SEARCH RESULTS
 
Showing 1-10 of 132 records
 
Expand article

Fake Security Software Domains Serving Exploits

The Article has images
2008-08-28 06:41:10 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...original objective was to drive traffic to the fake security software's site, may in fact start receiving so much traffic due to the combination of traffic acquisition tactics, that introducing client-side exploits courtesy of a third-party affiliate network , may in fact prove more profitable then the revenue sharing partnership with the...
 
Tags: exploits, domains, client-side exploits courtesy, client-side exploits start, start, fake security software, antivirus, google adwords, fake domains portfolio
 
 
 
 
Expand article

WCF Security Guidance from P&P

2008-04-04 06:09:00 by Keith Brown in Security Briefs
 
...Original Caller in WCF calling from Web Application How To - Impersonate the Original Caller in WCF calling from Windows Forms How To - Use netTcpBinding with Windows Authentication and Transport Security in WCF from Windows Forms How To - Use SQL Role Provider with Username Authentication in WCF from Windows Forms How To - Use SQL Role...
 
Tags: wcf, wcf security, authentication, username authentication, windows forms, host wcf, windows authentication, message security, sql role provider
 
 
 
 
Expand article

The FirePack Exploitation Kit - Part Two

The Article has images
2008-04-27 04:27:00 by HASH0x8ae4cf0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...original one, which in February was $3000, speaks for itself. Firepack's original version was a great example of biased exclusiveness on behalf of the malicious parties, wanting to quickly cash in by pitching a new and undetected malware kit, and literally zero differentiaton factor next to now commodity web malware exploitations kits such as...
 
Tags: nuclear malware kit, malware kit, kit, metaphisher malware kit, icepack malware kit, original firepack kit, malware exploitation kit, php, scanners result
 
 
 
 
Expand article

WCF Security Guidance from P&P

2008-04-04 12:09:00 by keith-brown in Security Briefs
 
...Original Caller in WCF calling from Web Application How To - Impersonate the Original Caller in WCF calling from Windows Forms How To - Use netTcpBinding with Windows Authentication and Transport Security in WCF from Windows Forms How To - Use SQL Role Provider with Username Authentication in WCF from Windows Forms How To - Use SQL Role...
 
Tags: wcf, wcf security, authentication, username authentication, windows forms, host wcf, windows authentication, message security, sql role provider
 
 
 
 
Expand article

WCF Security Guidance from P&P

2008-04-04 12:09:00 by keith-brown in Security Briefs
 
...Original Caller in WCF calling from Web Application How To - Impersonate the Original Caller in WCF calling from Windows Forms How To - Use netTcpBinding with Windows Authentication and Transport Security in WCF from Windows Forms How To - Use SQL Role Provider with Username Authentication in WCF from Windows Forms How To - Use SQL Role...
 
Tags: wcf, wcf security, authentication, username authentication, windows forms, host wcf, windows authentication, message security, sql role provider
 
 
 
 
Expand article

Is Your Amazon Machine Image Vulnerable to SSH Spoofing Attacks?

The Article has images
2008-07-14 16:26:40 by Craig Balding in Cloud Security
...originally discussed in the Amazon developer forums. Amazon documentation was revised to reflect the change as follows Amazon EC2 public AMI s ( Amazon Machine Image ) generate unique SSH ( Secure Shell ) host keys each time you launch an instance. This enables you to get the host SSH keys from the console output and verify the host to which...
 
Tags: ssh, limit ssh access, ssh host keys, host keys, ssh user keys, amazon, host ssh keys, amazon machine image, initial ssh connection
 
 
 
 
Expand article

Email Hacking Going Commercial - Part Two

The Article has images
2008-08-08 14:31:54 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...original password. That mean the current active password. Your victim/target will not realized that she/he has been hacked. NEVER, we said How I will pay you, I do not have credit card or I do not want to give my credit card number on net Well, you can use international money transfer service such as Western Union (www.westernunion.com) or...
 
Tags: crack password, crack, crack email password, email password, password, original password, current password, password retrieval, email
 
 
 
 
Expand article

Netscape Closes Shop

2007-12-30 20:17:11 by RSnake in ha.ckers.org web application security lab
 
...original browser wars. That leaves only Internet Explorer the current reigning king of browser dominance On Netscapes blog they suggest you download Mozillas Firefox and use the Netscape theme going forward if you want current updates with a similar user interface to the original Netscape design. I suspect there will be a number of stragglers...
 
Tags: netscape, netscape theme, netscape browser, browser, defunct browser, reach netscape, original netscape design, original browser wars, download mozillas firefox
 
 
 
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
...original work. Recently, researchers in the Netherlands demonstrated two examples of chosen-prefix attacks which would make it possible for an attacker to take two tarballs (one original, one backdoored) and append a series of bytes to each that result in both files having the same MD5 hash. This proves beyond a shadow of a doubt that MD5 is...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe
 
 
 
 
Expand article