Archive | August, 2010


11 August 2010 | 5,936 views

Microsoft Fixes SSL Spoofing Renegotiation Bug

Well this flaw was first publicized in November last year, it was successfully used against Twitter in the same month. IETF completed the SSL vulnerability fix in January this year and now in August – 10 months after the original release of the flaw – Microsoft has stepped up and fixed it. The fix is [...]

Continue Reading


10 August 2010 | 9,815 views

OpenFISMA – FISMA Compliance & Risk Management Application

The OpenFISMA project is an open source application designed to reduce the complexity and automate the regulatory requirements of the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). OpenFISMA is built on a modern, standardized platform called Zend Framework, which is an open source, [...]

Continue Reading


09 August 2010 | 8,639 views

Adobe Scrambling To Fix Another Serious PDF Flaw

It was only the start of July when we talked about Adobe Patching PDF Vulnerabilities Being Exploited In The Wild and once again they are suffering a serious vulnerability which allows code execution from a malicious PDF document. This time the vulnerability came out during Black Hat and it seems to be serious as Adobe [...]

Continue Reading


05 August 2010 | 7,133 views

Peach Fuzzing Platform – Smarfuzzer For Generation & Mutation Based Fuzzing

Peach is a SmartFuzzer that is capable of performing both generation and mutation based fuzzing. There are typically two methods for producing fuzz data that is sent to a target, Generation or Mutation. Generational fuzzers are capable of building the data being sent based on a data model provided by the fuzzer creator. Sometimes this [...]

Continue Reading


04 August 2010 | 15,569 views

UAE (Dubai) & Saudi Arabia To Ban BlackBerry Services With India To Follow

Well there’s been a lot of news these past few days so it was pretty tough to choose what to cover today, anyway I chose this story as it interests me and could be a real problem for RIM the makers of the popular (and fastest growing) BlackBerry smart-phone device. The latest news is due [...]

Continue Reading


03 August 2010 | 25,069 views

Weaknet Linux – Penetration Testing & Forensic Analysis Linux Distribution

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. WeakNet Linux IV was built from Ubuntu 9.10 which is a Debian based distro. All references to Ubuntu have been removed as the author completely re-compiled the kernel, removed all Ubuntu specific software which would cause the ISO to bloat, and [...]

Continue Reading


02 August 2010 | 24,916 views

GSM Hacking Coming To The Masses Script Kiddy Style

Well it looks like what happened to WEP all those years ago is going to happen to GSM now. The methods have been known, the theory is established but the breaking point is when freely available tools are published that makes it possible for anyone to perform the attacks even without really understanding what is [...]

Continue Reading