:: Deepquest ::

A surge in high-profile hacker attacks this year is demonstrating the limits of an older generation of security software from Symantec Corp. and McAfee Inc., putting pressure on them to revamp their product lines.

A surge in high-profile hacker attacks this year is demonstrating the limits of an older generation of security software from Symantec Corp. (SYMC) and McAfee Inc., putting pressure on them to revamp their product lines.

Apple Security Advisory 2011-07-25-1 – A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Apple Security Advisory 2011-07-25-2 – The iOS 4.2.10 software update addresses a certificate chain validation issue. The issue existed in the handling of X.509 certificates where an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible

Multiple vendors libc/fnmatch(3) suffer from a denial of service vulnerability. Affected software includes Apache 2.2.17, NetBSD 5.1, OpenBSD 4.8, FreeBSD, Mac OS X 10.6, and Sun Solaris 10. Apache proof of concept is included.

DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server). Can be used only in a laboratory environment to test the capacity of the target server to handle application specific DDOS attacks.

Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students. The main idea behind DVL was to build […]

Vanish is a research system designed to give users control over the lifetime of personal data stored on the web or in the cloud. Specifically, all copies of Vanish encrypted data — even archived or cached copies — will becomepermanently unreadable at a specific time, without any action on the part of the user or any third party or centralized service.

Another milestone in the development of  Nmap the most famous port scanner Fyodor. The change log is massive and impressive, with more than 600 major improvements. It also includes a native graphic interface and other already known modules such as netcat and more.