Home > Uncategorized > Security News

Security News

  • There is a new metasploit module for an older vulnerability CVE 2008-0610 in UltraVNC Viewer. Eric Romang has a video showing how the exploit works. Though he tested it solely on Windows XP SP3, I was able to replicate the attack on Windows Vista SP2.
  • The Java Runtime Environment up to Java 6 Update 30 and Java 7 Update 2 is vulnerable to a very significant flaw. On March 20, Microsoft noted and described the problem (CVE 2012-0507). Sinn3r and Juan Vazquez then worked to develop a Metasploit module to exploit the flaw, which was uploaded on March 29. A description of how to use the module went up on March 30- simply browsing to the wrong web site will pop a shell for the attacker. Be sure to patch your Java!
  • Did you know that once you have a meterpreter shell, you can use it to create a simple backdoor?
  • Have you updated Flash Player lately?
  • grand stream dreams has a nice post full of incident response toolsets and checklists.
Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: