Unsecured Calls, 5.0

New with iOS 5, the “unsecured call” call warning seems like a direct response to presentations like “Practical Cellphone Spying” at DEFCON, which demonstrated the ability of attackers to set up a phony GSM base station and intercept cellphone calls. iPhone users who are communicating over an...

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices. Elcomsoft said that before it developed the...

CentOS 5 : ecryptfs-utils (CESA-2011:1241)

Updated ecryptfs-utils packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Secure Boot in Windows 8 Worries Researchers

Windows 8, like Windows 7 and Vista before it, is being touted as the most secure version of Windows ever. In past releases, many of the security improvements have come through exploit mitigations such as ASLR and DEP and better software security practices during development. In Windows 8, howeve...

John the Ripper 1.7.8-jumbo-7 Released

John the Ripper 1.7.8-jumbo-7 Released Change Log : Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. JimF This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates. Support for Mac OS X 10.7 Lion salted...

John the Ripper 1.7.8-jumbo-7 Released

John the Ripper 1.7.8-jumbo-7 Released Change Log : Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. JimF This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates. Support for Mac OS X 10.7 Lion salted...

New Attack Breaks Confidentiality Model of SSL, Allows Theft of Encrypted Cookies

Two researchers have developed a new attack on TLS 1.0/SSL 3.0 that enables them to decrypt client requests on the fly and hijack supposedly confidential sessions with sensitive sites such as online banking, e-commerce and payment sites. The attack breaks the confidentiality model of the protocol...

Automated HTTPS Vulnerability Testing by Qualys SSL Labs

Automated HTTPS Vulnerability Testing by Qualys SSL Labs One of main problem in HTTP protocol is encrypting traffic and verifying data security, securing the web application against any threat is very important especially that if hackers conduct a Man-in the middle attack he can get all users...

Moderate: Red Hat Security Advisory: libvirt security and bug fix update

Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

MYSQL Password Hashdump

This module extracts the usernames and encrypted password hashes from a MySQL server and stores them for later cracking. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MYSQL Password Hashdump'...

Indian Govt wants monitoring access for Twitter, Facebook,Skype and Google

Indian Govt wants monitoring access for Twitter, Facebook,Skype and Google India's authorities are already forcing Research In Motion to grant access to the encrypted email and instant messages of its BlackBerry users, and now the government is pressuring Google and Skype too. Doesn't the...

IBM to Unveil Secure Open Wireless System at Black Hat

LAS VEGAS–Researchers from IBM’s ISS X-Force plan to unveil a new system for running an open wireless network in a secure mode at the Black Hat conference here this week. The system mimics the way that Web sites browsers use digital certificates to establish a trusted connection with one another...

Debian: Security Advisory (DSA-2258-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Another Government contractor - PCS Consultants (USA) got Hacked by #Antisec

Another Government contractor - PCS Consultants USA got Hacked Another Government contractor - PCS Consultants USA got hacked by Anonymous Hackers & Antisec operation Hackers. Database of website has been extracted and leaked on internet via tweeter on Pastebin.The leaked Data extracted Includes...

HP OpenView Storage Data Protector Opcode 27 Stack Buffer Overflow

Added: 07/18/2011 CVE: CVE-2011-1865 BID: 48486 OSVDB: 73571 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

HP OpenView Storage Data Protector Opcode 27 Stack Buffer Overflow

Added: 07/18/2011 CVE: CVE-2011-1865 BID: 48486 OSVDB: 73571 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

HP OpenView Storage Data Protector Opcode 27 Stack Buffer Overflow

Added: 07/18/2011 CVE: CVE-2011-1865 BID: 48486 OSVDB: 73571 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

EFF Argues Forced Decryption Violates Fifth Amendment

Digital civil liberties organization, the Electric Frontier Foundation EFF, appealed to the U.S. District Court of Colorado arguing that encrypted personal data is covered by the Fifth Amendment’s protection against self incrimination. The group submitted a brief of Amicus Curaie .PDF last week o...

[security bulletin] HPSBMU02686 SSRT100541 rev.3 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02872182 Version: 3 HPSBMU02686 SSRT100541 rev.3 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...

P.A.S. (php web-shell)

P.A.S. v.3.0.x Возможности : - Авторизация по кукам. - Шифрование шелла по вашему паролю сразу при скачивании. - Файловый менеджер : групповое удаление, перемещение, копирование, скачка и загрузка файлов и директорий. переименование и создание файлов и директорий. правка, просмотр, изменении...