Google Wallet Toots Two Security Flaws
/
0 Comments
This week, two different security researchers discovered two serious security flaws with the payment system. The first weakness pertains to the Google Wallet PIN protection system that allows access to the owner's digital wallet in a matter of seconds using a brute force method to crack the PIN. The results of the attack will enable the attacker the ability to access key information on rooted smartphone that includes credit card numbers and transaction history.
Black Hat USA Welcomes Neal Stephenson to Keynote Stage
Black Hat, produced by UBM TechWeb, has announced that renowned speculative fiction writer Neal Stephenson will be interviewed in a keynote Q&A at this year's 15 year anniversary event. Black Hat USA 2012 is expected to host more than 6500 high-level security professionals for the most timely, actionable security presentations of the year.
Report: Hacked Syrian officials used ‘12345’ as email password
After hundreds of emails from the office of Syrian President Bashar al-Assad were leaked on Monday, a report revealed that several of Assad's aides and advisers used the password "12345."
Hacker releases Symantec source code
A hacker released the source code for antivirus firm Symantec's pcAnywhere utility on Tuesday, raising fears that others could find security holes in the product and attempt takeovers of customer computers.
Microsoft Windows DLL Load Hijacking (2269637)
Microsoft Windows DLL Load Hijacking (2269637)
(MS09-062) GDI+ .Net PropertyItem Heap Overflow Vulnerability (957488)
(MS09-062) GDI+ .Net PropertyItem Heap Overflow Vulnerability (957488)
Microsoft Windows Desktop Wallpaper Code Execution Vulnerability
Microsoft Windows Desktop Wallpaper Code Execution Vulnerability
Microsoft Internet Explorer ‘Forced Tweet’ Cross Domain
Microsoft Internet Explorer 'Forced Tweet' Cross Domain
Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability
Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability
Kevin Mitnick & Dave Kennedy – Adaptive Penetration Testing Derbycon 2011
Penetration Testing is something that has many different meaning depending on the context used by the person. The Penetration Testing Execution Standard (PTES) is aimed to change that. In this talk we’ll be covering adaptive penetration testing which essentially is the ability to conform and change based on the environment that your attacking. We’ll be covering several live examples used in real-world penetration tests, how we discovered some clever tricks to circumvent security controls, and eventually be creative and gain unauthorized access.