http://www.secuobs.com L'observatoire de la securite Internet fr webmaster@secuobs.com Charlie Miller Will Expose 20 Hackable Apple Security Flaws http://www.secuobs.com/revue/news/202437.shtml http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#5424 http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#5424 Vulnerability in phpAdsNew, OpenAds and OpenX http://www.secuobs.com/secumail/btsecumail/msg18734.shtml http://www.secuobs.com/news/comments23122009-clicktag.shtml#5410 http://www.secuobs.com/news/comments23122009-clicktag.shtml#5410 ESRT @ITVulnerability - PeerSec MatrixSSL - Embedded SSL and TLS implementation http://www.secuobs.com/twitter/news/72913.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#5395 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#5395 plecost v0.2.2-7 Beta Update http://www.secuobs.com/revue/news/200651.shtml http://www.secuobs.com/news/comments105032007-wordpress.shtml#5376 http://www.secuobs.com/news/comments105032007-wordpress.shtml#5376 WordPress Injection Attack http://www.secuobs.com/revue/news/200083.shtml http://www.secuobs.com/news/comments105032007-wordpress.shtml#5353 http://www.secuobs.com/news/comments105032007-wordpress.shtml#5353 MS10-017 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 980150 http://www.secuobs.com/revue/news/199888.shtml http://www.secuobs.com/news/comments128062006-excel.shtml#5349 http://www.secuobs.com/news/comments128062006-excel.shtml#5349 WordPress Exploit Scanner plugin http://www.secuobs.com/revue/news/199658.shtml http://www.secuobs.com/news/comments05032007-wordpress.shtml#5330 http://www.secuobs.com/news/comments05032007-wordpress.shtml#5330 New browser reports over half of SSL sites may be unsafe http://www.secuobs.com/revue/news/198986.shtml http://www.secuobs.com/news/comments531122008-md5_pki_cluster_ps3_25c3_certificat.shtml#5305 http://www.secuobs.com/news/comments531122008-md5_pki_cluster_ps3_25c3_certificat.shtml#5305 Researchers Find Flaw in RSA Authentication http://www.secuobs.com/revue/news/198068.shtml http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#5283 http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#5283 ProSSHD v1.2 20090726 Buffer Overflow Exploit http://www.secuobs.com/revue/news/197312.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#5260 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#5260 Symantec Products SYMLTCOM.dll Buffer Overflow Vulnerability http://www.secuobs.com/secumail/btsecumail/msg18594.shtml http://www.secuobs.com/news/comments20012006-symantec.shtml#5199 http://www.secuobs.com/news/comments20012006-symantec.shtml#5199 OpenDNS adopts DNSCurve http://www.secuobs.com/revue/news/194751.shtml http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#5182 http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#5182 unhash 1.1 a brute force attack tool against a given hash http://www.secuobs.com/revue/news/194545.shtml http://www.secuobs.com/news/comments531122008-md5_pki_cluster_ps3_25c3_certificat.shtml#5173 http://www.secuobs.com/news/comments531122008-md5_pki_cluster_ps3_25c3_certificat.shtml#5173 Critical vulnerabilities affecting OpenOffice.org http://www.secuobs.com/revue/news/192522.shtml http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#5096 http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#5096 Harden SSL/TLS - Tool release http://www.secuobs.com/revue/news/192397.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#5090 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#5090 ESRT @neil_conway - Recent Progress in Quantum Algorithms http://www.secuobs.com/twitter/news/65664.shtml http://www.secuobs.com/news/comments124022007-qkd.shtml#5085 http://www.secuobs.com/news/comments124022007-qkd.shtml#5085 WordPress 2.9 Failure to Restrict URL Access http://www.secuobs.com/revue/news/191715.shtml http://www.secuobs.com/news/comments05032007-wordpress.shtml#5052 http://www.secuobs.com/news/comments05032007-wordpress.shtml#5052 Microsoft IIS self decoding behavior leads to WAF Bypass information disclosure http://www.secuobs.com/revue/news/191736.shtml http://www.secuobs.com/news/comments01092009-iis_ftp_nlst_exploit_kingcope_nmap.shtml#5050 http://www.secuobs.com/news/comments01092009-iis_ftp_nlst_exploit_kingcope_nmap.shtml#5050 ESRT @follc - Sur le blog de Stéphane Bortzmeyer: Un intéressant problème de DoS spontané avec DNSSEC http://www.secuobs.com/twitter/news/64889.shtml http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#5043 http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#5043 Video : ESRT @tomaszmiklas @sandrogauci - VOIPPACK Updates in SIP Digest Leak tool http://www.secuobs.com/twitter/news/64934.shtml http://www.secuobs.com/news/comments03042009-proxy_sip_digest_leak_password_md5.shtml#5042 http://www.secuobs.com/news/comments03042009-proxy_sip_digest_leak_password_md5.shtml#5042 New versions of Dbjit and Vulndisco http://www.secuobs.com/revue/news/191465.shtml http://www.secuobs.com/news/comments112012010-intevydis.shtml#5032 http://www.secuobs.com/news/comments112012010-intevydis.shtml#5032 Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability http://www.secuobs.com/revue/news/191189.shtml http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#5021 http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#5021 Cookie Poisoning Resource http://www.secuobs.com/revue/news/190641.shtml http://www.secuobs.com/news/comments121012009-dns_rebinding_cookie_persistant_xss.shtml#4996 http://www.secuobs.com/news/comments121012009-dns_rebinding_cookie_persistant_xss.shtml#4996 SSL TLS Audit alpha - Tool Release http://www.secuobs.com/revue/news/190542.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4990 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4990 OpenDNSSEC 1.0.0 released http://www.secuobs.com/revue/news/190151.shtml http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4976 http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4976 Details on the New TLS Advisory 977377, a Vulnerability in TLS which Could Allow Spoofing http://www.secuobs.com/revue/news/190195.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4973 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4973 Microsoft introduces DEP into Office 2010 http://www.secuobs.com/revue/news/190095.shtml http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4965 http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4965 PS3 hypervisor exploit reproduced http://www.secuobs.com/revue/news/189722.shtml http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4936 http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4936 Oracle Patches Critical WebLogic Flaw http://www.secuobs.com/revue/news/189609.shtml http://www.secuobs.com/news/comments112012010-intevydis.shtml#4933 http://www.secuobs.com/news/comments112012010-intevydis.shtml#4933 Get your Faraday Bag http://www.secuobs.com/revue/news/189322.shtml http://www.secuobs.com/news/comments21102008-epfl-tempest.shtml#4921 http://www.secuobs.com/news/comments21102008-epfl-tempest.shtml#4921 openssh-53p1-remote-root.c http://www.secuobs.com/revue/news/189359.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#4919 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#4919 WordPress iframe injection http://www.secuobs.com/revue/news/189157.shtml http://www.secuobs.com/news/comments05032007-wordpress.shtml#4917 http://www.secuobs.com/news/comments05032007-wordpress.shtml#4917 Intel Desktop Boards Privilege Escalation, new BIOS update http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00022languageid=en-fr http://www.secuobs.com/news/comments24122009-dma_intel_txt_mchbar_sinit.shtml#4895 http://www.secuobs.com/news/comments24122009-dma_intel_txt_mchbar_sinit.shtml#4895 ESRT @ebellis @csoandy - Why don't websites default to SSL http://www.secuobs.com/twitter/news/62266.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4892 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4892 Whitepaper : Advanced Mac OS X Physical Memory Analysis - Black Hat DC 2010 http://blackhat.com/presentations/bh-dc-10/Suiche_Matthieu/Blackhat-DC-2010-Advanced-Mac-OS-X-Physical-Memory-Analysis-wp.pdf http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4872 http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4872 Researchers develop way to catch online gaming cheats http://www.secuobs.com/revue/news/188440.shtml http://www.secuobs.com/news/comments22082006-wow.shtml#4866 http://www.secuobs.com/news/comments22082006-wow.shtml#4866 Remote command execution exploit for the AMS2 Alert Management Systems 2 of multiple Symantec products http://www.secuobs.com/revue/news/188474.shtml http://www.secuobs.com/news/comments20012006-symantec.shtml#4861 http://www.secuobs.com/news/comments20012006-symantec.shtml#4861 ESRT @sambowne @govcomputernews - Engineer cracks 'secure' TPM chip with electron microscope http://www.secuobs.com/twitter/news/61533.shtml http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4828 http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4828 Killing Antivirus, One DLL At A Time http://www.secuobs.com/revue/news/187947.shtml http://www.secuobs.com/news/comments11112005-magicbytes.shtml#4823 http://www.secuobs.com/news/comments11112005-magicbytes.shtml#4823 Cross-Site History Manipulation (XSHM) http://www.secuobs.com/secumail/btsecumail/msg18385.shtml http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4804 http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4804 ESRT @securitypro2009 - PUSHDO: The New SSL DDoS http://www.secuobs.com/twitter/news/60840.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4789 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4789 US Army CERDEC will be porting development work done on JTRS to GNU Radio http://www.secuobs.com/revue/news/187214.shtml http://www.secuobs.com/news/comments07042009-wifi_fhss_gnu_radio_usrp_trustwave.shtml#4778 http://www.secuobs.com/news/comments07042009-wifi_fhss_gnu_radio_usrp_trustwave.shtml#4778 Oracle TimesTen 7.0.5 timestend DoS http://www.secuobs.com/revue/news/187130.shtml http://www.secuobs.com/news/comments112012010-intevydis.shtml#4765 http://www.secuobs.com/news/comments112012010-intevydis.shtml#4765 IBM DB2 9.7 kuddb2 DoS http://www.secuobs.com/revue/news/187110.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4764 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4764 Chrome Supports Strict Transport Security STS http://www.secuobs.com/revue/news/186927.shtml http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4761 http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4761 ESRT @xanda @securityshell - Your browser history sniffed with just 64 lines of Python tested with Firefox 3.5.3 http://www.secuobs.com/twitter/news/60234.shtml http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4746 http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4746 Ingres 9.3 heap overflow http://www.secuobs.com/revue/news/186400.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4741 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4741 @securitystuff - Firefox XPS IRC Attack http://twitter.com/securitystuff/statuses/8301486681 http://www.secuobs.com/news/comments07102009-xss_inter_protocol_sop_bypass.shtml#4729 http://www.secuobs.com/news/comments07102009-xss_inter_protocol_sop_bypass.shtml#4729 ESRT @securityshell Weaning the Web off of Session Cookies http://www.secuobs.com/twitter/news/59635.shtml http://www.secuobs.com/news/comments21012009-dns_rebinding_cookie_persistant_xss.shtml#4720 http://www.secuobs.com/news/comments21012009-dns_rebinding_cookie_persistant_xss.shtml#4720 geohot reveals his ps3 exploit http://secuobs.com/revue/news/185669.shtml http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4706 http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4706 Multichannel protocols against relay attacks http://www.secuobs.com/revue/news/185594.shtml http://www.secuobs.com/news/comments124022007-qkd.shtml#4703 http://www.secuobs.com/news/comments124022007-qkd.shtml#4703 IBM DB2 9.7 heap overflow http://www.secuobs.com/revue/news/185625.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4700 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4700 PostgreSQL 8.0.23 bitsubstr overflow http://www.secuobs.com/revue/news/185626.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4699 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4699 First release of DBJIT toolset, 50 modules designed to be used with Immunity CANVAS http://www.secuobs.com/revue/news/185076.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4679 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4679 MySQL yassl stack overflow http://www.secuobs.com/revue/news/185044.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4677 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4677 Twitter Widget Flaw Provides Access to User Accounts http://www.secuobs.com/revue/news/184950.shtml http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4670 http://www.secuobs.com/news/comments117112009-renegociation_tls_twitter_poc_mitm.shtml#4670 Cookie Forcing - Trust your cookies no more http://www.secuobs.com/revue/news/184764.shtml http://www.secuobs.com/news/comments21012009-dns_rebinding_cookie_persistant_xss.shtml#4657 http://www.secuobs.com/news/comments21012009-dns_rebinding_cookie_persistant_xss.shtml#4657 Oracle Weblogic 10.3.2 Node Manager fun http://www.secuobs.com/revue/news/184612.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4649 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4649 Twitter Cuts Feature On Site Over Security Flaw http://www.secuobs.com/revue/news/184654.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4644 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4644 ESRT @dragosr - Flash Expect Header XSS Javascript injection http://www.secuobs.com/twitter/news/58267.shtml http://www.secuobs.com/news/comments23122009-clicktag.shtml#4641 http://www.secuobs.com/news/comments23122009-clicktag.shtml#4641 ESRT @CanDeger - DNSSEC Compromised Again ? http://www.secuobs.com/twitter/news/58242.shtml http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4640 http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4640 ESRT @sam280 - The insecurity of OpenBSD - nice debunking of the most secure OS claims http://www.secuobs.com/twitter/news/57851.shtml http://www.secuobs.com/news/comments324032009-rootkit_bios_persistant_flashrom.shtml#4627 http://www.secuobs.com/news/comments324032009-rootkit_bios_persistant_flashrom.shtml#4627 Security Patch for for BIND 9.6.1 Released http://www.secuobs.com/revue/news/183441.shtml http://www.secuobs.com/news/comments204082008-dns.shtml#4594 http://www.secuobs.com/news/comments204082008-dns.shtml#4594 OpenOffice versions 3.1.1 and 3.1.0 slk file parsing null pointer proof of concept exploit http://www.secuobs.com/revue/news/183388.shtml http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4590 http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4590 Sun Java System Web Server 70u7 WEBDAV stack overflow http://www.secuobs.com/revue/news/183275.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4584 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4584 Apple Patches 12 Serious Mac OS X Vulnerabilities http://www.secuobs.com/revue/news/183269.shtml http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4583 http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4583 Researchers - Facebook Vulnerable To Clickjacking http://www.secuobs.com/revue/news/183012.shtml http://www.secuobs.com/news/comments26012009-mem_jacking_navigateur_web.shtml#4572 http://www.secuobs.com/news/comments26012009-mem_jacking_navigateur_web.shtml#4572 Sun Java System Web Server 7.0u7 TRACE overflow http://www.secuobs.com/revue/news/182931.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4564 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4564 Heap-spray generator to generate a small piece of JavaScript that sprays the heap using customizable settings http://www.secuobs.com/revue/news/182761.shtml http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4549 http://www.secuobs.com/news/comments04112009-heap_spraying_ms_office_flash.shtml#4549 Slides : Side-channel Attacks Based on (multi) Linear Approximations (MPLA) iAWACS 2009 http://esiea-recherche.eu/Slides09/slides_iAWACS09_Roche-Tavernier_side-channel-attacks.pdf http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#4535 http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#4535 Zeus Web Server SSL2_CLIENT_HELLO overflow http://www.secuobs.com/revue/news/182575.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4531 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4531 HP Web Jetadmin, Remote Unauthorized Access to Data, Denial of Service http://www.secuobs.com/secumail/btsecumail/msg18179.shtml http://www.secuobs.com/news/comments07122009-gsdays-nbs-imprimantes.shtml#4489 http://www.secuobs.com/news/comments07122009-gsdays-nbs-imprimantes.shtml#4489 Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability http://www.secuobs.com/secumail/btsecumail/msg18186.shtml http://www.secuobs.com/news/comments11122008-word_MS08-072_poc_corruption.shtml#4488 http://www.secuobs.com/news/comments11122008-word_MS08-072_poc_corruption.shtml#4488 Novell eDirectory 8.7.3 overflow http://www.secuobs.com/revue/news/181732.shtml http://www.secuobs.com/news/comments12012010-intevydis.shtml#4484 http://www.secuobs.com/news/comments12012010-intevydis.shtml#4484 ESRT @inliniac @ivanristic - How to render SSL useless - PDF OWASP London http://www.secuobs.com/twitter/news/55514.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4480 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4480 Video : Bypassing Flash Logins using Flasm http://www.secuobs.com/revue/news/180709.shtml http://www.secuobs.com/news/comments23122009-clicktag.shtml#4446 http://www.secuobs.com/news/comments23122009-clicktag.shtml#4446 Kismet Release 2010-01-R1 http://www.secuobs.com/revue/news/180533.shtml http://www.secuobs.com/news/comments07042009-wifi_fhss_gnu_radio_usrp_trustwave.shtml#4440 http://www.secuobs.com/news/comments07042009-wifi_fhss_gnu_radio_usrp_trustwave.shtml#4440 XSS vulnerabilities in 34 millions flash files http://www.secuobs.com/secumail/btsecumail/msg18155.shtml http://www.secuobs.com/news/comments23122009-clicktag.shtml#4433 http://www.secuobs.com/news/comments23122009-clicktag.shtml#4433 ESRT @security4all @regsecurity - Fix finalized for SSL protocol hole http://www.secuobs.com/twitter/news/53704.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4406 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4406 ESRT @opexxx - MacOS X 10.5 10.6 libc strtod(3) buffer overflow http://www.secuobs.com/twitter/news/53499.shtml http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4403 http://www.secuobs.com/news/comments522012009-memory_injection_mac_os_x_blackhat.shtml#4403 ESRT @jeremiahg @samykamkar NAT Pinning penetrate your router FW Connect on any port Just hit a URL No XSS No CSRF http://www.secuobs.com/twitter/news/52815.shtml http://www.secuobs.com/news/comments16022007-drive_by_pharming.shtml#4378 http://www.secuobs.com/news/comments16022007-drive_by_pharming.shtml#4378 ESRT @opexxx - Microsoft SQL Server Fingerprint Tool BETA-3 released http://www.secuobs.com/twitter/news/52552.shtml http://www.secuobs.com/news/comments18122008-sp_replwritetovarbin_injection_sql.shtml#4367 http://www.secuobs.com/news/comments18122008-sp_replwritetovarbin_injection_sql.shtml#4367 Ruby SSL Checker http://www.secuobs.com/revue/news/178626.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4366 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4366 ESRT @hackersorg - Anonymous Proxy Woes http://www.secuobs.com/twitter/news/52219.shtml http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4346 http://www.secuobs.com/news/comments19062009-sniff_browser_history_no_javascript.shtml#4346 NetCrack 1.0 a cluster software to distribute a hashing algorithm's cracking process using brute force http://www.secuobs.com/revue/news/178157.shtml http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4343 http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4343 Sendmail 8.14.4 has been released http://www.secuobs.com/revue/news/177094.shtml http://www.secuobs.com/news/comments124112008-gmail_filtre_redirection_godaddy.shtml#4310 http://www.secuobs.com/news/comments124112008-gmail_filtre_redirection_godaddy.shtml#4310 ESRT @danielkennedy74 - XSS Attacks on Twitter via OAuth - POC blog post to follow http://www.secuobs.com/twitter/news/51301.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4302 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4302 Implementation of Quantum Cryptography Cracked http://www.secuobs.com/revue/news/176721.shtml http://www.secuobs.com/news/comments24022007-qkd.shtml#4298 http://www.secuobs.com/news/comments24022007-qkd.shtml#4298 26C3: Defending the poor, Countering Flash Exploits http://www.secuobs.com/revue/news/176241.shtml http://www.secuobs.com/news/comments23122009-clicktag.shtml#4274 http://www.secuobs.com/news/comments23122009-clicktag.shtml#4274 Videos : 26c3 streaming and streamdumps http://events.ccc.de/congress/2009/wiki/Streaming http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4272 http://www.secuobs.com/news/comments431122008-md5_pki_cluster_ps3_25c3_certificat.shtml#4272 Another Intel TXT Attack http://www.secuobs.com/revue/news/174650.shtml http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4208 http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4208 TLS Renegotiation Vulnerability PoC Exploit http://www.secuobs.com/revue/news/174609.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4203 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4203 TFTP SERVER Buffer Overflow remote exploit http://www.secuobs.com/revue/news/174031.shtml http://www.secuobs.com/news/comments01092009-iis_ftp_nlst_exploit_kingcope_nmap.shtml#4187 http://www.secuobs.com/news/comments01092009-iis_ftp_nlst_exploit_kingcope_nmap.shtml#4187 Twitter outage via DNS hijacking http://www.secuobs.com/revue/news/173788.shtml http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4176 http://www.secuobs.com/news/comments17112009-renegociation_tls_twitter_poc_mitm.shtml#4176 Differential Power Analysis and the Trusted Platform Module http://www.secuobs.com/revue/news/172834.shtml http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#4158 http://www.secuobs.com/news/comments24102009-dpa_tempest_crypto_key_smartphone.shtml#4158 Cross-domain search timing http://www.secuobs.com/revue/news/171258.shtml http://www.secuobs.com/news/comments07102009-xss_inter_protocol_sop_bypass.shtml#4094 http://www.secuobs.com/news/comments07102009-xss_inter_protocol_sop_bypass.shtml#4094 MS09-074 - Critical Vulnerability in Microsoft Office Project Could Allow Remote Code Execution 967183 http://www.secuobs.com/revue/news/169791.shtml http://www.secuobs.com/news/comments11122008-wordpad_convert_exploit_remote_exec.shtml#4051 http://www.secuobs.com/news/comments11122008-wordpad_convert_exploit_remote_exec.shtml#4051 2009 Cisco Annual Security Report http://www.secuobs.com/revue/news/169723.shtml http://www.secuobs.com/news/comments14082003cisco-2gb.html#4047 http://www.secuobs.com/news/comments14082003cisco-2gb.html#4047 Microsoft BitLocker Attack Illustrated http://www.secuobs.com/revue/news/169268.shtml http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4029 http://www.secuobs.com/news/comments06012009-intel_txt_tpm_invisible_things_vpro.shtml#4029 ESRT @hdmoore - Google DNS source port, transaction ID randomization http://www.secuobs.com/twitter/news/44165.shtml http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4015 http://www.secuobs.com/news/comments101022009-root_cache_dns_ddos_spoofing_flood.shtml#4015