 |
 |
 |
November 27th, 2008 New version of XPC Spy Pro added!
|
|
|
|
 |
 |
|
|
|
December 04th, 2008 Microsoft and RSA partner on Data Loss Prevention
Worm uses familiar brands to lure people
Company data at the mercy of crooks
Norton AntiVirus Begone!
Criminals Take Control of CheckFree Web Site
Firefox Users Targeted by Rare Piece of Malware
Hacker threat: Rudd promises action
Lib Dems criticise 'shambolic' DNA database
Experts: US cybersecurity needs fresh ideas
Pentagon hacker tries one more time to avoid extradition
Virtually every Windows PC at risk, says Secunia
Sun patches at least 14 bugs in Java
Security, civil liberties experts question data mining
|
|
|
|
|
 |
|
|
|
|
|
|
|
DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
December 12th, 2007
Security Vulnerabilities for Sale to the Highest Bidder
A vulnerability that affects SAP's MaxDB hasn't garnered any bids yet on a controversial auction site for computer vulnerabilities.
If exploited, the problem would let an attacker access the entire contents of the database, according to Wabisabilabi, which is offering proof-of-concept code and details on its vulnerability auction site. Bidding starts at ¬3,000 (US$4,407).
‘The result can be scary,’ said Wabisabilabi on its blog.
Wabisabilabi, based in Switzerland, started its vulnerability auction site in July on the premise that security researchers aren't adequately compensated for their work and could sell zero-day vulnerabilities on the black market.
Wabisabilabi's site lets security researchers submit vulnerabilities for auction. Wabisabilabi said it will only sell vulnerabilities to qualified researchers who aren't going to do anything malicious. Nonetheless, the security community has questioned whether Wabisabilabi's business premise is ethical.
According to Wabisabilabi's blog, the MaxDB vulnerability is easy to exploit. It affects Linux machines running the latest version of MaxDB, 7.6.00.37, and Windows machines running version 7.6.00.37. The problem could also affect other versions of the database.
An attacker could send a specially crafted request to the listening port of the vulnerable MaxDB service. The command would be executed with the credentials of the user running the process. Then, an attacker could ‘dump the content of the whole database,’ Wabisabilabi wrote.
Wabisabilabi said it's rare to find a database running open on the Internet, but more common within corporate intranets.
Source: PCWORLD
All news for December, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
|
|
|
|
