- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
- Vuln: Multiple Horde Products Cross-Site Scripting Vulnerabilities and File Overwrite Vulnerability
- Vuln: Mod_Perl Path_Info Remote Denial Of Service Vulnerability
- Vuln: Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
- Vuln: FreeBSD 'fifo_vnops.c' Resource Leak Local Denial of Service Vulnerability
- Vuln: Citrix NetScaler and Access Gateway Denial Of Service Vulnerability
- Vuln: PDFLib 'open_basedir' Restriction Bypass Vulnerability
- Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
Search
Search Result
-
Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
Mahara Admin Password Reset Security Bypass Vulnerability Read Full Article ...Sunday, 29 November 2009 -
Security 2009 report
Category: Network Security & Hacking News/Latest Security News
... two sessions I liked much. The first one being Per Thorsheim (http://twitter.com/thorsheim) talking about passwords. His been studying the subject for almost a decade, and he has some interesting points. ...Friday, 06 November 2009 -
Singe sign-in gains ground
Category: Network Security & Hacking News/Latest Security News
There seems to be a persisting problem: how to remember the passwords to all the websites you use and that require you to login? For myself, I chose to use a password manager and have just one passwor... ...Friday, 06 November 2009 -
Bredolab surges to new heights thanks to Cutwail botnet
Category: Network Security & Hacking News/Latest Security News
... where Facebook Password Reset Confirmation was perhaps one of the most widespread campaigns targeting social network users. But let’s not forget DHL tracking emails or the Western Union Payment. ...Thursday, 05 November 2009 -
The Register: Google opens up OAuth to tackle password chores
Category: Network Security & Hacking News/Latest Security News
The Register: Google opens up OAuth to tackle password chores The Register: Google opens up OAuth to tackle password chores Read Full Article ...Wednesday, 04 November 2009 -
The Register: Google opens up OAuth to tackle password chores
Category: Network Security & Hacking News/Latest Security News
The Register: Google opens up OAuth to tackle password chores The Register: Google opens up OAuth to tackle password chores Read Full Article ...Wednesday, 04 November 2009 -
Business e-banking and the 6-figure password
Category: Network Security & Hacking News/Latest Security News
... installed a password-stealing Trojan horse program named Zeus. From there, the attackers were able to initiate unauthorized payroll payments to Cutshall and about 20 other individuals similarly recruited ...Wednesday, 04 November 2009 -
Shutting Twitter backdoors
Category: Network Security & Hacking News/Latest Security News
If a Twitter password falls into the wrong hands, merely changing the password is not sufficient - there is also OAuth access to be taken care of If a Twitter password falls into the wrong hands, merely ...Wednesday, 04 November 2009 -
Spike in Social Media Malware, Phishing Attacks
Category: Network Security & Hacking News/Latest Security News
E-mail scams targeting users of social media sites like Twitter and Facebook are blurring the lines between traditional phishing attacks and those designed to plant password-stealing malicious software ...Wednesday, 04 November 2009 -
Security Briefing – November 4th
Category: Network Security & Hacking News/Latest Security News
... Behind Facebook Ads – Mckeay Cracking Passwords in the Cloud – Electric Alchemy We need to do more than raise the bar – Developing Security FBI Says ‘Money Mule’ Scams Now Top $100 ...Wednesday, 04 November 2009 -
Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR
Category: Network Security & Hacking News/Latest Security News
Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR Read Full Article ...Tuesday, 03 November 2009 -
The Register: Amazon's EC2 brings new might to password cracking "calculated the cost of waging a brute-force attack on various types of passwords using cloud computing services offered by Amazon"
Category: Network Security & Hacking News/Latest Security News
The Register: Amazon's EC2 brings new might to password cracking calculated the cost of waging a brute-force attack on various types of passwords using cloud computing services offered by Amazon The ...Tuesday, 03 November 2009 -
Smoking (Cloud) Crack
Category: Network Security & Hacking News/Latest Security News
... did make.This was a brute force password attackIf you happen to intercept PGP communication between two people, there's ... Making waves in the infosec blogosphere today: Cracking a PGP-protected ZIP ...Tuesday, 03 November 2009 -
Facebook Phishing Campaign Pushes ‘Cocktail’ Attack
Category: Network Security & Hacking News/Global Security News
... them that the Facebook account passwords have been changed. The malware downloads a keylogger to collect credit card numbers, social security number, and other passwords We have already discussed ...Tuesday, 03 November 2009 -
Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR
Category: Network Security & Hacking News/Latest Security News
Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR Electric Alchemy: Cracking Passwords in the Cloud - Breaking PGP on EC2 with EDPR Read Full Article ...Tuesday, 03 November 2009 -
Cracking keys on the cheap in the cloud
Category: Network Security & Hacking News/Latest Security News
Multiple cheap virtual machines in the cloud are reducing the cost of brute force attacks on keys and passwords. Long and complex keys are still too tough a nut for this process to crack Multiple cheap ...Tuesday, 03 November 2009 -
The Register: Amazon's EC2 brings new might to password cracking "calculated the cost of waging a brute-force attack on various types of passwords using cloud computing services offered by Amazon"
Category: Network Security & Hacking News/Latest Security News
The Register: Amazon's EC2 brings new might to password cracking calculated the cost of waging a brute-force attack on various types of passwords using cloud computing services offered by Amazon ...Monday, 02 November 2009 -
Elite Loader Goes Public
Category: Network Security & Hacking News/Latest Security News
... users to upload additional software to targeted systems to steal passwords or deploy spam or distributed denial of service (DDoS) modules that other cybercriminals can use. The bot’s C&C also ...Monday, 02 November 2009 -
Dutch hacker holds jailbroken iPhones "hostage" for €5
Category: Network Security & Hacking News/Latest Security News
... SSH is a common procedure for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands. Unfortunately, iPhones all have a default root password that many forget to change ...Monday, 02 November 2009 -
Summarizing Zero Day's Posts for October
Category: Network Security & Hacking News/Latest Security News
... rate for 545k malware samples 02. Weak passwords dominate statistics for Hotmail's ... The following is a brief summary of all of my posts at ZDNet's Zero Day for October. You can also go through ...Monday, 02 November 2009 -
Interesting Information Security Bits for 11/02/2009
Category: Network Security & Hacking News/Latest Security News
... our organizations. Lifestyle Hackers – CSO Online – Security and Risk Tags: ( social-media ) You know you’ve been wanting to try it. Electric Alchemy: Cracking Passwords in the Cloud: ...Monday, 02 November 2009 -
Weekly Intelligence Summary: 2009 – 10 – 30
Category: Network Security & Hacking News/Latest Security News
Most of the threat activity for this week was directed towards Facebook and Twitter users. Large e-mail campaigns for password reset confirmations led to compromised Facebook accounts and Trojan installations, ...Monday, 02 November 2009 -
What Windows Autorun Has Wrought
Category: Network Security & Hacking News/Latest Security News
... program called Taterf which steals passwords and license keys for popular computer games, were detected on 5.21 million and 4.91 million Windows computers, respectively. The original version of Conficker ...Monday, 02 November 2009 -
Malware Conceals Itself as Boss’s Letter
Category: Network Security & Hacking News/Latest Security News
... that old tactics never die and continue to be an effective way of infecting users. We blogged about it in the following posts: Spoofed Contract Carries Malware Fake Facebook Password Notification Leads ...Monday, 02 November 2009 -
How Secure is your UK Online Banking?
Category: Network Security & Hacking News/Latest Security News
... a constantly changing number on an LCD screen (see picture below), which is typed in along side the customer’s identity (name) and password to provide access to the online bank account. Using a hardware ...Sunday, 01 November 2009 -
Email regarding Facebook account update is a phish – part 2
Category: Network Security & Hacking News/Latest Security News
... and got the login screen. When filling in dummy login and password we got redirected to the following screen and to our suprise we didn’t found a webform to submit personal details but instead ...Saturday, 31 October 2009 -
Cutwail trojan variant out in the wild
Category: Network Security & Hacking News/Latest Security News
MX Lab is intercepting quite a lot of viruses these days. Since October 27th, 2009, when we reported about the Facebook Password Reset Confirmation-campaign, we notice an serious increase in viruses. We ...Friday, 30 October 2009 -
Survey: Employees spend work time shopping
Category: Network Security & Hacking News/Latest Security News
... your desktop PC, not your mobile device, to shop, because your desktop browser is likely to be more secure. 2) Protect sensitive information, like credit card numbers, by password-protecting both your ...Friday, 30 October 2009 -
SanDisk Cruzer Enterprise Flash Drives Earn Certification
Category: Network Security & Hacking News/Latest Security News
... flash drives can be easily managed with SanDisk’s Central Management and Control (CMC) software. SanDisk CMC server software provides lifecycle management for Cruzer Enterprise drives, including password ...Friday, 30 October 2009 -
How Default Credentials and Remote Administration Panels Can Expose Security
Category: Network Security & Hacking News/Latest Security News
... password policies. It’s highly unlikely you’re developing strong passwords internally if you’re not even changing what attackers know is true externally. The fact that these devices ...Friday, 30 October 2009 -
Defeating Zombies: Five Ways To Improve Defenses
Category: Network Security & Hacking News/Latest Security News
... in this context, it can encompass more than just an undisclosed vulnerability that someone has written an exploit for. Fully patched systems can be vulnerable to numerous threats, such as weak passwords ...Friday, 30 October 2009 -
Twitter warns of new phishing attacks
Category: Network Security & Hacking News/Latest Security News
... to steal login and password credentials. Once a victim types in their credentials, a fake Twitter fail-whale over capacity message is displayed. Sophos security expert Graham Cluley blogged about the ...Thursday, 29 October 2009 -
Security Briefing – October 29th
Category: Network Security & Hacking News/Latest Security News
... of Kindness Twitter phishers are after your password – Sophos Phishing trends according to the Anti-Phishing Working Group – Net Security Bank Trojan botnet targets Facebook users – ...Thursday, 29 October 2009 -
Securing the Toughest Times
Category: Network Security & Hacking News/Latest Security News
... (e.g., VPN). The time required for this activity will multiply if IT hasn’t kept complete documentation of each worker’s individual access rights, passwords, user names, and security cards. ...Wednesday, 28 October 2009 -
Facebook users targeted by password change scam
Category: Network Security & Hacking News/Latest Security News
If you are one of the 300 million people who actively use Facebook, this warning is for you. A new spam campaign that targets users of the popular social network is under way, so if you get an email w... ...Wednesday, 28 October 2009 -
OAMP: OpenBSD 4.6 + Chroot Apache + MySQL + PHP
Category: Network Security & Hacking News/Latest Security News
... 4.6 installation process, that user will be in the wheel group by default. All you need to do is add a sudo rule for the wheel group. It's commented out in /etc/sudoers. $ su - Password: # visudo ... ...Wednesday, 28 October 2009 -
Password strength checking with passwdqc
Category: Network Security & Hacking News/Latest Security News
passwdqc is a simple password strength checking module for PAM-aware password changing programs, such as passwd(1). In addition to checking regular passwords, it offers support for passphrases and can... ...Tuesday, 27 October 2009 -
Fake Facebook Password Notification Leads to Malware
Category: Network Security & Hacking News/Latest Security News
A new spam campaign that purports to be from Facebook is making rounds today. It bears the subject, “Facebook Password Reset Confirmation,” and informs users that their passwords have been changed for ...Tuesday, 27 October 2009 -
Barackobama.com 'hack' is a hoax
Category: Network Security & Hacking News/Latest Security News
... a security flaw in barackobama.com allows anyone to view the user names and passwords needed to administer the site. With that access, an attacker could view database information, upload content to the ...Tuesday, 27 October 2009 -
Let’s Play ‘Find the Errors’
Category: Network Security & Hacking News/Global Security News
... links IM (MSN Messenger, Skype, etc.) This version of PWS-Banker, besides grabbing passwords and screenshots, will also download Microsoft MSN Messenger. Or an app that at least looks like Messenger. ...Tuesday, 27 October 2009 -
Facebook password-reset spam is Bredolab botnet attack
Category: Network Security & Hacking News/Latest Security News
Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware. Virus hunters are raising ...Tuesday, 27 October 2009 -
Bredolab masked as Facebook Password Reset Confirmation
Category: Network Security & Hacking News/Latest Security News
MX Lab detected a new Bredolab variant masking itself as the Facebook Password Reset Confirmation. The From address in the email is shown as The Facebook Team service@facebook.com but the real SMTP from ...Monday, 26 October 2009 -
Use Hotmail or Gmail? Be on alert for phishing scams
Category: Network Security & Hacking News/Latest Security News
... are stealing passwords and other account information through fraudulent e-mail scams and then using these new accounts to send spam to everyone in the victim’s inbox. To help protect yourself from these ...Monday, 26 October 2009 -
Day 1 in Sao Paulo Brazil -- I'm Back
Category: Network Security & Hacking News/Latest Security News
... are certain gas stations where you can even purchase CDs with stolen data - financial, credit card, user names/passwords, etc. Apparently - there are a number of these CDs with government information ...Monday, 26 October 2009 -
Enterprise Open Source Intelligence Gathering – Part 1 Social Networks
Category: Network Security & Hacking News/Latest Security News
... like Facebook different because there is both private and public information. Facebook as an example has a built in search feature “behind” a valid login id and password. Searching Facebook ...Monday, 26 October 2009 -
Malware and poor passwords ranked as greatest threats
Category: Network Security & Hacking News/Latest Security News
Today’s IT security and authentication professionals have less confidence and greater security concerns for their organizations than last year, according to a recent study by PhoneFactor. The company ... ...Monday, 26 October 2009 -
Cain & Abel 4.9.35 now available
Category: Network Security & Hacking News/Latest Security News
Cain Abel is a password recovery tool for Microsoft operating systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and... ...Monday, 26 October 2009 -
McAfee Labs goes after EvilMaid!
Category: Network Security & Hacking News/Global Security News
... code as trojan PWS-EvilMaid!demo, due to its password stealing capabilities. We will be watching this space for any future variants that follow this trend, for now here is the screenshot of McAfee alerting ...Monday, 26 October 2009 -
Interesting Information Security Bits RSA Catch-up Part 1
Category: Network Security & Hacking News/Latest Security News
... of Information Security Tags: ( best-practices risk-management ) Information Escapology << wirewatcher Tags: ( passwords logging ) That’s it for today. Have fun! Subscribe to my RSS ...Sunday, 25 October 2009 -
Spoofed Contract Carries Malware
Category: Network Security & Hacking News/Latest Security News
... file because it is password protected. However, a password is included in the email to open the said file. This is probably to trick users into thinking that the said file is legitimate. As usual, users ...Saturday, 24 October 2009
Site Search
Login Form
Sponsor Advertisements
 |