It has been quite some time since I updated this blog, I will try to update the blog in the next weeks, with a few details what I was up to during the last months.
Let's start with the more important stuff, I got into AV Research again =) The output of which will hit the public in the next months, be warned there will be a flood of advisories :D
Together with Sergio Alvarez I gave a talk @ Hack.lu 2007. This year we explained what the heck is up with Anti-Virus software. We revisited the way AV solutions are implemented in current Company networks and AV Engines themselves. Defense in Depth is being misinterpreted and incorrectly implemented with disatrous effects. Customers (end-users of AV Software) believe they do DiD when in reality they do not, this is an important fact to keep in mind.
Rough Break-down of the Talk :
Vulnerability Spotlight: Certificate Validation Flaw in Apple macOS and iOS Identified and Patched - Most people don't give much thought to what happens when you connect to your bank's website or log in to your email account. For most people, securely conn...
2 hours ago