2009-11-17: Metasploit 3.3 Released!

Metasploit 3.3 Released!

情报有点旧了       ><"
大家都晓得这款软体相当知名
but 小弟是本身没使用过
但据说用过的都说好
希望能一直free下去~

欲下载、收看请前往  官方网站

南京銥迅發現微軟IE7.0 異常CSS導致內存破壞漏洞

原文如下：

                      發表時間：2009-11-20 12:39:26
1．漏洞介紹
在XHTML 1.0標準下，使用特殊構造的CSS樣式，在Internet Explorer 7.0 打開特定的網頁後，Internet Explorer 7.0將發生內存崩潰，EIP指針將訪問0x70613e5b附近的內存區域。如果將0x70613e5b附近覆蓋特殊的機器碼，就可以執行任意命令。

2．漏洞危害(危害等級高)
黑客如果將含有「漏洞利用程序的網頁」置於網站上，瀏覽過含有「漏洞利用程序的網頁」的客戶端將被運行特洛伊木馬。

3．通知途徑
已經向「國家漏洞庫」提交。

註: 本文轉載自網路 非原創

轉載自 銥迅訊息 原文

[IN]SECURE ISSUE 23 (November 2009)

知名安全雜誌( [IN] SECURE )新的一期已經發佈了

有興趣的讀者趕緊下載吧~

內容：

• Microsoft's security patches year in review: A malware researcher's perspective
• A closer look at Red Condor Hosted Service
• Report: RSA Conference Europe 2009, London
• The U.S. Department of Homeland Security has a vision for stronger information security
• Q&A: Didier Stevens on malicious PDFs
• Protecting browsers, endpoints and enterprises against new Web-based attacks
• Mobile spam: An old challenge in a new guise
• Report: BruCON security conference, Brussels
• Study uncovers alarming password usage behavior
• Elevating email to an enterprise-class database application solution
• AND MORE!

官網下載:  點擊下載  假使官網速度過慢 可嘗試本站下載

 本站下載:  part1  part2

milw0rm 站長復活...?!

如標題

原文

我被耍了嗎...

milw0rm 的站長去世了

Many of us have wondered where str0ke has been and why milw0rm has not been updated in a good while. I recently was informed that str0ke has been hospitalized due to a strange condition with his heart, which he has had since he was a child.

Sadly....

I've just received information that str0ke @ milw0rm has passed away due to cardiac arrest early this morning at 9:23 AM. We @ blacksecurity are deeply saddened by the loss of a good hearted friend.

We wish nothing but blessing to his wife and 4 children.

RIP str0ke 1974-04-29 - 2009-11-03 09:23

:o(

原文

R.I.P. ><"