|
|
|
|
|
| |
A new class of vulnerabilities have been discovered in Oracle, these vulnerabilities can be exploited through the use of Oracle's ability to allow users to manipluate the way certain internal functions work More ››› |
|
|
|
| |
The Windows DNS stub resolver is a Windows service used by Windows desktop software to resolve DNS names into IP addresses More ››› |
|
|
|
| |
The below linked paper shows that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods More ››› |
|
|
|
| |
A serious weakness has been discovered in OpenBSD's PRNG, which allows an attacker to predict the next transaction ID (typically up to 8-10 guesses) given a series of consecutive 12-15 transaction IDs More ››› |
|
|
|
| |
This paper explains an attack vector inherent to certain WDM audio drivers running on Windows Vista, XP, 2000 and 2003. Successful exploitation could lead to local escalation of privileges More ››› |
|
|
|
| |
The below linked paper provides you with the initial steps required to harden your Linux system More ››› |
|
|
|
| |
Using just a simple radio receiver, a soundcard and suitable software, the remote-exploit.org members Max Moser & Philipp Schroedel have managed to tap and decode the radio frequencies transmitted between the keyboard and PC/notebook computer More ››› |
|
|
|
| |
The implication of these findings is that a buffer overflow attack or a similar attack can be used to learn a single state of the generator, which can then be used to predict all random values, such as SSL keys, used by a process in all its past and future operation More ››› |
|
|
|
| |
During Matousek security analyses of personal firewalls and other security-related software that uses SSDT hooking, Matousek found out that many vendors simply do not implement the hooks in a proper way. This allows local Denial of Service by unprivileged users or even privilege escalations exploits to be created More ››› |
|
|
|
| |
In the paper linked in the end IRM realized a proof-of-concept implementation of a biometric keylogger, or "Biologger" More ››› |
|
|
|
|
Security Reviews Archive ...
|
Security News -
Security Reviews -
Exploits -
Tools -
UNIX Focus -
Windows Focus
|
|
|
