|
|
|
Who's Online
There are 203 unregistered users and 0 registered users on-line.
You can log-in or register for a user account here.
Main Menu
Top Stories for Today
[395] Five Best VPN Tools
[386] Building a Linux Incident Response / Forensic Disk [382] 1024-bit RSA encryption cracked by carefully starving CPU of electricity [233] Researchers dissect ZeuS botnet blueprint [199] The Basics of SAN Security [194] Hackers target freshly uncovered Internet Explorer hole [171] Army plans enterprise email system [152] UK still lousy on electronic nosiness [136] Limewire taps AVG for virus free torrents [133] Physicists Find Way to See Through Paint, Paper, and Other Opaque Materials [132] Feds Move to Break Voting-Machine Monopoly [127] Top Five Tips for Securing your Business Reputation [121] Microsoft skips patch for PowerPoint add-on [121] Symantec Offers New Approach to Mobile Security
Top 20 of the Last 2 Weeks
[1494] 6 Free Android Apps That Will Make You Drop Your iPhone
[1381] North Korea develops its own OS [1192] Teen gets 15 years for Facebook blackmail [1165] Porn Detection Stick seeks out salacious images [1053] Should CIOs look at virtual desktops? [1050] Legal team hack Xbox memory for defence evidence [1030] How hackers took down Baidu [1028] Steve Jobs says Apple must 'think big' with $40 billion in cash [1027] 7 of the Best Free Linux Configuration Management Tools [1009] Hackers expose security flaws with 'Elvis Presley' passport [1000] Analyst thinks Apple may update MacBook Pro laptop [978] HTC Desire firmware ported to Nexus One [849] Mastermind of World's Worst Computer Virus Still at Large [766] Korean couple addicted to virtual life let real-life baby starve to death [712] Chinese man held by police over sex video clips [670] Run a Background Check on Yourself with Free Online Tools [653] 'Severe' OpenSSL vuln busts public key crypto [629] Saudi Arabia wants to monitor all BlackBerry communications for 'security' [620] Confessions of a Windows 7 pirate [616] BITSTALKER: Accurately and effectively monitoring BitTorrent traffic
Past Articles
Hosting Provided By
|
If you're wondering who the people are behind HITB and you'd like to drop us a line (either e-mail or snail mail) then here's the information you'd need:
Mailing Address
Phone: +60-3-20394724
Chief Executive Officer Editor in Chief Head of Sales Senior Content Administrator Content Administrators
amigo News Contributors Public Relations Graphic Designer Editorial Team & Contributors
Joshua Kuhl |
Login
HITB Ezine
Issue #38
HITBSecConf2010 - Dubai
Register now for the 4th annual deep-knowledge security conference in Dubai!
Keynote 1: John Viega (CTO, SaaS, McAfee Inc.) Keynote 2: Matt Watchinski (Senior Director of Vulnerability Research, Sourcefire Inc.) Conference Speakers (alphabetical order):
1.) Arnauld Mascret (Sogeti / Cap Gemini)
2.) Christophe Devaux (Sogeti / Cap Gemini)
3.) Daniel Mende (ERNW GmbH) 4.) Dino Covotsos (Managing Director, Telspace Systems)
5.) Fredric Raynal (Head of Research, Sogeti/Cap Gemini)
6.) Gynvael Coldwind (Researcher, Hispasec)
7.) Laurent Oudot (Founder, TEHTRI-Security)
8.) Marc Schoenefeld (Independent Network Security Specialist) 9.) Oliver Roeschke (ERNW GmbH) 10.) Saumil Shah (Founder, Net-Square)
11.) Shawn Merdinger (Security Researcher) 12.) The Grugq (Anti Forensics Specialist)
Last 15 Postings to HITB Forum
 Real secure Virtualisation??? Re: mac autehntication and RADIUS Re: mac autehntication and RADIUS Re: mac autehntication and RADIUS mac autehntication and RADIUS Re: Best first language to learn before Assembly Re: Best first language to learn before Assembly Re: Best first language to learn before Assembly Re: I need some security audits done Re: I need some security audits done I need some security audits done Re: Best first language to learn before Assembly Re: Some Security Don'ts for Network Admins Re: A noob, but a dedicated noob Re: A noob, but a dedicated noob
Packet Storm Security Latest
· Botan-1.9.4.tgz
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. · gnupg-2.0.15.tar.bz2 GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. · fwbuilder-4.0.0.tar.gz Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists. · anantasoft-xsrf.txt Anantasoft Gazelle CMS suffers from a cross site request forgery vulnerability. · secunia-etsdisclose.txt Secunia Research has discovered security issue in Employee Timeclock Software, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the application passing the database password via the command line to the mysqldump utility, which potentially can be exploited to disclose the password via the process list. Version 0.99 is affected. · secunia-etssql.txt Secunia Research has discovered some vulnerabilities in Employee Timeclock Software, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the username and password parameters in auth.php and login_action.php is not properly sanitized before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Version 0.99 is affected. · notepadpoc.zip The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. This proof of concept exploit leverages Notepad to demonstrate the vulnerability. · tarcpio-overflow.txt GNU Tar and GNU Cpio suffer from a heap-based buffer overflow vulnerability. Tar versions prior to 1.23 and Cpio versions prior to 2.11 are affected.
Topics
· All topics
· AMD News (Feb 23, 2010) · Apple News (Mar 08, 2010) · Articles (Mar 03, 2009) · Ask Us (Feb 01, 2003) · Audio/Video (Mar 08, 2010) · Encryption (Mar 10, 2010) · Games (Mar 09, 2010) · Hardware (Mar 04, 2010) · HITB News (Feb 09, 2010) · Industry News (Mar 10, 2010) · Intel News (Mar 09, 2010) · Law and Order (Mar 09, 2010) · Linux (Feb 25, 2010) · Microsoft (Mar 10, 2010) · Networking (Mar 10, 2010) · PDAs (Feb 09, 2007) · Privacy (Mar 09, 2010) · Red Hat (Mar 09, 2010) · Science (Mar 10, 2010) · Security (Mar 10, 2010) · Software & Programming (Mar 10, 2010) · Spam (Jan 26, 2010) · Technology (Mar 05, 2010) · Transmeta (Jul 07, 2007) · Viruses & Malware (Mar 09, 2010) · Wireless (Mar 03, 2010)
Follow us
Follow us on Twitter
Follow our RSS feed
HITB Affiliates
Warez Raid
Btscene Raid Network Rapidshare.net FullDownloadShare.com PlaystationHome.com TriniWarez Rapidsharedownload.net SCForum.info Pogoed Full Downloads Nitro Roms Gu1337 Twistys Download Ideal Torrent Egyptfans.net DirtyWarez.com RaidPIC Torrents Download RapidShareLink FreshDL Warez Linkers WarezFactor FullDDL.net Digital Vortex TorrentHub RealWarez Fullversion Search DreamDDL HackersNews.org Black-Zero MyPDACafe.com Guvenli.org Dark-Hack.net Dark Tavern HardlineNews.com ITDefence.ru Xatrix Computer Security shellcity.net EyeonSecurity HackerStickers.com Astalavista Go Hacking XSSed.com madirish.net Secumania.org Megapanzer If you own a PR4+ (Page Rank) network security or computer related website with 5,000 unique visits and would like to affiliate with HITB, email us. |
||
