Tag Archive | "exploits"


15 December 2011 | 8,080 views

No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Continue Reading


15 September 2009 | 20,782 views

FreeBSD Local Root Escalation Vulnerability

It’s been a long time since we’ve heard about a problem with FreeBSD, partially because the mass of people using it isn’t that large and secondly because BSD tends to be pretty secure as operating systems go. It’s a pretty serious flaw this time with root escalation, thankfully it’s only a local exploit though and [...]

Continue Reading


02 September 2009 | 9,948 views

Apache.org Hacked Using Remote SSH Key

Apache.org has been hacked quite a number of this times, last week it happened again and the whole infrastructure was down for a few hours while they sorted out what had happened and how to remedy it. Apparently one the remote SSH keys was compromised allowed attacked to upload code, the scary part is they [...]

Continue Reading


12 August 2009 | 53,532 views

WordPress 2.8.3 Admin Reset Exploit

Ah it’s WordPress again, sometimes I wonder how many holes there are in WordPress. I guess a dedicated attacker could find some serious ones with the complexity of the code base. It’s suspected some of the recent high profile breaches have come from WordPress exploits. The latest one to become public is a simple but [...]

Continue Reading


15 July 2009 | 20,289 views

Damn Vulnerable Web App – Learn & Practise Web Hacking

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security. Vulnerabilities SQL Injection XSS (Cross Site Scripting) LFI (Local File Inclusion) RFI (Remote [...]

Continue Reading


21 May 2009 | 4,327 views

BugSpy – Crawls The Web For Open Source Software Bugs

BugSpy is an interesting web site I came across recently, put together using a Python Framework (django) it aggregates bugs from as many open source projects as it can find. Preferably critical bugs. You can search by tag (e.g java, email or php ) or by product name (e.g Ubuntu, Typo3 or Samba). http://bugspy.net/

Continue Reading


23 February 2009 | 5,583 views

Hackers Target 0-Day Vulnerability In Adobe PDF Reader & Acrobat

Another flaw in the Adobe product suite! It seems like PDF is turning into a complex animal, complexity of course always brings more security issues. It was only back in February last year when there was a bug in Adobe Reader, and almost exactly a year later another one. This time it’s a zero-day just [...]

Continue Reading


09 December 2008 | 4,935 views

Secunia Personal Software Inspector (PSI) 1.0

To continue with some software targeted towards security and self-protection after posting about Microsoft Baseline Security Analyzer (MBSA) and Microsoft Security Assessment Tool (MSAT) we continue with one more – Secunia Personal Software Inspector. We did write about this software way back when Secunia first came out with their Secunia Software Inspector. There’s now 3 [...]

Continue Reading


22 September 2008 | 23,188 views

Modern Exploits – Do You Still Need To Learn Assembly Language (ASM)

This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not? For those that aren’t what it is, it’s pretty much the lowest level programming languages computers understand without resorting to simply 1′s [...]

Continue Reading


09 September 2008 | 5,361 views

Google Releases New Browser Chrome – Vulnerabilities on First Day

So as most of you probably know the big buzz on the Internet last week was that Google (after supporting Firefox for so long) have actually launched their own browser. It’s cooled Google Chrome. Now of course in typical Google fashion they call it BETA software, and a number of flaws have popped up during [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·