Security News

WMF Zero Day Exploit, solution.

floydfe — Wed, 24 Oct 2007 14:44:37 +0000

Security expert Steve Gibson, and Leo Laporte describe and discuss a way that Windows users can avoid becoming a victim of the Windows Meta File exploit, which now has more than 57 different variants. Note: Link is to a podcast, SecurityNow!

read more | digg story

German Blog-Service Accidentally Deletes 4 Months of Comments

floydfe — Wed, 24 Oct 2007 14:38:09 +0000

The german hosted blogging-service blogg.de accidentally deleted all comments from user weblogs last Friday. This worst case scenario occured when the administrators tried to fight down comment spam platform-wide. And due to corrupt backup files, all previously saved database dumps from mid-August to December 5th are useless.

read more | digg story

Zero-Day Mac OS X Exploit Disclosed

floydfe — Wed, 24 Oct 2007 14:24:42 +0000

A researcher has posted proof-of-concept code for a zero-day flaw within Mac OS X dealing with its handling of disk image (.dmg) files. The issue causes a memory corruption vulnerability that could allow attackers to execute arbitrary code.

read more | digg story

DEEP DIVE into Application Security – free chapter on C Language Issues

floydfe — Wed, 24 Oct 2007 14:14:11 +0000

“… this is probably the most comprehensive application security book I’ve seen. The authors cover topics ranging from memory corruption vulnerabilities such as buffer overflows to Unix, TCP/IP, firewalls and virtual private networks. Througout, there are numerous examples of code, configurations and exploits. –Mathias Thurman, Computerworld

read more | digg story

Safari in Windows Zero Day Nightmare

floydfe — Wed, 24 Oct 2007 14:09:15 +0000

Some using the browser in its new OS home are reporting six exploits in one afternoon – ranging from memory corruption bugs to denial of service crashes.

read more | digg story

SmitFraudFix Tutorial

floydfe — Wed, 24 Oct 2007 13:13:15 +0000

This is a review and tutorial for Smithfraudfix, which is a free tool for removal popular
browser hijackers and corrupt anti-spyware programs.

read more | digg story

Simple Digg Hack

floydfe — Wed, 24 Oct 2007 12:49:51 +0000

A simple little demo of a digg exploit I discovered a while back…

read more | digg story

Simple hack lets you view all comments on a PRIVATE Myspace profile

floydfe — Wed, 24 Oct 2007 12:20:42 +0000

Thought your “private” myspace comments were really private? Well think again! This simple code lets ANYONE view all the comments on ANY private profile. With a simple variation you can also view “private” pictures. It’s so simple, i dont know why someone didn’t figure it out sooner.

read more | digg story

How to: Complete Install Simple Mail Server in 30 minute including webmail

floydfe — Wed, 24 Oct 2007 12:11:08 +0000

This is some guide to install mail server in 30 minute. That easy!

read more | digg story

Interview with a convicted hacker

floydfe — Wed, 24 Oct 2007 11:54:56 +0000

Convicted hacker Robert Moore, who is set to go to federal prison this week, says breaking into 15 telecommunications companies and hundreds of businesses worldwide was incredibly easy because simple IT mistakes left gaping technical holes. “It’s so easy a caveman can do it,” Moore said, laughing.

read more | digg story