The Register - Security Last Downloaded: Mon, 06 Sep 2010 18:44:02 GMT.   MS probes mystery IE bug   URL shortening shenanigans Microsoft is investigating reports of a new bug in Internet Explorer.…   Symantec finally secures HackIsWack   It's such a bungle, sometimes, it makes you wonder... Symantec has belatedly secured its laughable HackIsWack competition website.…   iPad scammers hack Kirstie Allsopp's Twitter   Posh property presenter pwned iPad scammers managed to reach a huge potential audience last weekend after they took over a Twitter profile maintained by British TV presenter Kirstie Allsopp.…   Browser security warning lookalike pushes malware   Zeven deadly sins Scareware peddlers have developed a new ruse that relies on mimicking browser warning pages.…   USB stick with anti-terror training found outside police station   Keychain cops A memory stick containing anti-terror training manuals and other sensitive material was reportedly found on a street outside a Manchester police station.…   Google pays $8.5m to settle Buzz privacy invasion suit   The price of a Tweetbookish Gmail mod Google has agreed to pay $8.5 million to settle a class action lawsuit claiming it violated the privacy of Gmail users when it released Google Buzz, a Gmail bolt-on that turned the email service into a Tweetbookish social networking tool.…   Nigerian man gets 12 years for $1.3m 419 scam   Hunting 'mugu' in America A Nigerian man has been sentenced to more than 12 years in US prison for orchestrating an advance payment scam that bilked victims out of more than $1.3m.…   Spammers latch onto Ping to pump iPhone survey scams   Quick off the mark Spammers have been quick off the mark in exploiting Apple's new iTunes social network to punt survey scams.…   Symantec Snoop Dogg rap contest site rickrolled   #hackiswacked Symantec's attempts to link up with Snoop Dogg to launch a cybercrime rap contest have descended into farce after it emerged that vulnerabilities with a dedicated site can be easily rickrolled.…   Phone bugging scandal reignited as NotW suspends reporter   The story that refuses to die New allegations of phone hacking at the News of the World have resulted in the suspension of one of the Sunday paper's reporters, pending legal and disciplinary action over allegations of tapping into the voicemail messages of an unnamed television personality.…   Microsoft freshens retro code lock-down tool   Teaching old apps new tricks Microsoft has released a new version of a software tool that developers and administrators can use to harden older applications against common vulnerabilities.…   iTunes update plugs WebKit flaw   Ping-pong The latest version of iTunes for Windows addresses 13 security vulnerabilities, as well as adding much-publicised social networking functionality.…   Symantec and Snoop Dogg launch cybercrime rap contest   Now thass geekster Symantec has teamed up with rapper Snoop Dogg to launch a cybercrime rap contest.…   Cyber-jihadists deface home of teddy bears' picnic   Get their Belvoirs mixed up Geographically mixed-up Algerian hackers made themselves look rather silly by defacing the website of an English stately home instead of Belvoir Fortress in Israel, their intended target.…   Feds crack phone clone scam that cost Sprint $15m   More than 10,000 accounts spoofed Federal prosecutors have uncovered a scam that used tens of thousands of cloned cellphones to defraud Sprint out of $15m in lost long distance revenue.…   Microsoft releases FixIt for critical flaw in 100 apps   Relief for Firefox, Nvidia, PowerPoint Microsoft has released a software tool that helps system administrators protect PCs against a critical class of vulnerabilities found in more than 100 applications from a variety of software makers.…   Survey scammers serve up supposed shelter from survey scams   Kind of ironic when you think about it Cheeky scammers are offering prospective marks an application that supposedly shields them from exposure to survey scams.…   Russian cops cuff 10 ransomware Trojan suspects   Cybercrime gang allegedly raked in $16m Russian police have arrested 10 suspected members of a ransomware gang who allegedly made millions via a locked computer malware scam.…   Hardware hackers defeat quantum crypto   Tripping the light fantastic Security researchers using hardware hacking techniques have unearthed generic flaws in supposedly ultra-secure quantum cryptography systems.…   CarderPlanet founder charged in $9.4m RBS WorldPay hack   And then there were nine A man accused of being one of the most prolific sellers of credit-card data has been charged with participating in the brazen hack of RBS WorldPay in 2008 that funneled about $9.4m out of the payment processor in just 12 hours.…

Latest Security Files/Exploits

Packet Storm Security Last 20 Last Downloaded: Mon, 06 Sep 2010 18:44:02 GMT.   openca-tools-1.3.0.tar.gz  The OpenCA Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide. OpenCA is based on many Open-Source Projects. Among the supported software is OpenLDAP, OpenSSL, Apache Project, Apache mod_ssl.   moaub05-ifnuke.pdf  Month Of Abysssec Undisclosed Bugs - IfNuke version 4.0.0 suffers from cross site scripting and shell upload vulnerabilities.   moaub05-msmpeg.pdf  Month Of Abysssec Undisclosed Bugs - Microsoft MPEG Layer-3 remote command execution exploit.   moaub04-moviemaker.pdf  Month Of Abysssec Undisclosed Bugs - Movie Maker version 2.1 suffers from a remote code execution vulnerability as described in MS10-016.   moaub04-syndeocms.pdf  Month Of Abysssec Undisclosed Bugs - Syndeo CMS version 2.8.02 suffers from cross site request forgery, cross site scripting and local file inclusion vulnerabilities.   malware_check_tool-1.2.zip  Malware Check Tool is a python script that detects malicious files via checking md5 hashes from an offline set or via the virustotal site. It has http proxy support and an update feature.   dmxreadypbm-sql.txt  DMXready Polling Booth Manager suffers from a remote SQL injection vulnerability.   pam_shield-0.9.4.tar.gz  pam_shield is a PAM module that uses null-routing or iptables to lock out script kiddies that probe your computer for open logins or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the Internet.   hyenae-0.35-2.tar.gz  Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.   joomlaclantools15-sql.txt  The Joomla Clantools component version 1.5 suffers from a remote blind SQL injection vulnerability.   joomlascan.tgz  Joomla web scanning perl script that gets the version, components and shows possible bugs.   moaub-ifnuke.txt  Month Of Abysssec Undisclosed Bugs - IfNuke version 4.0.0 suffers from cross site scripting and shell upload vulnerabilities.   mblogger-xss.txt  mBlogger version 1.0.04 addcomment.php persistent cross site scripting exploit.   openscap-0.6.2.tar.gz  The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.   moaub-syndeocms.txt  Month Of Abysssec Undisclosed Bugs - Syndeo CMS version 2.8.02 suffers from cross site request forgery, cross site scripting and local file inclusion vulnerabilities.   joomlaclantools-sql.txt  The Joomla Clantools component version 1.2.3 suffers from blind SQL injection vulnerabilities.   phpclassifiedsads-sql.txt  PHP Classifieds ADS suffers from a remote blind SQL injection vulnerability.   fcrackzip-overflow.txt  FCrackZip version 1.0 local buffer overflow proof of concept exploit.   chillycms-sqlxss.txt  chillyCMS version 1.1.3 suffers from cross site scripting and remote SQL injection vulnerabilities.   ijoomlamagazine-rfi.txt  iJoomla Magazine version 3.0.1 suffers from a remote file inclusion vulnerability.

powered by zFeeder