Search

Search Keyword exploit Total: 51 results found.

Search Result

  1. Best of Application Security (Friday, Nov. 6)

    Category: Network Security & Hacking News/Latest Security News

    ... Security 2009 will be selected! Another fine method to exploit SQL Injection and bypass WAF Security and Facebook Platform When Is More Important Than Where in Web Application Security Apple - XSS Attack ...
    Friday, 06 November 2009
  2. Exploitation of online banking credentials on the rise

    Category: Network Security & Hacking News/Latest Security News

    Within the last several months, the FBI has seen a significant increase in fraud involving the exploitation of valid online banking credentials belonging to small and medium sized businesses. In a ... ...
    Friday, 06 November 2009
  3. Fragus exploit pack’s pricy business model locks users in

    Category: Network Security & Hacking News/Latest Security News

    The $800 attack toolkit comes with a self-destruct mechanism after a certain time period Security researchers at Symantec are closely monitoring the Fragus exploit pack, an $800 package of tools developed ...
    Friday, 06 November 2009
  4. Vulnerability in SSL/TLS protocol

    Category: Network Security & Hacking News/Latest Security News

    According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. The cause is TLS renegotiation-related design flaws in the protocol ...
    Thursday, 05 November 2009
  5. Backdoor access for millions of Facebook and MySpace accounts

    Category: Network Security & Hacking News/Latest Security News

    Yvo Schaap, a young Dutch application developer on Facebook, stumbled on a back door into any user account that accesses the application heaposs working on. He discovered the exploitable mistake while ...
    Thursday, 05 November 2009
  6. darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit "New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're looking for"

    Category: Network Security & Hacking News/Latest Security News

    darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're ...
    Wednesday, 04 November 2009
  7. Interesting Information Security Bits for 11/04/2009

    Category: Network Security & Hacking News/Latest Security News

    ...  Tags: ( wordpress ) Offensive Security is setting up the next iteration of milw0rm. Leaders in Online Information Security Training >> Offensive Security Exploit Archive Tags: ( milw0rm offensive-security ...
    Wednesday, 04 November 2009
  8. darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit "New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're looking for"

    Category: Network Security & Hacking News/Latest Security News

    darkReading: New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit New open-source Honeynet Project tool toys with attackers by dynamically emulating apps with the types of bugs they're ...
    Wednesday, 04 November 2009
  9. 3 Tips to Improve Your Organization’s Application Security

    Category: Network Security & Hacking News/Latest Security News

    ... developers evaluate outdated applications, for instance, will go a long way toward preventing any potential vulnerabilities from being exploited. SQL injection and XSS account for 32% of all indents ...
    Wednesday, 04 November 2009
  10. Hole in the Linux kernel allows root access

    Category: Network Security & Hacking News/Latest Security News

    A null pointer dereference in the Linux kernel can be exploited to access a system at root privilege level. The flaw has been fixed in RC6 of version 2.6.32. However, some distributions prevent the exploit ...
    Tuesday, 03 November 2009
  11. Interesting Information Security Bits for 11/03/2009

    Category: Network Security & Hacking News/Latest Security News

    ... attacks? Check out the paper that mckt wrote. It is based on his presentation at Toorcon recently. Skeptikal.org: Cross-subdomain Cookie Attacks Tags: ( webappsec exploits ) Thinking about virtualizing ...
    Tuesday, 03 November 2009
  12. iHacked: jailbroken iPhones compromised, $5 ransom demanded

    Category: Network Security & Hacking News/Latest Security News

    Yesterday a Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now! message popped up on the screens of a large number of automatically exploited ...
    Tuesday, 03 November 2009
  13. Microsoft report says more worms, vista better, file formats security

    Category: Network Security & Hacking News/Latest Security News

    ... Phishing and Automated SQL Injection Attempts are on rise. Browser Based Exploits are increasing. You can get the report @ MS Threat Center Microsoft has released their latest Security Intelligence ...
    Monday, 02 November 2009
  14. Sun Alert 270475 A Security Vulnerability in the Java Runtime Environment With Verifying HMAC Digests may Allow Authentication to be Bypassed

    Category: Network Security & Hacking News/Global Security News

    ... to forge a digital signature that would be accepted as valid. Applications that validate HMAC-based digital signatures may be vulnerable to this type of attack.Note: This vulnerability cannot be exploited ...
    Monday, 02 November 2009
  15. Sun Alert 269870 Security Vulnerability in the Java Web Start Installer May be Leveraged to Allow Untrusted Java Web Start Application to Run As Trusted Application

    Category: Network Security & Hacking News/Global Security News

    ... and execute arbitrary code. This may occur when a user opens a specially crafted web page that exploits this vulnerability. Sun acknowledges with thanks, Peter Csepely, working with the Zero Day Initiative ...
    Monday, 02 November 2009
  16. Sun Alert 269869 Command Execution Vulnerability in the Java Runtime Environment Deployment Toolkit May be Leveraged to Execute Arbitrary Code

    Category: Network Security & Hacking News/Global Security News

    ... result of a user of the Java Runtime Environment viewing a specially crafted web page that exploits this vulnerability. Sun acknowledges with thanks, an anonymous researcher working with iDefense for bringing ...
    Monday, 02 November 2009
  17. Metasploit Blends in: New MSFPayload/ENcode

    Category: Network Security & Hacking News/Latest Security News

    ... of the framework.   But before I get into the new feature, lets quickly go over the standard way you use msfencode: root@bt4:/pentest/exploits/framework3# ./msfpayload windows/meterpreter/reverse_tcp ...
    Monday, 02 November 2009
  18. Find potential exploit conditions in Microsoft Office documents

    Category: Network Security & Hacking News/Latest Security News

    OfficeCat is a command line utility developed by the Sourcefire VRT that can be used to process Microsoft Office Documents to determine the presence of potential exploit conditions in the file. Off... ...
    Monday, 02 November 2009
  19. What Windows Autorun Has Wrought

    Category: Network Security & Hacking News/Latest Security News

    ... emerged nearly a year ago, and initially it spread by exploiting a networking vulnerability in Windows. But Conficker infections soared by the millions in January with the arrival of Conficker B, which ...
    Monday, 02 November 2009
  20. Christmas Spam Spotted

    Category: Network Security & Hacking News/Latest Security News

    With Christmas just right around the corner, spammers are already flooding users' inboxes with unwanted emails. No surprises there. Spammers are known to exploit the holidays for its malicious activities. ...
    Monday, 02 November 2009
  21. Software Security Initiatives:Maturity Models, Metrics and Business Cases

    Category: Network Security & Hacking News/Latest Security News

    ... from public sources such as datalossdb.org and WHID to estimate a probability of a data loss related to a web application exploit such as SQL injection. For the impact, I will refer to a population of ...
    Sunday, 01 November 2009
  22. Finjan warns companies as China prepares for cyber-espionage

    Category: Network Security & Hacking News/Latest Security News

    ... said, discovered that some sites in the network lead to Trojan sites that exploit the users’ Web browser software by downloading the Trojan and installing it on the user desktop. Once the users’ ...
    Friday, 30 October 2009
  23. Defeating Zombies: Five Ways To Improve Defenses

    Category: Network Security & Hacking News/Latest Security News

    ... hundreds of new vulnerabilities and exploits. Organizations... Defeating Zombies Attackers have a number of avenues leading directly into your network, and more importantly, into your data. Each week ...
    Friday, 30 October 2009
  24. Trick or treat? Attackers exploit Halloween to infect users

    Category: Network Security & Hacking News/Latest Security News

    Panda Security has uncovered a new Halloween-related search engine optimization attack. With October 31 just around the corner, and many Internet users searching for issues related to Halloween, attac... ...
    Wednesday, 28 October 2009
  25. Partnerships and Procurement Are Not the Answer

    Category: Network Security & Hacking News/Latest Security News

    ...  Ok, that sounds nice. Everyone wants to foster collaboration and communication. Join hands and sing! “Government may be a late adopter, but we should be exploiting its procurement power,” said Melissa ...
    Wednesday, 28 October 2009
  26. Important security update for Opera 10

    Category: Network Security & Hacking News/Latest Security News

    According to the vendor, the update fixes an "extremely critical" vulnerability which can be exploited using crafted domain names According to the vendor, the update fixes an "extremely critical" vulnerability ...
    Wednesday, 28 October 2009
  27. Gawker Media tricked into featuring malicious Suzuki ads

    Category: Network Security & Hacking News/Latest Security News

    A group of cybercriminals have successfully managed to trick Gawker's ad sales team into featuring malicious ads serving Adobe exploits (CVE-2008-2992; CVE-2009-0927) and scareware, by impersonating a ...
    Tuesday, 27 October 2009
  28. Toata Scanning for Zen Shopping Cart with Brain File

    Category: Network Security & Hacking News/Latest Security News

    ... and then later, exploitation occurs from either another piece of code or human intervention. ToataZenBrain102709.txt Above is a link to a brain file for the Web application scanner that we produce called ...
    Tuesday, 27 October 2009
  29. Infrastructure fingerprinting via XSS

    Category: Network Security & Hacking News/Latest Security News

    Yokoso! is an infrastructure fingerprinting system delivered via XSS attack. This project contains two different parts; the fingerprints and modules for the various browser exploit frameworks. The ... ...
    Tuesday, 27 October 2009
  30. Starting IsleSec

    Category: Network Security & Hacking News/Latest Security News

    ... BeanSec up in Boston: "Unlike other meetings, you will not be expected to pay dues, "join up", present a zero-day exploit, or defend your dissertation to attend." Show up, get some wings, drink some beer ...
    Tuesday, 27 October 2009
  31. Caution advised when using the ldd system tool

    Category: Network Security & Hacking News/Latest Security News

    System tool ldd is carelessly coded - a fact which can be exploited by a resourceful attacker to execute code during an analysis System tool ldd is carelessly coded - a fact which can be exploited by ...
    Tuesday, 27 October 2009
  32. Links for 2009-10-26 [del.icio.us]

    Category: Network Security & Hacking News/Latest Security News

    ... exploit with ldd Read Full Article  ...
    Monday, 26 October 2009
  33. Web Security at CSI Annual Conference

    Category: Network Security & Hacking News/Latest Security News

    ... attacks. Yet who needs to exploit vulnerabilities when there are plenty of malicious ways to use legitimate applications, like social networking sites and microblogs. And what ... I'm participating in ...
    Monday, 26 October 2009
  34. Alleged critical vulnerability in Sun Java System Web Server

    Category: Network Security & Hacking News/Latest Security News

    A commercial exploit package allegedly contains a zero day exploit for Sun's web platform A commercial exploit package allegedly contains a zero day exploit for Sun's web platform Read Full Article  ...
    Monday, 26 October 2009
  35. Ed Skoudis's COINS event in NYC: The Bad Guys are Winning: So Now What?

    Category: Network Security & Hacking News/Latest Security News

    ... how to identify and exploit vulnerabilities and of how to assess (and communicate) the business risk of those vulnerabilities. An enterprise security specialist must also know about exploiting vulnerabilities, ...
    Saturday, 24 October 2009
  36. Penetration Testing vs. Vulnerability Assessments

    Category: Network Security & Hacking News/Latest Security News

    ... an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security ...
    Friday, 23 October 2009
  37. Metasploit JSP Shells

    Category: Network Security & Hacking News/Latest Security News

    ... but the easiest way is to just output the shell to raw and just upload it to a web server or for an example with an exploit check out the adobe robohelp exploit. http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/adobe_robohelper_authbypass.rb ...
    Thursday, 22 October 2009
  38. Gaping security hole in Time Warner cable routers

    Category: Network Security & Hacking News/Latest Security News

    A gaping security hole in cable modems distributed to Time Warner/Road Runner customers could potentially be exploited remotely to access private networks and possibly capture and manipulate private data. ...
    Thursday, 22 October 2009
  39. Rapid7 acquires the Metasploit project

    Category: Network Security & Hacking News/Latest Security News

    Metasploit, a major exploits site and exploit framework project, has been acquired by commercial security company Rapid7 Metasploit, a major exploits site and exploit framework project, has been acquired ...
    Wednesday, 21 October 2009
  40. Letter from Ondernemings-Portaal België

    Category: Network Security & Hacking News/Latest Security News

    ... more data than the basic details like name, zip and city then you need to take extra costs into account. Indien u per vergissing als exploitant van een privé internet pagina werd aangeschreven of niet ...
    Wednesday, 21 October 2009
  41. 4chan hoax morphs into malware attack in Kanye death hoax

    Category: Network Security & Hacking News/Latest Security News

    ... of Kanye West, originating as a prank, got co-opted by those looking to exploit your computer. Read Full Article  ...
    Wednesday, 21 October 2009
  42. White box better than black box

    Category: Network Security & Hacking News/Latest Security News

    ... app samples. I consider credential/session prediction flaws detected by white box to be typically hard to exploit even though it is a real flaw. White box (static) analysis reports this whenever non-cryptographically ...
    Wednesday, 21 October 2009
  43. SQL Injection Attacks and Defense Book Review

    Category: Network Security & Hacking News/Latest Security News

    ... It looks like they are turning things around. Second, kudos to the authors for finally explaining SQL Injection and exploiting the OS through the database in a understandable way. Previous books have ...
    Tuesday, 20 October 2009
  44. RSnakes On A Plane

    Category: Network Security & Hacking News/Latest Security News

    or why RSnake will never be allowed to play video blackjat or poker at Blackhat ever again. Rsnake's exploits with the game system on a recent flight are a fabulous read. Makes me wonder just how integrated ...
    Tuesday, 20 October 2009
  45. Fortify warns new WiFi Standard could pose major security threat

    Category: Network Security & Hacking News/Latest Security News

    ... however these applications will often have security vulnerabilities that can be exploited by criminals UNLESS a) the developers are trained in secure coding practices and b) the code has been reviewed ...
    Tuesday, 20 October 2009
  46. 'Evil Maid' USB stick attack keylogs TrueCrypt passphrases

    Category: Network Security & Hacking News/Latest Security News

    ... the hard drive's content. Dubbed, the evil maid' attack due to its plug-and-exploit' functionality requiring 1-2 minutes for the infection process to the take place, works with Security researcher ...
    Monday, 19 October 2009
  47. 20/20 Hindsight – Walmart Lessons Learned for Tenable Customers

    Category: Network Security & Hacking News/Latest Security News

    ... to exploit a technical attack such as a buffer overflow or  because they are specifically attempting a denial of service attack or unintentionally exhausting resources such as memory or disk space. ...
    Monday, 19 October 2009
  48. Balloon Boy TV Circus Exploited By Hackers

    Category: Network Security & Hacking News/Latest Security News

    Malicious hackers are poisoning search engines to entrap computer users hunting for the latest news on the Falcon Heene case. Malicious hackers are poisoning search engines to entrap computer users hunting ...
    Monday, 19 October 2009
  49. Microsoft "Patch Tuesday" - The Aftermath

    Category: Network Security & Hacking News/Latest Security News

    ... most effective at reducing risk for them. For example, the Microsoft IIS FTP server remote exploit vulnerability has a “critical” rating, but if you are already implementing mitigating factors, or are ...
    Monday, 19 October 2009
  50. Firefox blocks, then unblocks, Microsoft add-on

    Category: Network Security & Hacking News/Latest Security News

    Firefox 3.5 started to block a Microsoft plug-in that can be used to exploit a security hole in .NET Framework 3.51. But now Mozilla is unblocking it after confusion over the vulnerability Firefox 3.5 ...
    Sunday, 18 October 2009
  51. Security Exploits and Security Patches

    Category: Category

Search Parameters
Search Only:

Site Search

Sponsor Advertisements

SwiftLayer Affiliate Web Hosting