Home > Uncategorized > Security News

Security News

  • MS12-020 is in the news this week.
    • What is is? A critical flaw in RDP affecting most Microsoft operating systems allowing remote code execution.
    • Technet describes a workaround that does not rely on the (released) patch.
    • Proof of concept code is already in the wild in multiple places.
  • The Network Journal has a number of nice pieces; recently they demonstrate what can be done in meterpreter after the exploit.
  • Wouldn’t it be nice to see a short summary of the various pentesting tools for web applications? The folks at rootcon provide.
  • Version 1.3.2 beta of Windows Credential Editor has just been released. This tool lets you grab password hashes from memory and play various pass-the-hash games.
  • In 2010, a number of major companies were with with an attack called Aurora that targeted IE6. Find out how that attack works in Metasploit.
  • The folks at PenTestIT describe a new Webshell, called 12309.php
  • Some new vulnerabilities in Cisco ASA 5505 firewalls were announced.
  • Would you like a nice tutorial on tcpdump?
Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: