- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
- Vuln: Multiple Horde Products Cross-Site Scripting Vulnerabilities and File Overwrite Vulnerability
- Vuln: Mod_Perl Path_Info Remote Denial Of Service Vulnerability
- Vuln: Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
- Vuln: FreeBSD 'fifo_vnops.c' Resource Leak Local Denial of Service Vulnerability
- Vuln: Citrix NetScaler and Access Gateway Denial Of Service Vulnerability
- Vuln: PDFLib 'open_basedir' Restriction Bypass Vulnerability
- Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
Search
Search Result
-
Interesting Information Security Bits for 11/06/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. I can't remember if I pointed to part one of this, but I think I did. ...Friday, 06 November 2009 -
Festi botnet is growing and is the fifth botnet
Category: Network Security & Hacking News/Latest Security News
... with .cn domains in use that lead to a Canadian Pharmacy web site, and replica watches, with mostly .com domains in use. Read Full Article ...Friday, 06 November 2009 -
Web application security testing tool Websecurify 0.4 RC1 released
Category: Network Security & Hacking News/Latest Security News
Websecurify is a Web application security testing tool which automatically identifies vulnerabilities by using advanced scanning and fuzzing technologies. The key improvements in version 0.4 RC1 ... Websecurify ...Friday, 06 November 2009 -
Best of Application Security (Friday, Nov. 6)
Category: Network Security & Hacking News/Latest Security News
... Security 2009 will be selected! Another fine method to exploit SQL Injection and bypass WAF Security and Facebook Platform When Is More Important Than Where in Web Application Security Apple - XSS Attack ...Friday, 06 November 2009 -
Poking at Google's new privacy Dashboard
Category: Network Security & Hacking News/Latest Security News
... Web search history, among other tasks. Google said it ... Google this week unveiled a new feature called Dashboard, intended to give users a way to view -- and in modest ways limit -- the breadth of ...Friday, 06 November 2009 -
Singe sign-in gains ground
Category: Network Security & Hacking News/Latest Security News
There seems to be a persisting problem: how to remember the passwords to all the websites you use and that require you to login? For myself, I chose to use a password manager and have just one passwor... ...Friday, 06 November 2009 -
Fragus exploit pack’s pricy business model locks users in
Category: Network Security & Hacking News/Latest Security News
... by cybercriminals to enable users to set up attack websites. Their latest findings have identified an effort by the toolset writers to clamp down on The $800 attack toolkit comes with a self-destruct ...Friday, 06 November 2009 -
Facebook and Myspace bolt Flash backdoors
Category: Network Security & Hacking News/Latest Security News
The social networking sites had both been overgenerous in giving out access rights to their servers As a result, Flash applets hosted on a malicious website would have been able to read all Facebook data ...Thursday, 05 November 2009 -
Google closes vulnerabilities in Chrome 3
Category: Network Security & Hacking News/Latest Security News
Google has released version 3.0.195.32 of Chrome, a security update that addresses a high risk vulnerability in its WebKit-based browser Google has released version 3.0.195.32 of Chrome, a security update ...Thursday, 05 November 2009 -
Interesting Information Security Bits for 11/05/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. There is some truth in this post. A corollary is the mommy/daddy principle. ...Thursday, 05 November 2009 -
DoJoSec meeting - November 5th
Category: Network Security & Hacking News/Latest Security News
... Web Applications". This is something similar to the presentation he will give next week at OWASP Appsec DC 09 in that it has the same title. However, tonight's presentation will not be the same ...Thursday, 05 November 2009 -
Video: Web application scanning with credentials using Nessus
Category: Network Security & Hacking News/Latest Security News
Learn how to configure Nessus to use credentials and login into a web application to scan with CGI generic tests. ... Learn how to configure Nessus to use credentials and login into a web application ...Thursday, 05 November 2009 -
Flock 2.5.5 addresses security issues
Category: Network Security & Hacking News/Latest Security News
The Flock developers have released version 2.5.5 of their social web browser based on Firefox 3, addressing several security issues in its browser core and included components The Flock developers have ...Thursday, 05 November 2009 -
Lose/Lose: Kill an Alien, Delete a File
Category: Network Security & Hacking News/Latest Security News
... game itself will be deleted. This interesting consequence of the game is clearly stated in Gage’s website where the game can be downloaded. Gage describes his creation as a means to answer ...Wednesday, 04 November 2009 -
Sun Alert 272230 Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlRun.pm" and "Status.pm" May Lead to Denial of Service (DoS) or Unauthorized Access to Data
Category: Network Security & Hacking News/Global Security News
Product: Solaris 10, OpenSolarisTwo security vulnerabilities exist in the Apache 2 mod_perl2(3) module components which affect the Apache 2.0 web server bundled with Solaris 10 and the Apache 2.2 web server ...Wednesday, 04 November 2009 -
darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit "New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're looking for"
Category: Network Security & Hacking News/Latest Security News
darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're ...Wednesday, 04 November 2009 -
Interesting Information Security Bits for 11/04/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. Be careful. It doesn't appear that it is very hard to turn you Windows ...Wednesday, 04 November 2009 -
Vuln: Pablo Software Solutions Baby Web Server Multiple Request Remote Denial of Service Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Pablo Software Solutions Baby Web Server Multiple Request Remote Denial of Service Vulnerability Read Full Article ...Wednesday, 04 November 2009 -
SnapNames: Former exec. bid up domain prices
Category: Network Security & Hacking News/Latest Security News
SnapNames, the largest reseller of Web site names, Wednesday alleged that a former top executive secretly bid on tens of thousands of domain name auctions over the past four years, driving up costs for ...Wednesday, 04 November 2009 -
Programming the Semantic Web (Paperback) newly tagged "programming"
Category: Network Security & Hacking Products/Programming
Programming the Semantic Web (Paperback) By Toby Segaran Buy new: $26.40 44 used and new from $19.19 Customer Rating: First tagged "programming" by David B. ...Wednesday, 04 November 2009 -
Business e-banking and the 6-figure password
Category: Network Security & Hacking News/Latest Security News
... had previously thought). A few weeks ago, an American Realty employee clicked a link in an e-mail scam that spoofed an IRS alert about unreported income. The Web site linked to in that message quietly ...Wednesday, 04 November 2009 -
Is it phish, or is it Amex?
Category: Network Security & Hacking News/Latest Security News
... to their Website, I notice that there is now an “Account Alerts” function. It may have been there for a while: I don’t know, since I’ve never used it. Since I’ve never used ...Wednesday, 04 November 2009 -
darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit "New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're looking for"
Category: Network Security & Hacking News/Latest Security News
darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're ...Wednesday, 04 November 2009 -
3 Tips to Improve Your Organization’s Application Security
Category: Network Security & Hacking News/Latest Security News
... alone! More web applications are being developed which means more targets for the attackers. The threats are data loss, regulatory and legal issues, a loss of customer confidence, a loss of system/network ...Wednesday, 04 November 2009 -
Intelligence agency hit by DoS attacks
Category: Network Security & Hacking News/Latest Security News
According to The Local, Sweden is seeing her share of cyber disruptions and attacks this last few days. First a technical error blocked access to hundreds of Swedish websites for half an hour, then t... ...Wednesday, 04 November 2009 -
Java 6 Update 17 fixes multiple security vulnerabilities
Category: Network Security & Hacking News/Latest Security News
Various buffer and integer overflows triggered by crafted audio and image files allow Java applets and 'Java Web Start' applications to escalate their privileges Various buffer and integer overflows ...Tuesday, 03 November 2009 -
st0rke
Category: Network Security & Hacking News/Latest Security News
... sent to him never got a reply. If it is in fact true, the story about str0ke, I am sadden to hear it, and I send my condolences to his family, wide and 4 kids. - Let the experts make sure your website ...Tuesday, 03 November 2009 -
Interesting Information Security Bits for 11/03/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. A few days ago I pointed out an article that discussed some issues with ...Tuesday, 03 November 2009 -
Tis the Season for Christmas Spam! Fa La La La La…
Category: Network Security & Hacking News/Global Security News
... a Christmas theme to trick users into visiting malicious websites. Spammers must be trying to beat retailers to the advertising It didn’t take long for spammers to change from Halloween lures ...Tuesday, 03 November 2009 -
Facebook Phishing Campaign Pushes ‘Cocktail’ Attack
Category: Network Security & Hacking News/Global Security News
We have already discussed the Facebook phishing campaign. Now the scammers are using the phishing campaign not just for spamming but also for a cocktail attack. The scammers have targeted Facebook, telling ...Tuesday, 03 November 2009 -
Vuln: Roundcube Webmail Background Attributes Email Message HTML Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Roundcube Webmail Background Attributes Email Message HTML Injection Vulnerability Read Full Article ...Tuesday, 03 November 2009 -
Vuln: Roundcube Webmail index.PHP Cross-Site Scripting Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Roundcube Webmail index.PHP Cross-Site Scripting Vulnerability Read Full Article ...Tuesday, 03 November 2009 -
Video: Web App Scanning With Credentials Using Nessus
Category: Network Security & Hacking News/Latest Security News
Scanning web applications that require credentials can be a bit tricky as different applications may handle the authentication process in different ways. Nessus has configuration options that will allow ...Tuesday, 03 November 2009 -
Video: Web App Scanning With Credentials Using Nessus
Category: Network Security & Hacking News/Latest Security News
Scanning web applications that require credentials can be a bit tricky as different applications may handle the authentication process in different ways. Nessus has configuration options that will allow ...Tuesday, 03 November 2009 -
Video: Tenable Appliance Installation & Configuration
Category: Network Security & Hacking News/Latest Security News
The Tenable Appliance is an easy way to get up and running quickly with Tenable products such as Nessus and Security Center. The Tenable Appliance is a virtual machine image that is compatible with: VMware ...Tuesday, 03 November 2009 -
Video: Tenable Appliance Installation & Configuration
Category: Network Security & Hacking News/Latest Security News
The Tenable Appliance is an easy way to get up and running quickly with Tenable products such as Nessus and Security Center. The Tenable Appliance is a virtual machine image that is compatible with: VMware ...Tuesday, 03 November 2009 -
The missing letter that links Fake AV and Extreme Porn
Category: Network Security & Hacking News/Global Security News
... being abused at the moment and spotted this spelling error; “Acess” in the broken english phrase taken from the terms of service of a FakeAV website: “If acess services is unavailable ...Tuesday, 03 November 2009 -
Ask the social engineer: Practice
Category: Network Security & Hacking News/Latest Security News
One reader wrote in asking: How can one practice social engineering before using it in the wild? Answering is Chris loganWHD Hadnagy, the lead social engineer and developer of the webaposs officia... ...Tuesday, 03 November 2009 -
Symantec patches Altiris solutions
Category: Network Security & Hacking News/Latest Security News
The web-based management servers install a vulnerable ActiveX control in Internet Explorer that allows attackers to inject and execute arbitrary code in a client The web-based management servers install ...Tuesday, 03 November 2009 -
Wave Federation Begins
Category: Network Security & Hacking News/Latest Security News
Google has begun allowing private Wave servers to connect to its Wave Sandbox, opening up the development of private collaboration servers Google has begun allowing private Wave servers to connect to ...Tuesday, 03 November 2009 -
Tentative Speaker List for SANS Incident Detection Summit
Category: Network Security & Hacking News/Latest Security News
Thanks to everyone who attended the Bejtlich and Bradley Webcast for SANS yesterday. We recorded that Webcast audio is now available) to start a discussion concerning professional incident detection. ...Tuesday, 03 November 2009 -
Elite Loader Goes Public
Category: Network Security & Hacking News/Latest Security News
A few days ago, I got access to the source code of the well-known Elite Loader for free. Yes. It was published on one of the Russian underground forums. It even had a detailed description and screenshots ...Monday, 02 November 2009
Site Search
Login Form
Sponsor Advertisements
 |