IE zero-day flaw leaks out; Exploit code published
Using obvious clues from a McAfee blog post, an Israeli hacker was able to pinpoint the latest Internet Explorer zero-day vulnerability and create working exploit code. The exploit code, which provides a clear roadmap to launch drive-by download attacks against IE 6 and IE 7 users, is being fitted into the Metasploit point-and-click tool.
Another case that shows how difficult it is for reasonable and informative disclosure, yet not giving away the attack like this.
On a side note, am looking forward to trying this out from Metasploit... 
[via ZDNet]
Before and After you join a company
Saw this at Biggy Heady, too funny not to share 
Translated loosely from a Chinese blog post (http://drjimdiary.blogspot.com/2009/06/blog-post.html)
Before you join the company …
Boss: Welcome! Office without you sure will looks different!
Employee: If I am too tired working, I may just quit.
Boss: Don’t worry about that, I won’t let it happens.
Employee: Can I rest on weekends?
Boss: Of coz! That’s the bottom line of our company policy.
Employee: Do we need to OT till midnight?
Boss: No way, Who told you that?
Employee: Do we have meal allowance?
Boss: Needless to say, its definitely higher than other companies.
Employee: Is it possible that I will work till death?
Boss: No, why are you thinking in that way?
Employee: Will the company organize overseas trip for us?
Boss: It’s part of our company policy!
Employee: Do I need to come to work on time?
Boss: No, it depends.
Employee: How about salary, always paid on time?
Boss: Always!
Employee: Will the new hire got to do all the jobs?
Boss: How can that be possible? There are many seniors staff above you.
Employee: Will I get a chance if there is vacancy for management position?
Boss: No question about it, that’s how the company survived.
Employee: You are not lying to me are you?
After you join the company, just read in reverse order …
Troubleshooting Splunk
Have been fiddling around with Splunk lately. Splunk's a really good tool to use for log collection and analysis (and that's oversimplifying it, I believe it can even do event correlation...), which really made my love for data mining go crazy of late:P Best part is that it has a perpetual free license, nice!
One of the things I encountered when using Splunk was that it didn't seem to be indexing all the log files that it was set to monitor. After some reading up and experimenting the reason became clear: Splunk will not work properly if you set it to monitor too many files.
How many is too many? For example, setting it to monitor a logfile directory which only has one active log and 100+++ rotated logs, is too many. What should be done instead is to set it to monitor the active logfile only, and use oneshot adding of the other logfiles to the index you want.
Gonna do some more sharing/writeups about this crazily great tool. There's really a lot that this thing can do man.