Additional XML Security Uniform Resource Identifiers (URIs)
Abstract This document expands and updates the list of URIs specified in RFC 4051 and intended for use with XML Digital Signatures, Encryption, Canonicalization, and Key Management. These URIs...
View ArticleEAP Mutual Cryptographic Binding
Abstract As the Extensible Authentication Protocol (EAP) evolves, EAP peers rely increasingly on information received from the EAP server. EAP extensions such as channel binding or network...
View ArticleEncryption of Header Extensions in the Secure Real-Time Transport Protocol...
Abstract The Secure Real-Time Transport Protocol (SRTP) provides authentication, but not encryption, of the headers of Real-Time Transport Protocol (RTP) packets. However, RTP header extensions...
View ArticleA Simple Secure Addressing Generation Scheme for IPv6 AutoConfiguration (SSAS)
Abstract The default method for IPv6 address generation uses two unique manufacturer IDs that are assigned by the IEEE Standards Association [1] (section 2.5.1 RFC-4291) [RFC4291]. This means...
View ArticleNVIDIA Releases Fix For Display Driver Exploit That Was Issued In Late December
If you can please take a moment to look at some of the ads embedded in these blog entries. It would be greatly appreciated and again thank you for taking the time to read the information contained in...
View ArticleSNMC analysts, monitored publicly available online forums, blogs, public...
SNMC analysts, monitored publicly available online forums, blogs, public websites, and message boards to collect information used in providing situational awareness and establishing a common operating...
View ArticleSpam Free Wordpress plugin Version 1.9.2 Vulnerability (Video Link Included)
=======================================================Vulnerable software: Spam Free Wordpress plugin Version 1.9.2Download link: http://wordpress.org/extend/plugins/spam-free-wordpress/Vuln: IP based...
View ArticleSome Protective Measures For Joomla- block the most common type of exploit...
If you can please take a moment to look at some of the ads embedded in these blog entries. It would be greatly appreciated and again thank you for taking the time to read the information contained in...
View ArticleUbisoft Announcement On Hijacked Accounts
Ubisoft Support Message:We are investigating the origin of these hijackings. In the mean time, if you have had your account compromised make sure you check and change the passwords of all of your...
View ArticleDebian Bug report logs - mount/umount leak information about existence of...
Package: mountVersion: 2.20.1-5.3Severity: criticalTags: securityJustification: root security holemount discloses information about folders not accessible for a user:$ ls -ld /root/.sshls: cannot...
View ArticleClik here to view.
[SECURITY] [DSA 2599-1] nss security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- -------------------------------------------------------------------------Debian Security Advisory DSA-2599-1...
View ArticleHavalite CMS 1.1.7 stored XSS vulnerability in comments of blog posts
Havalite CMS has stored XSS vulnerability in comments of blog posts. Example:POST http://example.com/?p=1 "comment" with value %E2%80%9C%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3ETested in...
View ArticleTimthumb Bot
This is for educational purposes.[powered by http://taringadirectory.blogspot.com]#!/usr/bin/perl################################################## Timthumb v 1.02...
View ArticleSC continues notifying data breach victims, tries answering questions Read...
COLUMBIA, S.C. — More than three months after officials revealed hackers had swiped financial data belonging to 6.4 million consumers and businesses from the S.C. Department of Revenue, the state still...
View ArticleWordpress NextGEN Gallery plugin XSS Vulnerability
############################### Exploit Title : Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability## Author : IrIsT.Ir## Discovered By : Am!r## Home :...
View ArticleClik here to view.
[SECURITY] [DSA 2600-1] cups security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- -------------------------------------------------------------------------Debian Security Advisory DSA-2600-1...
View ArticleVIDEO: REVERSE ENGINEERING SECURE HTTP API'S WITH AN SSL PROXY
Description: AbstractThe proliferation of mobile devices has led to increased emphasis on native applications, such as Objective-C applications written for iOS or Java applications written for Android....
View Article[SECURITY] [DSA 2601-1] gnupg, gnupg2 security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- -------------------------------------------------------------------------Debian Security Advisory DSA-2601-1...
View Articlehttp://onlinelinkscan.com Security Scan
root@bt:/pentest/web/wpscan# ruby wpscan.rb -u onlinelinkscan.com -e up____________________________________________________ __ _______ _____ \ \ / / __ \ / ____|...
View ArticleThere Are Four Lights: USB-Accessible Storage
There's been a good deal of discussion and documentation regarding discovering USB devices that had been connected to a Windows system, as this seems to be very important to a number of examiners. In...
View Article