January 26th, 2012 
Mourad Ben Lakhoua WordPress CMS is now open to several vulnerabilities that allow an attacker to conduct SQL injection and run a malicious javascript on visitor’s machine over a cross site scripting bug. Actually the bug exist during the installation process so in order to take control on the remote webserver there are condition required which an incomplete [...]
Posted in Vulnerabilities, Vulnerabilities & attacks 
Tags: CMS, Web Security, Website Hacking, WordPress, Zero-day 
No Comments »
January 19th, 2012 Mourad Ben Lakhoua New SQL injection exploit have been published targeting Joomla CMS, the Red Security TEAM have made the exploit available and allow to have database name or check all tables name also you can have the database users login and different user passwords. The vulnerability exists in the discussion component of Joomla (com_discussions) that exist by [...]
Posted in Vulnerabilities, Vulnerabilities & attacks Tags: CMS, com_discussions, Joomla, SQL Injection, Website Hacking No Comments » January 18th, 2012 Mourad Ben Lakhoua New security patches have been released by oracle for several products to fix 78 vlnerabilities with different systems, affected applications include Oracle Database Server, Oracle Fusion Middleware, Oracle E-Business Suite, Oracle Supply Chain Products Suite ,Oracle PeopleSoft Products, Oracle JD Edwards Products ,Oracle Sun Products Suite, Oracle Virtualization and Oracle MySQL. By looking at number [...]
Posted in Vulnerabilities, Vulnerabilities & attacks Tags: Oracle, Oracle Database Server, Oracle E-Business Suite, Oracle Fusion Middleware, Oracle JD Edwards Products, Oracle MySQL, Oracle PeopleSoft Products, Oracle Sun Products Suite, Oracle Supply Chain Products Suite, Oracle Virtualization, patches, Vulnerabilities & attacks No Comments » January 6th, 2012 Mourad Ben Lakhoua Microsoft issued an advance notification for their next patch Tuesday which include seven bulletins that affect all operating systems and Microsoft Developer Tools. Vulnerabilities Severity Rating are critical to important and most of them require restart of the operating system. The critical one allow an attacker to run a remote code execution on windows media [...]
Posted in Software Security, Vulnerabilities Tags: patch, patches, Windows & Microsoft, Windows 7 No Comments »
December 19th, 2011 Mourad Ben Lakhoua If you are using Adobe product than there is new update that are going to fix two vulnerabilities can be used by attacker to control windows based system remotely. According to Symantec this bug has been exploited since the first of December by sending malicious PDF to infect users and steal sensitive information from unpatched [...]
Posted in InfoSec, Vulnerabilities, Vulnerabilities & attacks Tags: Adobe, Backdoor, Malwares, patching, Vulnerabilities & attacks No Comments » December 13th, 2011 Mourad Ben Lakhoua Microsoft Windows Phone 7 is vulnerable to new attack where a hacker can reboot the smartphone remotely using a special SMS. Embedded devices are very attractive to hackers as they do not include standard security software and they accept remote instructions. The bug is not executed over SMS only but it is possible to run [...]
Posted in Vulnerabilities, Vulnerabilities & attacks Tags: Microsoft, SpyEye, Vulnerabilities & attacks, windows, Windows Phone 7, Zeus No Comments » October 22nd, 2011 Mourad Ben Lakhoua Adobe has released new update for the Flash Player plugin after discovering a new vulnerability makes all users open to a spyware attack. This new bug has been discovered by Feross Aboukhadijeh, Stanford University computer science student and software developer. Attacker can exploit this vulnerability by creating a web page that may contain a clicking [...]
