http://blogs.securiteam.com Thoughts about the world of security Mon, 05 May 2008 15:05:04 +0000 http://backend.userland.com/rss092 en I'm hyped! The much-anticipated Maltego version 2.0 is out. I had previously alluded to maltego here. To the 1% of you who haven't heard of Maltego, it's a tool for determining relationships between domains, users, email addresses, etc. I can't think of an Infosec or traditional ... http://blogs.securiteam.com/index.php/archives/1091 The Daily WTF has a good story that may sound a little too familiar to some: How the aptly-named Super Hacker had managed to shut down the system remotely and provide a fix so quickly intrigued Kiefer. After poking around the network, he finally found the Python file that contained the ... http://blogs.securiteam.com/index.php/archives/1090 New week a new question, in this case the question is a bit more generic and I believe raises a few dilemmas, feel free to take a shot at it: Hi Experts, Is it secure to just configure Cisco IPSEC/GRE site to site tunnel without firewall/IPS/IDS. The argument here is although it ... http://blogs.securiteam.com/index.php/archives/1089 Another one for you this week, we especially liked XenoMuta's answer to our previous one. Lets go: Dear SecuriTeam, i am not sure if you are able to help us to find a solution for a special problem but i've tried everything and spent a lot of time in the internet without any ... http://blogs.securiteam.com/index.php/archives/1084 Anyone who has ever done serious security research reached the line that separates good from evil. If you are working with phishing emails you get links to kiddie porn. If you research security holes you deal with exploits. If you are researching botnets you are up to your neck in ... http://blogs.securiteam.com/index.php/archives/1085 Once again - another security question from our readers to the security experts who read this blog: I ran across your site looking for information regarding the security of PPTP. I then found the PPTP bruter program from THC. I am a small business owner. I am a ... http://blogs.securiteam.com/index.php/archives/1083 It appears that a new WMF attack is coming, as you recall about a year back an WMF vulnerability was used on several high profile sites to infect visitors, this now appears to start happening again. The first sign of this is the appearance of exploits for the vulnerability, starting off ... http://blogs.securiteam.com/index.php/archives/1082 I have a strong distrust of most marketing and sales individuals. I hate evaluating software and getting a dozen calls or emails from some overzealous, inside-sales weenie. For this reason, I usually use bogus information when I fill out the obligatory form requesting the software that I want ... http://blogs.securiteam.com/index.php/archives/1081 This Hebrew post in linmagazine describes what first sounds like a typical Vishing attack. The author's mother receives a phone call telling her there's been a terrible accident and she needs to call the hospital for the details. They give her the ER's number but tell her to use only ... http://blogs.securiteam.com/index.php/archives/1080 I'm rushing this post out so that this post can be the 1,000th post :) I've got a project that I'd love to run, but I just don't have the time. Here's what I'm thinking of. I want to crawl Fortune 1000 sites and generate fingerprints on their code ... http://blogs.securiteam.com/index.php/archives/1079 Apparently Google's calendar has been elected to become a new spam platform. I started receiving these a few days ago, at first I thought it to be a fluke but not it has become a flood. Someone in Google should probably start looking at this and getting it fixed, as this isn't ... http://blogs.securiteam.com/index.php/archives/1078 And it was ...almost 30 years since the first spam message was sent. We can read more here: news.bbc.co.uk/2/hi/technology/7322615.stm http://blogs.securiteam.com/index.php/archives/1077 SANS ISC has collected a very coverage list of April Fool's Day stories. It can be found here: isc.sans.org/diary.html?storyid=4225 My own favorite is Gmail's new Custom Time feature ;) http://blogs.securiteam.com/index.php/archives/1076 I'd love to hear the background story behind this one: [CiscoWorks IPM] version 2.6 for Solaris and Windows contains a process that causes a command shell to automatically be bound to a randomly selected TCP port. Why on earth? And why a random port? And if you're still wondering, yes - it's a ... http://blogs.securiteam.com/index.php/archives/1075 It's time to look the recent state of targeted attacks. Like we already know the main attack vector in these attacks is Microsoft Office attachment. There are no many organizations that simply can filter .DOC, .XLS and .PPT files. In mid-January Microsoft confirmed that a new, previously unknown Excel vulnerability was ... http://blogs.securiteam.com/index.php/archives/1074 A new question for you guys - you have been great answering the previous one: ---- Hi I’m a bit new to java and socket programming. Anyway I just wrote a client server socket program and I have an open port listening on my unix box. I was told that this is vulnerable ... http://blogs.securiteam.com/index.php/archives/1073