New versions of the excellent pwdump6 and fgdump have been released (1.6.0 for both!). For those that don’t know what pwdump or gfdump are.. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on […]
vulnerability
Intel Core 2 Duo Vulnerabilities Serious say Theo de Raadt
[ad] The scariest type of all, hardware vulnerabilities. Security guru and creator of OpenBSD Theo de Raadt recently announced he had found some fairly serious bugs in the hardware architecture of Intel Core 2 Duo processors. He goes as far as saying avoid buying a C2D processor until these problems are fixed. A prominent software […]
IE 7 Flaw Could Help Phishers – Error Message Processing
[ad] Ah another way for phishers and people wanting to steal login credentials to con IE7 users. Yet another reason to use Firefox or Opera? Not saying these browsers are perfect…but look at the amount of problems Internet Exploder Explorer has had. The flaw lies in the way IE7 processes a locally stored HTML error […]
Skype Worm in the Wild – W32.Chatosky
[ad] A new worm is spreading fast on the Skype network, it’s activated by a malicious Skype Chat link and it has been seen in the wild in numerous places. Apparently the dangerous link starts with “Check this!” pointing to a .org/.biz address, if you click the link you’ll become infected. There have been no […]
Linux Kernel 2.6.x PRCTL Core Dump Handling – Local r00t Exploit ( BID 18874 / CVE-2006-2451 )
[ad] A working version of the exploit used to escalate privileges to root in the recent Debian breakin, ah another root kernel exploit. It’s to do with the way the kernel handles file permissions (or lack of) on core dumps. Linux kernel is prone to a local privilege-escalation vulnerability. A local attacker may gain elevated […]