U.S. homeland chief: cyber 9/11 could happen "imminently"
WASHINGTON (Reuters) - Homeland Security Secretary Janet Napolitano warned on Thursday that a major cyber attack is a looming threat and could have the same sort of impact as last year's Superstorm...
View ArticleAllwin URLDownloadToFile + WinExec + ExitProcess Shellcode
/*Title: Allwin URLDownloadToFile + WinExec + ExitProcess ShellcodeDate: 2013-22-01Author: RubberDuckWeb: http://bflow.security-portal.czhttp://www.security-portal.czTested on: Win 2k, Win XP Home...
View ArticleServer Compromises – Understanding Apache Module iFrame Injections and Secure...
There are many ways to inject a malicious payload onto a website. The attacker can modify any of the web files (index.php for example), the .htaccess file or php.ini (if the site is using PHP). There...
View ArticleA Matter of Perspective: Understanding Security Myths and the Malevolent Mind
T security technologist Dave Waterson wrote an interesting article on his version of the top 10 security myths. He covered some common user and company misconceptions in the industry and explained why...
View ArticleData Centers to Beat Media Storage: 2018 Micro Servers Market and Application...
RnRMarketResearch.com adds the latest report on “Global Micro Servers Market (2013 – 2018), By Processor Type (Intel, Arm, Amd), Component (Hardware, Software, Operating System), Application (Media...
View ArticleClik here to view.
SecurityCoverage infographic highlights security risks for Data Privacy Day
“Trouble in the Cloud” graphic and consumer checklist help celebrate Data Privacy Day January 28th.Infographic: Trouble in the Cloud“Everyone has a role in securing their part of cyberspace, including...
View ArticleToday's NIST CVE Issuance's For Vulns In Dell OpenManage Server Administrator...
Click on the underlined CVE for additional vuln specific infoCVE-2012-6272VU#950172Summary: Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1,...
View ArticleFake Adobe Flash Updates Resurface on the Web
Following the return of fake Google Chrome browser updates almost two weeks ago, online criminals are now banking on fake Adobe Flash Player updates to lure the unwary user into downloading malware...
View Articlenew scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus...
This report describes any new scripts/modules/exploits added to Nmap,OpenVAS, Metasploit, and Nessus since yesterday.== OpenVAS plugins (45) ==r15280 865229...
View ArticleFewer than one in five organisations has cyber insurance
More than three in four (76 per cent) organisations say they have become more concerned about information security and privacy over the past three years - but only 19 per cent have purchased insurance...
View ArticleBalanced Security for IPv6 CPE
Abstract This document describes how an IPv6 residential Customer Premise Equipment (CPE) can have a balanced security policy that allows for a mostly end-to-end connectivity while keeping the...
View ArticleSQLiteManager 1.2.4 Remote PHP Code Injection Vulnerability
Description:===============================================================Exploit Title: SQLiteManager 0Day Remote PHP Code Injection VulnerabilityGoogle Dork: intitle:SQLiteManager inurl:sqlite/Date:...
View ArticleWordpress theme sandbox Arbitrary File Upload Vulnerability
# Exploit Title: Wordpress theme sandbox Arbitrary File Upload/FD Vulnerability# Date: 21/12/2012# Author: The Black Devils# Category : [ webapps ]# Dork : inurl:wp-content/themes/sandbox# Type : php#...
View ArticleX AutoDealer XSS/SQLi Vulnerabilities
########################################### Exploit Title: X AutoDealer XSS/SQLi Vulnerabilities# Date: 2013-1-25# Author: DaOne aka Mocking Bird# Software Link:...
View ArticleUnlocking Your Mobile Phone Is No Longer Legal
Mobile phones purchased beginning Saturday can no longer be legally unlocked by U.S. consumers to enable them to work on different networks.The reason, as we reported three months ago, was that the...
View ArticleThreat Outbreak Alert: Fake Payment Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain payment details for the recipient. The text in the e-mail...
View ArticleThreat Outbreak Alert: Fake Income Tax Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain an income tax warning notification for the recipient. The text...
View ArticleYahoo, Like Google, Demands Warrants for User E-mail
Yahoo demands probable-cause, court-issued warrants to divulge the content of messages inside its popular consumer e-mail brands — Yahoo and Ymail, the Web giant said Friday.The Sunnyvale,...
View ArticleZTE ZXV10 W300 series (Djaweb router) vulnerability
# Exploit Title: Djaweb router multipe-vulnerability# Date: 08/01/2012# Author: The Black Devils# Category : [ webapps ]# Type : Hardware# Tested on: [Windows] & [Ubuntu]#------------------about...
View ArticleWordpress sem WYSIWYG Arbitrary File Upload Vulnerability
# Exploit Title: Wordpress sem WYSIWYG Arbitrary File Upload Vulnerability# Author: fayzoun# facebook: https://www.facebook.com/fayzoun.AO# Google Dork: inurl:wp-content/plugins/sem-wysiwyg/# Tested...
View Article