U.S. Prepares Counterstrike Against Cyber-Attack
Move over, terrorism and weapons of mass destruction. High-tech asymmetric warfare is the biggest threat to the United States.“Cyber-attacks and cyber-espionage pose a greater potential danger to U.S....
View ArticleCritical issue affecting EA Origin Users
We have just released a paper [1], in which we prove that the EA Originplatform can be used as an excellent attack vector to exploit local issuesremotely.EA Origin [2] is one of the biggest gaming...
View ArticleHas HTTPS finally been cracked? Five researchers deal SSL/TLS a biggish blow
Cryptographers have once again put SSL/TLS (that's the padlock in HTTPS) in their gunsights and opened fire.This time, they've done some severe damage.The attack they've devised doesn't work against...
View ArticleHiding Data in Hard-Drive’s Service Areas
Next spot for Malware?1 IntroductionIn this paper we will demonstrate how spinning hard-drives’ service areascan be used to hide data from the operating-system (or any software using thestandard OS’s...
View Article"Data-Clone" -- a new way to attack android apps (reported Dec. 2012 but no...
"Data-Clone" -- a new way to attack android appsAuthor: SuperHei () www knownsec com [Email:5up3rh3i#gmail.com]Release Date: 2013/03/16References: http://www.80vul.com/android/data-clone.txtChinese...
View ArticleClik here to view.
Nanomite - Graphical Debugger for x64 and x86 on Windows
Nanomite / + fixed a crash in attaching to a process where we don´t have a file … …latest commit 74944fe27c zer0fl4g authored 4 days agoBuild4 days ago+ fixed a crash in attaching to a process where we...
View ArticleFake Applications in browser
I thought to create any Proof of Concepts about faking applications in web browser after I saw "Browser Event hijacking" (http://labs.neohapsis.com/2012/11/14/browser-event-hijacking/) with the CTRL+F...
View Article[SECURITY] [DSA 2650-2] libvirt regression update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-2650-2...
View ArticleClik here to view.
Bypass Nozzle and BuBBLE anti heap-spray
It is a busy time for me and as you see I rarely find time to write on my own blog, but as promised in the past I'll keep on posting some of my notes. Today, for example, I want to stare a nice trick...
View ArticleThreadFix, an Open Source tool for software vulnerability management
As many know, I’ve spent the last couple of years in the vulnerability management world- at least what we generally accept as “vulnerability management”. Although I think what we do at my “day job”...
View ArticleJoomla Component RSfiles
*******************************************************************************# Title : Joomla Component RSfiles <= (cid) SQL injection Vulnerability# Author : ByEge# Contact :...
View Article[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54)
We decided to release technical details of Issue 54 that wasreported to Oracle on Feb 25, 2013 and that was evaluated bythe company as the "allowed behavior".As of Mar 18, 2013 we have no information...
View ArticleJoomla Component com_preachit XSS Vulnerability
# Title : joomla com_preachit XSS Vulnerability# Date: 2013-03-15# Software Link: [ N / A ]# Credit: This Bug was founded by Asesino04 "The Black Devils"# Tested on: Windows XP SP2# Category:...
View Article[ MDVSA-2013:026 ] sudo
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory...
View Article[ MDVSA-2013:027 ] clamav
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory...
View Article[ MDVSA-2013:028 ] nagios
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory...
View ArticlePort scanning /0 using insecure embedded devices
--------------------- Internet Census 2012 --------------------- -------- Port scanning /0 using insecure embedded devices -------- ------------------------- Carna Botnet -------------------------...
View ArticleSurvey: Federal Agencies Overspending on Records Management by an Average of...
Government finance and records professionals cite exponential growth of records as main culprit and call for better training as a top solutionBOSTON & ALEXANDRIA, Va.--(BUSINESS WIRE)--The volume...
View ArticleAVG CloudCare Adds New Email Security Services for Small Businesses
Email Security and Free Remote IT Join Growing List of Cloud-based Services Available on Simplified IT Management PlatformAMSTERDAM & SAN FRANCISCO--(BUSINESS WIRE)--AVG Technologies, the provider...
View ArticleClik here to view.
Growing Data Security Concerns to Drive Global Market for Keystroke and...
GIA announces the release of a comprehensive global report on Keystroke and Typing Dynamics markets. Global market for Keystroke and Typing Dynamics is projected to reach US$579.8 million by 2018,...
View Article