Mozilla just approved the sandbox version of DontPhishMe and now it is public 🙂 Get the latest version of DontPhishMe (v0.3.2) for Firefox and feel free to comment and report bugs.
Evolution of Phishing Website
Take a look at the following phishing website: Just another phishing website? Think again.. Take a look at the page source body { background-image: url(bg02.jpg); background-repeat: no-repeat; } The phisher is using image instead of HTML. And YES, this technique can bypass DontPhishMe. I’ve worked on new method to solve this problem and now, DontPhishMe […]
Analysis on Java Web Start Argument Injection Exploit
The recent discovery of Java Web Start Argument Injection vulnerability (CVE-2010-0886 and CVE-2010-0887) has opened a new opportunity for the bad guy to utilize it in drive-by download attack. Here is a short write up on the example (in the wild) found early today, which exploiting this vulnerability. The exploit was found on http://buckomre.com/ and […]
Yara Rule For CVE-2010-0805
The Internet Explorer Tabular Data Control ActiveX Memory Corruption (CVE-2010-0805) exploit was recently ported to Metasploit, so we decided to release the detection rule for Yara. Yes it can also be used with JSunpack! rule MSIETabularActivex { meta: ref = “CVE-2010-0805” impact = 7 hide = true strings: $cve20100805_1 = “333C7BC4-460F-11D0-BC04-0080C7055A83” nocase fullword $cve20100805_2 = […]
Yet another PDF Analyz3r
[A blog post by Ahmad Azizan, practical student @ MyCERT] Until today, the attack on client-side through Adobe Reader’s vulnerabilities are not slowing down. Even though the patches for known Adobe Reader’s vulnerabilities has been released to public for quite a moment, but there is still a lot of website that hosted the malicious PDF […]
Attention – Mail server upgrade
Attention! On October 22, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour. The changes will concern security, reliability and performance of mail service and the system as a whole. For compatibility of your browsers and mail clients with upgraded server software you should run […]
ClientMe – Yet Another Client Side Honeypot
ClientMe is now in early implementation phase. Here are some screenshots of current development progress.
Securing PHP : Disabling Dangerous PHP Functions
PHP is a very popular language nowadays. But at the same time, it’s also one of the main sources for user accounts and servers getting compromised. Every PHP developer and hoster should understand the primary attack vectors being used by attackers against PHP applications. They also should be able to classify PHP functions that allowed […]
You must be logged in to post a comment.