[ad] Well this week there was a Yahoo! Email worm, now also follows a vindictive new worm targetting MSN called BlackAngel.B. The reports come from the anti-virus software company Panda Software. When activated the worm delivers a fateful terror message and then attempts to disable any protection software such as anti-virus, firewall or Windows system […]
computer-security
Trojan Compromises 2,200 Oregon Tax Payers
[ad] Aha! Trojans strike again. Really, I still think it all comes down to education, it doesn’t seem to be a targeted attack though. Just a random infection from your average porn site Trojan. Electronic files containing personal data of up to 2,200 Oregon taxpayers may have been compromised by an ex-employee’s unauthorized use of […]
SQL Power Injector v1.1 Released
SQL Power Injector is a graphical application created in .Net 1.1 that helps the penetrating tester to inject SQL commands on a web page. For now it is SQL Server, Oracle and MySQL compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal Mode). Moreover this application […]
Oedipus – Open Source Web Application Security Analysis
[ad] Oedipus is an open source web application security analysis and testing suite written in Ruby by Penetration Testers for Penetration Testers. It is capable of parsing different types of log files off-line and identifying security vulnerabilities. Using the analyzed information, Oedipus can dynamically test web sites for application and web server vulnerabilities. Oedipus can […]
Academic Papers on Web Application Security
[ad] I found a useful resource containing a whole list of academic papers on web-application security. This list represents an attempt to collect academic papers on the subject of Web application security sorted by the year of publication. Hacking web applications has become a big thing in the last 5 years, just look at the […]