VN:F [1.7.7_1013]Rating: +2 (from 2 votes)SQL Injection is one of the most popular web attacks that the security world has ever witnessed since the evolution of Internet. Till date it remains one of the less understood vulnerability from web security perspective as indicated by growing number of SQL injection attacks.
In this direction, this book [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +2 (from 2 votes)Sniffing the neighbor’s passwords on the network was an age old stuff and every hacker would have done it at some point of time using tools such as Dsniff, cain & abel etc. Now you can record and listen to your neighbor’s  phone calls too using the tool called UCSniff. [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)Here comes the Google’s turn to offer bounty for hackers finding bugs in Chrome. As per the latest post “Encouraging More Chromium Security Research” on its official blog of Chrome,  Google has decided to follow the practice of Microsoft and other organizations to reward the security researchers.

For every Security [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +5 (from 5 votes)Windows uses registry to store every user and policy configuration on the system. One can directly tweak anything in the registry to alter any of the  system settings. However not all registry keys are visible when viewed through default registry editor (regedit.exe).  Especially some of the security and [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +3 (from 3 votes)“Man without tools is animal and with tools he is everything”. Till today the quote applies to every field man has set his footprints in. Man has created tools for everything to make every small job easier & quicker.
Now we have tool for Social Engineering too. This [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +5 (from 5 votes)Operation Aurora – The well targeted attack under which top companies including Google got hacked through the zero day vulnerability. Google has released separate statement recently illustrating nature of the attack vectors and motives of the attacker.
In this attack which believed to be originated from China, the zero day (not [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)M$ has announced its first critical security vulnerability of the year 2010 in its Tuesday patch release. This is the vulnerability in the OpenType font engine embedded in the client applications which can lead to remote code execution leading to complete control of the system.

As per the bulletin, the attack [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)EvilGrade is the framework which allows anyone to hijack software updates by injecting custom updates and there by own the target machine completely. It contains set of modules written specifically for each of the Softwares to emulate and hijack its automatic update process.
Using this beautiful framework, any attacker on the [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)FireMaster, the first ever tool created to crack the master password of Firefox is now works on Windows 7 too.  The latest version comes with other improvements such as highlighted error message display,  security related changes etc.

This FireMaster 4.0 is successfully tested with latest Firefox version 3.5.6 on Windows 7.
For [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)Twitter, the popular micro-blogging site had been hijacked by the group claiming to be ‘Iranian Cyber Army’. Apparently the twitter users were redirected to the attacker’s website which displayed this victory image…

Also the attackers scribbled following note explaining the reason for the attack….

Iranian Cyber Army
THIS SITE HAS BEEN HACKED BY [...]

Read Full Post »