SEARCH RESULTS
 
Showing 1-2 of 2 records
1
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
So it seems that SquirrelMail 1.4.11 and 1.4.12 were recently backdoored. Similar to some high-profile backdoors in the past, this was done by modifying the distribution tarball on rather than infiltrating the source code repository [1] . In this case, the backdoor was detected when a user noticed that the MD5 published on SquirrelMails website...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe
 
 
 
 
Expand article

No, I Dont Know the Answer to the Big DNS Secret

2008-07-09 15:26:37 by Chris Eng in Zero in a bit
 
Rich Mogulls executive overview of Dan Kaminskys latest DNS vulnerability fluffed a few feathers yesterday The good news is that due to the nature of this problem, it is extremely difficult to determine the vulnerability merely by analyzing the patches; a common technique malicious individuals use to figure out security weaknesses The typical...
 
Tags: design, excellent design protects, excellent design, dan, dan kaminsky, dan bernstein, tom ptacek, attack surface, attack
 
 
 
 
 
Showing 1-2 of 2 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia