Tag Archive | "vulnerability"


11 July 2011 | 12,008 views

Malicious PDF Files To Exploit iPhone & iPad Zero Day In The Wild

Well everyone has been waiting for a Jailbreak for the iPad 2 with the latest version of iOS – it happened and only hours later the malformed PDF files that were used in the exploit were circulating the Internet. It’s not the first time this has happened, last time jailbreakme did the same thing back [...]

Continue Reading


10 March 2011 | 8,905 views

Day One At Pwn2Own Takes Out Microsoft Internet Explorer and Apple Safari

Well it’s March again and well we love March because it’s Pwn2Own time! Every year around this time we get some goodies to discuss way back since: 2008 – Mac owned on 2nd day of Pwn2Own hack contest 2009 – Charlie Miller Does It Again At PWN2OWN 2010 – Mozilla Beats Apple & Microsoft to [...]

Continue Reading


19 July 2010 | 7,146 views

Mozilla Increases Security Bug Bounty To $3000

There’s been a number of bounty programs in the past year or so with Mozilla being one of the forerunners with their Mozilla Security Bug Bounty Program. There are others like Google offering rewards for bugs in Chrome, and other specific high profile bounties like when Microsoft Offered $250K Bounty for Conficker Author. Mozilla on [...]

Continue Reading


18 February 2010 | 5,394 views

Google Buzz Patches XSS Flaw In Mobile Version

You may or may not have noticed, but I was on hiatus for a few days. As you’re probably aware (and I’m sure many of you celebrate) it was Chinese New Year on February 14th so I was offline for a few days taking a well deserved break. I’d like to wish all of you [...]

Continue Reading


21 January 2010 | 7,936 views

Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability

Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE. The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution Prevention). It was rumoured this was the exploit used last week to compromise Google [...]

Continue Reading


19 January 2010 | 6,383 views

IETF Completes Vulnerability Fix For SSL Renegotiation Bug

You should remember the SSL Renegotiation bug from last year that was used to successfully attack twitter. Finally IETF have come out with a fix for the issue, it’s natural it has taken some time as it’s a flaw in the actual protocol itself not in any specific implementation (which is usually the case). The [...]

Continue Reading


09 September 2009 | 13,579 views

Cisco & Microsoft Patch TCP Stack DoS Exploit

A fairly serious flaw that was announced in October 2008 by Outpost24 (and apparently discovered way back in 2005), has finally been patched by the major players Cisco and Microsoft. So far Redhat has offered a workaround for the flaw and Juniper has responded that their equipment is not vulnerable. It could be that Juniper [...]

Continue Reading


24 October 2008 | 5,804 views

Microsoft Rushes Out Critical RPC Bug Fix

Now this doesn’t happen all that often, it must be really serious! An Out-of-Band patch from Microsoft (since it’s famous ‘Patch Tuesday‘ it only releases patches on the second Tuesday of each month) has been released for a new RPC flaw. I’d imagine it’s similar to the RPC flaw that spawned such disasters as Blaster [...]

Continue Reading


06 August 2008 | 6,869 views

HD Moore’s Company BreakingPoint Suffers DNS Attack

It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint. It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging [...]

Continue Reading


29 February 2008 | 5,386 views

SCARE – Source Code Analysis Risk Evaluation Tool

The Source Code Analysis Risk Evaluation project is a study to create a security complexity metric that will analyze source code and provide a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited nor does it do [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·