A List of Some Vulnerability Reward Programs
http://www.google.com/about/company/rewardprogram.htmlhttp://www.mozilla.org/security/bug-bounty.htmlhttp://www.ccbill.com/developers/security/vulnerability-reward-program.phphttp://secunia.com/communi...
View ArticleSecurity Headers on the Top 1,000,000 Websites: March 2013 Report
Back in November 2012 I did Veracode’s initial release of a security headers report on the top 1 million websites from the Alexa list. My goal was to turn it into a series so it would be possible to...
View ArticleThe DDoS That Almost Broke the Internet- I don't think so!
The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times calls the attack the largest known DDoS attack...
View ArticleClik here to view.
SQLNuke – Simple but Fast MySQL Injection load_file() Fuzzer
In SQL (Structured Query Language) Injection, there are many kinds of techniques that are partnered with UNION SELECT statements like LOAD_FILE(), INTO OUTFILE(), INFORMATION_SCHEMA, Char(), CAST(),...
View Articleroundcubemail: Local file inclusion flaw via web UI modification of certain...
RoundCube Webmail upstream has released 0.8.6 and 0.7.3versions to correct one security flaw:A local file inclusion flaw was found in the way RoundCubeWebmail, a browser-based multilingual IMAP client,...
View ArticleThreat Outbreak Alert: Fake KeyCorp Encrypted Message Attachment E-mail...
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a secure message notification for the recipient. The text in...
View Article[SECURITY] [DSA 2655-1] rails security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- -------------------------------------------------------------------------Debian Security Advisory DSA-2655-1...
View ArticleThreat Outbreak Alert: Fake HSBC Bank Transaction Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a payment transaction notification for the recipient. The text...
View ArticleThreat Outbreak Alert: Fake HSBC Debt Repayment Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain debt payment advice for the recipient. The text in the e-mail...
View ArticleWordPress podPress Plugin XSS in SWF
# Exploit Title: WordPress podPress Plugin XSS in SWF# Release Date: 28/03/13# Author: hip [Insight-Labs]# Contact: hip () insight-labs org | Website: http://insight-labs.org# Software Link:...
View ArticleSpammers disguise links using Google translate
Spammers are always on the lookout for new ways to disguise themselves on the way into your inbox, and recently they've found a new trick that lets them leverage the most trusted brand on the internet...
View ArticleJoomla Component DOCman PayPal
######################################################### Joomla Component DOCman PayPal <= (id) SQL injection Vulnerability######################################################### Author : ByEge#...
View ArticleMailOrderWorks v5.907 - Multiple Web Vulnerabilities
Title:======MailOrderWorks v5.907 - Multiple Web VulnerabilitiesDate:=====2013-01-02References:===========http://www.vulnerability-lab.com/get_content.php?id=798VL-ID:=====796Common Vulnerability...
View ArticlePaypal Bug Bounty #46 - Persistent Web Vulnerability
Title:======Paypal Bug Bounty #46 - Persistent Web VulnerabilityDate:=====2013-03-28References:===========http://www.vulnerability-lab.com/get_content.php?id=805PayPal Security UID:...
View Article[RHSA-2013:0690-01] Important: bind97 security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: bind97...
View Article[RHSA-2013:0688-01] Low: Red Hat Enterprise Linux Advanced Mission Critical...
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Low: Red Hat Enterprise...
View Article[RHSA-2013:0691-01] Important: Red Hat Storage 2.0 security, bug fix, and...
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: Red Hat...
View Article[RHSA-2013:0689-01] Important: bind security and bug fix update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: bind security...
View ArticleMetasploit:STUNSHELL Web Shell Remote Code Execution
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# web site for more information on licensing and terms of...
View ArticleMetasploit: TUNSHELL Web Shell Remote PHP Code Execution
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# web site for more information on licensing and terms of...
View Article