Tuesday, June 3rd, 2008 Access-Me allows users to test their web applications for authentication vulnerabilities. With this first release the user will be able to:Resubmit the current page without session tokens
Resubmit the current page using different HTTP verbs (HEAD/SECCOM)
View reports on how the application handled the requests.Access-Me 0.1 is available ...
Posted in Privacy, Security | No Comments
Monday, June 2nd, 2008 If you own or work at a small to mid-sized business, and are presented with an error message about data synchronization or site maintenance when trying to access your company's bank account online, you might want to give the bank a call: A criminal group that specializes in deploying malicious ...
Posted in Internet, Privacy, Security | No Comments
Friday, May 30th, 2008 Students at the Ruhr University of Bochum, Germany, say they have found a way to steal security tokens in Microsoft's new CardSpace authentication framework. Attackers can apparently get access to protected, encrypted user data – such as passwords, credit card numbers, and delivery addresses – when they are transmitted. ...
Posted in Security, Windows | No Comments
Friday, May 30th, 2008 We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features.Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
Friday, May 23rd, 2008 A researcher has spotted a security problem in Facebook that could lead to hackers taking control of user accounts.The flaw allows a hacker to execute scripts on Facebook that could potentially be used to create a fake log-in page and capture people's passwords, according to the XSSED security blog. The ...
Posted in Coding, Internet, Privacy, Security | No Comments
