Adobe hasn’t been having the best of luck recently with a string of serious PDF exploits in their Reader software and now in less than a week two critical flaws in Flash. This is a pretty serious flaw and sadly proves Steve Jobs right for not supporting Flash on the iPhone and Ipad. A new […]
sessionthief – HTTP Session Cloning & Cookie Stealing Tool
sessionthief performs HTTP session cloning by cookie stealing. It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, […]
Email Worm Spreading Like Wildfire – W32.Imsolk/VBMania Variant
Oh this is a throw back to the 90s, a self-replicating e-mail worm based around a malicious screensaver (.scr) that sends itself to everyone in your address book. It seems this one is spreading fast though with hundreds of thousands of infections. Reminds of the heydays of ILOVEYOU and Anna Kournikova. A fast-moving email worm […]
DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability
DllHijackAuditor is the smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the […]
Microsoft Investigates IE CSS Cross-Origin Theft Vulnerability
There’s a lot of circumstantial evidence surround this as Microsoft themselves haven’t clarified or publicly announced anything related to the CSS Cross-Origin Theft bug – but it seems fairly clear. Some media sources are quoting it as a ‘new bug‘ – which it isn’t, according to other sources it has been known about for at […]