If it’s about security, you heard it here first
BASE – 3 Persistent Cross Site Scripting Vulnerabilities
Posted by Jabra on May 30
BASE, a well known Snort Frontend has 3 Persistent Cross Site Scripting Vulnerabilities.
For those who don’t know, Cross-Site Scripting allows the attacker to inject Javascript to modify the functionality of the webpages. Since this vulnerability exists in [...]
CIS releases security configuration standards for iPhone
The nonprofit Center for Internet Security (CIS) this week released free guidelines that can help organizations develop custom policies related to use of the increasingly popular mobile device, said Blake Frantz, CTO of the CIS. The benchmarks inform users about the security configuration settings available to them on the [...]
Malicious Web Site / Malicious Code: Mass Injection Compromises More than Twenty-Thousand Web Sites
Websense Security Labsâ„¢ Threatseekerâ„¢ Network has detected that a large compromise of legitimate Web sites is currently taking place around the globe. Thousands of legitimate Web sites have been discovered to be injected with malicious Javascript, obfuscated code that leads to an [...]
Re: FFSpy, a firefox malware PoC
Posted by FUDder Guy on May 25
> From: saphex <saphex_at_gmail.com> > Date: Wed, 20 May 2009 01:42:16 +0100 > > I think this is interesting, myf00.net/?p=18 >
So, how does someone manage to edit the overlay file?
Are they going to use [...]
D-Link¡¦s CAPTCHA ¡V A Big Question on Security
As per the security report, it took nearly a week for the researchers at SourceSec to detect a flaw in the implementation of CAPTCHA (completely automated public Turing test to tell humans and computers apart) by D-Link in its routers, which was originally meant to stop the malware [...]
Analyzing malicious PDF documents, (Sun, May 24th)
As we announced in a recent ISC diary, Adobe is changing its patching model and strategy, but it seems still JavaScript will be enabled by default in Adobe Acrobat and Reader. As a consequence, I foreshadow more PDF vulnerabilities, exploits and attacks in the near future (let’s hope I’m [...]
Patching and Apple – Java issue, (Fri, May 22nd)
At the other end of the spectrum is Apple. There is a java issue (CVE-2008-5353)which was reported to Sun and fixed by Sun back in December. For some reason the fix for this was not included in the recent security updates all Mac users would have [...]
Google Accelerates Chrome 2 For Windows
Google’s Chrome browser got faster Thursday with the release of Chrome 2.0.172.28. No, that’s not an IP address. While Microsoft prefers to hide incremental update designations in Internet Explorer to confound hackers, Google wants everyone to know that its engineers are upgrading everything as fast as they can.
At the same [...]
Angered by Apple delay, hacker posts Mac Java attack code
In an effort to draw attention to a long-standing security problem in Apple’s Mac OS X operating system, a security researcher has posted attack code that exploits the flaw.
The software, which could be used by hackers to run an unauthorized system on a Mac, was posted [...]
Vuln: Sun Java System Communications Express ’search.xml’ Cross Site Scripting Vulnerability
Sun Java System Communications Express ’search.xml’ Cross Site Scripting Vulnerability
URL: http://www.securityfocus.com/bid/34154
Breakfast: Java, Serial, and an Apple , (Wed, May 20th)
According to Julien Tinnes in the CR0 Blog, it appears that Apple’s recent security update failed to fix a Java flaw that was reported to Sun back in August 2008 and patched by Sun way back in December 2008. The upshot: according to the blog (and [...]
Web Toolz, (Wed, May 20th)
Ok, a couple of web app testing tools have been recently updated/released:
My buddies Kevin Johnson, Justin Searle, and the rest of the SamuraiWTF dev team have released version 0.6 of the SamuraiWTF live web testing framework CD. From the announcement:
The SamuraiWTF project team is proud [...]
Researcher publishes Java proof-of-concept to urge Apple action
Calling Apple’s patching process “opaque,” a security researcher has decided that publishing a proof-of-concept exploit is the best way to force the computing giant to fix a months-old flaw.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/shT93FcubG4/
Gumblar Exploit is the Most Prevalent Web Threat
Malware analysts from security vendor Sophos warn that the number of pages infected with the Gumblar malcious script has recently sky-rocketed, putting the exploit at the top of the list of Web threats. The impact of the previous record setter Mal/Iframe-F now dwarfs in comparison.
According to Sophos, Troj/JSRedir-R, [...]
CVE-2009-1598 (chrome)
Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF [...]
Threat Expert