[ad] Fairly wide-spread attacks based on the latest vulnerability in Adobe PDF Reader have been spotted by Symantec, they appear to be variants on old attacks but still can be very effective. It’s not the first time this has happened, back in February 2009 Hackers targeted a 0-day exploit in PDF Reader. With one variant […]
Archives for 2010
YASAT – Yet Another Stupid Audit Tool
[ad] YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut). It do many tests for checking security configuration issue or others good practice. It checks many software configurations like: Apache PHP kernel MySQL OpenVPN […]
2010 Bug Wreaks Havoc In Germany
[ad] This was pretty unexpected for most people, the Y2K bug was so over-hyped then nothing really happened. Then suddenly 2010 comes and everything goes haywire! The first big news that struck was Spam Assassin which included all versions of cPanel, it started rejected almost all e-mails due to a bug in the spam detection […]
fimap – Remote & Local File Inclusion (RFI/LFI) Scanner
[ad] fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps. fimap is similar to sqlmap just for LFI/RFI bugs instead of sql injection. It is currently under heavy development but it’s usable. Features Check a Single URL, List of […]
Researcher Uncovers XSS Flaws In Twitter and Google Calendar
[ad] More flaws discovered in Twitter and Google Calender during the holiday season. Once again XSS flaws have been discovered in popular web apps, but at least they were reported and not used nefariously this time. Fixes have been issued promptly by both Google and Twitter so there is not much cause for concern this […]