SecuObs.com

SecuObs.com http://www.secuobs.com L'observatoire de la securite Internet fr webmaster@secuobs.com IDA 6.2 Released ... IDA 6.2 Released http://www.secuobs.com/revue/news/333174.shtml http://www.secuobs.com/news/comments307122009-concours-hexrays-idadwarf.shtml#11127 http://www.secuobs.com/news/comments307122009-concours-hexrays-idadwarf.shtml#11127 Microsoft to fix 23 flaws in October Patch Tuesday security update ... Microsoft to fix 23 flaws in October Patch Tuesday security update http://www.secuobs.com/revue/news/333207.shtml http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11126 http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11126 UPDATE Digital Forensics Framework v1.2.0 ... UPDATE Digital Forensics Framework v1.2.0 http://www.secuobs.com/revue/news/333151.shtml http://www.secuobs.com/news/comments05082010-dff-arxsys.shtml#11123 http://www.secuobs.com/news/comments05082010-dff-arxsys.shtml#11123 Dissecting Flash with EASE ... Dissecting Flash with EASE http://www.secuobs.com/revue/news/333162.shtml http://www.secuobs.com/news/comments504122007-swfintruder.shtml#11122 http://www.secuobs.com/news/comments504122007-swfintruder.shtml#11122 ESRT @opexxx @r0bertmart1nez @Foundstone - FreeRADIUS-WPE updated ... ESRT @opexxx @r0bertmart1nez @Foundstone - FreeRADIUS-WPE updated http://www.secuobs.com/twitter/news/254955.shtml http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11117 http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11117 ESRT @ChristiaanBeek - Using RE to find artifacts in Shylock that you can use to verify with Volatility ... ESRT @ChristiaanBeek - Using RE to find artifacts in Shylock that you can use to verify with Volatility http://www.secuobs.com/twitter/news/254572.shtml http://www.secuobs.com/news/comments604032009-regripper_hive_bdr_forensic_regscan.shtml#11116 http://www.secuobs.com/news/comments604032009-regripper_hive_bdr_forensic_regscan.shtml#11116 ESRT @daleapearson @benrothke - GPU cracks 6-character password in 4 seconds, 8-character password in 4 hours ... ESRT @daleapearson @benrothke - GPU cracks 6-character password in 4 seconds, 8-character password in 4 hours http://www.secuobs.com/twitter/news/254672.shtml http://www.secuobs.com/news/comments420102008-pyrit.shtml#11113 http://www.secuobs.com/news/comments420102008-pyrit.shtml#11113 ESRT @hackinthebox - New SAPocalypse worm will be presented at HITBSecConf2011 - Malaysia ... ESRT @hackinthebox - New SAPocalypse worm will be presented at HITBSecConf2011 - Malaysia http://www.secuobs.com/twitter/news/254634.shtml http://www.secuobs.com/news/comments112122008-audit_sap_sapyto_erp_gsa_pgi.shtml#11112 http://www.secuobs.com/news/comments112122008-audit_sap_sapyto_erp_gsa_pgi.shtml#11112 UPDATE Malware Analyzer v3.3 ... UPDATE Malware Analyzer v3.3 http://www.secuobs.com/revue/news/332734.shtml http://www.secuobs.com/news/comments711032008-anubis.shtml#11107 http://www.secuobs.com/news/comments711032008-anubis.shtml#11107 UPDATE Watcher v1.5.4 ... UPDATE Watcher v1.5.4 http://www.secuobs.com/revue/news/332863.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11106 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11106 UPDATE Websecurify 0.9 ... UPDATE Websecurify 0.9 http://www.secuobs.com/revue/news/332840.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11105 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11105 UPDATE ZAProxy v1.3.3 ... UPDATE ZAProxy v1.3.3 http://www.secuobs.com/revue/news/332575.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11104 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11104 Volatility Rules the Markets ... Volatility Rules the Markets http://www.secuobs.com/revue/news/332819.shtml http://www.secuobs.com/news/comments604032009-regripper_hive_bdr_forensic_regscan.shtml#11103 http://www.secuobs.com/news/comments604032009-regripper_hive_bdr_forensic_regscan.shtml#11103 Forensic Toolkit v3 Tips and Tricks Re-indexing a case ... Forensic Toolkit v3 Tips and Tricks Re-indexing a case http://www.secuobs.com/revue/news/332563.shtml http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11101 http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11101 Forensic Scanner ... Forensic Scanner http://www.secuobs.com/revue/news/332852.shtml http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11100 http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11100 Acunetix Web Vulnerability Scanner Version 7 build 20111005 released ... Acunetix Web Vulnerability Scanner Version 7 build 20111005 released http://www.secuobs.com/revue/news/332820.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11097 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11097 ESRT @CiscoSecurity - Cisco SIO: Using SRTP and SDP to secure internet telephony ... ESRT @CiscoSecurity - Cisco SIO: Using SRTP and SDP to secure internet telephony http://www.secuobs.com/twitter/news/253890.shtml http://www.secuobs.com/news/comments726112008-ucsniff_sniffer_voip_vlan_hopping.shtml#11096 http://www.secuobs.com/news/comments726112008-ucsniff_sniffer_voip_vlan_hopping.shtml#11096 ESRT @kakroo - Adobe: crashing 100 million machines not an option - Zero-day vulns get 6,000 man-hours of testing ... ESRT @kakroo - Adobe: crashing 100 million machines not an option - Zero-day vulns get 6,000 man-hours of testing http://www.secuobs.com/twitter/news/253811.shtml http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11094 http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11094 ESRT @MarioVilas @julianor 1 read netifera research 2 google "payment gateway api signature MD5 OR SHA1 filetype:pdf"... ... ESRT @MarioVilas @julianor 1 read netifera research 2 google "payment gateway api signature MD5 OR SHA1 filetype:pdf"... http://www.secuobs.com/twitter/news/253956.shtml http://www.secuobs.com/news/comments108062010-poet_padding_oracle_javaserverfaces.shtml#11093 http://www.secuobs.com/news/comments108062010-poet_padding_oracle_javaserverfaces.shtml#11093 ESRT @opexxx @TheHackersNews - W3AF web application auditing and Exploiting Framework Tutorial ... ESRT @opexxx @TheHackersNews - W3AF web application auditing and Exploiting Framework Tutorial http://www.secuobs.com/twitter/news/253779.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11091 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11091 ESRT @ivanristic @0x6D6172696F - Answers on XSSme¹ Bypasses by @garethheyes @kinugawamasato @thewildcat and @shafigullin ... ESRT @ivanristic @0x6D6172696F - Answers on XSSme¹ Bypasses by @garethheyes @kinugawamasato @thewildcat and @shafigullin http://www.secuobs.com/twitter/news/253757.shtml http://www.secuobs.com/news/comments1112032009-scrubbr_xss_suppression_automatique.shtml#11090 http://www.secuobs.com/news/comments1112032009-scrubbr_xss_suppression_automatique.shtml#11090 ESRT @pdp - Websecurify 0.9 - The following platforms are supported: Win, Mac, Linux, Firefox, Chrome, iPhone ... ESRT @pdp - Websecurify 0.9 - The following platforms are supported: Win, Mac, Linux, Firefox, Chrome, iPhone http://www.secuobs.com/twitter/news/253728.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11089 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11089 ESRT @SPoint @ethicalhack3r - DVWA has been moved from sourceforge to Google Code - thanks to @brooksgarrett ... ESRT @SPoint @ethicalhack3r - DVWA has been moved from sourceforge to Google Code - thanks to @brooksgarrett http://www.secuobs.com/twitter/news/253901.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11088 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11088 ESRT @ebellis @jasonrohwedder - Using chef w apache Check out the mod_security cookbook I whipped up last week w @OWASP CRS ... ESRT @ebellis @jasonrohwedder - Using chef w apache Check out the mod_security cookbook I whipped up last week w @OWASP CRS http://www.secuobs.com/twitter/news/254037.shtml http://www.secuobs.com/news/comments518062009-slowloris_http_partial_dos_apache.shtml#11087 http://www.secuobs.com/news/comments518062009-slowloris_http_partial_dos_apache.shtml#11087 ESRT @Hfuhs - Apache killer exploit modified for better Results ... ESRT @Hfuhs - Apache killer exploit modified for better Results http://www.secuobs.com/twitter/news/254016.shtml http://www.secuobs.com/news/comments518062009-slowloris_http_partial_dos_apache.shtml#11086 http://www.secuobs.com/news/comments518062009-slowloris_http_partial_dos_apache.shtml#11086 ESRT @ChrisJohnRiley @erpscan - Presentation: A crushing blow at the heart of SAP J2EE Engine version 1.1 - Brucon 2011 ... ESRT @ChrisJohnRiley @erpscan - Presentation: A crushing blow at the heart of SAP J2EE Engine version 1.1 - Brucon 2011 http://www.secuobs.com/twitter/news/253087.shtml http://www.secuobs.com/news/comments112122008-audit_sap_sapyto_erp_gsa_pgi.shtml#11084 http://www.secuobs.com/news/comments112122008-audit_sap_sapyto_erp_gsa_pgi.shtml#11084 ESRT @Ivanlef0u @Rogunix - Interesting Unpack me if you can: Profiting from Desktop heap information ... ESRT @Ivanlef0u @Rogunix - Interesting Unpack me if you can: Profiting from Desktop heap information http://www.secuobs.com/twitter/news/253572.shtml http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11082 http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11082 ESRT @dguido - Targeted Attacks and the Need to Keep Document Parsers Updated ... ESRT @dguido - Targeted Attacks and the Need to Keep Document Parsers Updated http://www.secuobs.com/twitter/news/253581.shtml http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11081 http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11081 ESRT @TenableSecurity - New Blog Post: Nessus Plugin Spotlight: SSL Certificate ... ESRT @TenableSecurity - New Blog Post: Nessus Plugin Spotlight: SSL Certificate http://www.secuobs.com/twitter/news/252859.shtml http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11077 http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11077 ESRT @RonGula - DigitalBond releases new Bandolier Nessus Audit files for ABB 800xA DCS and CSI UCOS control systems ... ESRT @RonGula - DigitalBond releases new Bandolier Nessus Audit files for ABB 800xA DCS and CSI UCOS control systems http://www.secuobs.com/twitter/news/252869.shtml http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11076 http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11076 ESRT @dloss - How to configure Wireshark to automatically reassemble HTTP streams and dissect JPGs ... ESRT @dloss - How to configure Wireshark to automatically reassemble HTTP streams and dissect JPGs http://www.secuobs.com/twitter/news/252861.shtml http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#11075 http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#11075 ESRT @humanhacker @Paterva - Maltego CaseFile - coming soon ... ESRT @humanhacker @Paterva - Maltego CaseFile - coming soon http://www.secuobs.com/twitter/news/253192.shtml http://www.secuobs.com/news/comments305082008-maltego.shtml#11074 http://www.secuobs.com/news/comments305082008-maltego.shtml#11074 ESRT @Ivanlef0u @mattifestation - Great post by Raymond Chen about VirtualAlloc's handling of large heap allocations ... ESRT @Ivanlef0u @mattifestation - Great post by Raymond Chen about VirtualAlloc's handling of large heap allocations http://www.secuobs.com/twitter/news/253571.shtml http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11073 http://www.secuobs.com/news/comments4823032009-exploitable_windbg_dump_audit_msec.shtml#11073 ESRT @opexxx @Paterva - Importing data into Maltego from text files, spread sheets ... ESRT @opexxx @Paterva - Importing data into Maltego from text files, spread sheets http://www.secuobs.com/twitter/news/253620.shtml http://www.secuobs.com/news/comments305082008-maltego.shtml#11071 http://www.secuobs.com/news/comments305082008-maltego.shtml#11071 WFA 3e update ... WFA 3e update http://www.secuobs.com/revue/news/332129.shtml http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11068 http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11068 Hackers using QR codes to push Android malware ... Hackers using QR codes to push Android malware http://www.secuobs.com/revue/news/331997.shtml http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#11067 http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#11067 Hardening a wireless DSL router ... Hardening a wireless DSL router http://www.secuobs.com/revue/news/332103.shtml http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11063 http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11063 Tor 0.2.3.5-alpha is out ... Tor 0.2.3.5-alpha is out http://www.secuobs.com/revue/news/332123.shtml http://www.secuobs.com/news/comments1116062009-veiled_darknet_anonyme_chiffrement.shtml#11062 http://www.secuobs.com/news/comments1116062009-veiled_darknet_anonyme_chiffrement.shtml#11062 TeamShatter, Manage Oracle Privileged Users ... TeamShatter, Manage Oracle Privileged Users http://www.secuobs.com/revue/news/332175.shtml http://www.secuobs.com/news/comments826112008-cadfile_forensic_oracle_orablock.shtml#11059 http://www.secuobs.com/news/comments826112008-cadfile_forensic_oracle_orablock.shtml#11059 ESRT @EdiStrosar @snowfl0w - Sept 23 CVE-2011-1991 type 1 deskpan.dll Windows components DLL loading vulnerability ... ESRT @EdiStrosar @snowfl0w - Sept 23 CVE-2011-1991 type 1 deskpan.dll Windows components DLL loading vulnerability http://www.secuobs.com/twitter/news/252873.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#11057 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#11057 ESRT @besecure @iMHLv2 - Learn to write your own Volatility plugins - by @gleeda ... ESRT @besecure @iMHLv2 - Learn to write your own Volatility plugins - by @gleeda http://www.secuobs.com/twitter/news/252590.shtml http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#11056 http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#11056 F-Response Remote Forensics Whitepaper ... F-Response Remote Forensics Whitepaper http://www.secuobs.com/revue/news/331787.shtml http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11051 http://www.secuobs.com/news/comments2302032009-caine_forensic_livecd_wintaylor.shtml#11051 Volatility 2.0 Timeliner, RegistryAPI, evtlogs and more ... Volatility 2.0 Timeliner, RegistryAPI, evtlogs and more http://www.secuobs.com/revue/news/331630.shtml http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#11048 http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#11048 ESRT @pentestit @zxlain - Invisible Things Lab - Playing with Qubes Networking for Fun and Profit ... ESRT @pentestit @zxlain - Invisible Things Lab - Playing with Qubes Networking for Fun and Profit http://www.secuobs.com/twitter/news/252268.shtml http://www.secuobs.com/news/comments03062010-disposable_virtual_machine_qubes_os.shtml#11045 http://www.secuobs.com/news/comments03062010-disposable_virtual_machine_qubes_os.shtml#11045 ESRT @stevewerby - CSRF vulnerability in Facebook profile picture upload - security_bug_bounty @sneak_ ... ESRT @stevewerby - CSRF vulnerability in Facebook profile picture upload - security_bug_bounty @sneak_ http://www.secuobs.com/twitter/news/252175.shtml http://www.secuobs.com/news/comments08042010-malaria_flex_silverlight_csrf.shtml#11044 http://www.secuobs.com/news/comments08042010-malaria_flex_silverlight_csrf.shtml#11044 ESRT @ChrisJohnRiley @SecurityTube - SecurityTube Certifications - SecurityTube Wi-Fi Security Expert - SWSE ... ESRT @ChrisJohnRiley @SecurityTube - SecurityTube Certifications - SecurityTube Wi-Fi Security Expert - SWSE http://www.secuobs.com/twitter/news/252096.shtml http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11043 http://www.secuobs.com/news/comments1004062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11043 ESRT @etlow @pcapr - just looked: xtractr has indexed/processed over 400 million packets so far ... ESRT @etlow @pcapr - just looked: xtractr has indexed/processed over 400 million packets so far http://www.secuobs.com/twitter/news/251877.shtml http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#11042 http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#11042 ESRT @TenableSecurity - New DISA Checklist Apache Audit Policies are now on the Tenable Support Portal ... ESRT @TenableSecurity - New DISA Checklist Apache Audit Policies are now on the Tenable Support Portal http://www.secuobs.com/twitter/news/251953.shtml http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11038 http://www.secuobs.com/news/comments2209042009-nessus_4_syn_wmi_xslt_tcp_nasl_pci.shtml#11038 Visa launches Android person-to-person payments app ... Visa launches Android person-to-person payments app http://www.secuobs.com/revue/news/331575.shtml http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#11031 http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#11031 Debugging Injected Code with IDA Pro ... Debugging Injected Code with IDA Pro http://www.secuobs.com/revue/news/331420.shtml http://www.secuobs.com/news/comments307122009-concours-hexrays-idadwarf.shtml#11030 http://www.secuobs.com/news/comments307122009-concours-hexrays-idadwarf.shtml#11030 BSIMM 3 ... BSIMM 3 http://www.secuobs.com/revue/news/331432.shtml http://www.secuobs.com/news/comments13112008-resilience_engineering_cert.shtml#11029 http://www.secuobs.com/news/comments13112008-resilience_engineering_cert.shtml#11029 ESRT @Hfuhs - Analyzing PDF Malware - Part 1 ... ESRT @Hfuhs - Analyzing PDF Malware - Part 1 http://www.secuobs.com/twitter/news/251769.shtml http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11026 http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11026 ESRT @pentestit - Zscaler Likejacking Prevention: Plug-In for Firefox, Google Chrome and Safari ... ESRT @pentestit - Zscaler Likejacking Prevention: Plug-In for Firefox, Google Chrome and Safari http://www.secuobs.com/twitter/news/251673.shtml http://www.secuobs.com/news/comments204122007-firecat.shtml#11023 http://www.secuobs.com/news/comments204122007-firecat.shtml#11023 ESRT @packet_storm - Tor-ramdisk i686 UClibc-based Linux Distribution x86 20110915 ... ESRT @packet_storm - Tor-ramdisk i686 UClibc-based Linux Distribution x86 20110915 http://www.secuobs.com/twitter/news/251657.shtml http://www.secuobs.com/news/comments1116062009-veiled_darknet_anonyme_chiffrement.shtml#11022 http://www.secuobs.com/news/comments1116062009-veiled_darknet_anonyme_chiffrement.shtml#11022 Facebook cookie complaints get the wrong end of the stick ... Facebook cookie complaints get the wrong end of the stick http://www.secuobs.com/revue/news/331241.shtml http://www.secuobs.com/news/comments24092010-evercookie.shtml#11015 http://www.secuobs.com/news/comments24092010-evercookie.shtml#11015 ESRT @FlUxIuS @devilok - Kernel Attacks through User-Mode Callbacks in win32k ... ESRT @FlUxIuS @devilok - Kernel Attacks through User-Mode Callbacks in win32k http://www.secuobs.com/twitter/news/251456.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#11014 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#11014 ESRT @malc0de @dunit50 - Here's the JavaScript from that PDF - 1-44 on VT ... ESRT @malc0de @dunit50 - Here's the JavaScript from that PDF - 1-44 on VT http://www.secuobs.com/twitter/news/251471.shtml http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11013 http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11013 ESRT @malc0de @urlquery - The PDF from the unknown exploit kit is available - pw: infected ... ESRT @malc0de @urlquery - The PDF from the unknown exploit kit is available - pw: infected http://www.secuobs.com/twitter/news/251473.shtml http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11012 http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#11012 ESRT @ethicalhack3r @digininja - File Disclosure Browser Parse DS_Store files of web apps to URLs send through Burp ... ESRT @ethicalhack3r @digininja - File Disclosure Browser Parse DS_Store files of web apps to URLs send through Burp http://www.secuobs.com/twitter/news/251299.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#11007 http://www.secuobs.com/news/comments4124042009-webshag.shtml#11007 ESRT @dragosr - AirShark detecting RF signals using commodity WiFi hardware - similar to WiSpy - Paper PDF ... ESRT @dragosr - AirShark detecting RF signals using commodity WiFi hardware - similar to WiSpy - Paper PDF http://www.secuobs.com/twitter/news/251264.shtml http://www.secuobs.com/news/comments904062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11005 http://www.secuobs.com/news/comments904062009-wepbuster_aircrack-ng_csrf_upnp.shtml#11005 Netgear releases first VDSL UTM firewall ... Netgear releases first VDSL UTM firewall http://www.secuobs.com/revue/news/331074.shtml http://www.secuobs.com/news/comments523032009-nftables_filtrage_linux_concat_git.shtml#11003 http://www.secuobs.com/news/comments523032009-nftables_filtrage_linux_concat_git.shtml#11003 Scanning Applications Faster A Chicken vs Egg Problem ... Scanning Applications Faster A Chicken vs Egg Problem http://www.secuobs.com/revue/news/331160.shtml http://www.secuobs.com/news/comments417042009-pintool_code_injection_red_pill_smm.shtml#11002 http://www.secuobs.com/news/comments417042009-pintool_code_injection_red_pill_smm.shtml#11002 Hackers turn MySQL.com into malware launchpad ... Hackers turn MySQL.com into malware launchpad http://www.secuobs.com/revue/news/331174.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#10999 http://www.secuobs.com/news/comments4124042009-webshag.shtml#10999 ESRT @Ivanlef0u @cnbrkbolat - Breaking the shield: Bypassing ASLR DEP - Secfence Blog ... ESRT @Ivanlef0u @cnbrkbolat - Breaking the shield: Bypassing ASLR DEP - Secfence Blog http://www.secuobs.com/twitter/news/251217.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10996 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10996 ESRT @matrosov @Blackmond_ - Updated my previous tutorial with Carberps Analysis via Volatility ... ESRT @matrosov @Blackmond_ - Updated my previous tutorial with Carberps Analysis via Volatility http://www.secuobs.com/twitter/news/251210.shtml http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10989 http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10989 ESRT @opexxx - Privilege escalation on Windows using Binary Planting ... ESRT @opexxx - Privilege escalation on Windows using Binary Planting http://www.secuobs.com/twitter/news/251161.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10988 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10988 bypassing all anti-virus in the world Good Bye Detection , Hello Infection ... bypassing all anti-virus in the world Good Bye Detection , Hello Infection http://www.secuobs.com/revue/news/330903.shtml http://www.secuobs.com/news/comments611032008-anubis.shtml#10987 http://www.secuobs.com/news/comments611032008-anubis.shtml#10987 timing-attack-checker ... timing-attack-checker http://www.secuobs.com/revue/news/330970.shtml http://www.secuobs.com/news/comments527032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10986 http://www.secuobs.com/news/comments527032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10986 Arm Release 1.4.4 ... Arm Release 1.4.4 http://www.secuobs.com/revue/news/331003.shtml http://www.secuobs.com/news/comments1016062009-veiled_darknet_anonyme_chiffrement.shtml#10984 http://www.secuobs.com/news/comments1016062009-veiled_darknet_anonyme_chiffrement.shtml#10984 ESRT @jduck1337 @johnregehr - New version of SafeInt on Codeplex is overflow-free -- fast work ... ESRT @jduck1337 @johnregehr - New version of SafeInt on Codeplex is overflow-free -- fast work http://www.secuobs.com/twitter/news/250793.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10983 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10983 ESRT @hlixaya @YJesus - PyKeylogger open source keylogger written in python, openly hooks well-known win APIs ... ESRT @hlixaya @YJesus - PyKeylogger open source keylogger written in python, openly hooks well-known win APIs http://www.secuobs.com/twitter/news/250527.shtml http://www.secuobs.com/news/comments203062009-keykeriki_sniffer_wireless_keyboard.shtml#10981 http://www.secuobs.com/news/comments203062009-keykeriki_sniffer_wireless_keyboard.shtml#10981 ESRT @RobertWinkel @Paterva - Maltego with annotations, bookmarks, attachments, graph merging - screenshots ... ESRT @RobertWinkel @Paterva - Maltego with annotations, bookmarks, attachments, graph merging - screenshots http://www.secuobs.com/twitter/news/250553.shtml http://www.secuobs.com/news/comments305082008-maltego.shtml#10980 http://www.secuobs.com/news/comments305082008-maltego.shtml#10980 ESRT @mosesrenegade @CiscoSecurity - Hard lessons about hacking and proxy services ... ESRT @mosesrenegade @CiscoSecurity - Hard lessons about hacking and proxy services http://www.secuobs.com/twitter/news/250673.shtml http://www.secuobs.com/news/comments115042008-proxystrike.shtml#10979 http://www.secuobs.com/news/comments115042008-proxystrike.shtml#10979 ESRT @Shadowserver - Nice example of Volatility use looking at Zeus ... ESRT @Shadowserver - Nice example of Volatility use looking at Zeus http://www.secuobs.com/twitter/news/250786.shtml http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10978 http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10978 ESRT @matrosov @ESETLA - Evolution of Rootkits with @matrosov @vxradius ... ESRT @matrosov @ESETLA - Evolution of Rootkits with @matrosov @vxradius http://www.secuobs.com/twitter/news/250757.shtml http://www.secuobs.com/news/comments15042009-dev_mem_rootkit_injection_linux_lkm.shtml#10976 http://www.secuobs.com/news/comments15042009-dev_mem_rootkit_injection_linux_lkm.shtml#10976 ESRT @CiscoSecurity - Cisco SIO Best Practices: Protecting BGP for the Enterprise ... ESRT @CiscoSecurity - Cisco SIO Best Practices: Protecting BGP for the Enterprise http://www.secuobs.com/twitter/news/250585.shtml http://www.secuobs.com/news/comments208042009-md5_bgp_mpls_carrier_ethernet_ernw.shtml#10975 http://www.secuobs.com/news/comments208042009-md5_bgp_mpls_carrier_ethernet_ernw.shtml#10975 ESRT @cktricky @etdsoft - New in Dradis 2.8: smart refresh ... ESRT @cktricky @etdsoft - New in Dradis 2.8: smart refresh http://www.secuobs.com/twitter/news/250397.shtml http://www.secuobs.com/news/comments208022009-webjob_backdoor_botnet_ssl_forensic.shtml#10974 http://www.secuobs.com/news/comments208022009-webjob_backdoor_botnet_ssl_forensic.shtml#10974 Tor and the BEAST SSL attack ... Tor and the BEAST SSL attack http://www.secuobs.com/revue/news/330845.shtml http://www.secuobs.com/news/comments1016062009-veiled_darknet_anonyme_chiffrement.shtml#10972 http://www.secuobs.com/news/comments1016062009-veiled_darknet_anonyme_chiffrement.shtml#10972 EFF inspects encryption tool for Adium, Pidgin IM clients ... EFF inspects encryption tool for Adium, Pidgin IM clients http://www.secuobs.com/revue/news/330667.shtml http://www.secuobs.com/news/comments527032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10969 http://www.secuobs.com/news/comments527032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10969 UPDATE PacketFence 3.0.0 ... UPDATE PacketFence 3.0.0 http://www.secuobs.com/revue/news/330568.shtml http://www.secuobs.com/news/comments523032009-nftables_filtrage_linux_concat_git.shtml#10967 http://www.secuobs.com/news/comments523032009-nftables_filtrage_linux_concat_git.shtml#10967 ESRT @CiscoSecurity - More android vulnerabilities - demo video includes privilege escalation vulnerability ... ESRT @CiscoSecurity - More android vulnerabilities - demo video includes privilege escalation vulnerability http://www.secuobs.com/twitter/news/250255.shtml http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#10963 http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#10963 ESRT @pentestit - Lilith Perl script to audit web applications ... ESRT @pentestit - Lilith Perl script to audit web applications http://www.secuobs.com/twitter/news/250106.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#10962 http://www.secuobs.com/news/comments4124042009-webshag.shtml#10962 ESRT @BreakingPoint - kahusecurity explains how he solved our JavaScript obfuscation challenge ... ESRT @BreakingPoint - kahusecurity explains how he solved our JavaScript obfuscation challenge http://www.secuobs.com/twitter/news/250167.shtml http://www.secuobs.com/news/comments401122008-mina_obfuscation_javascript.shtml#10961 http://www.secuobs.com/news/comments401122008-mina_obfuscation_javascript.shtml#10961 ESRT @packet_storm - NX Server For Linux 3.5.0-4 Vulnerable SUID Script ... ESRT @packet_storm - NX Server For Linux 3.5.0-4 Vulnerable SUID Script http://www.secuobs.com/twitter/news/250097.shtml http://www.secuobs.com/news/comments109042009-vaaseline_vnc_rpc_rfb_clipboard_rdp.shtml#10959 http://www.secuobs.com/news/comments109042009-vaaseline_vnc_rpc_rfb_clipboard_rdp.shtml#10959 Adobe patches critical Flash Player flaws after Google fixes zero-day bug in Chrome ... Adobe patches critical Flash Player flaws after Google fixes zero-day bug in Chrome http://www.secuobs.com/revue/news/330273.shtml http://www.secuobs.com/news/comments504122007-swfintruder.shtml#10953 http://www.secuobs.com/news/comments504122007-swfintruder.shtml#10953 ESRT @exploitdb - webapps - NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF: ... ESRT @exploitdb - webapps - NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF: http://www.secuobs.com/twitter/news/249692.shtml http://www.secuobs.com/news/comments904062009-wepbuster_aircrack-ng_csrf_upnp.shtml#10952 http://www.secuobs.com/news/comments904062009-wepbuster_aircrack-ng_csrf_upnp.shtml#10952 ESRT @Motoma - pyrasite - Inject code into a running Python process ... ESRT @Motoma - pyrasite - Inject code into a running Python process http://www.secuobs.com/twitter/news/249491.shtml http://www.secuobs.com/news/comments317042009-pintool_code_injection_red_pill_smm.shtml#10951 http://www.secuobs.com/news/comments317042009-pintool_code_injection_red_pill_smm.shtml#10951 ESRT @HaDeSss - DroidSheep one click session hijacking using android ... ESRT @HaDeSss - DroidSheep one click session hijacking using android http://www.secuobs.com/twitter/news/249634.shtml http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#10948 http://www.secuobs.com/news/comments2301012009-iphone_3g_yellowsn0w_deblocage_sim.shtml#10948 ESRT @packet_storm - Bypassing Microsoft Internet Explorer's XSS Filter - whitepaper ... ESRT @packet_storm - Bypassing Microsoft Internet Explorer's XSS Filter - whitepaper http://www.secuobs.com/twitter/news/249492.shtml http://www.secuobs.com/news/comments1112032009-scrubbr_xss_suppression_automatique.shtml#10947 http://www.secuobs.com/news/comments1112032009-scrubbr_xss_suppression_automatique.shtml#10947 ESRT @HP_AppSecurity - 8 Techniques To Block SQL Attacks ... ESRT @HP_AppSecurity - 8 Techniques To Block SQL Attacks http://www.secuobs.com/twitter/news/249665.shtml http://www.secuobs.com/news/comments1523032009-greensql_mysql_injection_proxy.shtml#10944 http://www.secuobs.com/news/comments1523032009-greensql_mysql_injection_proxy.shtml#10944 FoD 3.0 - Fortify On Demand ... FoD 3.0 - Fortify On Demand http://www.secuobs.com/revue/news/329984.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10936 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10936 Acunetix Web Vulnerability Scanner Version 7 build 20110920 released ... Acunetix Web Vulnerability Scanner Version 7 build 20110920 released http://www.secuobs.com/revue/news/329934.shtml http://www.secuobs.com/news/comments4124042009-webshag.shtml#10934 http://www.secuobs.com/news/comments4124042009-webshag.shtml#10934 Emergency patch expected for Flash Player, Wed, Sep 21st ... Emergency patch expected for Flash Player, Wed, Sep 21st http://www.secuobs.com/revue/news/330064.shtml http://www.secuobs.com/news/comments504122007-swfintruder.shtml#10933 http://www.secuobs.com/news/comments504122007-swfintruder.shtml#10933 More Packet Sites ... More Packet Sites http://www.secuobs.com/revue/news/330070.shtml http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#10932 http://www.secuobs.com/news/comments917112008-netwitness_investigator_pcap.shtml#10932 Recovering a private key with only a fraction of the bits ... Recovering a private key with only a fraction of the bits http://www.secuobs.com/revue/news/330003.shtml http://www.secuobs.com/news/comments427032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10931 http://www.secuobs.com/news/comments427032009-maude_npa_nrl_dhsk_npsk_xor_crypto.shtml#10931 Volatility 2.0 Vscan virus scanning plugin ... Volatility 2.0 Vscan virus scanning plugin http://www.secuobs.com/revue/news/330067.shtml http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10930 http://www.secuobs.com/news/comments504032009-regripper_hive_bdr_forensic_regscan.shtml#10930 ESRT @mubix @wallofsheep - PDF X-RAY: Now open source Github link to public code ... ESRT @mubix @wallofsheep - PDF X-RAY: Now open source Github link to public code http://www.secuobs.com/twitter/news/249230.shtml http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#10924 http://www.secuobs.com/news/comments1620062009-origami_pdf_virus_filtre_javascript.shtml#10924 UPDATE CUDA Multiforcer 1.1 ... UPDATE CUDA Multiforcer 1.1 http://www.secuobs.com/revue/news/329689.shtml http://www.secuobs.com/news/comments420102008-pyrit.shtml#10923 http://www.secuobs.com/news/comments420102008-pyrit.shtml#10923 ESRT @lennyzeltser - Using NetworkMiner to analyze network streams and pcap files when researching malware ... ESRT @lennyzeltser - Using NetworkMiner to analyze network streams and pcap files when researching malware http://www.secuobs.com/twitter/news/249228.shtml http://www.secuobs.com/news/comments111122008-networkminner_passive_forensic_spid.shtml#10922 http://www.secuobs.com/news/comments111122008-networkminner_passive_forensic_spid.shtml#10922 processhacker 2.22 ... processhacker 2.22 http://www.secuobs.com/revue/news/329635.shtml http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10919 http://www.secuobs.com/news/comments4723032009-exploitable_windbg_dump_audit_msec.shtml#10919