Home

exploits

10.000 Sites JS Malware Source Code.

By secgeeks - Posted on March 20th, 2008
Tagged:  
79
vote

This is how dangerous the web has become. Lately it is estimated that over 10K of websites fell victim to a large attack that included a remote Javascript file into the title tag of a web page. The JS malware exploits vulnerabilities in Windows, RealPlayer, and other applications to break into insecure PC's. The McAfee researchers didn't release the JS malware source, but luckily I'm on Ph4nt0m's feed list and they found it's source. What can I say, it's interesting code and heavily obfuscated. I haven't got the time to analyze it yet, because I wanted to share it with all my readers first.  read more »

The All Too Usual Exploits.

By secgeeks - Posted on September 30th, 2007
Tagged:  
54
vote

This isn't new stuff, still I like to stress programmers to understand how certain design decisions could hurt them in a way that was not foreseen. The below exploits are very common, personally a rough estimate is that 70% to 80% of all software has at least one of the exploits below. A good statistic are bug lists where these exploits are all too common. This isn't hard to secure yourself from, so just learn and do it. Because the below examples can deface, exploit or terminate your website.  read more »

Syndicate content