Started Work on Bot 24 - E learning Ethical Hacking Game (Inclusive Some Open...
Please let me know your thoughts and provide me with some constructive criticism although the first game is far from complete, thanks:) I'm trying to construct games for open source security and...
View ArticleWordPress Mathjax Latex 1.1 Cross Site Request Forgery
# Title: Wordpress Mathjax Latex 1.1 Cross-Site Request Forgery Vulnerability# Release Date: 25/03/13# Author: Junaid Hussain [ illSecure Research Group ]# Contact: illSecResearchGroup@Gmail.com |...
View ArticleThreat Outbreak Alert: Fake HSBC Bank Repayment Information E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a payment advice notification for the recipient. The text in...
View ArticlexBoard 6.0 Local File Inclusion Vulnerability
########################################### Exploit Title: xBoard 6.0 Local File Inclusion# Author: DaOne aka Mocking Bird# Software Link: http://sourceforge.net/projects/xboard/# Category:...
View ArticleBlizard BB 1.7 SQL Injection Vulnerability
########################################### Exploit Title: Blizard BB 1.7 SQL Injection Vulnerability# Author: DaOne aka Mocking Bird# Software Link: http://sourceforge.net/projects/blizard/# Category:...
View ArticleLucky 0Day discovery| mongodb remote exploit
Lucky discoveryTrying some server side javascript injection in mongodb, I wondered if it would be possible to pop a shell.The run method seems good for this :read...
View Article[RHSA-2013:0679-01] Moderate: jakarta-commons-httpclient security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Moderate:...
View Article[RHSA-2013:0683-01] Moderate: axis security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Moderate: axis security...
View ArticleViewfinity CEO: High Profile Cyber Warfare & Cyber Terrorism Cases Highlight...
Viewfinity Delivers Privilege Management Controls With Enterprise Level Scalability, Significantly Reducing Security RisksWALTHAM, MA and TEL AVIV, ISRAEL--(Marketwire - Mar 26, 2013) - Leonid...
View ArticleAlert Logic Releases 2013 State of Cloud Security Report
Web Application Attacks Remain One of the Greatest Security Threats in Both Enterprise Data Centers and Cloud EnvironmentsHOUSTON, March 26, 2013 /PRNewswire/ -- Findings from the latest Alert Logic...
View ArticleAndroid Trojan Found in Targeted Attack
In the past, we've seen targeted attacks against Tibetan and Uyghur activists on Windows and Mac OS X platforms. We've documented several interesting attacks (A Gift for Dalai Lamas Birthday and Cyber...
View ArticleiPhones most 'vulnerable' among smartphones
Summary: Cybercriminals are more motivated to find loopholes in iOS due to the popularity of Apple smartphones and the strictly controlled app store which do not easily allow the publishing of...
View ArticleSynConnect PMS SQL Injection Vulnerability
Title:====SynConnect - SQL Injection vulnerabilityCredit:======Name: Bhadresh PatelCompany/affiliation: Cyberoam Technologies Private LimitedWebsite:...
View ArticleOWASP WAF Naxsi bypass Vulnerability
OWASP WAF Naxsi bypass VulnerabilityCertain unspecified input is not properly handled innaxsi_src/naxsi_utils.c naxsi_unescape_uri(u_char **dst, u_char **src,size_t size, ngx_uint_t type) before being...
View ArticleThreat Outbreak Alert: Scanned Xerox Document Attachment E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a scanned document sent from a XEROX WorkCentre Pro device for...
View ArticleMultiple XSS vulnerabilities in IBM Lotus Domino
I want to warn you about multiple Cross-Site Scripting vulnerabilities inIBM Lotus Domino.Last year I've announced multiple vulnerabilities in IBM software and afterIBM fixed many of them, I've...
View ArticlePrecalculating Dyndns domain names of g01pack exploit kit- -I have found a...
Url of the compromised OpenX server was :Code: [Select]ads.universfreebox.com/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HEREThere are 2 modifications in the algorithm.1.) The string...
View ArticleMicrosoft Security Advisory Notification
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256********************************************************************Title: Microsoft Security Advisory NotificationIssued: March 26,...
View ArticleThreat Outbreak Alert: E-mail Messages with Malicious Attachments
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain an attachment for the recipient. The text in the e-mail message...
View ArticleSafeGov.Org Proposes New Approach to Reduce Public Sector Cyber and Data...
"Measuring What Matters: Reducing Risk by Rethinking How We Evaluate Cybersecurity" Suggests IGs Use Risk Management IndicatorWASHINGTON, March 26, 2013 /PRNewswire/ -- SafeGov.org today released its...
View Article