Microsoft Windows Desktop Wallpaper Code Execution Vulnerability

Microsoft Internet Explorer ‘Forced Tweet’ Cross Domain

Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability

Penetration Testing is something that has many different meaning depending on the context used by the person. The Penetration Testing Execution Standard (PTES) is aimed to change that. In this talk we’ll be covering adaptive penetration testing which essentially is the ability to conform and change based on the environment that your attacking. We’ll be covering several live examples used in real-world penetration tests, how we discovered some clever tricks to circumvent security controls, and eventually be creative and gain unauthorized access.

Systems Affected:

Windows 98, Windows 95, Windows XP, Solaris, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Linux, Windows 2000

JS.Alescurf is a detection for malicious code that can be injected in to vulnerable Internet Web pages.

Routerpwn is a mobile exploitation framework that helps you in the exploitation of vulnerabilities in network devices such as residential and commercial routers, switches and access points. It is a compilation of ready to run local and remote web exploits. Programmed in Javascript and HTML in order to run in all “smart phones” and mobile Internet devices, including Android, iPhone, BlackBerry and all tablets. You can even store it off line for local exploitation without Internet connection.

From the card to the backend database, proximity card access systems contain a variety of components, all which are vulnerable to attack but have been rarely targeted. This demo-driven presentation explores and attacks each of the various components (RFID tags, controllers, and backend systems) of a popular deployment configuration.

To create bully-free classrooms, it’s necessary that we educate teachers, students and parents about the prevalence and consequences of it. We all believe a school should be a safe place for the children, a place where they can learn without fear or apprehension.

Google has responded to Congress, defending its decision to make a controversial change to its privacy policy.

In a 13-page letter (document) to several Congress members, Google explained its decision for changing its privacy policy, and answered a host of questions posed by the lawmakers after the search giant announced its plans.

The ratio of websites running on CMS’s can be assumed to be more than the custom designed sites built from scratch. Quite understandably, there are more number of users using WordPress than any other CMS, hence it becomes crucial to have enhanced security measures for your site. Due to a large volume of users using WordPress as a platform, an increasing number of hackers and fraudsters try to compromise the security of such sites. In majority of the instances sites running on WordPress are compromised due to outdated files and/or plug-ins. Such outdated versions of the associated scripts act as an easy meal for fraudsters.

An interesting article by Mickey McCarter of Homeland Security Today.com about President Obama take on the cybersecurity issue in the State of the Union address.
President Barack Obama called for cybersecurity legislation to provide incentives to businesses to protect their information systems from attacks or intrusions in the course of his State of the Union address [...]