07-02-2008 18:36
Anti-malware blocker, cross-site scripting protections coming in IE 8
When Microsoft’s Internet Explorer 8 hits the Beta 2 milestone in August, the browser makeover will feature a full-fledged anti-malware blocker and new protections against some forms of cross-site scripting attacks. The existing phishing filter IE 7 has been renamed SmartScreen Filter and will include blacklist-based blocking of known exploit sites. The SmartScreen anti-malware feature is URL-reputation-based, [...]

 >>

Kompletan tekst: Feedburner

07-02-2008 18:36
Anti-malware blocker, cross-site scripting protections coming in IE 8
When Microsoft’s Internet Explorer 8 hits the Beta 2 milestone in August, the browser makeover will feature a full-fledged anti-malware blocker and new protections against some forms of cross-site scripting attacks. The existing phishing filter IE 7 has been renamed SmartScreen Filter and will include blacklist-based blocking of known exploit sites. The SmartScreen anti-malware feature is URL-reputation-based, [...]

 >>

Kompletan tekst: Feedburner

07-02-2008 21:51
Cain & Abel v4.9.16 released
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocol
Changelog for this new release :
Added support for Oracle TNS 10g (AES-1 >>

Kompletan tekst: security-database

07-02-2008 21:39
Re: Novi Zakon o prisluskivanju i skeniranju kompa.
a? koliko pamtim, WIndows lepo kaze kakve podatke salje, mozes i da ih vidis detaljnije a niko ti ne brani da izmedju Windows masine i Interneta stavis neku Linux masinu koja moze da procita pakete koji se salju M$u kako bi proverio sta se tacno salje uglavnom ne kontam sta si uopste napisao koji sajt B.Hejtsa? 9pretpostavljam da mislis na micorosft.com, procitaj malo o Microsoft-u na WIkipedia-ji) provera legalnosti i saveti? ja nisam video nikakve savete sta slicno da uradi? pazi...
 >>

Kompletan tekst: ES::Zastita

07-04-2008 7:35
Cookie Path Traversal
Not sure if anyone actually cares about this, but thought I might just throw it out here: I found out a while ago that if a server is running IIS (or something else which accepts windows-style paths), then it is possible to get cookies sent to paths that they do not belong to by using an encoded backslash to indicate a directory delimiter like this: http://www.microsoft.com/en/us/test/..%5Cdefault.aspx

It works on all the browsers I tested (latest versions of IE, Firefox, Opera & Safa >>

Kompletan tekst: kuza55

07-05-2008 19:17
Microsoft Fixes Feature.
I read that in the latest MSIE7 patch round, they fixed the UXSS image issue[1] I talked about in early 2007. The attack was pretty easy to perform. Here is how it works, in case you didn't know about it.

First, you create an image. If you have Photoshop which is the quickest way, you can set a watermark inside the image as meta data. Inside the copyright field you can enter whatever you like. HTML, Javascripts, Iframes that fetch Trojans. To Firefox and Opera users, the image will >>

Kompletan tekst: 0x000000

07-05-2008 19:17
Microsoft Fixes Feature.
I read that in the latest MSIE7 patch round, they fixed the UXSS image issue[1] I talked about in early 2007. The attack was pretty easy to perform. Here is how it works, in case you didn't know about it.

First, you create an image. If you have Photoshop which is the quickest way, you can set a watermark inside the image as meta data. Inside the copyright field you can enter whatever you like. HTML, Javascripts, Iframes that fetch Trojans. To Firefox and Opera users, the image will >>

Kompletan tekst: 0x000000

[1] 2 3 4 5 ...