July 14th, 2010 
Mourad Ben Lakhoua Hackers have created a new version of the Zeus crimeware toolkit that’s designed to swipe bank login details of Spanish, German, UK and US banks. The malware payload, described by CA as Zeus version 3, is far more selective in the banks it targets. Previous versions targeted financial institutions around the world while the latest [...]
July 12th, 2010 Mourad Ben Lakhoua IBM Lotus Domino Server is a solution for the corporate environment that provides different services to manage electronic documents, and it includes many models such as Mail server, Http server and Data base. The current version is Lotus Domino 8.5.1. To detect the server we start by scanning the network, usually the server runs a [...]
Posted in Password Security, Pentesting, Vulnerabilities 
Tags: Ethical Hacking, Google Hacking, Lotus Domino, Security 
18 Comments » July 11th, 2010 Mourad Ben Lakhoua Security researchers at Websense have discovered a new Trojan that are using a windows system to disable and delete antivirus software and compromising victim machine. The Malicious program installs itself as the Windows input method editor (IME) and then stop all AV processes and delete the executable files and mask itself in the system as [...]
July 11th, 2010 Mourad Ben Lakhoua By the end of this month in Las Vegas there will be the interesting meeting Black Hat USA 2010, where will be presented new vulnerabilities, tools and programs. BlackHat is the most important and biggest hacking event on the planet, it attracts thousands of experts around the world. This year BlackHat celebrates the 13 Years [...]
July 5th, 2010 Mourad Ben Lakhoua System monitoring is the most important method for detecting all kinds of Trojans, viruses and any malicious activities on the system. Maintaining control over file integrity can be acheived by installing a tripewire which has the ability to detect changes on each system on which it is installed, checks the integrity of normal binaries and [...]
Posted in Best Practices, Open-Source, Operating System, Safety rules, Software Security Tags: Best Practices, Computer Safety, Linux, Security, UNIX 11 Comments » July 4th, 2010 Mourad Ben Lakhoua XSS vulnerability in YouTube comments processing allows an attacker to execute arbitrary scripts in the security context. Go on youtube. Choose any video. Add the following script: [php]<script>IF_HTML_FUNCTION?<h1><marquee><font color="red"><u>add your comment here<script>[/php] Update (1): It is better to stay away from YouTube until they fix the vulnerability or at least logging out of YouTube if [...]
Posted in News, Vulnerabilities, Vulnerabilities & attacks, Web Security Tags: XSS, XSS Vulnerability, YouTube 10 Comments »
