http://www.secuobs.com L'observatoire de la securite Internet fr webmaster@secuobs.com ESRT @packet_storm - Nux Keylogger 0.0.1 http://www.secuobs.com/twitter/news/72895.shtml http://www.secuobs.com/news/comments103062009-keykeriki_sniffer_wireless_keyboard.shtml#5394 http://www.secuobs.com/news/comments103062009-keykeriki_sniffer_wireless_keyboard.shtml#5394 ESRT @threatpost - New capabilities are strengthening the ZeuS botnet allowing criminals to steal financial credentials http://www.secuobs.com/twitter/news/73082.shtml http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5393 http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5393 Wireshark Display Filters cheatsheet v2.0 http://www.secuobs.com/revue/news/201274.shtml http://www.secuobs.com/news/comments417112008-netwitness_investigator_pcap.shtml#5392 http://www.secuobs.com/news/comments417112008-netwitness_investigator_pcap.shtml#5392 tcpdump cheatsheet v2.0 http://www.secuobs.com/revue/news/201271.shtml http://www.secuobs.com/news/comments417112008-netwitness_investigator_pcap.shtml#5391 http://www.secuobs.com/news/comments417112008-netwitness_investigator_pcap.shtml#5391 Update on Microsoft Security Advisory 981374 http://www.secuobs.com/revue/news/201245.shtml http://www.secuobs.com/news/comments925022009-gazelle_isolation_os_navigateur.shtml#5388 http://www.secuobs.com/news/comments925022009-gazelle_isolation_os_navigateur.shtml#5388 iScanner v0.4 released - Malicious codes scanner http://www.secuobs.com/revue/news/201046.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5384 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5384 Burp Suite Tutorial The Intruder Tool http://www.secuobs.com/revue/news/201084.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5381 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5381 Skype - URI Handler Input Validation http://www.secuobs.com/revue/news/200957.shtml http://www.secuobs.com/news/comments29082009-peskyspy_skype_tap_megapanzer.shtml#5380 http://www.secuobs.com/news/comments29082009-peskyspy_skype_tap_megapanzer.shtml#5380 OWASP CSRFTester Test Applications for CSRF http://www.secuobs.com/revue/news/200766.shtml http://www.secuobs.com/news/comments604062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5379 http://www.secuobs.com/news/comments604062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5379 ESRT @ThisIsHNN @th3j35t3r - releases 2nd video of enhanced XerXeS attack - it's not just Apache now http://www.secuobs.com/twitter/news/72747.shtml http://www.secuobs.com/news/comments218062009-slowloris_http_partial_dos_apache.shtml#5377 http://www.secuobs.com/news/comments218062009-slowloris_http_partial_dos_apache.shtml#5377 cookiemonster v1.6 http://www.secuobs.com/revue/news/200584.shtml http://www.secuobs.com/news/comments06032010-imposter_browser_phishing_framework.shtml#5375 http://www.secuobs.com/news/comments06032010-imposter_browser_phishing_framework.shtml#5375 Social-Engineering Ninja v0.1 Beta - PHP scripts http://www.secuobs.com/revue/news/200676.shtml http://www.secuobs.com/news/comments02032010-set_social_engineering_toolkit.shtml#5372 http://www.secuobs.com/news/comments02032010-set_social_engineering_toolkit.shtml#5372 Botan 1.9.4 http://www.secuobs.com/revue/news/200305.shtml http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5371 http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5371 A Notepad PoC for the remote CHM help file hijack MS vulnerability http://www.secuobs.com/revue/news/200301.shtml http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5369 http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5369 fwbuilder 4.0.0 http://www.secuobs.com/revue/news/200307.shtml http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5366 http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5366 ESRT @sbrabez - w3af 10-rc2 updated on FreeBSD http://www.secuobs.com/twitter/news/72229.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5365 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5365 ESRT @ToolsWatch - FireCAT v1.6.2 updated with 4 Firebug add-ons http://www.secuobs.com/twitter/news/72179.shtml http://www.secuobs.com/news/comments104122007-firecat.shtml#5361 http://www.secuobs.com/news/comments104122007-firecat.shtml#5361 ESRT @komeilipour - Discoverer: Automatic Protocol Reverse Engineering from Network Traces http://www.secuobs.com/twitter/news/72213.shtml http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5360 http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5360 BeEF Key Logging http://www.secuobs.com/revue/news/200179.shtml http://www.secuobs.com/news/comments225112008-browser_rider_exploitation_massive.shtml#5359 http://www.secuobs.com/news/comments225112008-browser_rider_exploitation_massive.shtml#5359 SubSeven v2.3.2010 released http://www.secuobs.com/revue/news/200165.shtml http://www.secuobs.com/news/comments09042009-vaaseline_vnc_rpc_rfb_clipboard_rdp.shtml#5358 http://www.secuobs.com/news/comments09042009-vaaseline_vnc_rpc_rfb_clipboard_rdp.shtml#5358 OpenSCAP v0.5.7 released http://www.secuobs.com/revue/news/200009.shtml http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5357 http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5357 Building a Linux Incident Response Forensic Disk http://www.secuobs.com/revue/news/200027.shtml http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5356 http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5356 tor.uclibc.i686.20100309.iso http://www.secuobs.com/revue/news/200062.shtml http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5354 http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5354 Microsoft Security Advisory (973811) Extended Protection for Authentication Updated: March 09, 2010 http://www.microsoft.com/technet/security/advisory/973811.mspx http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5348 http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5348 Microsoft Security Advisory (981374) Vulnerability in Internet Explorer Could Allow Remote Code Execution http://www.microsoft.com/technet/security/advisory/981374.mspx http://www.secuobs.com/news/comments925022009-gazelle_isolation_os_navigateur.shtml#5347 http://www.secuobs.com/news/comments925022009-gazelle_isolation_os_navigateur.shtml#5347 ESRT @alexandrosilva @welias - Wireshark + SSH = Wireshark Remote Capturing http://www.secuobs.com/twitter/news/71759.shtml http://www.secuobs.com/news/comments317112008-netwitness_investigator_pcap.shtml#5346 http://www.secuobs.com/news/comments317112008-netwitness_investigator_pcap.shtml#5346 ENG SQL Fingerprint 1.00.0006 Released http://www.secuobs.com/revue/news/199773.shtml http://www.secuobs.com/news/comments126022009-sfxsqli_injection_xml_extraction.shtml#5345 http://www.secuobs.com/news/comments126022009-sfxsqli_injection_xml_extraction.shtml#5345 ESRT @torproject - Seeking testers, with 32-bit Linux systems, for the Linux Tor Browser Bundle http://www.secuobs.com/twitter/news/71271.shtml http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5344 http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5344 ESRT @securitypro2009 - Researchers form 8000-strong experimental smartphone botnet http://www.secuobs.com/twitter/news/71594.shtml http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5343 http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5343 ESRT @DidierStevens - New post PDF Info Stealer PoC http://www.secuobs.com/twitter/news/71528.shtml http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5340 http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5340 ESRT @CiscoSecurity - A botnet running ZeuS can be built for $2500 http://www.secuobs.com/twitter/news/71394.shtml http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5337 http://www.secuobs.com/news/comments215112009-dispatcher_reverse_botnet.shtml#5337 REIL Reverse Engineering Intermediate Language http://www.secuobs.com/revue/news/199346.shtml http://www.secuobs.com/news/comments07042007-eresi.shtml#5335 http://www.secuobs.com/news/comments07042007-eresi.shtml#5335 nessus-xmlrpc 0.3 http://www.secuobs.com/revue/news/199545.shtml http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5332 http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5332 UPDATE Dradis v2.5.1 http://www.secuobs.com/revue/news/199703.shtml http://www.secuobs.com/news/comments08022009-webjob_backdoor_botnet_ssl_forensic.shtml#5328 http://www.secuobs.com/news/comments08022009-webjob_backdoor_botnet_ssl_forensic.shtml#5328 Using Map/Reduce for Network Forensics and Troubleshooting http://www.secuobs.com/revue/news/199603.shtml http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5327 http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5327 UnPacking Malicious Executables http://www.secuobs.com/revue/news/199347.shtml http://www.secuobs.com/news/comments28072006-cwsandbox.shtml#5326 http://www.secuobs.com/news/comments28072006-cwsandbox.shtml#5326 Microsoft Windows .ANI file BITMAPINFOHEADER.biClrUsed bounds check missing http://www.secuobs.com/revue/news/199290.shtml http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5324 http://www.secuobs.com/news/comments1723032009-exploitable_windbg_dump_audit_msec.shtml#5324 Lenovo Hotkey Driver v5.33 Privilege Escalation http://www.secuobs.com/revue/news/199728.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5323 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5323 Introducing the iKey, Apple's answer to the humble door key http://www.secuobs.com/revue/news/199198.shtml http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5322 http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5322 Has the MBR rootkit disappeared ? Not really http://www.secuobs.com/revue/news/199736.shtml http://www.secuobs.com/news/comments01092009-stoned_bootkit_mbr_fde_truecrypt.shtml#5321 http://www.secuobs.com/news/comments01092009-stoned_bootkit_mbr_fde_truecrypt.shtml#5321 DirBuster v1.0 RC 1 - released http://www.secuobs.com/revue/news/199490.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5318 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5318 Apache Spamassassin Milter Plugin Remote Root Command Execution http://www.secuobs.com/revue/news/199729.shtml http://www.secuobs.com/news/comments24032003spamassassin.html#5317 http://www.secuobs.com/news/comments24032003spamassassin.html#5317 ESRT @ChrisJohnRiley @DidierStevens - cmd.dll reverse shell in memory payload used with PDF exploit http://www.secuobs.com/twitter/news/71158.shtml http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5313 http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5313 FireCAT v1.6 updated with 2 new extensions http://www.secuobs.com/revue/news/199111.shtml http://www.secuobs.com/news/comments04122007-firecat.shtml#5311 http://www.secuobs.com/news/comments04122007-firecat.shtml#5311 Video : Using Fireforce to Bruteforce Web Login Forms http://www.secuobs.com/revue/news/199085.shtml http://www.secuobs.com/news/comments04122007-firecat.shtml#5310 http://www.secuobs.com/news/comments04122007-firecat.shtml#5310 AdvancedWinServiceManager a tool to remove hidden rootkit services http://www.secuobs.com/revue/news/199006.shtml http://www.secuobs.com/news/comments106112009-hooksafe_xen_koh_rootkit_kernel.shtml#5309 http://www.secuobs.com/news/comments106112009-hooksafe_xen_koh_rootkit_kernel.shtml#5309 ESRT @ghostnomad @irongeek_adc @matthewneely @sorteal - Attacking and Defending WPA Enterprise Networks http://www.secuobs.com/twitter/news/71006.shtml http://www.secuobs.com/news/comments08122009-wpa2_wpa_cracker_cluster_online_psk.shtml#5303 http://www.secuobs.com/news/comments08122009-wpa2_wpa_cracker_cluster_online_psk.shtml#5303 Rogue Femtocells Fembots http://www.secuobs.com/revue/news/198992.shtml http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5302 http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5302 Flawed Security Exposes Vital Software to Hackers http://www.secuobs.com/revue/news/199000.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5301 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5301 Websecurify 0.5 Released http://www.secuobs.com/revue/news/198969.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5300 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5300 Fireforce - Firefox brute-force attack extension http://www.secuobs.com/revue/news/198957.shtml http://www.secuobs.com/news/comments04122007-firecat.shtml#5299 http://www.secuobs.com/news/comments04122007-firecat.shtml#5299 SpiderLabs Defacetool http://www.secuobs.com/revue/news/198933.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5298 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5298 Patch Tuesday will leave F1 hole unpatched http://www.secuobs.com/revue/news/198637.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5294 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5294 ESRT @indi303 @DidierStevens Made PoC PDF: searches My Documents budget.xls and upload it to PasteBin All in memory http://www.secuobs.com/twitter/news/70267.shtml http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5289 http://www.secuobs.com/news/comments520062009-origami_pdf_virus_filtre_javascript.shtml#5289 Apple Airport Wireless Products - Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass http://www.secuobs.com/secumail/fdsecumail/msg28537.shtml http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5285 http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5285 VMSA-2010-0004 ESX Service Console and vMA third party updates http://www.secuobs.com/secumail/fdsecumail/msg28530.shtml http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5284 http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5284 MS10-004 and the Obsolete Conundrum http://www.secuobs.com/revue/news/198194.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5280 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5280 Severe OpenSSL vuln busts public key crypto http://www.secuobs.com/revue/news/198196.shtml http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5279 http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5279 Microsoft to Patch 8 Vulnerabilities in Windows, Office http://www.secuobs.com/revue/news/198158.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5278 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5278 Interested in a Sleuth Kit and Open Source Forensics Users Conference http://www.secuobs.com/revue/news/197853.shtml http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5276 http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5276 Updates AdExplorer v1.3, VMMap v2.6, Disk2vhd v1.5, LiveKd v3.14, Sigcheck v1.66 http://www.secuobs.com/revue/news/197768.shtml http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5275 http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5275 WiFi Analyzer - Another Great App For The Wifi Toolbox http://www.secuobs.com/revue/news/197761.shtml http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5273 http://www.secuobs.com/news/comments801012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#5273 New Stable Version Tor 0.2.1.24 released http://www.secuobs.com/revue/news/197759.shtml http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5272 http://www.secuobs.com/news/comments416062009-veiled_darknet_anonyme_chiffrement.shtml#5272 Flash IE Prison Break, Stealing Local Files through the Flash Plugin in IE http://www.secuobs.com/revue/news/197796.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5269 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5269 Imposter v0.9 Released, a framework to perform Browser Phishing attacks http://www.secuobs.com/revue/news/197652.shtml http://www.secuobs.com/news/comments02032010-set_social_engineering_toolkit.shtml#5268 http://www.secuobs.com/news/comments02032010-set_social_engineering_toolkit.shtml#5268 nufw 2.4.0 http://www.secuobs.com/revue/news/197466.shtml http://www.secuobs.com/news/comments12102009-edenwall.shtml#5266 http://www.secuobs.com/news/comments12102009-edenwall.shtml#5266 Acunetix WVS v6.5 build 20100303 released http://www.secuobs.com/revue/news/197570.shtml http://www.secuobs.com/news/comments1324042009-webshag.shtml#5264 http://www.secuobs.com/news/comments1324042009-webshag.shtml#5264 Wireless Battle Mesh v3 WBMv3 next 02-06 June 2010 in Bracciano Roma IT http://www.secuobs.com/revue/news/197374.shtml http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5263 http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5263 ESRT @QuestOnSecurity - Here's a nice and interactive map of Microsoft SDL tools for each development stage http://www.secuobs.com/twitter/news/69944.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5262 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5262 CANVAS v6.56 released http://www.secuobs.com/revue/news/197352.shtml http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5259 http://www.secuobs.com/news/comments505062009-cloudburst_vmware_framebuffer.shtml#5259 MS Blue Screen Fix MS10-015 Redistributed http://www.secuobs.com/revue/news/197337.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5258 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5258 Open Source Android Forensics http://www.secuobs.com/revue/news/197031.shtml http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5257 http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5257 ESRT @TenableSecurity - A patch to upgrade the Tenable Appliance to Nessus 421 http://www.secuobs.com/twitter/news/69785.shtml http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5256 http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5256 PerJack is a TCP Session Hijack tool written in Perl. http://www.secuobs.com/revue/news/196948.shtml http://www.secuobs.com/news/comments118122008-letdown_complemento_dos_tcp_outpost.shtml#5255 http://www.secuobs.com/news/comments118122008-letdown_complemento_dos_tcp_outpost.shtml#5255 iptables 1.4.7 http://www.secuobs.com/revue/news/196946.shtml http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5254 http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5254 Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution http://www.microsoft.com/technet/security/advisory/981169.mspx http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5253 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5253 Researchers Improve Random-Number Generation with Forced Memory 'Twitching' http://www.secuobs.com/revue/news/196711.shtml http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5252 http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5252 Google Researcher Ships Exploit to Defeat ASLR DEP http://www.secuobs.com/revue/news/196712.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5250 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5250 ESRT @kakroo - Matasano Free Tool Cleans Up Rusty, Unsafe Firewall Settings http://www.secuobs.com/twitter/news/69672.shtml http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5248 http://www.secuobs.com/news/comments223032009-nftables_filtrage_linux_concat_git.shtml#5248 WDK v7.1 is now available http://www.secuobs.com/revue/news/196553.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5246 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5246 Internet Exploiter 2 – bypassing DEP http://www.secuobs.com/revue/news/196615.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5245 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5245 New zero-day involves IE, puts Windows XP users at risk http://www.secuobs.com/revue/news/196530.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5243 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5243 ESRT @ToolsWatch - Pangolin SQL injection tool build 3.2.1.1020 released http://www.secuobs.com/twitter/news/69217.shtml http://www.secuobs.com/news/comments723032009-greensql_mysql_injection_proxy.shtml#5240 http://www.secuobs.com/news/comments723032009-greensql_mysql_injection_proxy.shtml#5240 Distributed Open Proxy Honeypots http://www.secuobs.com/revue/news/196282.shtml http://www.secuobs.com/news/comments111112009-glastopf_web_honeypot_dynamic_bot.shtml#5238 http://www.secuobs.com/news/comments111112009-glastopf_web_honeypot_dynamic_bot.shtml#5238 ESRT @EdiStrosar @fmavituna - Get a reverse shell from an SQL Injection WebRaider is released http://www.secuobs.com/twitter/news/69369.shtml http://www.secuobs.com/news/comments723032009-greensql_mysql_injection_proxy.shtml#5237 http://www.secuobs.com/news/comments723032009-greensql_mysql_injection_proxy.shtml#5237 Websecurify 0.5RC1 Released http://www.secuobs.com/revue/news/196423.shtml http://www.secuobs.com/news/comments1224042009-webshag.shtml#5235 http://www.secuobs.com/news/comments1224042009-webshag.shtml#5235 nessus-xmlrpc 0.2 a Ruby library for the Nessus XML-RPC interface http://www.secuobs.com/revue/news/196438.shtml http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5234 http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5234 Researchers find materials that could lead to super crypto chips http://www.secuobs.com/revue/news/196245.shtml http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5232 http://www.secuobs.com/news/comments227032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#5232 Nostalgia n00bk1t, an advanced ring3 rootkit in C http://www.secuobs.com/revue/news/196314.shtml http://www.secuobs.com/news/comments106112009-hooksafe_xen_koh_rootkit_kernel.shtml#5231 http://www.secuobs.com/news/comments106112009-hooksafe_xen_koh_rootkit_kernel.shtml#5231 Saint Vulnerability Scanner and Exploiter v7.2.7 released http://www.secuobs.com/revue/news/196271.shtml http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5230 http://www.secuobs.com/news/comments809042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#5230 Do the Exploit Tutorials Work Under XP SP3? http://www.secuobs.com/revue/news/196329.shtml http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5229 http://www.secuobs.com/news/comments1623032009-exploitable_windbg_dump_audit_msec.shtml#5229 F-Response TACTICAL live forensics utility http://www.secuobs.com/revue/news/196440.shtml http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5227 http://www.secuobs.com/news/comments1102032009-caine_forensic_livecd_wintaylor.shtml#5227 AutoScan v1.5 available http://www.secuobs.com/revue/news/196269.shtml http://www.secuobs.com/news/comments505022009-metascanner_metasploit_nmap.shtml#5225 http://www.secuobs.com/news/comments505022009-metascanner_metasploit_nmap.shtml#5225 ESRT @dragosr - hbgary aurora report has a copy of the javascript ie exploit code used http://www.secuobs.com/twitter/news/69075.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5224 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5224 ESRT @sagar38 @gutes - python wrapper for Lorcon2 library http://www.secuobs.com/twitter/news/68971.shtml http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5223 http://www.secuobs.com/news/comments504062009-wepbuster_aircrack-ng_csrf_upnp.shtml#5223 How to do a WebSec Demo http://www.secuobs.com/revue/news/196171.shtml http://www.secuobs.com/news/comments1224042009-webshag.shtml#5220 http://www.secuobs.com/news/comments1224042009-webshag.shtml#5220 Thunderbird 3.0.2 released http://www.secuobs.com/revue/news/196011.shtml http://www.secuobs.com/news/comments20012006-thunderbird.shtml#5219 http://www.secuobs.com/news/comments20012006-thunderbird.shtml#5219 Web Application Vulnerability Scanners Compared http://www.secuobs.com/revue/news/195990.shtml http://www.secuobs.com/news/comments1224042009-webshag.shtml#5218 http://www.secuobs.com/news/comments1224042009-webshag.shtml#5218 Internet Explorer 6 7 8 suffer from an arbitrary command execution vulnerability related to winhlp32.exe http://www.secuobs.com/revue/news/196042.shtml http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5217 http://www.secuobs.com/news/comments825022009-gazelle_isolation_os_navigateur.shtml#5217 Enhanced TKIP Micheal Attacks http://www.secuobs.com/revue/news/196135.shtml http://www.secuobs.com/news/comments08122009-wpa2_wpa_cracker_cluster_online_psk.shtml#5215 http://www.secuobs.com/news/comments08122009-wpa2_wpa_cracker_cluster_online_psk.shtml#5215