Tag Archive | "exploits"


29 August 2008 | 8,048 views

ISR-evilgrade – Inject Updates to Exploit Software

ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims DNS [...]

Continue Reading


25 July 2008 | 26,151 views

Exploit for Kaminsky DNS Bug Goes Wild

There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild. To top that, they have already been ported into Metasploit! I hope all the major ISPs are in a patching frenzy right now and not thinking to themselves [...]

Continue Reading


13 May 2008 | 3,760 views

oCERT – Responsing to Flaws in Open Source Software

So a new initiative – the Open Source Computer Emergency Response Team known as oCERT has been set up one of the main sponsors being Google (read more here – Contributing to Open Source Software Security). The oCERT project is a public effort providing security handling support to Open Source projects affected by security incidents [...]

Continue Reading


06 May 2008 | 6,150 views

Patch Window Shrinking – Semi-Automated Reverse Engineering

As far as I know this has been happening for some time, sometimes a patch comes out for a vulnerability that many people don’t know about (including the hackers) so they will see what problem the patch fixes (possibly through reverse engineering) then develop an exploit to leverage on the flaw. It seems things are [...]

Continue Reading


16 April 2008 | 23,860 views

Hackers Could Become The Hacked?

It looks like someone is going after the bad guys in a new way, by hacking them back! It’s no news to us that many hacking tools and script kiddy trojan kits are badly programmed..a lot of them have back-doors and the client-side tools have easy exploits that enable you to take over the ‘hackers’ [...]

Continue Reading


29 February 2008 | 5,417 views

SCARE – Source Code Analysis Risk Evaluation Tool

The Source Code Analysis Risk Evaluation project is a study to create a security complexity metric that will analyze source code and provide a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited nor does it do [...]

Continue Reading


11 December 2007 | 5,173 views

Serious Flaw in Popular Media Players from Microsoft and AOL

It looks like there is a fairly serious vulnerability in some of the popular media player packages out in the wild packaged as a MP4 file (due to the MP4 codec from 3ivx), it effects Windows Media Player 6.4 and Windows Media Player Classic, which are made by Microsoft, and AOL’s Winamp version 3.5. All [...]

Continue Reading


07 December 2007 | 4,056 views

SANS Top 20 Vulnerabilities Published for 2007

It’s that time of the year, our annual christmas present – the Sans Top 20 Vulnerabilities for 2007. The SANS Top 2007 list is not “cumulative.” We include only critical vulnerabilities from the past year or so. If you have not patched your systems for long time, it would be wise to patch the vulnerabilities [...]

Continue Reading


03 December 2007 | 4,587 views

WabiSabiLabi Pimping ClamAV Vulnerability & Exploit

Interesting, a new arena for marketing spin and sales talk – the auctioning of exploits. WabiSabiLabi is pushing hard for a good price for a ClamAV vulnerability and exploit that it has gotten hold of, it’s dosing it up with a good portion of spin to make it seem like the next big thing – [...]

Continue Reading


24 September 2007 | 4,390 views

Voting Machines Lose to Hackers Again

Iā€™m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed. Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in voting [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·