes by following
these simple steps:

(1) If you are not already doing so, follow us on Twitter @immunityinc
and/or @infiltratecon.

(2) ReTweet this tweet from today: "RT and receive 20% off June
training classes when you sign up before 4/27! ow.ly/asvSG e-mail
admin () immunityinc for info!"

(3) Email training...

TIME IS RUNNING OUT Shari Bermudez (Apr 20)
Time is running out to sign up for our June WebHacking and Master
Training Classes. If you are thinking about reserving your seat but
have not done so, the time to sign up is now.

_June 4-6, 2012 - WebHacking Class: _
Immunity's WebHacking course focuses on understanding common web
hacking techniques by having students exploit vulnerable systems.
Security professionals with some hands on web hacking experience will
get the most out of...

RIT! Dave Aitel (Apr 18)
Chris and Miguel are heading up to RIT today and will be around tomorrow
recruiting for Immunity. If you're at or near RIT and you want to hear
about the fun stuff they're working (which you can help work on!) then
send admin () immunityinc com <mailto:admin () immunityinc com> a quick email
and they'll vector you in! I hear there will be real wings served the
way only upstate NY knows how. I miss those wings, I have to say....

Re: CISPA == MAPP Richard Bejtlich (Apr 18)
Hi Allison,

I have a different view -- I'll try not to step on too many toes. :)

The problem is people are approaching this as a technical problem.
It's a trust problem.

The incentive is to not share. There is no incentive for a company to
tell anyone that they've been breached.

The bill in question doesn't say the government is entitled to your
information. They're trying to improve the incentives for companies
to...

Hack Cup 2012 Nicolas Waisman (Apr 18)
Immunity is excited to announce our third annual Hack Cup this year in
Las Vegas! As always, it will be held on the first day of DefCon (July,
27th).

Anyone interested in playing indoor soccer is welcome to join! The
dynamic will be the same as previous years:

o The tournament will go from 9:00-13:00.

o We will have 12 teams of five players each, playing 15-minute matches
in four different groups. We recommend that you have at least 2-5...

DC Saturday night drinks! Dave Aitel (Apr 17)
So Justine and I will be bar hopping somewhere near Dupont Circle
Saturday night (possibly for only one hop :>). If you want to hang out
and discuss the intricate details of Buffy the Vampire Slayer, then
catch me on Twitter (@daveaitel) and I'll vector you in.

*Oz*: We should figure out what kinda deal this is. I mean, is it
a-a gathering, a shindig or a hootenanny?
*Cordelia*: What's the difference?
*Oz*: Well, a...

Re: CISPA == MAPP allison nixon (Apr 17)
Every truly meaningful resource of shared knowledge we use- public
blacklists, CVE, open source tools- none of them came about due to a law
mandating them.

Swift coordination between companies to respond to new threats is a
technical problem and not a legal problem. The incentive to share is there,
and sharing systems are getting better over time without government "help".

I welcome any information sharing from the government but I...

CISPA == MAPP Dave Aitel (Apr 17)
So votes are coming up for CISPA
<http://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act>
and I think it's a good time to look into the state of the "Cyber
Politico Arena". In other words, Lieberman had a bill that actually
SOLVED A PROBLEM. It was focused on critical infrastructure protection,
gave DHS the ball, and told everyone to help them run with it.

That said, it was one of those "immensely...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]