Nessus 3 Tutorial

Tuesday, June 10th, 2008

If you're looking for a vulnerability scanner, chances are you've come across a number of expensive commercial products and tools with long lists of features and benefits. Unfortunately, if you're in the same situation as most of us, you simply don't have the budget to implement fancy high-priced systems. You ...

Verisign, McAfee and Symantec sites can be used for phishing due to XSS

Monday, June 9th, 2008

Should they all be trusted at first sight by unsuspecting online users? Yes, unfortunately this is the case with the websites of renowned and respected IT security companies. However, now that are all vulnerable to cross-site scripting, the possibilities to get phished and infected with malware and crimeware are dramatically ...

Google Reader’s Easter Egg

Monday, June 9th, 2008

up up down down left right left right b a   :) via: Google Blogoscoped

New Security Tools

Monday, June 9th, 2008

Here is a list of new security tools that were released in the past week. SQL Ninja 0.2.3 - SQL server injection and takeover tool fgdump 2.1.0 - Tool for mass password auditing of windows systems AxBan 1.0.0.4 - ActiveX killbit program Nmap 4.65 - Network port scanner Nessus 3.2.1 - Vulnerability assessment tool Immunity Debugger ...

Site Security Policy

Sunday, June 8th, 2008

OK gang, this is one of those rare moments where feedback from community will directly influence a security feature that’ll make a real difference. First some background... About 6 months ago Brandon Sterne left a cushy infosec position at eBay for Mozilla to solve an extremely important Web security problem he ...