A Quick Amex XSS

Here is a quick description of a cross-site script exploit that was fixed today on the American Express website. The vulnerability was in the search engine of the site, which didn’t sanitized the input keywords. Therefore anyone could insert JavaScript into the search and use this to trick people into sending their cookies to the […]

Microsoft’s Security Hole Framework

Since a few days, news about the Internet Explorer exploit has been sweeping the Internet (see previous post Internet Explorer 7 Attack in the Wild). It has not been confirmed that Internet Explorer 5, 6 and 7 are affected and the problem reside in the data binding of objects. Basically, the array containing objects in […]

Fun at the Library – Part 1

Since this is a slow news day, and I have an essay to handout tonight, I’ll just related one of my experiment I started yesterday. As I have more time, I will push further into the system. While waiting for a friend, I decided to stop by the library to pass time. As I was […]

Internet Explorer 7 Attack in the Wild

Bits of information about the new 0-day exploit are surfacing on the web. This exploit provokes a heap overflow in the XML parser of Internet Explorer 7. The exploit works with the fully patched version of Windows XP, Windows Server 2008 and Windows Vista SP1[1]. The Infection The exploit is initiated by a JavaScript file […]

DNSChanger Worm uses DNS poisoning

A variant of the DNSChanger worm is reported to use DNS poisoning to infect new machines on a network, according to a well-explained article from The Register[1]. The attack used is quite interesting, but far from being new mind you. The first strains of the DNSChanger worm infected Windows and Mac machines. It modified and […]

China’s Red Flag Linux

Two days ago, the Inquirer post an article on a new law passed in the Chinese city of Nanchang, in the Jiangxi province, to replace pirated copies of Windows in Internet cafes by legitimate software[1]. The alternative proposed to the cafes is the Red Flag Linux distribution, which prompted fears of snooping by U.S Radio […]

ENISA releases list of mobile phones vulnerabilities

The European Network and Information Security Agency (ENISA) release a paper about general vulnerabilities that is affecting or will affect mobile communications. The organization surveyed experts via different medias to gather concerns from the industry about the future of wireless communications. The document discusses security issues about three different types of devices, each using wireless […]

New Kid on the Block: Downadup

Many reports on the last few days mention a new worm growing on the back of the Windows’ MS08-067 vulnerability. The worm named Downadup, also being dubbed Conficker.A by Microsoft, as now spread to alarming levels: “We think 500,000 is a ball park figure” said Ivan Macalintal, a senior research engineer with Trend Micro Inc[1]. […]

Technology in the Mumbai Attacks – A Quick Overview

Details are now starting to emerge from the deadly attacks by terrorists on the city of Mumbai, formerly known as Bombay. News outlets are starting to report technologies used by the attackers to communicate and coordinate their attacks that killed an estimated 172 people from various nations[1] Among all the commercial technologies used by the […]

LATimes: Agent.BTZ Might be Concerted Cyber-Attack

The Los Angeles Times reports that the reports about the Agent.BTZ worm spreading to the U.S Army networks might be a coordinated attacks originating from Russia[1]. The U.S Central Command is now infected with the worm and a high-classified network has been hit also. It is unclear if the author of the article thinks that […]