// home

Latest Post

VopCrew Multi Scanner v5.0

IRC bot scanner coded in PERL and developed by Vrs-hCk. This tool checks for LFI, RFI, SQL Injections and other types of injections on a IRC environment. It’s also combined with a injector code that uses the usual gzinflate and base64 plus a few extra str_rot13 php function. By the way, I already saw this in action [...]

Asides

  • Michael Jackson death malware is already spreading according to the latest news. #
  • Mozilla security program manager Brandon Sterne just published an article about a feature Mozilla is working on - Content Security Policy. This feature will allow to protect against XSS, clickjacking and other attacks. Just a must read. #
  • Nice reading on SecureThoughts about the new Safari 4 on how it's still open to phishing with URL Obfuscation #
  • Wordpress 2.8 and Firefox 3.0.11 are out. Major security fixes on both. #
  • New Safari 4 covers more than 50 open vulnerabilities even the fix for the vexing clickjacking. #
  • Excellent article on how to outline a number of flaws that can be exploitable due to the use of well known non-routable IP address spaces. #
  • Astalavista got hacked and their information published and database+files deleted #
  • Next Tuesday major security update from Microsoft is out (10 security bulletins - 6 of them critical) #
  • Joomla! releases version 1.5.11, patching a couple of security holes. #
  • SecureThoughts just published an advisory on how LogMeIn software could be used to grab remote files, nice article. #

Welcome to David Sopas

A place where a user can read the latest articles on web security and keep in touch with my latest advisories. Be the first to receive the latest updates by signing up my RSS .