HackFest Series: The News
Lisa Kachold
lisakachold at obnosis.com
Sat Dec 5 15:48:25 MST 2009
General CERT Announcements:
CERT: http://www.us-cert.gov/nav/t01/
Clientless SSL VPNs:
http://www.kb.cert.org/vuls/id/261869
More Zero Window TCP Flaws Updated:
http://www.kb.cert.org/vuls/id/723308
ICS Bind 9 Vulnerability (STILL):
http://www.kb.cert.org/vuls/id/725188
And especially amusing: H1N1 Malware:
http://www.us-cert.gov/current/index.html#h1n1_malware_campaign_circulating
TAGGED:
Trend Micro SQL Tagged: http://img708.imageshack.us/img708/9771/trend.jpg
Microsoft TechNet:
http://security-sh3ll.blogspot.com/2009/11/microsoft-technet-vulnerable-to-cross.html
Wall Street Journal:
http://news.softpedia.com/news/Wall-Street-Journal-Website-Hacked-128719.shtml
Kapersky and BitDefender Tagged:
http://news.softpedia.com/news/Kaspersky-and-Bitdefender-Websites-Hacked-104038.shtml
Symantec Online Store:
http://news.softpedia.com/news/Symantec-Online-Store-Hacked-127726.shtml
Romanian Hacker Blog Takes FSecure:
http://news.softpedia.com/news/F-Secure-Joins-the-List-of-Compromised-Antivirus-Websites-104337.shtml
Score 1 for the Feds: Lance Atkinson is fined:
http://news.softpedia.com/news/Infamous-Pharmacy-Spammer-Gets-Fifteen-Million-Dollars-Fine-128474.shtml
GENERAL:
Windows7 Forensics:
http://blogs.sans.org/computer-forensics/2009/10/27/windows-7-computer-forensics/
Explorer 8 XSS Protection Insecure:
http://www.h-online.com/security/news/item/Security-feature-of-Internet-Explorer-8-unsafe-868837.html
Symantec's When Browsers Attack "Firefox and Malware":
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/firefox_and_malware.pdf
Zeus Botnet strikes again:
http://www.net-security.org/malware_news.php?id=1152
HALL of FAME:
Maltego: http://holisticinfosec.blogspot.com/2009/11/maltego-is-2009-toolsmith-tool-of-year.html
FUN:
DNS Rebinding: http://ha.ckers.org/blog/20091201/dns-rebinding-video/
PPTP VPN's with Hak5:
http://revision3.com/hak5/asleap
Stefan Esser's New PHP Exploitation Work:
http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf
ICMP/IPV4 Fuzzer:
http://g-laurent.blogspot.com/2009/11/releasing-icmpv4ip-fuzzer-prototype.html
Happy Holidaze!
--
Skype: (623)239-3392
AT&T: (503)754-4452
www.it-clowns.com
More information about the PLUG-discuss
mailing list