SEARCH RESULTS
 
Showing 1-10 of 107 records
 
Expand article

Compromised Web Servers Serving Fake Flash Players

The Article has images
2008-08-05 14:50:04 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...default.html misoares .com osniehus .de/fresh.html mydirecttube .com/1/5098 madosma .com/default.html tutotic .com/checkit.html veit-team .si/default.html antigewaltkurse .de/stream.html kwhgs .ca/topnews.html vorgo .com/stream.html ankaraspor .com.tr/default.html xxxdnn0314 .locaweb.com.br/watchit.html ossuzio .com/watchit.html cit-inc...
 
Tags: file, html file, html, comtopnews, detopnews, windows media player, player, web, real player exploit
 
 
 
 
Expand article

Password policies. Once again.

2007-09-04 22:14:00 by Steve Riley in Steve Riley on Security
 
...defaults came up. The poster lamented a number of things: that Microsoft doesn't enable account lockout by default, that we don't have a built-in mechanism for automatically disabling unused accounts, that the 42-day default expiration is troublesome. Here's my response; figured that it would make for a useful blog post, too. Account...
 
Tags: account, enable account lockout, password, account lockouts, disable account lockout, 42-day default expiration, default, expiration, password expires
 
 
 
 
Expand article

Simulating Email in .NET

The Article has images
2008-08-01 13:59:01 by keith-brown in Security Briefs
...default ctor for SmtpClient as I've done in the code below static void Main( string [] args) { // note the use of the MailAddress class // this allows me to specify display names as well as email addresses MailAddress from = new MailAddress( "admin@fabrikam.com" , "Fabrikam Website" ); MailAddress to = new MailAddress( "mari@fabrikam.com" ,...
 
Tags: csharpcode pre, pre, csharpcode, color, email, email addresses mailaddress, mailaddress, mail server, mail
 
 
 
 
Expand article

Changing the SSL cipher order in Internet Explorer 7 on Windows Vista

2007-11-07 05:37:47 by Steve Riley in Steve Riley on Security
 
...default order that IE follows is this TLS RSA WITH AES 128 CBC SHA TLS RSA WITH AES 256 CBC SHA TLS RSA WITH RC4 128 SHA TLS RSA WITH 3DES EDE CBC SHA TLS ECDHE ECDSA WITH AES 128 CBC SHA P256 TLS ECDHE ECDSA WITH AES 128 CBC SHA P384 TLS ECDHE ECDSA WITH AES 128 CBC SHA P521 TLS ECDHE ECDSA WITH AES 256 CBC SHA P256 TLS ECDHE ECDSA WITH AES...
 
Tags: sha, null sha, cbc sha p384, cbc sha, cbc sha p521, shorter bit lengths, bit lengths, cbc sha p256, 256-bit aes
 
 
 
 
Expand article

Autorun: good for you?

2007-09-23 05:29:48 by Steve Riley in Steve Riley on Security
 
...Default behavior for AutoRun" policy and set the default to "Do not execute any autorun commands Enable the "Turn off Autoplay" policy and set it to "All drives In Windows XP/Server 2003 , go here Computer Configuration | Administrative Templates | System Enable the "Turn off Autoplay" policy and set it to "All drives While this might be old...
 
Tags: autorun, autorun raises, autorun commands, autorun settings, key, registry key, disable autorun, computer, computer configuration
 
 
 
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...default set of known executables of anti malware products, and is installing a default debugger injected upon execution of any of these, and is therefore successfully killing many of the applications Another exploit serving domain with a very diverse set of exploits used, but again serving the faddish RealPlayer plus MDAC combination is...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes
 
 
 
 
Expand article

Bad Phorm

2008-03-18 14:26:32 by Stuart King in Stuart King's Security and Risk Management Blog
 
...default, I strongly suspect everyone will be opted in as a matter of course, heres why. If you were to ask the users to opt in with this form advertising, Im pretty sure just about everyone would say no thank you! Which for me answers the question to whether this is a good idea or not, in fact Ive seen one Virgin forum (cableforum.co.uk) poll...
 
Tags: phorm, system, webwise system, users, strongly suspect, real purpose, strongly, virgin forum, opt
 
 
 
 
Expand article

Your Turn At The Bar Again? Security Costs in a Pay Per Drink Cloud

The Article has images
2008-05-01 20:55:26 by Craig Balding in Cloud Security
...default settings in a very non-default environment The negative side effects of in-line security tools hit home as system load increases. Access checks, logging and other in-line security operations may perform fine under normal load fail to scale as load increases past a certain threshold. This can lead to CPU spikes or poor disk access...
 
Tags: security costs, costs, runtime security costs, security runtime costs, security, security tool, security tool inefficiency, security tools plays, plays
 
 
 
 
Expand article

IE8 ActiveX Improvements

2008-05-10 08:13:07 by Editor in Cheap Hack
 
...default, but administrators can turn it off through Group Policy. You can already see from the comments to the blog entry that some people wanted this, and I guess it's a good thing. Through Per-Site ActiveX a control may be restricted to use only in the context of specific sites. If a control is run by a site not in the list, the user gets...
 
Tags: activex, control, site, activex control, per-site activex, activex improvements, user context, context, blog entry