Milw0rm is by far one of the best known public sites to get the latest proof-of-concept exploit code.
But yesterday, it was closed!
RIP milw0rm
Web search
Custom Search
Thursday, 9 July 2009
South Korea and US websites DDoS
According to the news, Cyberattacks that have crippled the Websites of several major American and South Korean governmentagencies since the July 4th holiday weekend appear to have beenlaunched by a hostile group or government, South Korea's maingovernment spy agency said on Wednesday.
The attacks were launched by computers infected by a well-known "distributed denial ofservice," or DDoS, hackers' program.
At the same time, some US gov't websites also reported the DDoS.
Source:
http://blogs.csoonline.com/online_attack_hits_us_government_web_sites
http://www.nytimes.com/2009/07/09/technology/09cyber.html?ref=technology
The attacks were launched by computers infected by a well-known "distributed denial ofservice," or DDoS, hackers' program.
At the same time, some US gov't websites also reported the DDoS.
Source:
http://blogs.csoonline.com/online_attack_hits_us_government_web_sites
http://www.nytimes.com/2009/07/09/technology/09cyber.html?ref=technology
Wednesday, 8 July 2009
Xmarks Info
After upgraded the firefox to 3.5, there is a service upgarded inside: Xmarks bookmarks
Actually, it is an enhanced version of foxmarks.
It support on IE, firefox and for profile sync . The bookmarks can be read from PC, mobile, etc..
It is convenience.
Actually, it is an enhanced version of foxmarks.
It support on IE, firefox and for profile sync . The bookmarks can be read from PC, mobile, etc..
It is convenience.
Tuesday, 7 July 2009
Thursday, 2 July 2009
MS released Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 (all language_
MS officially released Windows Server 2008 Service Pack 2 and Windows Vista Service Pack 2 (all language).
http://bit.ly/2tJGaH
http://www.microsoft.com/downloads/details.aspx?FamilyID=891ab806-2431-4d00-afa3-99ff6f22448d&DisplayLang=zh-tw
http://bit.ly/2tJGaH
http://www.microsoft.com/downloads/details.aspx?FamilyID=891ab806-2431-4d00-afa3-99ff6f22448d&DisplayLang=zh-tw
Windows Vista SP2 - What's Inside? What's Important?
更新細節:
- 新硬體支援:支援藍芽2.1版本
- 新硬體支援:支援藍光光碟片(Blu-ray)
- 改善exFAT檔案系統在UTC時間標記的支援(修正不同時區文件同步的問題)
- 支援VIA 64位元CPU
- 支援ICCD/CCID smart cards
- 新增支援Hyper-V技術
- 包含自SP1發佈後的安全性更新,增強系統穩定性
- 強化檔案搜尋效能(Windows Search 4)
- 降低側邊欄小工具的資源耗損
- 新增Windows Vista Feature Pack for Wireless
- 改進從睡眠狀態恢復後Wi-Fi無法自動連線的問題
- 新增Service pack clean-up tool工具
Thursday, 25 June 2009
Exploit tools are publicly available for phpMyAdmin
There are 2 exploits on phpMyadmin posted in the last 20 days on public forums for exploiting the bug from March 2009 described here: www.phpmyadmin.net/home_page/security/PMASA-2009-3.php.
Suggested advice is to re-verify that your phpMyAdmin is patched and also not accessible to the general Internet to prevent future exploitation of unknown bugs.
More:
http://web.nvd.nist.gov/view/vuln/detail?execution=e1s1
Suggested advice is to re-verify that your phpMyAdmin is patched and also not accessible to the general Internet to prevent future exploitation of unknown bugs.
More:
http://web.nvd.nist.gov/view/vuln/detail?execution=e1s1
Monday, 22 June 2009
Green Dam (Safte Software or unsafe itself)
Some blogger posted the testing result of the China monitoring software named "Green Dam".
Check the video and see what happens. The Univeristy of Michigan also analyzed the software
Check the video and see what happens. The Univeristy of Michigan also analyzed the software
Apache HTTP DOS tool
The tool basically uses a concept of keeping an HTTP session alive indefinitely (or as long as possible) and repeating that process a few hundred times. So in my testing, against an unprotected and lone Apache server, you can expect to be able to take it offline in a few thousand packets or less on average, and then you can let the server come back again as soon as you kill the process. It is similar to the TCP attack without closing the session and let the server waiting..
Some blogger posted the test result:
his affects a number of webservers that use threaded processes and ironically attempt to limit that to prevent memory exhaustion - fixing one problem created another. This includes but is not necessarily limited to the following:
Some blogger posted the test result:
his affects a number of webservers that use threaded processes and ironically attempt to limit that to prevent memory exhaustion - fixing one problem created another. This includes but is not necessarily limited to the following:
It is named "Slowloris HTTP DoS", actually it is a perl script.* Apache 1.x
* Apache 2.x
* dhttpd
* GoAhead WebServer
* SquidThere are a number of webservers that this doesn't affect as well, in my testing:
* IIS6.0
* IIS7.0
* lighttpd
perl slowloris.pl -dns example.com
Requirements: This is a Perl program requiring the Perl interpreter with the modules IO::Socket::INET, IO::Socket::SSL, and GetOpt::Long. Slowloris works MUCH better and faster if you have threading, so I highly encourage you to also install threads and threads::shared if you don't have those modules already. You can install modules using CPAN:
perl -MCPAN -e 'install IO::Socket::INET'
perl -MCPAN -e 'install IO::Socket::SSL'
iPhone 3.0 update (Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities)
Multiple vulnerabilities have been identified in Apple iPhone and iPod touch, which could be exploited by atatckers to bypass security restrictions, gain knowledge of sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by buffer overflows, memory corruptions and use-after-free, integer overflows and underflows, uninitialized pointers, implementation and design issues, memory leaks, and input validation errors in CoreGraphics, Exchange, ImageIO, ICU, IPSec, libxml, Mail, MPEG-4 Video Codec, Profiles, Safari, Telephony, and WebKit.
- http://www.vupen.com/english/advisories/2009/1621
- http://secunia.com/advisories/35449/
- http://support.apple.com/kb/HT3639
Vulnerability Identifier
- CVE-2008-2320
- CVE-2008-3281
- CVE-2008-3529
- CVE-2008-3623
- CVE-2008-3651
- CVE-2008-3652
- CVE-2008-4225
- CVE-2008-4226
- CVE-2008-4409
- CVE-2009-0040
- CVE-2009-0145
- CVE-2009-0146
- CVE-2009-0147
- CVE-2009-0153
- CVE-2009-0155
- CVE-2009-0165
- CVE-2009-0945
- CVE-2009-0946
- CVE-2009-0958
- CVE-2009-0959
- CVE-2009-0961
- CVE-2009-1179
- CVE-2009-1679
- CVE-2009-1680
- CVE-2009-1683
- CVE-2009-1684
- CVE-2009-1685
- CVE-2009-1686
- CVE-2009-1687
- CVE-2009-1688
- CVE-2009-1689
- CVE-2009-1690
- CVE-2009-1691
- CVE-2009-1692
- CVE-2009-1693
- CVE-2009-1694
- CVE-2009-1695
- CVE-2009-1697
- CVE-2009-1698
- CVE-2009-1699
- CVE-2009-1700
- CVE-2009-1701
- CVE-2009-1702
Sunday, 21 June 2009
MS June 2009 security issues
Vulnerabilities were identified in Microsoft Windows, Microsoft Windows Server, Microsoft Office and Internet Explorer. An attacker could execute arbitrary code, gain elevated privileges, disclose sensitive information and cause an application to crash upon successful exploitation. These vulnerabilities affect various versions of the MS products.
http://www.microsoft.com/technet/security/Bulletin/MS09-018.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-019.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-021.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-022.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-023.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-024.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-025.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-026.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-027.mspx
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
SANS update
Further update on Jun19, 2009
http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-022.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-018.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-019.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-020.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-021.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-022.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-023.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-024.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-025.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-026.mspx
http://www.microsoft.com/technet/security/Bulletin/MS09-027.mspx
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
SANS update
Further update on Jun19, 2009
http://www.microsoft.com/technet/security/bulletin/ms09-010.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-018.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
http://www.microsoft.com/technet/security/bulletin/ms09-022.mspx
Subscribe to:
Posts (Atom)
uchrin
technorati
