Physical Access is Total Access
by LysergicBliss A cardinal rule of computer security is that once an attacker has acquired physical access to a machine, it is generally trivial for that attacker to fully compromise the system. As...
View ArticleClik here to view.
Microworld Mailscan 5.6.a Password Reveal
From MicroWorld’s website: “MailScan 5.6 is the world’s most advanced Real-Time AntiVirus and AntiSpam solution for Mail Servers. The software safeguards organizations against Virus, Worm, Trojan and...
View ArticleMcAfee SafeBoot Device Encryption Plain Text Password Disclosure
The password checking routine of SafeBoot Device Encryption fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users....
View ArticleDriveCrypt Security Model bypass
Synopsis The password checking routine of DriveCrypt fails to sanitize the BIOS keyboard buffer before AND after reading passwords. Affected Software Secu Star’s DriveCrypt Plus Pack v3.9 (possibly...
View ArticleNew Windows RPC Exploit
If you haven’t been auto-updated yet make sure you do. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000,...
View ArticleChange Your Yahoo Email
The month’s victim comes courtesy of Yahoo, or should I say Yahoo’s HotJobs.com. On October 28th, popular internet research and analysis company Netcraft discovered a vulnerability on the Yahoo site...
View ArticleWPA Wi-Fi encryption is cracked
Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks. The attack, described as the...
View ArticleClik here to view.
Vbootkit 2.0
Like Kon-boot we talked about in our last post VBootkit 2.0 is an updated code from 2007 that hasnt hit the internet yet , but is pretty much the same idea, modify the bootmgr and you essentially can...
View Article
