Threat Level: green Handler on Duty: Adrien de Beaupre

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Wordpress blog attacks... again

Published: 2010-05-19
Last Updated: 2010-05-19 21:58:28 UTC
by Kyle Haugsness (Version: 1)
0 comment(s)

The good people at Websense have a new writeup on Wordpress blog attacks that have been occurring this week.  Read the blog entry here.

-Kyle Haugsness

Keywords: wordpress
0 comment(s)

Metasploit 3.4.0 released

Published: 2010-05-19
Last Updated: 2010-05-19 19:55:12 UTC
by Kyle Haugsness (Version: 1)
0 comment(s)

Version 3.4.0 of Metasploit was released today and it appears to contain some very nice features.  Included now is some functionality for brute forcing credentials for daemons requiring authentication and many other new capabilities.  Full information here: http://blog.metasploit.com/2010/05/metasploit-framework-340-released.html

-Kyle Haugsness

Keywords: metasploit
0 comment(s)

EFF paper about browser tracking

Published: 2010-05-19
Last Updated: 2010-05-19 02:58:02 UTC
by Jason Lam (Version: 1)
1 comment(s)

Electronic Frontier Foundation (EFF) has published a paper on browsers being tracked by it's unique fingerprint. It turns out our browsers are more unique than we would like to think they are so it is possible for websites to track users around using the unique fingerprint. While it may not be possible to know the exact user's identity, tracking from one web location to another is definitely a possibility. User agent sting, system fonts, screen resolutions and much more of the computer attributes all contributes to the unique fingerprint of computer + browser combination.  For those of you really concerned about your privacy, maybe it's time to randomize the timezone settings, fonts and screen resolution frequently (joking). Disabling Javascript and active contents help with this a little bit but you need to decide whether privacy is worth losing the ability to view the active content. 

Full paper can be found at https://panopticlick.eff.org/browser-uniqueness.pdf

 

1 comment(s)
Diary Archives