YubiKey – One-time Password and Authentication Device

Saturday, April 26th, 2008

It works seamlessly with any hardware and operating system combination supporting USB keyboards such as Windows, MacOS, Linux and others. The Key generates and sends unique time-variant authentication codes by emulating keystrokes through the standard keyboard interface. The computer to which the Key is attached receives this authentication code character ...

WordPress 2.5 Cookie Forging Explained

Saturday, April 26th, 2008

WordPress 2.5.1 came out recently. It includes a critical security fix for a cookie integrity bug that would allow an attacker to impersonate other users, including WordPress admins, by manipulating the contents of an HTTP cookie. Whenever I read about a vulnerability predicated on the user identity being embedded ...

Linux: Windows Made Hard

Monday, April 21st, 2008

For the past few months, we've shown how Linux has emerged from its early murky reputation of being cool to have but impractical to use. And there's no question it's refreshing to use an entire desktop system with nary a Microsoft or Apple product. But as some of our readers ...

Deciphering the PHP-Nuke Captcha

Monday, April 21st, 2008

The Captcha used in the current version 8.1 of PHP Nuke can be deciphered with 100% accuracy. more information can be found here: http://www.rooksecurity.com/blog/?p=6 Exploit Code: http://www.rooksecurity.com/exploits/php_nuke_captcha.zip What is so interesting about this captcha is that it is incredibly wide spread. Variants of this captcha are being used by big names like Paypal. ...

SANS solves mystery of mass Web site infections

Thursday, April 17th, 2008

The SANS Institute has uncovered what they've termed a "rare gem" as far as computer security investigations go that sheds new light on how up to 20,000 Web sites have been hacked since January. They found a sneaky software tool that uses Google's search engine to hunt for Web sites running ...

Page 30 of 36« First...1020...2829303132...Last »