September 25th, 2011 
Mourad Ben Lakhoua Over several years compromising web application is the first target for hackers, after attacking any website hacker under a certain name promotes the attack by adding it to www.zone-h.org.Zone-H.org is a website archive of versions of defaced websites.The sources of the hacked website URLs submit their information anonymously, and often include an image of the hacked site. Sometimes [...]
August 27th, 2011 Mourad Ben Lakhoua Malysian CERT announced a new free service DNSwatch that will check every website address your computer is trying to access. Basically the checks are performed while you’re browsing the internet, clicking a link in an email, or running a program “under the hood” trying to communicate with servers for information or updates. DNSwatch will help [...]
Posted in Web Security 
Tags: cybersecurity, CyberSecurity Malaysia, DNSwatch, MyCERT, Web Security 
1 Comment » June 27th, 2011 Mourad Ben Lakhoua New technologies and upgrades are constantly being introduced to the Internet. As a result, the number of security threats has grown at an astonishing rate – which is why web filtering software has become such a necessity for businesses worldwide. Web filtering software adds another layer of protection to your corporate network against web security [...]
June 1st, 2011 Mourad Ben Lakhoua Web Application Attack and Audit Framework (w3af) released a new stable version, the project aims to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. In this latest release we find some important improvements include: Stable code base, an improvement that will reduce your w3af crashes to [...]
May 19th, 2011 Mourad Ben Lakhoua Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and pre-production environments for line of [...]
Posted in Best Practices, Web Security Tags: Microsoft, WACA 2.0, Web Security, Websecurity, Webserver 24 Comments » April 28th, 2011 Mourad Ben Lakhoua A computer hacker from Georgia has pleaded guilty to fraud and identity theft after authorities found him with more than 675,000 stolen credit card accounts on his home computers, Credit card companies have traced more than $36 million in fraudulent transactions to the accounts that were breached by Rogelio Hackett. How he did it? Hacker [...]
Posted in hacking, Vulnerabilities, Vulnerabilities & attacks Tags: Ethical Hacking, hacking, Havij, OWASP, SQL Injection, Web Security 37 Comments » January 9th, 2011 Mourad Ben Lakhoua Sometime you open a webpage or an infected file and the antivirus still silent, without alerting about any suspicious activity on your machine, this is maybe due to not having the latest AV signature or that the malware are encrypted to make the AV not recognize it or that the file is clean and do [...]
Posted in Anti-Viruses, Browser Tags: Antiviruses, Malicious Web Site, Security, Software Security, VirusTotal, Web Security 13 Comments »
