Subscribe to Infosec Events
Infosec Events Feed Stay up to date with all of the latest security news by subscribing to our RSS Feed. Alternatively, you can have updates sent directly to your email address.

Week 52 in Review – 2009

Published: December 28th, 2009 | Category: Hacking Contests, Security Tools, Security Vulnerabilities, Vendor News

Tools:

  • fimap v0.7A Released – security-database.com
    Tool for determining local and remote file inclusion bugs in webapps updated with show-my-ip, experimental HTTP proxy support and experimental blindmode, among others.
  • Mr-T smbenum and Firefox userprefs – ha.ckers.org
    An update to the Master Recon Tool was released to include both the default Firefox preferences and the smbenum of Internet Explorer.
  • PlayCap: Playback for Wireshark Capture Files (by Joke Snelders) – lovemytool.com
    PlayCap plays back capture files made from Wireshark, tcpdump, WinDump, or any other libpcap-based application.
  • WinScanX – windowsaudit.com
    WinScanX is a Windows auditing tool designed to help you get your Windows audit done quickly. It’s easy to use and no installation is required.
  • Metasploit Framework 3.3.3 Exploit Rankings – metasploit.com
    This release focuses on exploit rankings, session automation, and bug fixes. Rankings can be used to prevent exploits below a certain rank from being used and limit the impact to a particular target.
  • MSDN – Matthieu Suiche Developer Network – msuiche.net
    This web interface provides offsets, names, and links to corresponding structures/fields of Windows Kernel.
  • YASAT v1.70A – Yet Another Stupid Audit Tool – security-database.com
    Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut)
  • Top 10 Nessus Plugins For 2009 – tenablesecurity.com
    Tenable lists their favorite plugins for the year.
  • New MySQL Support in Metasploit – darkoperator.com
    Recently HD added a new mixin for MySQL adding support for connecting and executing queries against MySQL using the MySQL library from tmtm.org.

Techniques:

Vulnerabilities:

Vendor/Software Patches:

  • Adobe Explains PDF Patch Delay – infoworld.com
    Adobe chose to wait until mid-January to patch a critical PDF bug to prevent the disruption of its quarterly security update schedule.
  • Intel Patches Flaw In Trusted Execution Tech – slashdot.org
    Intel has released a patch for the affected chipsets with flaws in Intel’s Trusted Execution Technology (TXT), whose function is to provide a mechanism for safe loading of system software and to protect sensitive files.

Other News:

Be Sociable, Share!

    RSS feed | Trackback URI

    Comments »

    No comments yet.

    Name (required)
    E-mail (required - never shown publicly)
    URI
    Your Comment (smaller size | larger size)
    You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

    Trackback responses to this post

    © Godai Group 2014
    Home - Calendar - Communities - Training - Archives - Contact