27 Topics
|
|
|
|
The characteristics of accelerationism make it difficult to put it into the traditional spectrum of left-right political ideology. From the perspective of the attitude towards this rapidly changing technological world, the right-wing ideology is relatively conservative, and they want to ease or slow down the speed of this change. The … 
|
|
|
For those very new to this area, please google SIM SWAP and discover a very nasty security issue with all phones we use today. At first glance the new security researcher might think I'm exaggerating. Do your own research and tell me you don't find this to be one of … 
|
|
|
I am thinking about making a website on a VPS. I've read on internet that if someone hacks my website and puts a malware into links or if he steals personal information(including passwords), not only hacker but the owner of the website is responsible too and a lawsuit may be …
|
|
I have a question for those who are looking for bugs and vulnerabilities for money. How are you looking for customers? Is it freelance or a permanent job or a hobby? I found one blockchain project that offers to find vulnerabilities for money. I will post the text of their … |
|
Earlier this month, security outfit FireEye’s 'FireEye as a Service' researchers out in Singapore [discovered and reported](https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html) on a phishing campaign that was found to be exploiting a zero-day in Adobe Flash Player vulnerability (CVE-2015-3113). That campaign has been well and truly active for a while now, with attacking emails …
|
|
|
So it seems that an Internet Explorer zero day vulnerability allowed the back door to be opened that resulted in the [URL="http://www.daniweb.com/news/story252590.html"]hack attack on Google[/URL] and many others that has received such publicity this week. According to [URL="http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/"]McAfee[/URL] it has identified an Internet Explorer vulnerability as being one of the … 
|
|
|
Hello, I am curious about how to root an Android phone without using any one click methods. A Google search returns only how to use programs to do this for you. Obviously there is a security vulnerability that is exploited, but I'd like to know in detail how this is … 
|
|
|
FireEye security researchers are warning that they have [detected a new zero-day vulnerability](http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html) that is being used successfully in the wild against browser clients with both Java 6u41 and Java 7u15 installed. Given that the Java 7 update was only released a couple of weeks ago, this is yet more … 
|
|
|
Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by [SophosLabs](http://nakedsecurity.sophos.com/2012/06/20/aeronautical-state-sponsored-exploit/), involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the …
|
|
|
Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and … 
|
|
|
An in-the-wild exploit targeting a vulnerability with Java 7 has led to security experts the world over warning users to disable the Java plug-in for their browser clients at the very least, and preferably uninstall Java altogether. The CVE-2012-4681 vulnerability, comprising two flaws, along with a couple of other 'related … 
|
|
|
If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an …
|
|
|
Hi, a question about stand-alone Java applications that do not have a background DB. In our Uni class we were asked to build a very small application using JOptionPane methods such as "showInputDialog". The application asks for users name and birthdate and at the end displays a summary of these … 
|
|
|
when i try to use the exploit (ms08_067_netapi) with many payloads i get the same error everytime on any pc even mine [*]automatically detecting the target... [*]fingerprint windows 7 professional 7601 service pack-(build 1)-lang:unkown [*]we could not detect the language pack defaulting to english [*]exploit exception no matching target [*]exploit … |
|
|
[ATTACH=RIGHT]16747[/ATTACH]Sony’s impenetrable fortress, a.k.a, the PlayStation 3, has been compromised. OzModChips.com just announced their version of a “jailbreak” for the PS3. What they claim to have is a plug-and-play modchip in the form of a USB stick. When plugged into the PS3, it allows an impressive amount of access into …
|
|
|
Many of the biggest forum-based online communities, including DaniWeb, are powered by vBulletin software. So it came as something of a shock when the BBC reported that a [URL="http://www.bbc.co.uk/news/technology-10714192"]vBulletin security flaw means that any hacker could "easily access the main administrator username and password for a site"[/URL]. But is the …
|
|
|
The good news is that security savvy Windows users will, more than likely, have already disabled the AutoRun and AutoPlay features. The bad news is that a new zero-day vulnerability could care less, and executes automatically anyway. [attach]15918[/attach]The zero-day vulnerability in question was first spotted by Sergey Ulase, a researcher … |
|
|
File under FAIL: social network widget maker RockYou has fallen victim to a SQL injection flaw and as a result some 32.6 million users are being urged to change their passwords as a matter of urgency. Security specialists Imperva discovered the problem at social networking development site Rockyou.com and issued … 
|
|
|
I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the [URL="http://www.daniweb.com/blogs/entry4339.html"]equally dangerous Gumblar[/URL]. According … |
|
|
Over the weekend news broke that a worm had started infecting Jailbroken iPhones in Australia. Nobody really took the exploit too seriously as all the 'ikee worm' did was change the phone wallpaper to a picture of 80's pop singer Rick Astley in a kind of warped tribute to the …
|
|
|
Odd isn't it, how Microsoft kicked up a fuss when Google announced the Chrome plugin for Internet Explorer on the grounds that it could make the browser more insecure. Indeed, it went as far as to suggest that it doubled the potential surface area for malware and scripted attacks. Yet, …
|
|
|
[URL="http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"]Multiple arbitrary code execution vulnerabilities in Ruby[/URL] have been revealed by the [URL="http://www.apple.com/support/security/"]Apple Product Security[/URL] team which could lead to Denial of Service attacks. A total of five vulnerabilities have been reported, with versions impacted being: [INDENT]1.8.4 and all prior versions 1.8.5-p230 and all prior versions 1.8.6-p229 and all prior … |
|
|
[URL="http://www.itpro.co.uk/news/187851/apple-iphone-vulnerable-through-safari.html"]According to IT Pro[/URL] the Apple iPhone is vulnerable to Denial of Service attacks. These can occur when an iPhone user opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then crash the Safari browser on the phone, and quite possibly the …
|
|
|
Computerworld is [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9071638&source=rss_news6"]reporting the possibility[/URL] of a worm or bot in the wild that is specifically targeting D-Link branded routers. It refers to a three year old vulnerability which Symantec security researchers believe is being exploited by a new exploit. Apparently, the Symantec security response team has seen an increase … |
|
|
According to [URL="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9070840&intsrc=hm_list"]reports[/URL] it would appear that Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for Windows 2000, XP and Server 2003 SP1. Shame it has taken many weeks for Microsoft to admit this, and only after a second security vendor recently … |
|
|
[URL="http://www.kaspersky.com/"]Kaspersky Lab[/URL] has released its latest Malware Evolution [URL="http://www.viruslist.com/en/analysis?pubid=204791907"]report[/URL], covering the period between June and September 2006 and, as usual, it makes for interesting reading. Alexander Gostev, Senior Virus Analyst, Kaspersky Lab comments that the first six months of 2006 was “notable for the complexity of the technologies which antivirus …
|
|
|
Microsoft has issued an [URL="http://www.microsoft.com/technet/security/advisory/927709.mspx"]advisory [/URL]warning about a Visual Studio 2005 vulnerability in the WMI Object Broker ActiveX control, part of WmiScriptUtils.dll which could allow remote arbitrary code execution. The WMI Object Broker ActiveX control will circumvent the ActiveX security model, because it is marked as being ‘safe for scripting’ … |
The End.