4li3n’s after midnight useless news and links – 2010.12.29 (mondo edition)

Rumors spread that “after midnight useless news and links” is mentioned in total XAKER #39 magazine! More on that shortly! So here it is, another “mondo” edition of the column!

[POST] Three web attack vectors using a web browser -> http://goo.gl/mJ3HX
[POST] Installation Protection Mechanisms of Phoenix Exploit’s Kit -> http://goo.gl/SOuze
[INFO] Injected Script Loads Host.exe Using Hidden Iframes and Java Applets -> http://goo.gl/Y4RnM
[TOOL] TDSS Remover: Free antivirus tool to cure TDSS infection automatically -> http://goo.gl/p7gWy
[TOOL] THC-IPv6 version 1.4: tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6 -> http://goo.gl/EjbsJ
[POST] 3 Phases of Malware Analysis: Behavioral, Code, and Memory Forensics -> http://goo.gl/y46T3
[POST] 6 Hex Editors for Malware Analysis -> http://goo.gl/QDBkS
[TOOL] Adaptive Security Analyzer IIS: A Tool to Protect Windows Based Web Servers -> http://goo.gl/YHgxH
[ADVISORY] XSRF (CSRF) in whCMS -> http://goo.gl/fb/6wtdp
[ADVISORY] XSRF (CSRF) in Cambio -> http://goo.gl/fb/57yOW
[ADVISORY] XSS vulnerability in diafan.CMS -> http://goo.gl/fb/pmsN5
[ADVISORY] XSRF (CSRF) in diafan.CMS -> http://goo.gl/fb/KHQYM
[ADVISORY] Stored XSS vulnerability in diafan.CMS -> http://goo.gl/fb/qT9cy
[ADVISORY] XSS vulnerability in VaM Shop -> http://goo.gl/fb/5ty16
[ADVISORY] XSS vulnerability in VaM Shop -> http://goo.gl/fb/glJwQ
[ADVISORY] XSRF (CSRF) in VaM Shop -> http://goo.gl/fb/K7Ttx
[ADVISORY] XSS vulnerability in VaM Shop -> http://goo.gl/fb/GR28l
[ADVISORY] XSRF (CSRF) in Energine -> http://goo.gl/fb/1JxIY
[ADVISORY] Path disclosure in Energine -> http://goo.gl/fb/jHRbh
[ADVISORY] SQL injection vulnerability in Energine http://goo.gl/fb/HHdV7
[INFO] Making a Difference: memory dump with “pslist” and “volatility psscan2” -> http://goo.gl/8nmPh
[NEWS] Flaws Spotlighted in Tor Anonymity Network -> http://goo.gl/LvBf6
[INFO] Building a cheap USB protocol analyzer -> http://goo.gl/cUNSZ
[PAPER] Automatic Identification of Cryptographic Primitives in Software (PDF) -> http://goo.gl/irzat
[EXPLOIT] PoC Windows Fax Cover Page Editor (.cov) Heap Overflow -> http://goo.gl/nehWz
[METASPLOIT] Revision 11426 – Merge Armitage 12.22.10 and a front-end script into Metasploit proper -> http://goo.gl/0kgzL
[METASPLOIT] Revision 11436 – adds easy logging to msfconsole -> http://goo.gl/1BoOp
[DISTRO] Blackbuntu Community Edition 0.1: designed for security training students and practitioners -> http://goo.gl/L1f2b
[VIDCAST] DeAuthThis #1 -> http://goo.gl/TUhBP
[NEWS] X-Do-Not-Track support in NoScript -> http://goo.gl/YwfsU
[POST] Anti-Security and the Christmas Day Incident -> http://goo.gl/aiMJR
[NEWS] Bank of America Hit By Anonymous DDoS Attack -> http://goo.gl/2HHMi
[INFO] Protecting Against Firesheep with Strict Transport Security -> http://goo.gl/UccXO
[INFO] Wired Keyboards Vulnerable To Attacks -> http://goo.gl/rCE9a
[SCRIPT] Pentbox: The Security Command Line Suite -> http://goo.gl/YzIo0

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s