SecurityRatty: tag: payloads

Diminutive XSS Worm Replication Contest

2008-01-04 16:28:08 by RSnake in ha.ckers.org web application security lab

...payloads for this contest, but rather, the actual methods of propagation themselves. Weve seen the live worm code and all of it is muddied by obfuscation, individual site issues, and the payload itself. Id rather think cleanly about the most efficient method for propagation where every character matters digi7al64 has already posted a sample...

Tags: xss worm, propagation, worm propagation issues, code, diminutive, live worm code, xss worm propagation, winners code, diminutive perl contests

Diminutive XSS Worm Contest Drama and Status Update

2008-01-06 17:34:38 by RSnake in ha.ckers.org web application security lab

...payloads, which we have also researched heavily and lastly site specific code, which really is uninteresting to me, unless I were trying to help out that company in particular solve an existing problem. So the goal is to remove those things and focus on the actual XSS propagation, for which there has been little research done to date Ive...

Tags: browser companies, browser, browser security arena, code, people visit, people, worm code, diminutive xss worm, xss worm

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...payloads, Id like to drill down on a specific case noted in section 4.2.3 (page 29). The typical concerns around string handling in C/C++ and buffer overflows are mentioned. What is interesting is that in many places this system uses the Microsoft Foundation Classes (MFC) CString class to help mitigate such concerns. The problem noted is that...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

U.K's FETA Serving Malware

2008-02-12 09:13:31 by HASH0x8b1c460 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...payloads including, the blog reports, porn pop-ups The deobfuscated javascript attempts to load the currently live 88.255.90.130/cgi-bin/in.cgi?p=admin (MDAC ActiveX code execution (CVE-2006-0003), also responding to Silentwork.ws and Tide.ws which is deceptively forwarding to BBC's web site, deceptively in the sense that were I to use a U.K...

Tags: malware, domains, malware domains, malware attacks, attacks, malware campaigners, serve malware, high-profile malware, serve

Benevolent Worms

2008-02-19 06:57:11 by schneier in Schneier on Security

...payloads doesn't make things better. A worm is no tool for any rational network administrator, regardless of intent A good software distribution mechanism has the following characteristics People can choose the options they want Installation is adapted to the host it's running on It's easy to stop an installation in progress, or uninstall the...

Tags: software worms spread, worms, software, bad software distribution, worm, successful worm, beneficial worms, software distribution mechanism, worm quieter

Safe Browsing Diagnostic To The Rescue

2008-05-15 13:49:00 by Niels Provos in Google Online Security Blog

...payloads only under certain conditions. With that in mind, we've developed a Safe Browsing diagnostic page that will provide detailed information about our automatic investigations and findings The Safe Browsing diagnostic page of a site is structured into four different categories What is the current listing status for [the site in...

Tags: provide information, information, malicious, malicious web pages, malicious software, site, statistics site, site acted, provide

Malware Attack Exploiting Flash Zero Day Vulnerability

2008-05-27 17:33:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...payloads. At the moment these domains do not appear to be resolving, but they may come back in the future. Network administrators are advised to blacklist these domains to prevent clients from inadvertently being redirected to them. Avoid browsing to untrustworthy sites. Also, consider disabling Flash or use some sort of script-blocking...

Tags: flash, malware, macromedia flash content, flash content, sample flash file, adobe flash player, adobe, participation domains, domains

Safe Browsing Diagnostic To The Rescue

2008-05-15 13:49:00 by Niels Provos in Google Online Security Blog

...payloads only under certain conditions. With that in mind, we've developed a Safe Browsing diagnostic page that will provide detailed information about our automatic investigations and findings The Safe Browsing diagnostic page of a site is structured into four different categories What is the current listing status for [the site in...

Tags: provide information, information, malicious, malicious web pages, malicious software, site, statistics site, site acted, provide

SQL Injection Tangos with Heap Overflows

2008-12-16 23:01:20 by Chris Wysopal in Zero in a bit

...payloads for the latest client vulnerabilities. If it isnt Internet Explorer, like this week, it might be Firefox or Flash or a media plug in Insecure web applications are helping the criminals win

Tags: internet explorer, internet, javascript, web site, malicious javascript, internet storm center, sql injection, browser, popular vulnerability

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo