New Adobe Flaw Being Used in Attacks

Tuesday, May 27th, 2008

An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday. Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...

Troubleshoot Firefox in Safe Mode

Tuesday, May 27th, 2008

You already know how to create multiple user profiles in Firefox for various types of online work; but if you're trying to troubleshoot an existing Firefox profile, start up the 'fox in "Safe Mode" to disable add-ons or reset other custom configuration. Use firefox -safe-mode at the command line for ...

Five free pen-testing tools

Tuesday, May 27th, 2008

Security assessment and deep testing don't require a big budget. Some of most effective security tools are free, and are commonly used by professional consultants, private industry and government security practitioners. Here are a few to start with. For scanning in the first steps of a security assessment or pen test, ...

Five steps to successful and cost-effective penetration testing

Tuesday, May 27th, 2008

Whether you hire outside consultants or do the testing yourself, here are some tips for making sure your time and money are well spent. 1. Set goals. Make sure you know before you start your penetration testing what you want the results to encompass. Adding in too many systems can be ...

Local Physical Attack Against VISTA To Obtain SYSTEM

Monday, May 26th, 2008

Pretty cool video doing a local physical attack against a Vista Box. http://www.offensive-security.com/movies/vistahack/vistahack.html McGrew Security Blog pointed me to it: "he demonstrates a quick and easy way of obtaining SYSTEM privileges on a Vista system, given physical access to the machine. In the video, he uses BackTrack to replace Utilman.exe with a copy ...