This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not?
For those that aren’t what it is, it’s pretty much the lowest level programming languages computers understand without resorting to simply 1’s and [...]
So as most of you probably know the big buzz on the Internet last week was that Google (after supporting Firefox for so long) have actually launched their own browser.
It’s cooled Google Chrome. Now of course in typical Google fashion they call it BETA software, and a number of flaws have popped up during the [...]
ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software.
How does it work?
It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims [...]
There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild.
To top that, they have already been ported into Metasploit!
I hope all the major ISPs are in a patching frenzy right now and not thinking to themselves that there [...]
So a new initiative - the Open Source Computer Emergency Response Team known as oCERT has been set up one of the main sponsors being Google (read more here - Contributing to Open Source Software Security).
The oCERT project is a public effort providing security handling support to Open Source projects affected by security incidents or [...]
As far as I know this has been happening for some time, sometimes a patch comes out for a vulnerability that many people don’t know about (including the hackers) so they will see what problem the patch fixes (possibly through reverse engineering) then develop an exploit to leverage on the flaw.
It seems things are a [...]
It looks like someone is going after the bad guys in a new way, by hacking them back! It’s no news to us that many hacking tools and script kiddy trojan kits are badly programmed..a lot of them have back-doors and the client-side tools have easy exploits that enable you to take over the ‘hackers’ [...]
It seems like some recently patched flaws in Adobe Reader are actively being exploited in the wild, mostly via malicious banners from various sites.
Nothing particularly nasty is happening, but a trojan is being installed which can intercept search engine results. It’s definitely recommended to update to the latest version (8.1.2).
Personally I don’t have such a [...]
Ah Metasploit development cycle seems to be picking up, I guess with greater community support the bugs get ironed out and the new features introduced faster.
Good to see an update so soon after Metasploit Framework v3.0 was released.
I keep closely up to date with Metasploit as it’s pretty much the best free tool out there [...]
It looks like there is a fairly serious vulnerability in some of the popular media player packages out in the wild packaged as a MP4 file (due to the MP4 codec from 3ivx), it effects Windows Media Player 6.4 and Windows Media Player Classic, which are made by Microsoft, and AOL’s Winamp version 3.5.
All the [...]
