Monday, August 25th, 2008 Secunia, the security services provider, has issued a security advisory about a vulnerability in Trend Micro's OfficeScan 8.0 and Worry-Free Business Security 5.0 that makes it easier for attackers to take control of the web management of those products. According to Secunia, the web-based configuration interface uses a pseudo-random token ...
Posted in Internet, Privacy, Security, Software | No Comments
Friday, August 1st, 2008 SIPcrack is a suite for sniffing and cracking the digest authentication used in the SIP protocol.The tools offer support for pcap files, wordlists and many more to extract all needed information and bruteforce the passwords for the sniffed accounts.If you don’t have OpenSSL installed or encounter any building problems try ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, July 9th, 2008 The development team behind Joomla! has released version 1.5.4 of its content management system. This includes fixes for security problems, as well as numerous improvements and bug fixes. These include a patch for a problem with LDAP which allowed unauthorised access to Joomla! administration pages. The developers have also fixed ...
Posted in Internet, Security, Software | No Comments
Tuesday, July 1st, 2008 Blizzard's announcement of two-factor authentication for World of Warcraft is more significant than people realize.Passwords are obsolete. They are broken. We all recognize this, yet we aren't quite ready to give up on passwords because we haven't an easy alternative.World of Warcraft (WoW) is a good test case. It is ...
Posted in Gaming, Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, July 1st, 2008 Italian researchers have published a paper on the Detection of Encrypted Tunnels across Network Boundaries. I came across it in a google search because I’ve been thinking of writing a program which does something similar. It doesn’t seem like anyone else has picked up on this research yet so I ...
Posted in Internet, Linux, Networking, Privacy, Security | No Comments
