It’s been a while since Firefox has been in the news, but this is a fairly high profile case involving the Nobel Peace Prize website. It seems there is a race condition vulnerability in the latest versions of Firefox (including 3.6.11) that allows remote exploitation. In this case it was used via an iFrame on […]
Exploits/Vulnerabilities
USBsploit 0.3b – Generate Reverse TCP Backdoors & Malicious .LNK Files
PoC to generate Reverse TCP backdoors (x86, x64, all ports), running Autorun or LNK USB infections, but also dumping all USB files remotely on multiple targets at the same time. USBsploit works through Meterpreter sessions with a light (27MB) modified version of Metasploit. The interface is a mod of SET (The Social Engineering Toolkit). The […]
Adobe PDF Reader Rewrite To Include Sandbox Feature
A lot of people have complained about the lack of security in Adobe PDF related products and the fact that the very architecture is insecure. There have been a whole spate of PDF related exploits and vulnerabilities lately – some of them being very serious. It’s good to see Adobe is taking this matter seriously […]
JailBreaking AppleTV Running on iOS 4.1 – iPad/iPhone 4 Jailbreak Soon?
Posts about the latest Jailbreak exploit/software for the new Apple devices are always pretty popular and this looks like it might turn out to be pretty interesting. It seems like at the moment the latest iOS update has been cracked for iPod Touch and earlier iPhones (3GS) but there’s no working Jailbreak at the moment […]
Microsoft Warns Of ASP.Net Vulnerability In The Wild – Cryptographic Padding Attack
There seems to be a fairly serious attack being exploited in the wild that targets vulnerable ASP.Net web applications, so far there is a temporary fix but no official announcement on when a patch will be issued. The next scheduled patches should be pushed out on October 12th. If you had set up your server […]