Latest Post

VopCrew Multi Scanner v5.0

IRC bot scanner coded in PERL and developed by Vrs-hCk. This tool checks for LFI, RFI, SQL Injections and other types of injections on a IRC environment. It’s also combined with a injector code that uses the usual gzinflate and base64 plus a few extra str_rot13 php function. By the way, I already saw this in action [...]

Featured Post

RMS – Remote Malware Scanner

I present to you, RMS – Remote Malware Scanner. What is it? It’s a online tool that scans for possible malicious content inside the source code of a specific web page. It might give you false results, specially because it searches for .js files, iframes, etc… but also for specific and existent malware code. You can check [...]

Asides

• Michael Jackson death malware is already spreading according to the latest news. #
• Mozilla security program manager Brandon Sterne just published an article about a feature Mozilla is working on - Content Security Policy. This feature will allow to protect against XSS, clickjacking and other attacks. Just a must read. #
• Nice reading on SecureThoughts about the new Safari 4 on how it's still open to phishing with URL Obfuscation #
• Wordpress 2.8 and Firefox 3.0.11 are out. Major security fixes on both. #
• New Safari 4 covers more than 50 open vulnerabilities even the fix for the vexing clickjacking. #
• Excellent article on how to outline a number of flaws that can be exploitable due to the use of well known non-routable IP address spaces. #
• Astalavista got hacked and their information published and database+files deleted #
• Next Tuesday major security update from Microsoft is out (10 security bulletins - 6 of them critical) #
• Joomla! releases version 1.5.11, patching a couple of security holes. #
• SecureThoughts just published an advisory on how LogMeIn software could be used to grab remote files, nice article. #