It was only the start of July when we talked about Adobe Patching PDF Vulnerabilities Being Exploited In The Wild and once again they are suffering a serious vulnerability which allows code execution from a malicious PDF document. This time the vulnera…
.::anti-abuse.com::.
Security Revealed
General Hacking's archive
Adobe Scrambling To Fix Another Serious PDF Flaw
Posted in August 9th, 2010
by admin in CoolType.dll, Exploits/Vulnerabilities, General Hacking, adobe pdf 0-day, adobe pdf exploit, adobe pdf security, adobe pdf zero day, application-security, charlie miller, foxit, foxit pdf reader, hacking pdf, integer overflow, pdf, pdf exploit, pdf hacking, pdf integer overflow, pdf security, pdf vulnerability, rss
Comments Off
Adobe Patches PDF Vulnerabilities Being Exploited In The Wild
Posted in July 2nd, 2010
by admin in Exploits/Vulnerabilities, General Hacking, adobe acrobat, adobe pdf, adobe pdf exploit, adobe pdf security, adobe pdf vulnerability, adobe reader, google, hacking adobe pdf, hacking pdf, pdf, pdf exploit, pdf hacking, pdf security, pdf vulnerability, rss, tavis ormany
At least! Adobe has sorted itself out and released patches for 17 critical vulnerabilities in their Reader and Acrobat applications. We reported back in January about Active Exploitation Of Unpatched PDF Vulnerabilities. The latest slew of vulnerabilit…
Comments Off
eLearnSecurity – Online Penetration Testing Training
Posted in May 27th, 2010
by admin in GCIA, GSEC, General Hacking, armando romeo, brett d arion, ceh, cisco ccie, dev-cpp, eCPPT, elearnsecurity, forging security professionals, giac, learn hacking, learn penetration testing, learn to hack, network-security, nitin kumar, online penetration testing course, online penetration testing training, online security course, online security training, pen-test, pen-testing, penetration testing course, penetration testing lab, penetration testing training, penetration-testing, rss, sans gcia, sans giac, sans gsec, system-security, vipin kumar, vulnerability-assessment, web-application-security, what ceh should have been
Introduction
If you are in the information security industry, or plan to be you’ve probably been looking at the various infosec certifications available. Back when I started there really wasn’t anything available, there were no infosec degr…
Comments Off
New Malware Variants More Malicious Than ILOVEYOU Bug
Posted in May 3rd, 2010
by admin in General Hacking, Malware, botnets, bots, cutwail, ilove you virus, iloveyou, love bug, loveletter, malicious botnets, malicious malware, malicious viruses, messagelabs, messagelabs intelligence report, rss, rustock, symantec
So no big surprise here, malware is getting more malicious! It’s good to know though and it’s good that companies out there like Messagelabs, under the watchful eye of Symantec, are trying to measure what is going on in malware land.
The ma…
Comments Off
Hackers Penetrate Apache.org In Direct Targeted Attack
Posted in April 14th, 2010
by admin in Exploits/Vulnerabilities, General Hacking, Web Hacking, apache-security, apache.org, apache.org bug tracker, apache.org hacked, apache.org passwords, apache.org security, atlassian, jira, privacy, rss, web-application-security, web-security
This is not the first time Apache.org has been hacked, it was comprised back in September 2009 using SSH keys.
This time another targeted attack against the site was successful and allowed the attackers to capture the passwords of users logging into th…
Comments Off
US Investigators Pinpoint Author Of Google Attack Code
Posted in February 23rd, 2010
by admin in Exploits/Vulnerabilities, General Hacking, aurora, aurora attack, chinese government, google attack code, google aurora, google aurora attacks, hacking, ie6, ie6 exploit, lanxiang vocational school, rss, shanghai jiaotong university
The big news over the past few months were the Aurora attacks and how they seemed to originate from China, last month Microsoft took the unusual step and released an Out-Of-Band patch for the IE6 0-Day vulnerability used in the attacks.
Within the last…
Comments Off
Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability
Posted in January 21st, 2010
by admin in General Hacking, IE-exploit, IE-security, IE-vulnerability, crc-16, data execution prevention, dep, exploit, hacking-IE, ie 0day, internet explorer security, internet explorer vulnerability, internet explorere 0day, internet-explorer-exploit, microsoft, microsoft patch tuesday, microsoft security, oob patch, out of band patch, rss, vulnerability
Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE.
The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution…
Comments Off
Home Secretary says McKinnon must face US trial
Posted in November 30th, 2009
by admin in General Hacking, Legal Issues, alan johnson, appeal, aspergers, ass burgers, european court of human rights, extradition, gary mckinnon appeal, gary-mckinnon, hacker, human right, mckinnon, nasa-hacker, rss, uk hacker
Since the last update almost a year ago when Gary won the right to appeal against extradition, the latest news in the Gary Mckinnon saga is that his extradition to the US for trial will be going ahead.
Even with his apparent medical condition of Ass Bu…
Comments Off
Metasploit 3.3 Released! Exploitation Framework
Posted in November 24th, 2009
by admin in General Hacking, Hacking Tools, Linux Hacking, exploit-framework, hacking, hacking-software, metasploit, metasploit-exploit-framework, rss, ruby, security-tools, vulnerabilities
What is Metasploit?
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, …
Comments Off
UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool
Posted in November 4th, 2009
by admin in General Hacking, Hacking Tools, Network Hacking, ettercap, hacking ip video, hacking voip, ip video security, ip video sniffer, ip video sniffing, ip video sniffing tool, privacy, rss, sniffing tool, sniffing voip, ucsniff, videosnarf, voip sniffer, voip-security
UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and…
Comments Off
Using Cloud Computing To Crack Passwords – Amazon’s EC2
Posted in November 3rd, 2009
by admin in Amazon Elastic Compute Cloud, Black Hat, General Hacking, Password Cracking, amazon ec2, black hat conference, brute force, brute-forcing, cloud computing, david campbell, ec2, haroon meer, password-hacking, password-security, rss, sensepost
Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down.
And guess what, someon…
Comments Off
UK Government To Launch ‘Hack Idol’
Posted in October 13th, 2009
by admin in General Hacking, cyberdefenders, hack idol, hacking, hacking idol, hacking talent, hacking talent contest, hacking-news, mentoring, rss, sans, uk hacking contest
Now this should be interesting, perhaps they should turn it into a hacking based reality TV show? From the description though it looks more centered around defense than offense and perhaps should be called ‘System Administrator Idol’.
Not q…
Comments Off
Flawfinder – Source Code Auditing Tool
Posted in September 16th, 2009
by admin in General Hacking, code auditing tool, code-auditing, flaw finder, flawfinder, rss, source code auditing, source code auditing tool, static analysis, static analysis tool
Flawfinder is a program that examines source code and reports possible security weaknesses (flaws) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely releas…
Comments Off
TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury
Posted in August 25th, 2009
by admin in General Hacking, Legal Issues, albert gonzalez, credit card hacker, credit-card-fraud, data-security, data-theft, hacking tjx, privacy, rss, russian-hackers, segvec, stealing credit cards, tjx, tjx hack, tjx hacker
We’ve been following the whole TJX saga for quite some time now since way back in September 2007 when the hack became public as the Largest Breach of Customer Data in U.S. History and in August 2008 when the TJX Credit Card Hackers Got Busted.
Th…
Comments Off
IKECrack – IKE/IPSec Authentication Cracking Tool
Posted in August 21st, 2009
by admin in General Hacking, hacking-networks, ike brute force, ike cracking, ikecrack, ipsec brute force, ipsec cracking, network-security, pre shared key, psk authentication, rss
IKECrack is an open source IKE/IPSec authentication crack tool. This tool is designed to bruteforce or dictionary attack the key/password used with Pre-Shared-Key [PSK] IKE authentication. The open source version of this tool is to demonstrate proof-of…
Comments Off
Stoned Bootkit – Windows XP, 2003, Vista, 7 MBR Rootkit
Posted in August 18th, 2009
by admin in General Hacking, boot kit, bootkit, hack truecrypt, hacking truecrypt, hacking-windows, root kit, rootkit, rss, stoned bootkit, truecrypt security, windows bootkit, windows rootkit, windows-security
What is Stoned Bootkit?
A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the mas…
Comments Off
Dan Kaminsky & Kevin Mitnick Hacked
Posted in August 3rd, 2009
by admin in Exploits/Vulnerabilities, General Hacking, Web Hacking, dan-kaminsky, hacked, kevin-mitnick, media whores, pr0j3ct m4yh3m, rm -rf, rss, summer of hax, whitehat holocaust, zero for owned, zf05, zf05.txt, ~el8
If any of you follow the mailings lists or the ’scene’ as it’s known, you’d be familiar with PHC, Phrack, Gobbles, ~el8, Silvio, gayh1tler and the whole Whitehat Holocaust AKA pr0j3kt m4yh3m. (Back when it went public).
The war …
Comments Off
Mozilla Denies Firefox 3.5 Bug Is Exploitable
Posted in July 21st, 2009
by admin in Exploits/Vulnerabilities, General Hacking, firefox, firefox 3.5, firefox 3.5 crash, firefox 3.5 exploit, firefox crash, firefox exploit, firefox-security, firefox-vulnerability, hacking-firefox, milw0rm, rss
Ah a bug in our beloved Firefox, after the latest 3.5 update (which sees some definite improvements).
The last one I recall was the Clickjacking Vulnerability, which also effected Chrome.
It seems like it’s not too serious of an issue and will on…
Comments Off
Hospital Hacker GhostExodus Owns Himself – Arrested
Posted in July 2nd, 2009
by admin in General Hacking, Legal Issues, Malware, arrested, botnet, ddos, dos, fail, ghostexodus, hacker arrested, hospital hacker, jesse william mcgraw, owned, pwned, rss, script kiddy
This story actually gave me a lot of LULZ, how stupid can you be seriously? Man this guy made so many mistakes for someone so paranoid (he had a web cam setup outside his appartment door so he could see who was coming)..
But then he exposed his IP addr…
Comments Off
Advertisments
Popular Tags
Recent Entries
- Vuln: Google Chrome prior to 6.0.472.53 Multiple Security Vulnerabilities
- Vuln: libmikmod Multiple Buffer Overflow Vulnerabilities
- Vuln: Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
- openjournalsystem-xss.txt
- zenphoto-sqlxss.txt
- Debunking the 1% Myth
- The Perfect Rosh Hashana Gift: An iPhone App That Measures Breast Size
- Soon, We’ll Have Downloaded More Apps From iTunes Than Songs (Chart)
- USN-983-1.txt
- USN-984-1.txt
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Aug | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
Subscribes
Meta
Archives
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- August 2005
- July 2005
- June 2005
- May 2005
- January 2005
- November 2004
- October 2004
- September 2004
- October 2002
- December 2001
- January 1970
- December 1969
Also
rss
- SANS Internet Storm Center, InfoCON: green
- SANS Internet Storm Center, InfoCON: green
- (IN)SECURE Magazine Notifications RSS
- 0DayCar
- A Day in the Life of an Information Security Investigator
- All about Linux
- All about Linux
- AlterNet.org Main RSS Feed
- AlterNet.org Main RSS Feed
- Astalavista.net – Directory
- Astalavista.net – Exploits
- cmw.me blogs
- Confessions of a Penetration Tester
- Darknet – The Darkside
- Darknet – The Darkside
- Debian GNU/Linux System Administration Resources
- Debian GNU/Linux System Administration Resources
- DesktopLinux.com
- DesktopLinux.com
- F-Secure Antivirus Research Weblog
- F-Secure Antivirus Research Weblog
- Got Root Articles
- Got Root Articles
- Got Root Blogs
- Got Root Blogs
- Got Root Library and Wiki
- Got Root Library and Wiki
- Hack a Day
- Hack a Day
- HowtoForge – Linux Howtos and Tutorials -
- HowtoForge – Linux Howtos and Tutorials -
- izik
- izik
- Joomla! powered Site
- kaos.theory: fractal blog
- kaos.theory: fractal blog
- Latest Secunia Advisories
- Librenix.com | Linux Sysadmin Central
- Librenix.com | Linux Sysadmin Central
- Linux Gazette
- Linux Gazette
- Linux Journal – The Original Magazine of the Linux Community
- Linux Journal – The Original Magazine of the Linux Community
- Linux.com :: Feature
- Linux.com :: Feature
- LXer Linux News
- LXer Linux News
- milw0rm.com
- milw0rm.com
- ModSecurity Blog
- ModSecurity Blog
- nixCraft Linux Sys Admin Blog
- nixCraft Linux Sys Admin Blog
- Open Source Networking
- Open Source Networking
- Own-the.net – Web application security and SEO
- Packet Storm Security Advisories
- Packet Storm Security Advisories
- Packet Storm Security Exploits
- Packet Storm Security Exploits
- Packet Storm Security Headlines
- Packet Storm Security Headlines
- Packet Storm Security Last Files
- Packet Storm Security Last Files
- Packet Storm Security Miscellaneous Files
- Packet Storm Security Miscellaneous Files
- Packet Storm Security Tools
- Packet Storm Security Tools
- RootPrompt — Nothing but Unix
- RootPrompt — Nothing but Unix
- Rootsecure.net
- Rootsecure.net
- SecuriTeam
- SecuriTeam
- SecurityDocs
- SecurityDOT Articles
- SecurityDOT Articles
- SecurityDOT Exploits
- SecurityDOT Exploits
- SecurityDot News
- SecurityDot News
- SecurityDot Vulnerabilities
- SecurityDot Vulnerabilities
- SecurityFocus News
- SecurityFocus News
- SecurityFocus Vulnerabilities
- SecurityFocus Vulnerabilities
- Spyware Warrior
- Spyware Warrior
- TaoSecurity
- TaoSecurity
- TechCrunch
- The Ethical Hacker Network RSS News Feed
- The Ethical Hacker Network RSS News Feed
- The most recent articles from vnunet.com
- The most recent articles from vnunet.com
- US-CERT Cyber Security Alerts
- US-CERT Cyber Security Alerts
- US-CERT Cyber Security Bulletins
- US-CERT Cyber Security Bulletins
- US-CERT Cyber Security Tips
- US-CERT Cyber Security Tips
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- VulnWatch
- VulnWatch
- XSSed syndication
- XSSed syndication
- XSSed syndication
- XSSed syndication