Friday, May 30th, 2008
Students at the Ruhr University of Bochum, Germany, say they have found a way to steal security tokens in Microsoft's new CardSpace authentication framework. Attackers can apparently get access to protected, encrypted user data – such as passwords, credit card numbers, and delivery addresses – when they are transmitted. ...
Posted in Security, Windows | No Comments
Friday, May 30th, 2008
The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into.
In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has ...
Posted in Internet, Privacy, Security | No Comments
Wednesday, May 28th, 2008
Mass SQL injection attack, take four: Yet another wave of SQL injection attacks is exploiting an Adobe Flash vulnerability that appears to be coming from the same series of attacks originating from China.
The intent, as in previous attacks, has been to steal online gamers’ password credentials. But given the persistence ...
Posted in Internet, Security | No Comments
Tuesday, May 27th, 2008
An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday.
Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...
Posted in Coding, Internet, Security, Software | No Comments
Monday, May 26th, 2008
Pretty cool video doing a local physical attack against a Vista Box.
http://www.offensive-security.com/movies/vistahack/vistahack.html
McGrew Security Blog pointed me to it:
"he demonstrates a quick and easy way of obtaining SYSTEM privileges on a Vista system, given physical access to the machine. In the video, he uses BackTrack to replace Utilman.exe with a copy ...
Posted in Hardware, Security, Windows | No Comments
