|  Login
 

Home

Articles

Blogs
       All Blogs
       Development
       Home Theater PC
       Network Administration
       Security
       Server Based Computing
       Virtualization
       Random Things

Downloads

FAQ

Links
       Development
       DotNetNuke
       Scripting
       Security
       Server Based Computing
       Virtualization
       Virus and Malware Info
       Windows Tech

Training

About
       Contact us
 
You are here  »  Blogs
     
share this page - email email | del.icio.us del.icio.us | digg digg | technorati technorati | reddit reddit | stumbleupon stumbleupon | facebook facebook | google bookmarks google bookmarks | yahoo bookmarks yahoo bookmarks | slashdot slashdot | backflip backflip | live live | twitter twitter
Search Blogs
 
 
   
     
Blog Archives
   
   
     
Blog List
   
   
     
Blogs
 
Author: Shawn Bass Created: Thursday, March 15, 2007 8:08:47 AM
Anything related to information security, including vulnerabilities, exploits, patching, etc.

DefCon 15: Day 1 Wrap-up

By Shawn Bass on Thursday, August 09, 2007 8:43:17 PM

DefCon 15 Day 1 review

Read More »

Comments (3)

Just returned from DefCon 15 - As usual it was a great conference

By Shawn Bass on Monday, August 06, 2007 12:52:49 PM

While I've still not caught up (READ: recovered) from the 3 day conference in Las Vegas, I can definitely say that I'm glad I went.  I don't have all of my thoughts organized yet on the sessions that I attended, but over the coming days I'll be blogging on a DefCon 15 wrap up where I'll cover my perspective on the sessions that I attended...and those that I walked out of   Stay tuned.

Comments (1)

Google Adsense vulnerable to CSRF (Stealing your Adsense account)

By Shawn Bass on Thursday, April 05, 2007 1:24:59 PM

I came across this blog post on Jungsonn Studio's blog the other day where they demonstrate how Google Adsense is vulnerable to a type of cross-site scripting attack that when the suspect javascript code is executed and you visit your Adsense account in another browser tab, they are able to switch your Adsense account over to them.  Pretty interesting find, and it really makes you think about all the times that you authenticate into a variety of different sites within different browser tabs all the while having done lots of surfing of other pages (of which you don't know that you can trust).  It's definitely something that all of the bloggers out there that use Google Adsense should be thinking about when they pop into their account from a browser tab

Shawn

Comments (1)

Microsoft releases out of band patch (MS07-017) for Animated Cursor vulnerability

By Shawn Bass on Tuesday, April 03, 2007 2:37:17 PM

MS07-017 is a re-release of an earlier patch against a vulnerability in Animated Cursors.  Apparently when the code was created for the first fix, the rest of the code wasn't audited and another vulnerability was recently found.  The patch can be found on Microsoft's website over here

This vulnerability affects all versions of Windows from 2000 through Vista, so you'll definitely want to patch this one.  Also, there's at least 4-5 public exploits available for this one.  You can be certain that it's being exploited in the wild.

Shawn

Comments (1)

The Metasploit Project has officially released version 3.0 of the Framwork

By Shawn Bass on Tuesday, March 27, 2007 10:50:37 AM

The Metasploit Project has just officially released version 3.0 of the framework on their website.  3.0 is a complete rewrite of the framwork and is written in Ruby.  It currently contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules.  It is a fantastic tool for penetration testing, and best of all -- it's completely free.

Read their blog entry on the new of the 3.0 release here

And get yourself a copy of Metasploit 3.0 over here

Enjoy!

Shawn

Comments (1)
 
   
     
  Copyright 2010 by Shawn Bass Terms Of Use  |  Privacy Statement