Microsoft Windows DLL Load Hijacking (2269637)
/
0 Comments
Microsoft Windows DLL Load Hijacking (2269637)
(MS09-062) GDI+ .Net PropertyItem Heap Overflow Vulnerability (957488)
(MS09-062) GDI+ .Net PropertyItem Heap Overflow Vulnerability (957488)
Microsoft Windows Desktop Wallpaper Code Execution Vulnerability
Microsoft Windows Desktop Wallpaper Code Execution Vulnerability
Microsoft Internet Explorer ‘Forced Tweet’ Cross Domain
Microsoft Internet Explorer 'Forced Tweet' Cross Domain
Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability
Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability
Kevin Mitnick & Dave Kennedy – Adaptive Penetration Testing Derbycon 2011
Penetration Testing is something that has many different meaning depending on the context used by the person. The Penetration Testing Execution Standard (PTES) is aimed to change that. In this talk we’ll be covering adaptive penetration testing which essentially is the ability to conform and change based on the environment that your attacking. We’ll be covering several live examples used in real-world penetration tests, how we discovered some clever tricks to circumvent security controls, and eventually be creative and gain unauthorized access.
JS.Alescurf Trojan
Systems Affected:
Windows 98, Windows 95, Windows XP, Solaris, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Linux, Windows 2000
JS.Alescurf is a detection for malicious code that can be injected in to vulnerable Internet Web pages.
ROUTERPWN: A Mobile Router Exploitation Framework Demonstrated at ShmooCon 2012
Routerpwn is a mobile exploitation framework that helps you in the exploitation of vulnerabilities in network devices such as residential and commercial routers, switches and access points. It is a compilation of ready to run local and remote web exploits. Programmed in Javascript and HTML in order to run in all "smart phones" and mobile Internet devices, including Android, iPhone, BlackBerry and all tablets. You can even store it off line for local exploitation without Internet connection.
Attacking Proximity Card Access Systems by Brad Antoniewicz at ShmooCon 2012
From the card to the backend database, proximity card access systems contain a variety of components, all which are vulnerable to attack but have been rarely targeted. This demo-driven presentation explores and attacks each of the various components (RFID tags, controllers, and backend systems) of a popular deployment configuration.
School Bullying Outbreak
To create bully-free classrooms, it’s necessary that we educate teachers, students and parents about the prevalence and consequences of it. We all believe a school should be a safe place for the children, a place where they can learn without fear or apprehension.
