Security expert Steve Gibson, and Leo Laporte describe and discuss a way that Windows users can avoid becoming a victim of the Windows Meta File exploit, which now has more than 57 different variants. Note: Link is to a podcast, SecurityNow!
Archive for the ‘Security’ Category
WMF Zero Day Exploit, solution.
October 24, 2007German Blog-Service Accidentally Deletes 4 Months of Comments
October 24, 2007The german hosted blogging-service blogg.de accidentally deleted all comments from user weblogs last Friday. This worst case scenario occured when the administrators tried to fight down comment spam platform-wide. And due to corrupt backup files, all previously saved database dumps from mid-August to December 5th are useless.
Zero-Day Mac OS X Exploit Disclosed
October 24, 2007A researcher has posted proof-of-concept code for a zero-day flaw within Mac OS X dealing with its handling of disk image (.dmg) files. The issue causes a memory corruption vulnerability that could allow attackers to execute arbitrary code.
DEEP DIVE into Application Security – free chapter on C Language Issues
October 24, 2007“… this is probably the most comprehensive application security book I’ve seen. The authors cover topics ranging from memory corruption vulnerabilities such as buffer overflows to Unix, TCP/IP, firewalls and virtual private networks. Througout, there are numerous examples of code, configurations and exploits. –Mathias Thurman, Computerworld
Safari in Windows Zero Day Nightmare
October 24, 2007Some using the browser in its new OS home are reporting six exploits in one afternoon – ranging from memory corruption bugs to denial of service crashes.
SmitFraudFix Tutorial
October 24, 2007This is a review and tutorial for Smithfraudfix, which is a free tool for removal popular
browser hijackers and corrupt anti-spyware programs.
Simple Digg Hack
October 24, 2007A simple little demo of a digg exploit I discovered a while back…
Simple hack lets you view all comments on a PRIVATE Myspace profile
October 24, 2007Thought your “private” myspace comments were really private? Well think again! This simple code lets ANYONE view all the comments on ANY private profile. With a simple variation you can also view “private” pictures. It’s so simple, i dont know why someone didn’t figure it out sooner.
How to: Complete Install Simple Mail Server in 30 minute including webmail
October 24, 2007This is some guide to install mail server in 30 minute. That easy!
Interview with a convicted hacker
October 24, 2007Convicted hacker Robert Moore, who is set to go to federal prison this week, says breaking into 15 telecommunications companies and hundreds of businesses worldwide was incredibly easy because simple IT mistakes left gaping technical holes. “It’s so easy a caveman can do it,” Moore said, laughing.