VN:F [1.7.7_1013]Rating: +1 (from 1 vote)Here comes the Google’s turn to offer bounty for hackers finding bugs in Chrome. As per the latest post “Encouraging More Chromium Security Research” on its official blog of Chrome,  Google has decided to follow the practice of Microsoft and other organizations to reward the security researchers.

For every Security [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +5 (from 5 votes)Operation Aurora – The well targeted attack under which top companies including Google got hacked through the zero day vulnerability. Google has released separate statement recently illustrating nature of the attack vectors and motives of the attacker.
In this attack which believed to be originated from China, the zero day (not [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)M$ has announced its first critical security vulnerability of the year 2010 in its Tuesday patch release. This is the vulnerability in the OpenType font engine embedded in the client applications which can lead to remote code execution leading to complete control of the system.

As per the bulletin, the attack [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)

As in the matrix, Everything which has beginning has an end, something similar happened to the matrix theme based milw0rm.com, the top exploit publishing website.  Created in 2003 by a hacker who is known as ’str0ke’, milw0rm.com has served the exploits for around 6 years and it has been popular [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)This may sound like another hacking book written to sell, but it is not. This is one such book where author has covered everything from tip to toe of vulnerability exploitation, a complex topic to comprehend, in a simple and practical way.

At a top level this book covers the following [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)This book is essential for anyone who is into software development to understand the basic security flaws as well as detect & eliminate them during the early development phase of the product itself.  It offers detailed coverage on 19 crucial security flaws each explained in separate chapters.

The book covers following [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Fuzzing is the most powerful and quick method to expose the security flaws in any product. In that direction, this is the first book which attempted to cover all aspects of fuzzing.  Written by prominent authors who mastered this field, the book not only explains the fundamentals but rich with [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)My new tool, SpyDLLRemover is released on the RootkitAnalytics website. This tool helps in detecting and deleting userland based rootkits which hide the processes and injected modules to prevent their detection from antirootkit softwares.
Here is the snapshot of SpyDLLRemover detecting the hidden process belonging to HackerDefender Rootkit.

Here is another snapshot [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)This is one of the best book written on most complex and interesting topics of computer security, ‘Discovering and Exploiting Security Holes’. It starts with explanation of different classes of security vulnerabilities such as stack overflows, heap overflows and format string bugs. Then it goes on describing the techniques to [...]

Read Full Post »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes) ProcHeapViewer 2.1, is a tool to scan process heaps now comes with integrated search feature which makes it easy to find ascii as well as unicode strings within the heap blocks.
Also this new version has better user interface which not only gives it cool look & feel but makes [...]

Read Full Post »