http://www.secuobs.com L'observatoire de la securite Internet fr webmaster@secuobs.com Video - ReversingLabs - Unpacking and analyzing rogue anti-virus update file http://www.secuobs.com/revue/news/255671.shtml http://www.secuobs.com/news/comments211032008-anubis.shtml#7310 http://www.secuobs.com/news/comments211032008-anubis.shtml#7310 MOAUB 7 - Novell Netware NWFTPD RMD RNFR DELE Argument Parsing Buffer overflow http://www.secuobs.com/revue/news/255664.shtml http://www.secuobs.com/news/comments201092007-winvuln_lexfo.shtml#7309 http://www.secuobs.com/news/comments201092007-winvuln_lexfo.shtml#7309 ESRT @maltainfosec - Three locks for your SSH door Making life more difficult for would-be hackers http://www.secuobs.com/twitter/news/133711.shtml http://www.secuobs.com/news/comments12012006-multiplexage-openssh.shtml#7308 http://www.secuobs.com/news/comments12012006-multiplexage-openssh.shtml#7308 ESRT @komeilipour @xanda: Integrity Levels and DLL Injection http://www.secuobs.com/twitter/news/133782.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7307 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7307 filefolderenum v1.0.6 http://www.secuobs.com/revue/news/255655.shtml http://www.secuobs.com/news/comments2324042009-webshag.shtml#7306 http://www.secuobs.com/news/comments2324042009-webshag.shtml#7306 TrueCrypt 7.0a Microsoft P2V NirLauncher editing feature Project management survey http://www.secuobs.com/revue/news/255572.shtml http://www.secuobs.com/news/comments01092009-stoned_bootkit_mbr_fde_truecrypt.shtml#7305 http://www.secuobs.com/news/comments01092009-stoned_bootkit_mbr_fde_truecrypt.shtml#7305 PDF XSS CVE-2010-0190 http://www.secuobs.com/revue/news/255620.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7304 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7304 UPDATE Artemisa v1.0.88 http://www.secuobs.com/revue/news/255465.shtml http://www.secuobs.com/news/comments13042010-artemisa_honeypot_voip_sip_firewall.shtml#7303 http://www.secuobs.com/news/comments13042010-artemisa_honeypot_voip_sip_firewall.shtml#7303 ESRT @Infosanity @daleapearson - We take a look at Elcomsoft iPhone Password Breaker Its Good - Nice Review http://www.secuobs.com/twitter/news/133130.shtml http://www.secuobs.com/news/comments1301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#7302 http://www.secuobs.com/news/comments1301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#7302 ESRT @ToolsWatch - ostinato Packet/Traffic Generator and Analyzer - Some Linux Binary packages available http://www.secuobs.com/twitter/news/133252.shtml http://www.secuobs.com/news/comments501102007-scapy.shtml#7301 http://www.secuobs.com/news/comments501102007-scapy.shtml#7301 ToolsWatch - SSLMap v0.2.0 Released http://www.secuobs.com/twitter/news/133254.shtml http://www.secuobs.com/news/comments631122008-md5_pki_cluster_ps3_25c3_certificat.shtml#7300 http://www.secuobs.com/news/comments631122008-md5_pki_cluster_ps3_25c3_certificat.shtml#7300 ESRT @ToolsWatch - Skipfish v1.64 beta available http://www.secuobs.com/twitter/news/133261.shtml http://www.secuobs.com/news/comments221032010-google_skipfish_scanner_web_audit.shtml#7299 http://www.secuobs.com/news/comments221032010-google_skipfish_scanner_web_audit.shtml#7299 ESRT @dloss @verbosemode - Virtualised USB fuzzing with Scapy http://www.secuobs.com/twitter/news/133316.shtml http://www.secuobs.com/news/comments501102007-scapy.shtml#7298 http://www.secuobs.com/news/comments501102007-scapy.shtml#7298 ESRT @digininja @egyp7 - @stephenfewer's file searching fu is now implemented in php meterpreter as well http://www.secuobs.com/twitter/news/133490.shtml http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7297 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7297 ESRT @xanda @corelanc0d3r - pvefindaddr v2.08 released - check out new project page http://www.secuobs.com/twitter/news/133321.shtml http://www.secuobs.com/news/comments215062008-gendbg.shtml#7296 http://www.secuobs.com/news/comments215062008-gendbg.shtml#7296 ESRT @MarioVilas - Blind Cat - SQLi tool http://www.secuobs.com/twitter/news/133324.shtml http://www.secuobs.com/news/comments1123032009-greensql_mysql_injection_proxy.shtml#7295 http://www.secuobs.com/news/comments1123032009-greensql_mysql_injection_proxy.shtml#7295 OpenCA tools 1.3.0 http://www.secuobs.com/revue/news/255407.shtml http://www.secuobs.com/news/comments631122008-md5_pki_cluster_ps3_25c3_certificat.shtml#7294 http://www.secuobs.com/news/comments631122008-md5_pki_cluster_ps3_25c3_certificat.shtml#7294 zaproxy A tool for web application penetration testing tool http://www.secuobs.com/revue/news/255437.shtml http://www.secuobs.com/news/comments2324042009-webshag.shtml#7293 http://www.secuobs.com/news/comments2324042009-webshag.shtml#7293 pam_shield 0.9.4 to lock out script kiddies that probe your computer for open logins or easy guessable passwords http://www.secuobs.com/revue/news/255413.shtml http://www.secuobs.com/news/comments423032009-nftables_filtrage_linux_concat_git.shtml#7292 http://www.secuobs.com/news/comments423032009-nftables_filtrage_linux_concat_git.shtml#7292 Malware Check Tool 1.2 http://www.secuobs.com/revue/news/255412.shtml http://www.secuobs.com/news/comments211032008-anubis.shtml#7291 http://www.secuobs.com/news/comments211032008-anubis.shtml#7291 remote - MOAUB 5 - Microsoft MPEG Layer-3 Remote Command Execution Exploit - CVE 2010-0480 http://www.secuobs.com/revue/news/255310.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7290 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7290 UPDATE Nikto v2.1.3 http://www.secuobs.com/revue/news/255420.shtml http://www.secuobs.com/news/comments2324042009-webshag.shtml#7289 http://www.secuobs.com/news/comments2324042009-webshag.shtml#7289 hyenae 0.35-2 http://www.secuobs.com/revue/news/255414.shtml http://www.secuobs.com/news/comments501102007-scapy.shtml#7288 http://www.secuobs.com/news/comments501102007-scapy.shtml#7288 openscap 0.6.2 http://www.secuobs.com/revue/news/255393.shtml http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7287 http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7287 Kernel exploitation r0 to r3 transitions via KeUserModeCallback http://www.secuobs.com/revue/news/255356.shtml http://www.secuobs.com/news/comments1214112007-kernel_hardening.shtml#7286 http://www.secuobs.com/news/comments1214112007-kernel_hardening.shtml#7286 ESRT @komeilipour - PDF Dissector 1.7.0 released http://www.secuobs.com/twitter/news/132910.shtml http://www.secuobs.com/news/comments04062010-pdf-dissector.shtml#7285 http://www.secuobs.com/news/comments04062010-pdf-dissector.shtml#7285 Getting OSSEC To Parse Auditd http://www.secuobs.com/revue/news/255125.shtml http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7284 http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7284 New version of Malicious PDF Scanner http://www.secuobs.com/revue/news/255136.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7283 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7283 remote - Movie Maker Remote Code Execution MS10-016 - CVE 2010-0265 http://www.secuobs.com/revue/news/255196.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7282 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7282 ESRT @julianor - more PDF art from @feliam EXE file that is also a valid PDF document for Adobe http://www.secuobs.com/twitter/news/132870.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7281 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7281 ESRT @hackerzvoice @berendjanwever - Exploits, ASLR and randomness http://www.secuobs.com/twitter/news/132779.shtml http://www.secuobs.com/news/comments18122007-bypass_win4.shtml#7280 http://www.secuobs.com/news/comments18122007-bypass_win4.shtml#7280 ESRT @johnhsawyer - SHODAN search scripts http://www.secuobs.com/twitter/news/132846.shtml http://www.secuobs.com/news/comments125112009-shodan_operator_search_vuln.shtml#7279 http://www.secuobs.com/news/comments125112009-shodan_operator_search_vuln.shtml#7279 ESRT @DidierStevens - I released my 010 Editor template for PDF - PDFTemplate http://www.secuobs.com/twitter/news/132824.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7278 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7278 Script Video fakeAP_pwn v0.3 http://www.secuobs.com/revue/news/255081.shtml http://www.secuobs.com/news/comments804062009-wepbuster_aircrack-ng_csrf_upnp.shtml#7277 http://www.secuobs.com/news/comments804062009-wepbuster_aircrack-ng_csrf_upnp.shtml#7277 My Mistake - Suricata Reassembles on All TCP Ports http://www.secuobs.com/revue/news/255082.shtml http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7276 http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7276 remote - Trend Micro Internet Security 2010 ActiveX Remote Exploit http://www.secuobs.com/revue/news/255067.shtml http://www.secuobs.com/news/comments23012006-worm.shtml#7275 http://www.secuobs.com/news/comments23012006-worm.shtml#7275 New Live Hacking v1.2 Linux Security Distro Released http://www.secuobs.com/revue/news/255033.shtml http://www.secuobs.com/news/comments612062007-secubulive.shtml#7274 http://www.secuobs.com/news/comments612062007-secubulive.shtml#7274 ESRT @packet_storm - Novell Netware OpenSSH Remote Stack Overflow http://www.secuobs.com/twitter/news/132630.shtml http://www.secuobs.com/news/comments208122008-ssh_attaque_botnet_syncrhonisation.shtml#7273 http://www.secuobs.com/news/comments208122008-ssh_attaque_botnet_syncrhonisation.shtml#7273 ESRT @DennisF - Google Releases Chrome 6 With 14 Security Updates - Paid 4337 dollars in bug bounties http://www.secuobs.com/twitter/news/132539.shtml http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7272 http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7272 cvechecker 0.5 http://www.secuobs.com/revue/news/254894.shtml http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7271 http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7271 Suricata TCP Evasions http://www.secuobs.com/revue/news/254824.shtml http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7270 http://www.secuobs.com/news/comments1111052008-snort_ids.shtml#7270 Configuring Conditional SSH Connections http://www.secuobs.com/revue/news/254787.shtml http://www.secuobs.com/news/comments12012006-multiplexage-openssh.shtml#7269 http://www.secuobs.com/news/comments12012006-multiplexage-openssh.shtml#7269 Compromising Twitter's OAuth security system http://www.secuobs.com/revue/news/254753.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#7268 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#7268 Suricata 1.0.2 released http://www.secuobs.com/revue/news/254752.shtml http://www.secuobs.com/news/comments1011052008-snort_ids.shtml#7267 http://www.secuobs.com/news/comments1011052008-snort_ids.shtml#7267 Onapsis to release ERP vulnerability testing suite http://www.secuobs.com/revue/news/254756.shtml http://www.secuobs.com/news/comments12122008-audit_sap_sapyto_erp_gsa_pgi.shtml#7266 http://www.secuobs.com/news/comments12122008-audit_sap_sapyto_erp_gsa_pgi.shtml#7266 When bugs are forgotten http://www.secuobs.com/revue/news/254768.shtml http://www.secuobs.com/news/comments906012009-rommon_exploit_cisco_router_25c3_fx.shtml#7265 http://www.secuobs.com/news/comments906012009-rommon_exploit_cisco_router_25c3_fx.shtml#7265 ESRT @xanda @urlvoid - Added New Scanning Engine: DNS-BH http://www.secuobs.com/twitter/news/132407.shtml http://www.secuobs.com/news/comments211032008-anubis.shtml#7264 http://www.secuobs.com/news/comments211032008-anubis.shtml#7264 ESRT @sbrabez @mwrlabs Second blog post on Linux application exploitation mitigation techniques Kernel features http://www.secuobs.com/twitter/news/132392.shtml http://www.secuobs.com/news/comments1214112007-kernel_hardening.shtml#7263 http://www.secuobs.com/news/comments1214112007-kernel_hardening.shtml#7263 Apple patches 13 iTunes security holes http://www.secuobs.com/revue/news/254734.shtml http://www.secuobs.com/news/comments622012009-memory_injection_mac_os_x_blackhat.shtml#7262 http://www.secuobs.com/news/comments622012009-memory_injection_mac_os_x_blackhat.shtml#7262 Researcher Will Demo Bypass of Windows Service Isolation Feature http://www.secuobs.com/revue/news/254667.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7261 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7261 Metasploit retrieves Apple Airport Extreme pwd and sets auto-answer to true for D-Link i2Eye video conferencing system http://www.metasploit.com/redmine/projects/framework/repository/revisions/10218 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7260 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7260 ESRT @y0m @xanda @revskills @chr1x - X86 Win32 Reverse Engineering Cheat Sheet http://www.secuobs.com/twitter/news/132343.shtml http://www.secuobs.com/news/comments620052004it_nbrulez.html#7259 http://www.secuobs.com/news/comments620052004it_nbrulez.html#7259 dos - MOAUB 2 - Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability - CVE 2010-0519 http://www.secuobs.com/revue/news/254628.shtml http://www.secuobs.com/news/comments05122007-quicktime.shtml#7258 http://www.secuobs.com/news/comments05122007-quicktime.shtml#7258 ESRT @postmodern_mod3 - Turn your Android Phone Into a Remote Spy Camera with Ruby http://www.secuobs.com/twitter/news/132340.shtml http://www.secuobs.com/news/comments1301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#7257 http://www.secuobs.com/news/comments1301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#7257 ESRT @agent0x0 @secureideas - Laudanum 0.2 has been released Includes proxy scripts to use in @timmedin's exploits http://www.secuobs.com/twitter/news/132327.shtml http://www.secuobs.com/news/comments1123032009-greensql_mysql_injection_proxy.shtml#7256 http://www.secuobs.com/news/comments1123032009-greensql_mysql_injection_proxy.shtml#7256 ESRT @keith55 @jduck1337 - writing Metasploit modules http://www.secuobs.com/twitter/news/132266.shtml http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7255 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7255 HP Scanners exposing sensitive information http://www.secuobs.com/revue/news/254599.shtml http://www.secuobs.com/news/comments08122003enquete-ibas-photocopieurs.html#7254 http://www.secuobs.com/news/comments08122003enquete-ibas-photocopieurs.html#7254 Qubes, Qubes Pro, and the Future http://www.secuobs.com/revue/news/254606.shtml http://www.secuobs.com/news/comments06042010-qubes_os_xen_vt-d_tpm_isolation.shtml#7253 http://www.secuobs.com/news/comments06042010-qubes_os_xen_vt-d_tpm_isolation.shtml#7253 Seccubus v1.5.2 - If at first http://www.secuobs.com/revue/news/254604.shtml http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7252 http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7252 Microsoft issues updates to sysinternals ProcDump and Process Monitor http://www.secuobs.com/revue/news/254459.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7251 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7251 ESRT @sans_isc - Diary VMWARE releases 2 security advisories for ESX Service Console http://www.secuobs.com/twitter/news/132035.shtml http://www.secuobs.com/news/comments705062009-cloudburst_vmware_framebuffer.shtml#7250 http://www.secuobs.com/news/comments705062009-cloudburst_vmware_framebuffer.shtml#7250 ESRT @ChrisJohnRiley @hdmoore - Metasploit Express Update - Quicktime, Improved Search, ColdFusion, Tomcat, PDF EXE http://www.secuobs.com/twitter/news/132050.shtml http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7249 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7249 ESRT @0xcharlie @securityshell - Charlie Miller's Acrobat Reader Integer Overflow Working exploit demo. Impressive work http://www.secuobs.com/twitter/news/131960.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7248 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7248 ESRT @MarioVilas @xanda - ARKit opensource rootkit detection library updates http://www.secuobs.com/twitter/news/131920.shtml http://www.secuobs.com/news/comments28022007-rkprofiler_lx.shtml#7247 http://www.secuobs.com/news/comments28022007-rkprofiler_lx.shtml#7247 MOAUB 1 - Adobe Acrobat Reader and Flash Player "newclass" invalid pointer - Binary Analysis http://www.secuobs.com/revue/news/254428.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7246 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7246 Google Code discovered serving malware http://www.secuobs.com/revue/news/254396.shtml http://www.secuobs.com/news/comments16112008-xp_antivirus_2008_malware_adsense.shtml#7245 http://www.secuobs.com/news/comments16112008-xp_antivirus_2008_malware_adsense.shtml#7245 IN SECURE Magazine issue 27 released http://www.secuobs.com/revue/news/254375.shtml http://www.secuobs.com/news/comments124092007-uninformed_8.shtml#7244 http://www.secuobs.com/news/comments124092007-uninformed_8.shtml#7244 Malware detection with Neptune http://www.secuobs.com/revue/news/254374.shtml http://www.secuobs.com/news/comments211032008-anubis.shtml#7243 http://www.secuobs.com/news/comments211032008-anubis.shtml#7243 ESRT @dave_rel1k @dookie2000ca - Added a Porting Exploits section on Metasploit Unleashed http://www.secuobs.com/twitter/news/131868.shtml http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7242 http://www.secuobs.com/news/comments4028122007-metasploit.shtml#7242 ESRT @dave_rel1k - Social-Engineer Toolkit SET updates, added NAT/Port Forwarding, obfuscation for java applet downloader http://www.secuobs.com/twitter/news/131867.shtml http://www.secuobs.com/news/comments102032010-set_social_engineering_toolkit.shtml#7241 http://www.secuobs.com/news/comments102032010-set_social_engineering_toolkit.shtml#7241 ESRT @maltainfosec @trusecure - Need to deploy DNSSEC - NIST publishes its how-to http://www.secuobs.com/twitter/news/131811.shtml http://www.secuobs.com/news/comments201022009-root_cache_dns_ddos_spoofing_flood.shtml#7240 http://www.secuobs.com/news/comments201022009-root_cache_dns_ddos_spoofing_flood.shtml#7240 ESRT @RonGula - Tenable skunk works - visualizing Nessus scans in 3D http://www.secuobs.com/twitter/news/131456.shtml http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7239 http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7239 ESRT @secureideas @achillean - Some quick code to access the Shodan API using Ruby by @johnhsawyer http://www.secuobs.com/twitter/news/131459.shtml http://www.secuobs.com/news/comments125112009-shodan_operator_search_vuln.shtml#7238 http://www.secuobs.com/news/comments125112009-shodan_operator_search_vuln.shtml#7238 ESRT @threatpost - IBM revises vulnerability stats after Google complains http://www.secuobs.com/twitter/news/131544.shtml http://www.secuobs.com/news/comments16012009-ibm.shtml#7237 http://www.secuobs.com/news/comments16012009-ibm.shtml#7237 ESRT @msftsecresponse - Status update on the DLL preloading issue and additional guidance on deploying mitigations http://www.secuobs.com/twitter/news/131537.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7236 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7236 ESRT @revskills @reverseshell: Hooking forms with Javascript Originally for plugin js injection but maybe persistent XSS http://www.secuobs.com/twitter/news/131531.shtml http://www.secuobs.com/news/comments812032009-scrubbr_xss_suppression_automatique.shtml#7235 http://www.secuobs.com/news/comments812032009-scrubbr_xss_suppression_automatique.shtml#7235 ESRT @keith55 @winfang98 @dave_rel1k - Video uploaded from our Defcon 18 presentation on PowerShell OMFG http://www.secuobs.com/twitter/news/131524.shtml http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7234 http://www.secuobs.com/news/comments2723032009-exploitable_windbg_dump_audit_msec.shtml#7234 ESRT @revskills @t0ka7a @ethicalhack3r - Extending Burp Suite in Python http://www.secuobs.com/twitter/news/131530.shtml http://www.secuobs.com/news/comments2324042009-webshag.shtml#7233 http://www.secuobs.com/news/comments2324042009-webshag.shtml#7233 Security Rails 3.0 and XSS-protection http://www.secuobs.com/revue/news/254180.shtml http://www.secuobs.com/news/comments812032009-scrubbr_xss_suppression_automatique.shtml#7232 http://www.secuobs.com/news/comments812032009-scrubbr_xss_suppression_automatique.shtml#7232 PDF Examiner 1.0 http://www.secuobs.com/revue/news/253983.shtml http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7231 http://www.secuobs.com/news/comments1020062009-origami_pdf_virus_filtre_javascript.shtml#7231 Void SSH - a python script performing multithreaded bruteforce http://www.secuobs.com/revue/news/254167.shtml http://www.secuobs.com/news/comments208122008-ssh_attaque_botnet_syncrhonisation.shtml#7230 http://www.secuobs.com/news/comments208122008-ssh_attaque_botnet_syncrhonisation.shtml#7230 ESRT @lennyzeltser - New PowerShell script to create blackhole zones on Windows DNS servers for combating malware http://www.secuobs.com/twitter/news/131358.shtml http://www.secuobs.com/news/comments2623032009-exploitable_windbg_dump_audit_msec.shtml#7229 http://www.secuobs.com/news/comments2623032009-exploitable_windbg_dump_audit_msec.shtml#7229 phpMyAdmin Insufficient output sanitizing when generating configuration file http://www.secuobs.com/revue/news/253947.shtml http://www.secuobs.com/news/comments610052008-php_security.shtml#7228 http://www.secuobs.com/news/comments610052008-php_security.shtml#7228 Export Address Table Filtering EMET v2 http://www.secuobs.com/revue/news/253965.shtml http://www.secuobs.com/news/comments128102009-microsoft_emet_dep_seh_heap_spray.shtml#7227 http://www.secuobs.com/news/comments128102009-microsoft_emet_dep_seh_heap_spray.shtml#7227 AuditX a shell script that performs initial information gathering for a given target http://www.secuobs.com/revue/news/253875.shtml http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7226 http://www.secuobs.com/news/comments1309042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#7226 X-Frame-Options Finally on Vanilla Firefox http://www.secuobs.com/revue/news/253858.shtml http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7225 http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7225 Presenting DllHijackAuditor Smart Tool to Audit Dll Hijack Vulnerability http://www.secuobs.com/revue/news/253796.shtml http://www.secuobs.com/news/comments2623032009-exploitable_windbg_dump_audit_msec.shtml#7224 http://www.secuobs.com/news/comments2623032009-exploitable_windbg_dump_audit_msec.shtml#7224 Wireshark 1.2.11 and 1.0.16 Released http://www.secuobs.com/revue/news/253795.shtml http://www.secuobs.com/news/comments617112008-netwitness_investigator_pcap.shtml#7223 http://www.secuobs.com/news/comments617112008-netwitness_investigator_pcap.shtml#7223 Wireshark 1.4.0 released http://www.secuobs.com/revue/news/253704.shtml http://www.secuobs.com/news/comments617112008-netwitness_investigator_pcap.shtml#7222 http://www.secuobs.com/news/comments617112008-netwitness_investigator_pcap.shtml#7222 Video - From RepStrap to RepRap; a 3D printer is born http://www.secuobs.com/revue/news/253511.shtml http://www.secuobs.com/news/comments17112008-reprap_prototypage_universel_gpl.shtml#7221 http://www.secuobs.com/news/comments17112008-reprap_prototypage_universel_gpl.shtml#7221 Secu PFT, the Python Firewall Tester http://www.secuobs.com/revue/news/253507.shtml http://www.secuobs.com/news/comments323032009-nftables_filtrage_linux_concat_git.shtml#7220 http://www.secuobs.com/news/comments323032009-nftables_filtrage_linux_concat_git.shtml#7220 0day Apple QuickTime Marshaled_pUnk backdoor param client-side arbitrary code http://www.secuobs.com/revue/news/253656.shtml http://www.secuobs.com/news/comments05122007-quicktime.shtml#7219 http://www.secuobs.com/news/comments05122007-quicktime.shtml#7219 UPDATE FOCA v2.5.2 http://www.secuobs.com/revue/news/253620.shtml http://www.secuobs.com/news/comments209032009-seat_audit_data_mining.shtml#7218 http://www.secuobs.com/news/comments209032009-seat_audit_data_mining.shtml#7218 PDF Dissector 1.6.0 released http://www.secuobs.com/revue/news/253577.shtml http://www.secuobs.com/news/comments04062010-pdf-dissector.shtml#7217 http://www.secuobs.com/news/comments04062010-pdf-dissector.shtml#7217 Keykeriki V2.0 has now its own page http://www.secuobs.com/revue/news/253569.shtml http://www.secuobs.com/news/comments103062009-keykeriki_sniffer_wireless_keyboard.shtml#7216 http://www.secuobs.com/news/comments103062009-keykeriki_sniffer_wireless_keyboard.shtml#7216 The Intuitive WiFi hacking GUI app for Ubuntu Linux http://www.secuobs.com/revue/news/253508.shtml http://www.secuobs.com/news/comments704062009-wepbuster_aircrack-ng_csrf_upnp.shtml#7215 http://www.secuobs.com/news/comments704062009-wepbuster_aircrack-ng_csrf_upnp.shtml#7215 ESRT @ortegaalfredo - Fedora gdb heap tool http://www.secuobs.com/twitter/news/130793.shtml http://www.secuobs.com/news/comments215062008-gendbg.shtml#7214 http://www.secuobs.com/news/comments215062008-gendbg.shtml#7214 ESRT @WebSecurityNews - Hackers blind quantum cryptographers http://www.secuobs.com/twitter/news/130675.shtml http://www.secuobs.com/news/comments124022007-qkd.shtml#7213 http://www.secuobs.com/news/comments124022007-qkd.shtml#7213 ESRT @dragosr @revskills - IronFox is firefox in a sandbox Firefox 3.6 and MacOSX 10.6 http://www.secuobs.com/twitter/news/130664.shtml http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7212 http://www.secuobs.com/news/comments1914112008-browser_rootkit.shtml#7212 ESRT @pentestit - UPDATE: Skipfish 1.62b http://www.secuobs.com/twitter/news/130843.shtml http://www.secuobs.com/news/comments121032010-google_skipfish_scanner_web_audit.shtml#7211 http://www.secuobs.com/news/comments121032010-google_skipfish_scanner_web_audit.shtml#7211