Jason Frisvold wrote to us about a suspicious web page. One of his users visited the web page he su …(more)…
.::anti-abuse.com::.
Security Revealed
Archive for June, 2007
Summary of TCP services on your network, (Thu, Jun 21st)
Posted in June 22nd, 2007
One of my colleagues asked for a simple way to see what services are live on a given network, in pre …(more)…
Comments Off
Monké-size Your Security Plan
Posted in June 22nd, 2007
Reader JT gave me a much needed monkey (or should I say monké) sized laugh today when he sent me this new Starbucks advertisement:
Now THAT is creative! Thank you JT!
This was a perfect lead into a topic that’s been bouncing around my monkey brain for the last few weeks:
Super-sizing your security plan.
Everything comes in “super size” today. Fast food meals, TVs, hard drives, SUVs, and let’s not forget Donald Trump’s ego.
What a
Comments Off
Apple Safari Cross-Domain Race Condition Information Disclosure Vulnerability
Posted in June 22nd, 2007
Apple Safari Cross-Domain Race Condition Information Disclosure Vulnerability
Comments Off
Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability
Posted in June 22nd, 2007
Apple WebCore XMLHTTPRequest Cross-Site Scripting Vulnerability
Comments Off
Apple Webkit Invalid Type Conversion Remote Code Execution Vulnerability
Posted in June 22nd, 2007
Apple Webkit Invalid Type Conversion Remote Code Execution Vulnerability
Comments Off
RKD Software BarCode ActiveX Control BarCodeAx.DLL Buffer Overflow Vulnerability
Posted in June 22nd, 2007
RKD Software BarCode ActiveX Control BarCodeAx.DLL Buffer Overflow Vulnerability
Comments Off
Red Hat Cluster Suite CMan Local Buffer Overflow Vulnerability
Posted in June 22nd, 2007
Red Hat Cluster Suite CMan Local Buffer Overflow Vulnerability
Comments Off
PHPRaider Multiple SQL Injection Vulnerabilities
Posted in June 22nd, 2007
PHPRaider Multiple SQL Injection Vulnerabilities
Comments Off
Joomla/Mambo Com_SiteMap Component MosConfig_Absolute_Path Remote File Include Vulnerability
Posted in June 22nd, 2007
Joomla/Mambo Com_SiteMap Component MosConfig_Absolute_Path Remote File Include Vulnerability
Comments Off
Joomla/Mambo Mod_Forum Component PHPBB_Root.PHP Remote File Include Vulnerability
Posted in June 22nd, 2007
Joomla/Mambo Mod_Forum Component PHPBB_Root.PHP Remote File Include Vulnerability
Comments Off
MPack Analysis, (Wed, Jun 20th)
Posted in June 21st, 2007
We mentioned a large MPack compromise in a diary two days ago. Since then we’ve been accumulat …(more)…
Comments Off
Other miscellaneous stuff I’ve come across recently, (Wed, Jun 20th)
Posted in June 21st, 2007
Complexity is bad for security
I’ve mentioned before that I read Spaf’s blog. …(more)…
Comments Off
Pump and dump scams now in PDF, (Wed, Jun 20th)
Posted in June 21st, 2007
Apparently the groups behind what we know as pump and dump scam have found a new way to bypass sp …(more)…
Comments Off
Apple TV security update, (Wed, Jun 20th)
Posted in June 20th, 2007
Apple has released a bulletin and update to their Apple TV software which fixes a buffer overf …(more)…
Comments Off
PHP code in GIF (Part 2), (Tue, Jun 19th)
Posted in June 20th, 2007
The GIF + PHP code article from yesterday generated some good email. Here is a good document t …(more)…
Comments Off
In A Van… Down By The Datacenter?
Posted in June 20th, 2007
[Paws update: things are looking up. By simply adjusting some ergonomic habits of mine I've reduced the pain in my paws almost completely. It hasn't been easy and it's taken a long time - but it appears to be working. I've had countless readers e-mail me horror stories of medications, braces and surgeries. I think I lucked out.]
Speaking of readers e-mailing me, I’ve had no less than three monkeys e-mail me stories and anecdotes about strange vehicles parking near their buildings after hour
Comments Off
PHP Exploit Code in a GIF, (Tue, Jun 19th)
Posted in June 19th, 2007
So if you want to hide something, where is the best place to hide it?
In plain sight of course. n …(more)…
Comments Off
Massive MPACK Compromise, (Mon, Jun 18th)
Posted in June 19th, 2007
If you’re confused and thinking of the mime packer at this point, then
you haven’t heard of quot …(more)…
Comments Off
Vulnerability in Trillian, (Mon, Jun 18th)
Posted in June 19th, 2007
Trillian is a very popular instant messenger client. iDefense found a bug in version 3 …(more)…
Comments Off
Crazy eCSI: A Head Slapper
Posted in June 18th, 2007
My paw seems to be feeling better so I’m going to tap the aluminum keys a bit this morning and share with you a real “Head Slapper” care of an anonymous former co-worker that e-mailed me (and called me!!!) very early this morning. I politely asked if I could share this as long as I changed some information to protect the innocent *cough* responsible party *cough*. (Note, this happened earlier in the week – I’m just now finishing this. The paws are slow! I also changed some of the technical d
Comments Off
(IN)SECURE Magazine Issue 11
Posted in June 16th, 2007
Articles in this issue include: On the security of e-passports, Review: GFI LANguard Network Security Scanner 8, Critical steps to secure your virtualized environment, Interview with Howard Schmidt, President and CEO R and H Security Consulting, Quantitative look at penetration testing, Integrating ISO 17799 into your Software Development Lifecycle, Public Key Infrastructure (PKI): dead or alive?, Interview with Christen Krogh, Opera Software’s Vice President of Engineering, Super ninja privacy techniques for web application developers, Security economics, iptables – an introduction to a robust firewall, Black Hat Briefings and Training Europe 2007 and Enforcing the network security policy with digital certificates.
Comments Off
(IN)SECURE Magazine Issue 10
Posted in June 16th, 2007
Articles in this issue include: Microsoft Windows Vista: significant security improvement?, Review: GFI Endpoint Security 3, Interview with Edward Gibson, Chief Security Advisor at Microsoft UK, Top 10 spyware of 2006, The spam problem and open source filtering solutions, Office 2007: new format and new protection/security policy, Wardriving in Paris, Interview with Joanna Rutkowska, security researcher, Climbing the security career mountain: how to get more than just a job, RSA Conference 2007 report, ROT13 is used in Windows? You’re joking! and Data security beyond PCI compliance – protecting sensitive data in a distributed environment.
Comments Off
Attack involving .hk domains, (Sat, Jun 16th)
Posted in June 16th, 2007
Eric, one of our many valued contributors wrote in yesterday with various spam messages that contain …(more)…
Comments Off
BBB=>IRS=>FTC=>Proforma | don’t open that invoice!, (Fri, Jun 15th)
Posted in June 16th, 2007
BBB-IRS-FTC-Proforma_Invoice.doc
Several of our ever-vigilant readers have warned us o …(more)…
Comments Off
safari update, (Fri, Jun 15th)
Posted in June 16th, 2007
Apple has released a new version of the public BETA safari browser (3.0 …(more)…
Comments Off
Office of Cyber Public Health?, (Thu, Jun 14th)
Posted in June 16th, 2007
Joe St. Sauver, security and spam researcher at the University of Oregon, points out that botnets ar …(more)…
Comments Off
IRS goes FTC, (Wed, Jun 13th)
Posted in June 16th, 2007
After the recent BBB and IRSscams, Sam Masiello has reported new scam e-mails spoofed fromnbs …(more)…
Comments Off
New Hacker Challenge for you all, (Sat, Jun 16th)
Posted in June 16th, 2007
There is a new hacker challenge up on the ethical hacker network based on Serenity.
Matt who works …(more)…
Comments Off
(IN)SECURE Magazine Issue 11
Posted in June 16th, 2007
Articles in this issue include: On the security of e-passports, Review: GFI LANguard Network Security Scanner 8, Critical steps to secure your virtualized environment, Interview with Howard Schmidt, President and CEO R and H Security Consulting, Quantitative look at penetration testing, Integrating ISO 17799 into your Software Development Lifecycle, Public Key Infrastructure (PKI): dead or alive?, Interview with Christen Krogh, Opera Software’s Vice President of Engineering, Super ninja privacy techniques for web application developers, Security economics, iptables – an introduction to a robust firewall, Black Hat Briefings and Training Europe 2007 and Enforcing the network security policy with digital certificates.
Comments Off
Advertisments
Popular Tags
Recent Entries
- Ubuntu more “commercial”, but always free …
- Silicon Valley Can Do Better Than Facebook
- The pi pad
- Labor Struggles, Then and Now: Workers in One Iowa Town Epitomize the Past and Present of the Labor Movement
- The Perfect Desktop – Ubuntu Studio 12.04
- Introducing Our 2012 Disrupt NYC Hackathon Winners: Thingscription, PoachBase, And Practikhan!
- iPhone charger teardown shows astounding miniaturization.
- Vuln: Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
- 12 More Enlightening Free Linux Books
- Building a 6502 in Minecraft
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « May | Jul » | |||||
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | |
Subscribes
Meta
Archives
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- August 2005
- July 2005
- June 2005
- May 2005
- January 2005
- November 2004
- October 2004
- September 2004
- October 2002
- December 2001
- January 1970
- December 1969
Also
rss
- SANS Internet Storm Center, InfoCON: green
- SANS Internet Storm Center, InfoCON: green
- (IN)SECURE Magazine Notifications RSS
- 0DayCar
- A Day in the Life of an Information Security Investigator
- Advisory Files ≈ Packet Storm
- Advisory Files ≈ Packet Storm
- All about Linux
- All about Linux
- AlterNet.org
- AlterNet.org
- Astalavista.net – Directory
- Astalavista.net – Exploits
- cmw.me blogs
- Confessions of a Penetration Tester
- Darknet – The Darkside
- Darknet – The Darkside
- Debian GNU/Linux System Administration Resources
- Debian GNU/Linux System Administration Resources
- DesktopLinux.com
- DesktopLinux.com
- Exploit Files ≈ Packet Storm
- Exploit Files ≈ Packet Storm
- F-Secure Antivirus Research Weblog
- F-Secure Antivirus Research Weblog
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Got Root Articles
- Got Root Articles
- Got Root Blogs
- Got Root Blogs
- Got Root Library and Wiki
- Got Root Library and Wiki
- Hack a Day
- Hack a Day
- HowtoForge – Linux Howtos and Tutorials –
- HowtoForge – Linux Howtos and Tutorials –
- izik
- izik
- Joomla! powered Site
- kaos.theory: fractal blog
- kaos.theory: fractal blog
- Latest Secunia Advisories
- Librenix.com | Linux Sysadmin Central
- Librenix.com | Linux Sysadmin Central
- Linux Gazette
- Linux Gazette
- Linux Journal – The Original Magazine of the Linux Community
- Linux Journal – The Original Magazine of the Linux Community
- Linux.com :: Feature
- Linux.com :: Feature
- LXer Linux News
- LXer Linux News
- milw0rm.com
- milw0rm.com
- News ≈ Packet Storm
- News ≈ Packet Storm
- nixCraft Linux Sys Admin Blog
- nixCraft Linux Sys Admin Blog
- Open Source Networking
- Open Source Networking
- Own-the.net – Web application security and SEO
- RootPrompt — Nothing but Unix
- RootPrompt — Nothing but Unix
- Rootsecure.net
- Rootsecure.net
- SecuriTeam
- SecuriTeam
- Security Tool Files ≈ Packet Storm
- Security Tool Files ≈ Packet Storm
- SecurityDocs
- SecurityDOT Articles
- SecurityDOT Articles
- SecurityDOT Exploits
- SecurityDOT Exploits
- SecurityDot News
- SecurityDot News
- SecurityDot Vulnerabilities
- SecurityDot Vulnerabilities
- SecurityFocus News
- SecurityFocus News
- SecurityFocus Vulnerabilities
- SecurityFocus Vulnerabilities
- SpiderLabs Anterior
- SpiderLabs Anterior
- Spyware Warrior
- Spyware Warrior
- TaoSecurity
- TaoSecurity
- TechCrunch
- The Ethical Hacker Network RSS News Feed
- The Ethical Hacker Network RSS News Feed
- The most recent articles from vnunet.com
- The most recent articles from vnunet.com
- US-CERT Bulletins
- US-CERT Bulletins
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- US-CERT Tips
- US-CERT Tips
- VulnWatch
- VulnWatch
- XSSed syndication
- XSSed syndication
- XSSed syndication
- XSSed syndication