Month: July 2007

OSVDB Search Tips & Tricks

[This was originally published on the OSVDB blog.] I should have started a series of these posts long ago. One of the more frustrating parts of most VDBs is the lack of a helpful search function. Searching for some products (SharePoint) is easy enough, as the name is distinct and not likely to find many…

July 23, 2007
What The Hell Was He Thinking?

[This was originally published on attrition.org. It was written by Lyger and Jericho.] For those who haven’t heard, a recent data loss incident involving the Louisiana Board of Regents was recently disclosed to the media. In short, about 80,000 Social Security numbers were inadvertently exposed over the internet, and the media seemed to be very quick in…

July 20, 2007
This blog is pretty!

[This was originally published on the OSVDB blog.] Ran across a post on Dancho Danchev’s blog about information visualization. I’ve seen these types of graphical renderings/representations of everything from “the internet” to web sites. In the past they have been part of presentations or been created with tools that weren’t public. Now, Texone is offering…

July 16, 2007
Scrubbing the Source Data

[This was originally published on the OSVDB blog.] A few months ago, Jeff Jones at CSO Online blogged about “Scrubbing the Source Data”, talking about the challenges of using vulnerability data for analysis. Part 1 examined using the National Vulnerability Database (NVD) showing how you can’t blindly rely on the data from VDBs. In his…

July 15, 2007