Sponsorised links
This year
One bug to rule them all
by marco
Calling the select() method with a large integer, results in continuous allocation of x n bytes of memory exhausting memory after a while
Les Fast-Flux Networks : comment remonter à la source des attaques ?
by marco
Ca flux pour toi mec ?
The Problem With HTTPS SSL Runs Deeper Than MD5
by marco
To move forward, we first need to acknowledge that the current HTTPS SSL mechanism is completely broken.
RapidSSL CA - MD5 and detailed info about the problem
by marco
Not all CAs using MD5 are automaticaly broken [...] Only with these 4 things in place it was possible to pull this off.
Sponsorised links
2008
Compromising Electromagnetic Emanations of Wired Keyboard
by marco
Wired keyboards emit electromagnetic waves, because they contain eletronic components. These eletromagnetic radiation could reveal sensitive information such as keystrokes
Adobe Flash ads launching clipboard hijack attack
by marco
In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine’s clipboard and using a hard-to-delete URL that points to a fake anti-virus program
Mac is the first to fall in Pwn2Own hack contest
by marco
The exploit took less than two minutes to pull off.
Petit bilan de santé de la Sécu: histoire d'un panier percé
by bouilloire
ça fait un paquet de voyages en Jet ça
2007
McCoy - MDC
by gregR
McCoy is an application that allows add-on authors to provide secure updates to their users. Applications periodically look for and install updates to their add-ons. It's important that the update information retrieved has not been tampered with since being written by the add-on author. Specifically, it focuses on the process of digitally signing update manifests so the applications can verify the integrity of a manifest retrieved over normally insecure channels.
2006
Software Inspector - Secunia
by gregR
& 2 others
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Risques associés aux clés USB
by gregR
De part leur facilité d'installation, ces périphériques s'échangent très facilement d'une machine à une autre. Cependant, cette opération présente des risques. Nous montrons dans ce document que ces échanges peuvent aussi bien affecter le périphérique que l'ordinateur d'accueil.
