Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - The Web Incidents Hacking Database (webappsec.org)

Submitted by mrkitty
mrkitty writes: The web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. We also try to limit the database to targeted attacks only. WHID goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents.
Security

Submission + - Greek spies plant rootkit in a phone exchange (ieee.org)

Submitted by
http://www.cgisecurity.com
http://www.cgisecurity.com writes: "A highly sophisticated spying operation that tapped into the mobile phones of Greece's prime minister and other top government officials has highlighted weaknesses in telecommunications systems that still use decades-old computer code. The spying case, where the calls of around 100 people using Vodafone's network were secretly tapped, remains unsolved and is still being investigated. Also complicating the case are question marks over the suicide in March 2005 of a top engineer at Vodafone Group in Greece in charge of network planning. A detailed writeup can be found at http://www.spectrum.ieee.org/jul07/5280"
It's funny. Laugh.

Submission + - Patent Granted for Fault Injection (patentstorm.us)

Submitted by
techlists
techlists writes: "A Patent on Fault Injection (#7,185,232) has been granted by our friends at the patent office. This could seriously and negatively impact software/hardware testing across the industry. According to the filing, "A method of testing a target in a network by fault injection, "The method may further include, receiving a feedback from the target to determine fault occurrence.". They've been asked to comment, but will they say anything?""
Patents

Submission + - Cenzic patents the obvious, Fault Injection!

Submitted by Super Appman Zero
Super Appman Zero writes: In the endless comedy that is the USPTO, we have another doozy of a patent, this time company Cenzic lays claim to the age-old software/hardware testing process "fault injection"! According to the filing, "A method of testing a target in a network by fault injection, "The method may further include, receiving a feedback from the target to determine fault occurrence." When will the madness of patenting things that already exist end!? Even the company's own press release calls the invention obvious, "...focused on fault injection technology, which is commonly used by most security assessment scanners." This could seriously and negatively impact software/hardware testing across the industry. They've been asked to comment, but will they say anything?
Security

Submission + - Unicode Encoding Implementation Flaw Widespread

Submitted by LordNikon
LordNikon writes: According to CERT "Full-width and half-width encoding is a technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.". Proof of concepts affecting IIS are already being posted to security mailing lists, and Cisco IPS and other IDS products are also affected.
Software

Submission + - Ways People Screw Up AJAX

Submitted by
foo
foo writes: "People are aware of the good that technologies such as AJAX have added to sites such as gmail, digg, and slashdot. The negative aspects and implementations of AJAX have mostly avoided by the media and are rarely spoken. CGISecurity has published a top 5 list of problems which can be encountered by implementing AJAX improperly."
Security

Submission + - Data Released On How Open Relay Proxies Are Abused

Submitted by
Ralph Wiggum
Ralph Wiggum writes: "The folks at the Web Application Security Consortium have published a report outlining how attackers are utilizing open web proxies in the wild. From the announcement "This first release of information is for data gathered from January — April, 2007. During this timeframe, we had 7 internationally placed honeypot sensors deployed and sending their data back to our central logging host.""
Security

Submission + - WASC Distributed Open Proxy Honeypot Releases Data

Submitted by
An anonymous reader writes: This just went out on the WebSecurity Mail-list:
The Web Application Security Consortium (WASC) is pleased to announce the inital release of data collected by the Distributed Open Proxy Honeypot Project. This first release of information is for data gathered from January — April, 2007. During this timeframe, we had 7 internationally placed honeypot sensors deployed and sending their data back to our central logging host.
What did we see? Here are some brief highlights -

— SQL Injection Attacks
— Brute Force Attacks
— OS Command Injection
— Web Defacement Attempts
— Google-Abuses (Google-Hacking and Proxying for BannerAd/Click Fraud)
— Information Leakage

We have created a PDF document here -
http://www.webappsec.org/projects/honeypots/Threat _Report_05072007.pdf. The attacks are mapped to the WASC Threat Classification categories. There are some high-level statistics shown, however they are very crude as this was not the focus of this phase of the project. We understand that the data presented is a bit raw, however we wanted to release this information so that the public may have a chance to review it and provide feedback. Our initial goal was to identify the types of current attacks that are using open proxy servers. In our future deployments, we will attempt to refine the data analysis processes to extract out trend data and high level concepts. In the near future, we will be updating both the VMware honeypot sensors themselves and will also use a newer version of the centralize logging host (ModSecurity Console).

We are also planning to release more frequent information in the form of diary entries on the project webpage as new attacks/trends are identified. While the initial deployment was a success, we still need participants who are willing to participate by deploying our VMware honeypot sensor on their network. If you are interested in participating, please checkout the project webpage -
http://www.webappsec.org/projects/honeypots/
Internet Explorer

Submission + - IE7 and FF 2.0 share vulnerability

Submitted by hcmtnbiker
hcmtnbiker writes: Internet Explorer 7 and Firefox 2.0 share a logic flaw. The issue is actually more severe, as the two versions of the Microsoft and Mozilla browsers are not the only ones affected. The vulnerability impacts Internet Explorer 5.01, Internet Explorer 6 and Internet Explorer 7, and Firefox 1.5.0.9. "In all modern browsers, form fields (used to upload user-specified files to a remote server) enjoy some added protection meant to prevent scripts from arbitrarily choosing local files to be sent, and automatically submitting the form without user knowledge. For example, ".value" parameter cannot be set or changed, and any changes to .type reset the contents of the field," said Michal Zalewski, the person that discovered the IE7 flaw. There are Proof of concepts for both IE7 and firefox

Slashdot Top Deals

Reference the NULL within NULL, it is the gateway to all wizardry.

Close