Friday, July 18th, 2008
Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite ...
Posted in Internet, Security, Software | No Comments
Thursday, July 17th, 2008
Storm, Srizbi, and... Microsoft? Microsoft’s Office application security team actually runs its own internal botnet, which, among other things, “fuzzes” for vulnerabilities in Office applications.
Microsoft’s botnet isn’t anywhere near the size of Srizbi (over 300,000 bots at last count) nor any of the other mega-botnets -- it’s just a couple ...
Posted in Internet, Privacy, Security, Windows | No Comments
Thursday, July 17th, 2008
Several Cross Site Scripting vulnerabilities were found in within Outlook Web Access (OWA) 2003/2007. An attacker can craft a malicious email which will trigger within a user's browser. Different version of OWA and different clients (Light and Premium) have different attack vectors which can result in an attacker gaining *persistent* ...
Posted in Internet, Security, Windows | No Comments
Thursday, July 17th, 2008
Cryptography expert Bruce Schneier, in conjunction with a research group, has studied the security of TrueCrypt, to see whether it meets the specifications for a 'Deniable File System' (DFS) – implemented in TrueCrypt as hidden volumes – and is really able to conceal the existence of a volume within a ...
Posted in Internet, Privacy, Security, Software, Windows | No Comments
Thursday, July 17th, 2008
A "high" severity flaw affecting how BlackBerry Enterprise Server (BES) opens PDF attachments could be used to compromise a corporate network. Research in Motion quietly disclosed the flaw last week but is yet to issue a patch.
"This issue has been escalated internally to our development team. No resolution time frame ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
