December 22, 2006 @ 2:55 pm
· Filed under Speedlinking
Andres Riancho has released untidy which is a general purpose XML fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input.
MSG from metaeye.org has released SQID v0.2 which is a command line SQL injection testing tool.
A Microsoft Windows Vista exploit has surfaced on a Russian website. From what it looks like, this is a privilege escalation vulnerability within csrss.exe which is the main executable for the Microsoft Client and Server runtime. This flaw is locally exploitable only, and affects all versions of Windows.
Apple has seeded a build of Mac OSX 10.4.9 to developers on Thrusday, an update which will more than likely be the last to Tiger.
Japanese researchers have caught a giant Squid off of the Ogasawara Islands which is south of Tokyo.
Zone-H the site which archives website defacements, gets defaced. Zone-H has written up a full incident analysis report on this.
I hope everyone has a Happy Holidays, and a safe New Years! Thanks for reading my blog.
Dancho Danchev has written a technical analysis regarding the Mujahid.
Three Microsoft Word flaws still remain unpatched. I can only image how many other flaws exist within Word which haven’t been leaked out yet.
Google enters the domain business with partners GoDaddy and eNom. Googles service will charge $10.00 per year.
UCLA gets hacked, more than 800,000 students information is compromised. I take it UCLA doesn’t offer a computer security course.
McAfee publicly flames the Gentoo security team because they were not ‘responsible’ in reporting a flaw within the command line antivirus scanner for Linux. But of course, McAfee is not responsible for selling shitty software in the first place. Its funny how these companies blame the researcher for their own problems.
Boeing laptop gets stolen from an employees car which contained more than 382,000 employees ID’s.
SpyFu : I found this great random niche generation site. SpyFoo has a database of over 1.5 million keywords and phrases. So, this really is a great way to analyze your niche and what kind of competition you might be up against.
December 8, 2006 @ 4:35 pm
· Filed under Speedlinking
Pirates has already cracked the Vista registration. These crackers are already distributing a crack file which can let anyone use Vista.
Password management with IE and Firefox. Lets admit it, password storage mechanisms are a bad idea!
No fix out yet for the Word flaw. Microsoft plans to release six security patches next Tuesday, but doesn’t have any immediate plans to fix the Word 0day of this week.
Jeremy “Shoemoney” responds to the Forbes article, on the way it was written. Sounds to me like he said some things he really wishes he wouldn’t of. But as we know, im sure the journalist twisted his words a bit right? I thought the article was a bit fish myself though…
Matt Cutts debunks the “Google is in bed with the CIA” claims using some rap lyrics.. Nice!
The guys over at Matasano Security have posted a really nice write up some recommendations as to why you should “Just Say No!” to Agent-based software.
Looking to make a few bucks off of your blog? Check out AzoogleAds.. Hope everyone has a good weekend.
