Home Vulnerabilities Exploits Hacking IT Security Malware
Twitter
RSS

Archive for the ‘it security’ Category

« Older Entries

DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability

By admin on Thursday, September 9th, 2010 | No Comments

09 September 2010 | 94 views

DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability

DllHijackAuditor is the smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the system.

DllHijackAuditor helps in discovering all such Vulnerable Dlls in a Windows application which otherwise can lead to successful exploitation resulting in total compromise of the system. With its simple GUI interface DllHijackAuditor makes it easy for anyone to instantly perform the auditing operation. It also presents detailed technical Audit report which can help the developer in fixing all vulnerable points in the application.

The new version v2 of DllHijackAuditor is

Read the rest

Read More...

If I had a nickel for every Facebook scam. . .

By admin on Thursday, September 9th, 2010 | No Comments

I’d be rich! Not to have my blog turn into the 24/7 social-media-scam network, but another Facebook scam is on the loose. This one is called “OMG! Look What this Kid did to his School after being Expelled!” and follows a template similar to that of the ongoing string of spams plaguing Facebook and other social networks.

Screenshot of FB invite page

Already over 56,000 Facebook users have “liked” this page. I have notified Facebook staff of the issue. Facebook has been taking steps to slow down the deluge of crap coming downhill onto their users, most recently making URLs in comments on people’s profiles unclickable. This may be in reaction to Apple’s new Ping social network, which launched with unclickable links in comments from the start.

FB post to profile pic

Surprisingly, this attack does not automatically post to your wall. It prompts you to add your own… Read the rest

Read More...

Q&A: Austereo CIO Ross Forgione

By admin on Wednesday, September 8th, 2010 | No Comments

CIO - What does an average work day involve for you at Austereo? The average day at Austereo is an adventure. It’s a combination of managing daily operational needs and activities and taking on the new challenges associated with an organisation that continually pushes itself and the traditional boundaries of our industry.

What are some of the major challenges you face in the role of CIO? Meeting the organisation’s overall expectations; getting the balance of new projects which drive the organisations competitive advantage, meeting internal customer service levels whilst actively applying Information Technology to drive organisational efficiency.

What are some of the recent projects your IT department has been working on? The virtualisation of back office infrastructure and the implementation of a Business Continuity and Disaster Recovery platform.

What are the three biggest issues facing CIOs today? 1. To foster and realise IT and Business

Read the rest

Read More...

Adobe advises on new Reader and Acrobat vulnerability

By admin on Wednesday, September 8th, 2010 | No Comments

Update: After analyzing the payload that is downloaded by the in the wild sample provided by @snowfl0w I can report that Sophos detects the payload as Troj/Agent-OOH.

Adobe’s Acrobat and Reader products are once again in the spotlight for a new vulnerability disclosed by @snowfl0w at the contagio malware dump blog.

There is one big difference between this vulnerability and others recently patched in Reader. The last few advisories were actually flaws in Adobe Flash and you could disable the ability to render flash in Reader to once again mitigate against the flaws.

The sample I have does require JavaScript to be enabled. I do not know whether the vulnerability itself requires JavaScript, but it would seem that it does not. Adobe did not suggest disabling Javascript as a mitigation technique. If you do disable JavaScript it will… Read the rest

Read More...

Report: RBS WorldPay hacker gets four years’ probation

By admin on Wednesday, September 8th, 2010 | No Comments

IDG News Service - The mastermind behind one of the biggest hacking paydays in history has been sentenced to four years’ probation and an US$8.9 million fine, according to published reports.

Victor Pleshchuk, 28, was sentenced to four years’ probation on Wednesday, according to Bloomberg News. He is considered the leader of a group of criminals who organized a 2008 precision strike on RBS WorldPay, the payment processing division of the Royal Bank of Scotland.

In addition to the reduced sentence of probation, Pleshchuk must also pay back more than 275 million rubles ($8.9 million) to RBS WorldPay, Bloomberg reports.

Russia is trying to fight a reputation for being soft on cybercrime, but this light sentence won’t do much to change that perception. Security experts say that Pleshchuk falls into the same category of highly accomplished cybercriminals as Albert Gonzalez, best known

Read the rest

Read More...
« Older Entries