News » 
The following section combines some of the best News feeds related to field of information security.
Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say
Larry Suto published a report comparing the various commercial web application security scanners. As you'd expect the vendors are likely to respond about how inaccurate the report is, however in this case both HP and Acunetix argued valid points. From Acunetix "They were not found because…
China Closes Hacker Training School, Arrests 3
China officials have shut down Black Hawk Safety Net, the country's biggest hacker training Website, and arrested three people for making hacker tools available online. - China announced it has arrested three people in connection with operating a hacker training school that distributed malware…
E*TRADE Reveals Super Bowl(R) XLIV Advertisements
Denver-based Scottish Stained Glass Shares Its Online Secret to Success
Natural Convection Cooling, Expanded I/O Packed into Aitech's New Lightweight NightHawk Rugged Control Unit
Cyber Security Legislation Will Help Protect U.S. Economy, Says VirnetX Researcher
Miami-Dade Police Department's 'Project Dolphin' Supports Super Bowl XLIV
How to Use Display Retargeting to Grow Your Search Business
Equifax Board of Directors Declares Quarterly Dividend; Announces Annual Meeting Date
NIST Supplemental Testing Re-confirms IriTech is #1 Iris Identification Provider
Blogs » 
Blogs are important as they represent an independant view of the information security landscape. The following section combines some of the best Blog feeds related to field of information security.
Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th)
...(more)...
When is a 0day not a 0day? Samba symlink bad default config, (Tue, Feb 9th)
When is a 0day not a 0day? When the exploit ends up being just a poor default configuration issue. I ...(more)...
The Limits of Visual Inspection
Interesting research : Target prevalence powerfully influences visual search behavior. In most visual search experiments, targets appear on at least 50% of trials. However, when targets are rare (as in medical or airport screening), observers shift response criteria, leading to elevated miss error…
When is a 0day not a 0day? Fake OpenSSh exploit, again. , (Mon, Feb 8th)
When is a 0day in OpenSSH not a 0day? When it's local exploit code. Not the kind that exploits a vul ...(more)...
More Details on the Chinese Attack Against Google
Three weeks ago, Google announced a sophisticated attack against them from China. There have been some interesting technical details since then. And the NSA is helping Google analyze the attack. The rumor that China used a system Google put in place to enable lawful intercepts, which I used as a…
Mandiant Mtrends Report, (Sun, Feb 7th)
Once again a lazy weekend to catch up on some reading. One of the items that came across my em ...(more)...
New Attack on Threefish
At FSE 2010 this week, Dmitry Khovratovich and Ivica Nikolic presented a paper where they cryptanalyze ARX algorithms (algorithms that use only addition, rotation, and exclusive-OR operations): " Rotational Cryptanalysis of ARX ." In the paper, they demonstrate their attack against…
LANDesk Management Gateway Vulnerability, (Sat, Feb 6th)
LANDesk has released a security fix for a vulnerability reported for the LANDesk Management Gateway ...(more)...
tweaked ISC layout. Please submit screen shot and browser details if things don't look right., (Sat, Feb 6th)
------ Johannes B. Ullrich, Ph ...(more)...
Oracle WebLogic Server Security Alert, (Sat, Feb 6th)
Oracle issued a Security Alert that address a vulnerability in the Node Manager component of Oracle ...(more)...
Research » 
This is the research section. It currently lists feeds from organizations and individuals who are actively performing information security research.
Postgres Fingerprinting
Many database servers helpfully provide version number, platform, and other salient details to just about anyone who asks, authenticated or not, which makes fingerprinting these applications a snap. However, Postgres is a little more coquettish about revealing such personal information about itself…
Exploiting the Samba Symlink Traversal
Last night, Kingcope uploaded a video to youtube demonstrating a logic flaw in the Samba CIFS service (this was followed by a mailing list post ). This bug allows any user with write access to a file share to create a symbolic link to the root filesystem. From this link, the user can access any file…
Encouraging More Chromium Security Research
I don't usually post non-original content here, but in this case I'll make an exception :) Here's one of the things I've been working on over in Chromium land: http://blog.chromium.org/2010/01/encouraging-more-chromium-security.html Will you be the first $1337 ?
One Exploit Should Not Ruin Your Day
Now that the media excitement of the aftermath of Operation Aurora has calmed down and we are all soothing ourselves to sleep by the sound of promptly applying Windows Updates, it is a good time to take a look back and try and figure out what the changing threat landscape means for real-world…
Reproducing the "Aurora" IE Exploit
Update: This module, just like the original exploit, only works on IE6 at this time. IE7 requires a slightly different method to reuse the object pointer and IE8 enables DEP by default. Yesterday, a copy of the unpatched Internet Explorer exploit used in the Aurora attacks was uploaded to Wepawet .…
Posting raw XML cross-domain
I was recently stealing anti-XSRF tokens using the CSS design error I found . In the (unnamed for now) app I was exploiting, all the fun happens in XSRF-protected POST requests with an XML RPC protocol. If you are good.com , then sending XML to yourself is easy - you can send arbitrary POST payloads…
"Logout XSRF" - significant web app bug?
[Or "Logout CSRF" for search indexes; I seem to be addicted to the less common acronym ;-)] Significant? No, of course not. It is a technical integrity violation inflicted upon good.com by evil.com . That's not ideal, and could be an annoyance. But there are some other interesting…
Safe, Reliable, Hash Dumping
The Metasploit Meterpreter has supported the "hashdump" command (through the Priv extension) since before version 3.0. The "hashdump" command is an in-memory version of the pwdump tool, but instead of loading a DLL into LSASS.exe, it allocates memory inside the process, injects…
Exporting the Registry for Fun and Profit
Over the last few days, I have been playing with WinScanX , a free command-line tool for querying Windows service information over SMB. WinScanX combines many of the essential tools used during a penetration test into a single utility. One of the more interesting features is the "-y" flag,…
Generic cross-browser cross-domain theft
Well, here's a nice little gem for the festive season. I like it for a few distinct reasons: It's one of those cases where if you look at web standards from the correct angle, you can see a security vulnerability specified. Accordingly, it affected all 5 major browsers. And likely the…
Advisories » 
This section contains a list of recent advisories automatically collected from various sources.
No Results
Exploits » 
This section contains aggregated feeds of recent exploits published by some of the best resources online.
Winplot (.wp2 File) Local Buffer Overflow Exploit
cP Creator 2.7.1 (Cookie tickets) Remote SQL Injection Exploit
CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
ProdLer <= 2.0 (prodler.class.php sPath) RFI Vulnerability
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
WX Guest Book 1.1.208 (SQL/XSS) Multiple Remote Vulnerabilities
Snort < 2.8.5 Unified1 Output Denial of Service Exploit
Joomla com_jinc (newsid) Blind SQL Injection Vulnerability
Joomla com_mytube (user_id) Blind SQL Injection Exploit
BigAnt Server <= 2.50 SP6 Local (ZIP File) Buffer Overflow PoC #2
Podcasts » 
This section contains aggregated feeds of recent security podcasts.
Security threat report: 2010
Carole Theriault interviews Chester Wisniewski, senior security advisor at Sophos Canada, about the latest findings in the 2010 Sophos security threat report, discussing the latest trends in malware as well as exploring topical issues such as security on Windows 7 and Apple Mac threats.
Operation Aurora: The attack on Google
Chester Wisniewski of Sophos Canada and James Lyne from the Office of the CTO discuss Operation Aurora: The attack on Google, what it means to businesses, and what we should be doing to better protect our networks.
Facebook, identity theft and the plastic duck
Sean Richmond of Sophos Australia talks to Paul Ducklin, head of technology for APAC, about the results of Sophos's latest Facebook experiment, revealing that users are still failing to take adequate security steps on the popular social network.
Kanye West, SEO and scareware
Senior technology consultant Graham Cluley explains how hackers have been taking advantage of the hoax news stories about the death of Kanye West, using search optimisation techniques to infect computer users with scareware.
A lesson in cloud computing and software as a service
Paul Ducklin, head of technology for Sophos APAC, defines cloud computing and SaaS, explaining the associated security risks and gives his opinion on whether cloud and SaaS mean the end of desktop security software.
Windows 7 in the security spotlight
Sophos senior technologist James Lyne discusses Windows 7 from the security point of view, looking at the Action Centre, enhancements in the Windows firewall, Direct Access and the controversy surrounding XP mode.
Virtualization and encryption: the security facts
More organizations are looking to virtualize their servers, but few are considering the associated security concerns. James Lyne, senior technologist at Sophos, explains why encrypting virtualized servers will avoid costly leaks.
Security Threat Report: Update July 2009
Graham Cluley, senior technology consultant at Sophos, discusses the findings in the latest threat report, revealing that criminals have increased the focus of attacks on social networking sites.
Conficker and April 1st
Sean Richmond of Sophos Australia talks to Paul Ducklin about the first of April Conficker security panic
Security and server virtualization
Carole Theriault interviews James Lyne from the technology office at Sophos about the security risks associated with virtualized server systems and how new security technologies may help to overcome these attacks.
Culture » 
This section contains a list of cultural hacker blogs.
Was Huxley right?
I stumbled upon the following cartoon on twitter. I have read 1984 but not Brave New World. Will be visiting the local library soon. [...]
Working Hard is Overrated?
I often hear about success stories where the direct cause for the success is someones hard work and persistence. Although in my mind persistence is important, it seems that hard work is seriously overrated according to the founders of Flickr and a bunch of neuroscientists, as reported here and…
How Derren Brown Predicted the Lottery Numbers
Last Wednesday (09/09/2009) Derren Brown predicted, or at least he made us to believe that he did, five numbers from the lottery draw aired on BBC. For those of you who have no clue what I am talking about, here is a video footage from the show. How did he do it? I was eager to find out but since he…
Simple and Obvious
When we see something that is simple and obvious we automatically assume that we can reach the same idea because after all it is simple and obvious. However, simple and obvious concepts are hard to come up with. Do not ignore the simple and the obvious. [...]
Micro Communities
I think that we are at the verge of another online change. We are going from hyper global communities, to ultra local and even micro communities. Global communities are places such as Facebook, Twitter, MySpace and all other social networks which sole purpose is to get as many users on board as…
World of Warcraft and Social Media Success
Mashable is running an interesting article today titled 6 Things World of Warcraft Can Teach You About Social Media Success. It is about the life lessons the author of the article learned while playing WoW. I took the courtesy to summarize them all here but pay a tribute to mashable by visiting…
Why Tribes, Not Money or Factories, Will Change the World
Seth Godin argues the Internet has ended mass marketing and revived a human social unit from the distant past: tribes. Founded on shared ideas and values, tribes give ordinary people the power to lead and make big change. He urges us to do so. If you watch the video you will spot the Kindle sell-out…
The Reason to Focus on Simplicity
I wrote about the importance of simplicity before but here is another reason why you should believe me. :) Keep this in mind the next time you design a service or a product. [...]
Social Media in Plain English
Confused information security folks (but not only) can find this video quite interesting. What I liked the most about this video is that the authors clearly explain that social media is first of all the collective contributions of ordinary people through blogs, wikies, podcasts and other social…
Bill Gates Facebook Page
Funny Sunday morning stuff: Steve Jobs and St. Peter are also there.---gnucitizen information security gigs part of the cutting-edge network:No active items found!GNUCITIZEN NETWORK ---recent posts from the gnucitizen cutting-edge network:Was Huxley right?Websecurify Advanced is Coming Up in…





























