Thursday, March 26th, 2009
Mozilla Firefox is prone to a remote memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected browser. Failed exploit attempt will result in a denial-of-service condition.
The following proof of concept is available:
http://www.securityfocus.com/data/vulnerabilities/exploits/2009-ffox-poc.tar.gz
Posted in Coding, Internet, Security, Software | 1 Comment
Thursday, March 26th, 2009
Panda, an antivirus software company, has a new free Panda USB Vaccine available for download that can disable the Windows Autorun feature for an entire PC or a particular USB drive.
The Autorun feature in Windows can make it easier to install software - and it can also be exploited by ...
Posted in Hardware, Security | No Comments
Wednesday, March 25th, 2009
Websense Security Labs ThreatSeeker Network has discovered that the official Web site of Peugeot in Romania has been compromised and is infecting the machines of site visitors with malicious code. Malicious code has been inserted onto the reported page of the site via iframes. These iframes redirect to the pages ...
Posted in Coding, Internet, Security | No Comments
Saturday, March 21st, 2009
As promised, the paper and the proof of concept code has just been posted on the ITL website here.
A quote from the paper:
In this paper we have described practical exploitation of the CPU cache poisoning in order to read or write into (otherwise protected) SMRAM memory. We have implemented two ...
Posted in Coding, Hardware, Linux, Security, Windows | No Comments
Wednesday, March 18th, 2009
This is the scariest, stealthiest, and most dangerous rootkit I’ve seen come around since the legendary Blue Pill! No, I’m not just trying to sensationalize this or spread fear, uncertainty and doubt. This is serious and represents a massive new security threat for us all.
Security Researchers Joanna Rutkowska and Loic ...
Posted in Internet, Privacy, Security | No Comments
