Wednesday, July 2nd, 2008
Internet Explorer's getting a little bit safer. Microsoft Wednesday unveiled significant new security features that will be in the next version of the company's Web browser, Internet Explorer 8, currently in public beta testing.
From Microsoft's standpoint, any improvement in security is a plus, and the company seems to be taking ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
Tuesday, July 1st, 2008
Yesterday I wrote a quick proposal for the Synapse project. Since not everyone has access to the Synapse project, I will share some ideas here from time to time. I started with a proposal on how to detect Xpath vulnerabilities. Since Xpath can be used in combination with every server-side ...
Posted in Coding, Internet, Linux, Networking, Security | No Comments
Tuesday, July 1st, 2008
Now this is an oldskool topic, wardialling! Some people still ask me about wardialling tools though, so here’s one I found recently written in Python.
PAW / PAWS is a wardialing software in python. It is designed to scan for ISDN (PAWS only) and “modern” analog modems (running at 9.6kbit/s or ...
Posted in Coding, Internet, Linux, Networking, Privacy, Security | No Comments
Tuesday, July 1st, 2008
Our research team has identified a web-based attack technique that exploits the growing number of applications that require a web server being run on a local machine. Cross-Environment Hopping (CEH) is a result of this trend combined with the current limitations in browsers’ same-origin policy access restrictions.
The CEH technique enables ...
Posted in Coding, Internet, Networking, Privacy, Security | No Comments
Thursday, June 26th, 2008
An unpatched cross-domain vulnerability in Microsoft’s flagship Internet Explorer browser could expose Windows users to cookie hijacks and credentials theft attacks, according to a warning from security researchers.
The zero-day flaw, which has been reported to Microsoft, is a variation of Eduardo Vela’s IE Ghost Busters talk:
Do you believe in ghosts? ...
Posted in Coding, Internet, Privacy, Security, Windows | No Comments
