Ethic Security

Welcome to the realm. This realm, is not your ordinary realm. Here you will find happenings in the network security world, as well as the underground and the ethical arena.

Followers

Thursday, September 17, 2009

Papers | The Honeynet Project

Papers | The Honeynet Project

Hack In The Box Forums • View topic - Penetration Tester's Lab - Hack your own machine (win2k sp4)

Hack In The Box Forums • View topic - Penetration Tester's Lab - Hack your own machine (win2k sp4):

"I just install windows 2000 pro sp4 into vmware & now I want to do some penetration testing on this machine…hopefully u can help me to find all vulnerabilities in this machine…"

CITRIX: Owning the Legitimate Backdoor | GNUCITIZEN

CITRIX: Owning the Legitimate Backdoor | GNUCITIZEN:

"The other day I was performing some CITRIX poking, so I had a lot of fun with breaking GUIs, which, as most of you probably know, are trivial to break into. I did play around with .ICA files as well, just to make sure that the client is not affected by some obvious client-side vulnerabilities. This exercise led me to reevaluate many things about ICA (Independent Computing Architecture). For example, when querying Google and Yahoo for public .ICA files, I was presented with tones of wide open services, some of which were located on .gov and .mil domains."

Wednesday, August 12, 2009

Two convicted for refusal to decrypt data • The Register

Two convicted for refusal to decrypt data • The Register:

"Two people have been successfully prosecuted for refusing to provide authorities with their encryption keys, resulting in landmark convictions that may have carried jail sentences of up to five years."

Friday, July 10, 2009

Chinese Spying Claimed in Purchases of NSA Crypto Gear | Threat Level | Wired.com

Chinese Spying Claimed in Purchases of NSA Crypto Gear | Threat Level | Wired.com:

"A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources."

Thursday, July 9, 2009

Microsoft knew of nasty IE bug a year before attacks • The Register

Microsoft knew of nasty IE bug a year before attacks • The Register: "Microsoft was aware of a critical vulnerability in an Internet Explorer component at least 12 months before attackers started targeting it in lethal exploits that take full control of end-users' PCs, a member of its security team said Wednesday."

Online attack hits US government Web sites

Online attack hits US government Web sites:

"A botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites and causing headaches for businesses in the U.S. and South Korea.

The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission's (FTC's) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT)."

Twitter Updates

    follow me on Twitter

    Blog Archive

    Packet Storm Security Headlines

    Packet Storm Security Exploits

    milw0rm.com

    The Ethical Hacker Network RSS News Feed

    SecurityFocus News

    SecurityFocus Vulnerabilities

    The Security Zealot