[ naslovna ] [ sačuvaj redosled  |  vrati početni ] | [ video uputstvo ] | [ za webmastere ]
[-]     Blogovi

02-17-2010 5:39
Telekom, Huawei, CSRF
Vecina Telekom ADSL modema je ranjiva na CSRF napade, ovim putem mozemo izmeniti vitalna podesavanja i ugroziti korisnike na vise nacina.

Linkovi:

- http://netsec.rs/18/huawei-hg510-multiple-vulnerabilities/493/
- http://www.securityfocus.com/bid/38261/info
- http://www.elitesecurity.org/t391845-Telekom-ADSL-amp-Huawei-CSRF-Auth-Bypass-DoS
- http://en.wikipedia.org/wiki/Cross-site_request_forgery >>

Ivan Markovic


03-10-2010 23:03
odlican.net cms v.1.5 remote file upload vulnerability /Teo
odlican.net cms v.1.5 remote file upload vulnerability Author: Teo Manojlovic http://packetstormsecurity.org/1002-exploits/odlican-upload.txt http://secunia.com/advisories/38488/ http://www.exploit-db.com/exploits/11340  >>

chaossecurity


 -  chaossecurity:  Mail Manager Pro CSRF Vulnerability / Milos
 -  m1k1:  Twitter u službi lopova
[-]     Adsense

[-]     Forumi

03-11-2010 21:30
Hakeri napali 150 sajtova u Crnoj Gori
Crnogorski sajtovi, njih oko 150, blokirano je danas zbog hakerskog napada na jedan od web hosting servera Crnogorskog Telekoma. Predstavnica Telekoma Jelena Radonjić kazala je da se napad na server dogodio u srijedu oko 22 sata, kada su hakeri izmijenili sadržaj na oko 150 sajtova, među kojima su i oni Pošte Crne Gore, Atlasmont i Hypo Alpe Adria banke...

Izvor: http://www.vesti.rs/Vesti/Hakeri-napali-150-sajtova-u-Crnoj-Gori.html >>

MyCity::Zastita


03-12-2010 0:11
Re: Problem koji nervira
Probaj [term]regsvr32 /i shell32.dll[/term]
 >>

ES::Zastita


 -  ES::Zastita:  Re: Problem koji nervira
 -  ES::Zastita:  Re: Proces lsass.exe?
 -  ES::Zastita:  Re: Program koji se pokrece pri startu win-a
[-]     Vesti

03-10-2010 15:34
Forum nove regionalne politike i evropskih integracija

Forum mladih Igmanske inicijative i Fondacija Friedrich Ebert u Beogradu pozivaju sve zainteresovane da se prijave za učešće u radu I Foruma nove regionalne politike i evropskih integracija, koji će se održati od 12-14. maja 2010. godine na Fruškoj gori.

read more

 >>

Bezbednost


03-09-2010 23:15
Prepoznajte lažni antivirus program
Blic: Predstavnici softverskog diva upozoravaju korisnike da se na internetu pojavilo antivirusno rešenje koje svojim nazivom pokušava da zavara korisnike da softver u stvari dolazi iz "Majkrosofta". >>

Vesti.rs


 -  infigo:  Konzum webshop - ISO 27001 certified
[-]     Blogs

02-24-2010 8:18
Hacking Linksys IP Cameras (pt 6)

This article is a continuation of the following GNUCITIZEN articles: Hacking Linksys IP Cameras (pt 1), Hacking Linksys IP Cameras (pt 2), Hacking Linksys IP Cameras (pt 3), Hacking Linksys IP Cameras (pt 4), Hacking Linksys IP Cameras (pt 5).

As we know, there are several ways one could go about hunting for IP cameras on the net. The slowest way would be to portscan random IP addresses for certain ports and programmatically detect if the web interface of a given camer >>

Feedproxy Security


03-08-2010 0:20
Best of Application Security (Friday, Mar. 5)
Ten of Application Security industry's coolest, most interesting, important, and entertaining links from the past week -- in no particular order.
Verizon Incident Metrics Framework ReleasedWiseguys net $25m in ticket scalping racketState of Software Security Report Internet Explorer 8 and the Security Development Lifecycle (SDL)Top 10 Hacks of 2009 and WAF MitigationsFTC alleges that ControlScan offered 'little or no verification' of site security or privacy I’m in ur 4sq, snarfin ur pass >>

Feedproxy Security


 -  ha.ckers:  Using Parameter Pollution and Clickjacking to Aid Anti-CSRF Bypass
 -  Ilia Alshanetsky:  ConFoo PHP 5.3 == Awesome! Slides
 -  ha.ckers:  RSA Conference Wrapup

[-]     News

03-10-2010 15:51
Sophos Email Security Appliance Receives Five Star Rating and Named 'Best Buy' in SC Magazine Group Test
Sophos Email Security Appliance Receives Five Star Rating and Named 'Best Buy' in SC Magazine Group Test >>

Sophos


03-12-2010 11:31
Malware Gets Smart with Vodafone Smartphone

Security researchers recently unveiled findings about malware that came preinstalled on a Vodafone mobile phone handset. Its memory card was also believed to carry malware. A leading mobile telecommunication company, Vodafone, has been taking the heat for packing malware straight out of the box on their HTC Magic Android smartphones. The recipient of one of the malware-laden phones was, fortunately, an employee of the Spanish antivirus firm, >>

trendmicro


 -  trendmicro:  More Adobe Exploits in the Wild
 -  ha.ckers:  Using Parameter Pollution and Clickjacking to Aid Anti-CSRF Bypass
 -  Feedproxy Security:  Plane crashes and security breaches

 

[-]     Naslovi

03-08-2010 9:38
Mondo: Čuvajte se lažnog Microsoftovog antivirusa
Mondo Kompanija Microsoft upozorila je korisnike na pojavu antivirusa koji ima slično ime kao i legitimni antivirus ove kompanije, ali se zapravo radi o trojancu. Originalni naziv legitimnog antivirus programa glasi Microsoft Security Essentials, dok se lažni softver razlikuje u jednom slovu i nosi naziv Secirity Essentials 2010. Problem nastaje kada korisnici, koji u naslovu vide natpis Microsoft, automatski krenu sa učitavanjem lažnog antivirusa, ne znajući da time u kompjuter >>

Naslovi


03-07-2010 15:37
Personal magazin: Google Street View nepoželjan i u Sloveniji
Vozila sa kamerama koje snimaju ulične prizore za Googleovu aplikaciju Street View ne smeju u Sloveniju bez prethodne najave, jer bi mogla povrediti privatnost informacija ili ljudsko dostojanstvo. Prema izveštajima slovenačkih medija, ekipe sa vozilima koje snimaju kadrove koji se onda mogu naći na internetu uočene su blizu slovenačke granice sa Austrijom, ali poverenica slovenačke vlade za zaštitu privatnosti Nataša Pirc Musar upozorava [...]
Vaš komentar  >>

Naslovi


 -  Naslovi:  Nacionalna klasa: NK TEST: Toyota Prius 1.8 Sol
 -  Naslovi:  IT svet: Spam rat u Evropi traje
[-]     Tools

03-12-2010 9:37
iScanner v0.4 released - Malicious codes scanner
iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.
This tool is programmed by iSecur1ty using Ruby programming language and it's released under the terms of GNU Affero General Public License 3.0.
Features
Detect malicious codes in web pages, this include hidden iframe tags, javascript, vbscript and activex objects.
Extensive log shows the infected files and the malicious  >>

security-database


03-12-2010 9:13
KNOPPIX 6.2.1 LiveCD available
KNOPPIX is a bootable Live system on CD or DVD, consisting of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Due to on-the-fly decompression, (... >>

security-database


 -  net-security:  SimpleAuthority 3.0
[-]     Virus

[-]     Mac OS X

03-10-2010 23:18
SecretService 0.3
SecretService enables you to encode text in all OS X aware applications with just one click. Simply highlight the text to encode or decode and select SecretService from the Services menu, plain text w... >>

net-security


03-11-2010 23:07
Safari 4.0.5 now available in Software Update

Filed under: Software Update, Security


New browser time -- and unfortunately, time to restart your Mac. Safari has been updated (for 10.4, 10.5 and 10.6 on the Mac side, and Windows XP/Vista/7 on the Win side); it includes the improvements noted: Performance improvements for Top Sites Stability improvements for plug-ins, and for sites with SVG graphics and online forms Fixes issues affecting settings changes to some Linksys routers and iWork.com user comments There ar >>

tuaw

[-]     OWASP

03-11-2010 18:06
Using Parameter Pollution and Clickjacking to Aid Anti-CSRF Bypass

It’s been a while since I’ve talked about Clickjacking, with only a few exceptions here and there. Mostly because I haven’t seen it much in the wild - at least not yet. But there’s still a lot of research out there to be done. I got an interesting email the other day that talked about a way to use parameter pollution (or a mix of URL parameters and POST) to create a condition where you can defeat CSRF tokens:

The technique, found by Lava Kuppan describes a scenario where a m >>

ha.ckers


03-11-2010 22:25
Plane crashes and security breaches

by Christian Moldes

In Outliers, Malcom Gladwell analyses how plane crashes are the result of a combination of errors. I found this analysis very interesting because of the similarity with most security breaches. A brief excerpt of his book:

“Plane crashes rarely happen in real life the same way they happen in the movies. Some engine part does not explode in a fiery bang. The rudder doesn’t suddenly snap under the force of takeoff. The cap >>

Feedproxy Security


 -  theregister:  Password reset questions dead easy to guess
 -  1raindrop:  On the Risk of Overfocusing on Seductive Details
 -  :  Bejtlich OWASP Podcast Posted

 

zastita feeds

napredna pretraga


zastita feeds

Brza pretraga:

xss
antivirus
security
vulnerability
avast
SPAM
attacks
pentesting
microsoft
kasper
zastita


Sponzorisani linkovi:

Grcki stubovi
Torte