Monday, May 5th, 2008
Today I decided to give a very brief example on pharming and why it's so easy to pharm surfers with little or no skills. Usually, browser exploit writers give simple examples on how to read the boot files, or launch a calculator. There is so much you can do with ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, April 30th, 2008
This paper will help you configure your web browser for safer internet surfing. It is written for home computer users, students, small business workers, and any other person who works with limited Information Technology (IT) support and broadband (cable modem, DSL) or dial-up connectivity. Although the information in this document may ...
Posted in Internet, Linux, Privacy, Security, Windows | No Comments
Friday, April 18th, 2008
A demonstration of a security hole in the Microsoft Works Image Server (WkImgSrv.dll) ActiveX module contained in the Microsoft Works office suite has appeared on the Bugtraq mailing list. The demo appears to only cause a system crash. McAfee, however, has already found fully functional exploits which allow attackers to ...
Posted in Coding, Security, Windows | No Comments
Monday, April 14th, 2008
ActiveX controls made up most of all browser plug-in vulnerabilities in the second half of 2007, according to Symantec.
The company has just released its semi-annual web security report and in it said that Microsoft's technology, primarily used to create add-ins for Internet Explorer, accounted for 79 percent of the 239 ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Thursday, April 10th, 2008
The CLSID for an ActiveX control is a GUID for that control. You can prevent an ActiveX control from running in Internet Explorer by setting the kill bit so that the control is never called by Internet Explorer when default settings are used.
The kill bit is a specific value for ...
Posted in Coding, Internet, Security, Windows | No Comments
Wednesday, April 9th, 2008
Online malware attacks are becoming more pervasive, targeted, and refined as the underground threat economy continues to evolve and take on the characteristics of an organized industry.
The latest iteration of Symantec's Internet Security Threat Report -- covering its research over the final six months of calendar 2007 and released on ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, April 9th, 2008
At the RSA Security Conference I caught up with Austin Wilson, Microsoft 's Director of Windows Product Management and learned a few tidbits about security enhancements coming in Internet Explorer 8. IE8 will address three specific areas where security can be a problem: social engineering, traditional browser vulnerabilities, and attacks ...
Posted in Internet, Security, Windows | No Comments
Monday, April 7th, 2008
Hackers are using a new multiple-attack package composed of seven ActiveX exploits, many of them never seen in the wild before, said a security company on Friday.
Fewer than half of the flawed ActiveX controls have been patched.
The attack framework probes Windows PCs for vulnerable ActiveX controls from software vendors Microsoft, ...
Posted in Internet, Security, Windows | No Comments
Monday, April 7th, 2008
In the tiger team operations we have been involved with, I often end up hacking through the least interesting systems. If you ask AP, a password-cracking ninja and master of hacking through simplicity, the less interesting the system is, the higher the chances to be insecure. A successful exploitation of ...
Posted in Hardware, Security, Software | No Comments
Monday, March 31st, 2008
This page was designed to be PC Sympathy's One-Stop Source for protecting your PC, online and offline, from viruses and other malicious programs that you may encounter.
Each section below will provide you with the resources you need for various levels of protection. While there are many choices out there, ...
Posted in Uncategorized | No Comments
