So a pretty serious remote vulnerability has been discovered in Windows 7, as usual Microsoft is downplaying the problem asking you to block the ports on your firewall rather than fixing the issue.
I’d imagine the problem would only really be a big issue inside networks as who exposes SMB ports to the outside world anyway [...]
The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite [...]
When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world.
But then people tend to say that about most things don’t they until they get pwned up the face.
It turns out the rather obscure SSL flaw can be used to [...]
It’s been quite a while since we’ve written about Cain & Abel, one of the most powerful tools for the Windows platform (back in 2007 here).
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, [...]
The ‘big’ news this week was the first self-replicating worm hit the iPhone, it only seemed to be spreading in Australia though and only worked under a specific set of circumstances.
It only effects iPhone users that have jailbroken their phone and have the SSH software installed with a default password of alpine.
Thankfully it’s not particularly [...]
Turbodiff is a binary diffing tool developed as an IDA plugin. It discovers and analyzes differences between the functions of two binaries.
Requirements
“Turbodiff 1.01 beta release 1″ works with IDA starting from v5.0.
Instructions
For the binaries:
Download the plugin and store it at the directory “..\IDA\plugins”.
If you want to compile it on your own: We have compiled it [...]
Facebook has had it’s fair share of security woes and the latest is the discovery of a new Trojan that uses Facebook to communicate.
Interesting that it’s using the Facebook notes feature to communicate depending on title/subject of the note.
The actual malware itself is spread through doc/pdf exploits and not through any flaws in Facebook itself.
Researchers [...]
It’s been a while since I’ve seen a tool of this type, back in the heydays of Google Hacking (which became the generic term for information gathering via search engines) there were multiple tools such as Gooscan and Goolag.
Binging is a simple tool to query Bing search engine. It will use your Bing API key [...]
There have been a few stories about Windows 7, even one about Windows 7 UAC before and now it’s officially on sale I’d expect there to be many more.
As always malware and mass infections is a numbers game so the bad guys will always target the most popular and prolific operating systems to increase their [...]
UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free [...]
Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down.
And guess what, someone thought of using it to crack passwords. It seems the cut-off would be a 12 character [...]
RATS – Rough Auditing Tool for Security – is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and [...]
