Drupalit hottest

Researchers from Remote-Exploit.org, the home of the BackTrack pen-testing Linux distribution, have recently released an open source wireless keyboard sniffer Keykeriki, capable of sniffing and decoding keystrokes of Microsoft 27Mhz based keyboards through on-the-fly deciphering of XOR based encryption.

Their wartyping — decoding signals from wireless keyboards — proof of concept is based on a research paper published by the group one and a half years ago:  read more »

from sans diary here:
"One of our readers submitted this log entry, which shows a typical SQL injection exploit. The "new" part is that the javascript injected in this case is trying to exploit the MSIE 0-day:

In this case, the SQL injection is delivered as a cookie, not a GET parameter.

I broke up the strings for readability and inserted spaces around the malicious URL. As usual with these kinds of exploit, the script will load another script which will load another script ultimatley leading to the IE exploit."  read more »

Spyware Guard 2008 is a new rogue application. Does that name sound familiar? Well, yes, there is a legitimate application named SpywareGuard (note that there is no space between Spyware and Guard, and there is no 2008) from Javacool Software. Please do not get confused!!  read more »

I am a diehard fan of Pidgin,formerly Gaim. i m using it from almost 4 years now.but in the recent version i dont know whats the problem is?when i chat simalteniously with 2-3 people it just seems to get hanged.I am not sure if i am the only one who has this problem or there are others too who faces this.
but overall i m loosing my faith on this software.heared the trillian is good alternative but i dont like its GUI.so let me know if you know any other alternative to it.

What happens when a fraudster barrages a merchant with bogus PayPal-funded transactions? In Part One, we saw that in one real-life example, the merchant's account was restricted for 2 weeks. Understandably, he told us that he was frustrated that his account was restricted through no fault of his own. Although he was proactive in reporting the fraudulent payments to his account, and spent many hours working with PayPal's customer support team, his online business came to a standstill because he was not able to accept payments via PayPal.  read more »

So folks recently on one of my site when i was updating something,i notices some strange php files with the random numeric names like 32458.php,12135.php and so on.at first i though those were the files related to my sites scripts and i shouldn't be worried about that.but then when i searched in google for my sites suddenly what i have seen was enough to shock me.my site was displaying porn,gambling,cracks, warez.that was a shocking thing my server,my site and they are displaying all such bullshit?  read more »

After the Fake CNN alerts , scammers are not targetting MSNBC to spread malware.beware of such link.its good to know that my spam filters are catching them as spam.but i just wanted to let you know , i m seeing an increasing trends in such stuff and tomorrow it may some other news service.so be curious and just dont click on any of the link without checking where it is pointing to.

The recent publicity surrounding the DNS cache-poisoning vulnerability and other high-profile bugs has had the unfortunate effect of dragging the battered, bloated corpse of the full-disclosure debate back above ground. Like a lot of other people in the industry, I’ve completely lost my taste for that discussion. The really interesting question is not whether disclosure [...]  read more »

The bug involves the way Firefox handles XSLT transformations of XML data. It apparently applies to all 3.0.x versions and to all platforms.

The proof of concept merely causes a crash, but there is a possibility that the memory corruption that occurs could be exploited to cause the execution of malicious code.

Guido Landi has been credited with the discovery of the bug.
Continue reading here....

This is where nightmares are made of.As some of you know there has been a ton of commotion going on about Mozilla Firefox lately. I've waited blogging about it until they had found a real 0day. Today is that day and this time it's for real, Billy Rios e-mailed me his new findings: and anyone could be vulnerable without any user interaction. It's not complicated shellcode execution, but it allows to pass arguments along cmd in windows to launch software among other things.  read more »

NotMyFault is a tool developed by Mark Russinovich of Sysinternals. NotMyFault can generate faults like High IRQL fault, Code Overwrite, Buffer Overflow, Deadlock etc. which can crash Windows. This tool can be helpful in crash dump analyzing.  read more »

I've always wanted to write about this but always forgot. I have many things to talk about, but this time I thought it would be nice to cover the browser client caps in Internet Explorer. I had a few browser detection scripts which could detect a lot, but mainly in Firefox. I knew that Internet explorer has a similar detection system but that it worked quite differently than Mozilla Firefox. So I wrote a script that does just that, detecting system info. And as a bonus it also detects installed apps for free.it works like this:

Most web application security experts frown on the practice of passing session or authentication tokens in a URL through the use of URL rewriting. Usually these tokens are passed between the server and the browser through HTTP cookies, but in cases where users configure their browsers to not accept cookies, this is impossible. Some web application frameworks – including ASP.NET – will detect this condition and revert to the cookieless URL rewriting method for passing session tokens.  read more »

I have high hopes for this research done by Gareth Heyes. It looks pretty bad what happens here. It is allowed to spoof different types of window attributes or objects, but also to abuse them cause interesting behaviorism in Firefox. Gareth showed me more, and I think this is going to turn out pretty bad, because it implies that you override almost anything that was set. But, Gareth also told me that he wasn't able to overwrite the document.location object. if that was the issue we could break the same origin policy and that would be one of the biggest vulnerabilities in Firefox so far.  read more »

So far, we have seen various rogue anti-spyware applications doing rounds of the Internet. However, here's one such rogue application that needs to be mentioned! Because, the website that pushes this rogue application calls itself as "Microsoft Antispyware Center"!  read more »

Black Viper, the website which is popular for its Windows XP Services Guide is back! It was down for few months, and fortunately it's back. The site has some really good tips and tricks about different Operating Systems like Windows ME/2000/XP/2003 and RedHat Linux. Along with it, there are Motherboard tweaks, Software reviews etc. Worth visiting :)

Team SpyBot S&D has released their popular software for Symbian based mobile phones! Now, you can safeguard your mobile phones from Spyware!

Here's what their website say:
Spybot-S&D for Symbian UIQ cellphones is one of our newer projects. Started some time ago when the first virus for Symbian cellhpones appeared (A29.Cabir, also called SymbOS.Caribe), we've now decided to release this preview as a goodie to our users.  read more »