Zadovoljstvo mi je da objavim da su po prvi put (ispravite me ako grešim) dva domaća alata našla put do BackTrack distribucije koja predstavlja de fakto standardni tool set za penetration testere širom sveta.
Naši predstavnici su DFF Scanner i WMAT.
>>
ITsvet.com: Bilo je mnogo govora u proteklih godinu ili nešto više vezano za korisnost navođenja belih lista za aplikacije. Ali kada na red dođe pitanje da li ova tehnologija može ili ne da zameni anti virus programe tema dobija novi smisao. Bele liste omogućavaju da lista odobrenih fajlova bude iskorišćena na određenom računaru, pri čemu sumnjive aplikacije bivaju automatski blokirane. Koncept nije nov ali je u poslednje vreme privukao veliku pažnju proizvođača anti virus rešenj >>
I couldn’t find any public PoC/exploit for this phpMyAdmin vulnerability, despite it being a serious bug affecting a popular open-source project.
I think this vulnerability is a nice reminder that it’s still possible to perform remote command execution these days without relying on SQL injection (i.e.: xp_cmdshell) or a memory corruption bug (i.e.: heap overflow).
All the documentation you need is in the script comments. I recommend you to go through it, before y >>
06-22-2009 20:30
WhiteHat is Hiring
We are growing, fast, and need more exceptional people to join our team. The things we work on, people we worth with, and organizations we work for are completely unique. Check out our job listings, and if something looks like its for you, let us know!
Application Security Specialist
For the up-and-coming security specialist: this is an amazing opportunity to flex your creative muscles as you take a crack at poking holes in websites, actively searching for security vulnerabiliti >>
-
Ilia Alshanetsky: Type hinting rehashed (now with type casting support)
-
Ilia Alshanetsky: Type hinting for PHP 5.3
-
ha.ckers: Mozilla’s Content Security Policy

Filed under: Apple, Security
Apple is warning that Learning Interchange account passwords have been compromised. Apple warns that members who commonly use the same credentials on multiple sites may be at risk. If you are an ALI account user, please consider updating any accounts that use identical credentials. Here is the Apple quote, which has been sent to us by a number of TUAW readers. We recently learned that the security of Apple Learning Interchange (ALI) members' names and passwords >>