Microsoft is investigating reports of an unpatched vulnerability in the Windows kernel that could be used by attackers to sidestep an important operating system security measure. One security firm dubbed the bug a potential “nightmare,” but Microsoft downplayed the threat by reminding users that hackers would need a second exploit to launch remote attacks. The [...]

read full post »

Russian security firm Intevydis has made a Windows exploit for a previously unknown security hole in Firefox 3.6 available to its customers. The exploit allows attackers to remotely gain control of a PC. Intevydis develops the commercial VulnDisco add-on for the also commercial Canvas exploit toolkit by vendor Immunity. On the Immunity forum, developer Evgeny [...]

read full post »

The Communications Assistance for Law Enforcement Act requires networks to provide interfaces that allow government to intercept data transmissions, just as they have long been able to tap telephone systems. But an IBM security researcher said criminals also could use the systems to wiretap the Internet. Tom Cross, manager of IBM Internet Security System’s X-Force [...]

read full post »

      Tool name : Metasploit Framework     Description : The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework [...]

read full post »