On May 19, 2011, at 9:44 PM, minor float wrote:
> Dear list readers, on today we officially published our observations
> regarding the new attack vector of the DDoS against the DNS servers.
Filtering out the bogus DNS queries generated by the MX-record lookups is
pretty trivial with modern int
>> Never trust an Indian software company.
>
> Sure, go ahead and trust the Pakis instead ;-)
>
What's wrong with those countries? I've seen users from the both countries
advertising services with words such as "leading, professional" and when
we look at their contact emails, we'll find "peng...@g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2238-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
May 19, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:094
http://www.mandriva.com/security/
_
2011/5/19 minor float
> Dear list readers, on today we officially published our observations
> regarding the new attack vector of the DDoS against the DNS servers.
>
> A full story can be read here http://www.zone-h.org/news/id/4739
>
> Here is the excerpt.
>
>
> The attack phases are as follows:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CA20110420-01: Security Notice for CA SiteMinder
Issued: April 20, 2011
Updated: May 19, 2011
CA Technologies support is alerting customers to a security risk
associated with CA SiteMinder. A vulnerability exists that can allow a
malicious user
Dear list readers, on today we officially published our observations
regarding the new attack vector of the DDoS against the DNS servers.
A full story can be read here http://www.zone-h.org/news/id/4739
Here is the excerpt.
The attack phases are as follows:
The attacker obtains the IP address
Historically, Ubuntu sends Ubuntu Security Notices (USNs) to bugtraq,
full-disclosure and our own announce mailing list. After a recent review
of our publication process, we decided we will no longer post USNs to
bugtraq and full-disclosure.
People interested in receiving USNs by email should subs
Start Chrome and start Wireshark. Apply the filter udp.port==5355
For Link Local Multicast Name Resolution protocol (LLMNR) protocol you
will similar output in wireshark.
http://en.wikipedia.org/wiki/Link-local_Multicast_Name_Resolution
This protocol was implemented Windows Vista onwards, so you
Hi, everyone
We've published a whitepaper on Malbox's site, which will introduce
Malbox's architecture and workflow. You can download it from
http://malbox.xjtu.edu.cn.
> On Sat, May 14, 2011 at 10:55:30PM +0100, Chris M wrote:
>> Not convinced.
>>
>> Tried to upload a few samples, "only suppor
Interesting I will have to test this one and see. I know recently someone did a
writeup about Microsoft doing a similar phone home when you launch I.E so it
can verify you internet connection.
http://blog.superuser.com/2011/05/16/windows-7-network-awareness/
Infolookup
http://infolookup.secur
On 19 May 2011 11:03, Rove Monteux wrote:
> Actually FreeBSD copyright protected its latest FreeBSD X, you can only
> jailbreak OpenBSD now.
you can't jail break OpenBSD its secured by its pf (Proprietary
Firewall) and StrlCpy (Strong Trusted Registered License Copyright
Protection Yin)
ok i coul
Greetings,
Is there any POC code for root encapsulation for the following
cvs .
https://bugzilla.redhat.com/show_bug.cgi?id=692922#c0
Looking forward for your kind response.
Regards
Net_Spy
___
Full-Disclosure - We believe in it.
http://isc.sans.org/diary.html?storyid=10312&;
On Wed, May 18, 2011 at 11:07 PM, Eric wrote:
> Greetings,
>
> Has anyone ever noticed, the sort of DNS queries when you fire/running
> Google-chrome?
> The DNS queries for domain names likes:
> bsjghxplor
> hrrtjswxtt
> epjyptuure
>
> etc.
>
> Beha
Actually FreeBSD copyright protected its latest FreeBSD X, you can only
jailbreak OpenBSD now.
-Original Message-
From: root
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Linux kernel 2011 local root does it
exist
Date: Wed, 18 May 2011 14:59:28 -0300
You can only
> Never trust an Indian software company.
Sure, go ahead and trust the Pakis instead ;-)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
On Thu, May 19, 2011 at 3:30 AM, Vipul Agarwal wrote:
> And let's trust HBGary.
:)
>
> On Thu, May 19, 2011 at 7:03 AM, David Blanc
> wrote:
>>
>> On Sat, May 7, 2011 at 6:53 PM, Xa Buri wrote:
>> >
>> > So who finally did it and when? ispy or d3hydr8? and I still don't buy
>> > the
>> > whole S
Lol .
David, security vulnerabilities are not related to hometown of the developer in
anyways ;)
Regards;
w0lf
www.maestro-sec.com
-- sent from BlackBerry --
-Original Message-
From: Vipul Agarwal
Sender: full-disclosure-boun...@lists.grok.org.uk
Date: Thu, 19 May 2011 07:30:13
To:
And let's trust HBGary.
On Thu, May 19, 2011 at 7:03 AM, David Blanc wrote:
> On Sat, May 7, 2011 at 6:53 PM, Xa Buri wrote:
> >
> > So who finally did it and when? ispy or d3hydr8? and I still don't buy
> the
> > whole SQL Injection theory. There is no proof. Looks more like an insider
> > dump
Let's trust software from Microsoft or Apple.
On Thu, May 19, 2011 at 12:33 PM, David Blanc wrote:
> On Sat, May 7, 2011 at 6:53 PM, Xa Buri wrote:
> >
> > So who finally did it and when? ispy or d3hydr8? and I still don't buy
> the
> > whole SQL Injection theory. There is no proof. Looks more l
On Sat, May 7, 2011 at 6:53 PM, Xa Buri wrote:
>
> So who finally did it and when? ispy or d3hydr8? and I still don't buy the
> whole SQL Injection theory. There is no proof. Looks more like an insider
> dump.
>
Never trust an Indian software company.
http://hackerstreet.in/item?id=6323
http://
21 matches
Mail list logo