Windows Help Vulnerability Exploited In The Wild

So the other big news this week apart from the AT&T iPad/iPhone 4 screw-up is that a recently announced critical vulnerability in Windows XP is being exploited in the wild. It was disclosed fairly recently and is a vulnerability in the Windows XP help system disclosed by Tavis Ormandy, a Google researcher who has appeared […]

Topic: Exploits/Vulnerabilities, Windows Hacking

raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks

raw2vmdk is an OS independent Java utility that allows you to mount raw disk images, like images created by “dd”, using VMware, VirtualBox or any other virtualization platform supporting the VMDK disk format. It could be an interesting tool for doing forensics examinations on compromised boxes when all you have is a dd dump of […]

Topic: Forensics, Security Software

iPhone 4 Pre-Order System Exposes Customer Data

The big talk over the past weekend was about this, the AT&T system for recording pre-sales records for the new Apple iPad exposed account information. I didn’t think it was a big deal until they did something similar again today with the iPhone 4…the second time in one week – that must be some kind […]

Topic: Apple, Exploits/Vulnerabilities, Privacy

Onapsis Bizploit – ERP Penetration Testing Framework

Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests. Bizploit is expected to provide the security community with a basic framework to support the discovery, exploration, vulnerability assessment and exploitation of […]

Topic: Database Hacking, Security Software

Microsoft Installs Firefox Add-on Without Asking During Recent Patch Tuesday

It’s not the first time Microsoft has had some issues with Firefox and add-ons they installed on users machines through Windows Update. Back in October of last year, Mozilla forcefully disabled a .NET add-on as it was causing ‘instability’ rather a security/vulnerability issue. I did notice the issue with my own Firefox and also noticed […]

Topic: Windows Hacking