This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not? For those that aren’t what it is, it’s pretty much the lowest level programming languages computers understand without resorting to simply 1’s […]
vulnerabilities
Google Releases New Browser Chrome – Vulnerabilities on First Day
[ad] So as most of you probably know the big buzz on the Internet last week was that Google (after supporting Firefox for so long) have actually launched their own browser. It’s cooled Google Chrome. Now of course in typical Google fashion they call it BETA software, and a number of flaws have popped up […]
ISR-evilgrade – Inject Updates to Exploit Software
[ad] ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims […]
Exploit for Kaminsky DNS Bug Goes Wild
[ad] There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild. To top that, they have already been ported into Metasploit! I hope all the major ISPs are in a patching frenzy right now and not thinking to […]
oCERT – Responsing to Flaws in Open Source Software
[ad] So a new initiative – the Open Source Computer Emergency Response Team known as oCERT has been set up one of the main sponsors being Google (read more here – Contributing to Open Source Software Security). The oCERT project is a public effort providing security handling support to Open Source projects affected by security […]