The group of researchers found serious shortcomings in the WPA2 protocol, which provides protection for all modern Wi-Fi networks. An attacker who is in the victim's area can use these shortcomings using Key Reinstallation Attacks. Attackers can use this new attack method to read information that was previously considered to be encrypted.
UPD: the post was updated with partial details of the attack and the list of vendor updates.
Performing daily tasks of the system administrator is considered safe when working through the SSH session. This article will discuss modern tools for conducting MITM attacks on the SSH protocol and how to protect against them.
I want to share one feature when setting COOKIE values, which is often overlooked by the web developers.
According to my experience as for research of the web application vulnerabilities for 2009-2011, this error occurred in 87% of the web applications that were written in PHP.
In order to reduce this rate, I have decided to write this article.
I will not even talk about httpOnly flag, though its use is very important and necessary.
Let’s look at the example of code:
A few days ago, the earliest Half-Life 2 version was released in the network for the media. Obviously, this version has not been finished yet, as the main game’s character is not known to the whole world of players a theorist physicist, who wears glasses and a protective suit and holds in his hand a crowbar, but bearded dwarf Ivan, a space biker, who is opposing against the staff of the research center. 15 years ago, the disk contents was reserved exclusively for members of the regular publishers.
This morning I found a letter in my mail:
In fact, this letter does not have any files attached, it just has 6 links (View, Download...), and they lead to the same address: http://18.104.22.168/~ru1/account.googlemail.com/viewer/13083e7f5f2c0890&
First I got to fake Google Docs with the message "document cannot be displayed", and then I was redirected to fake Google Account, where I was asked to enter a password. I guess for my own safety :). After I entered “screw you”, I got to the third fake page of docs with a list of some components.
It is known that any system reliability is determined by its weakest link. Now we take a good look at the protection from copying of one popular toy that was released a few days ago for OS X and the way of its bypass. In addition, we just look at one of the options for implementing the protection from copying. Of course, this research was conducted in the study purposes, and you still should buy the good software and games.
Let’s run the game and see the registration form or purchase. The registration is done online by entering a serial number, or manually by entering a name and the key in accordance with the displayed identifier of a specific computer. Next, we run gdb and get program exited with code 055.
This article is not a panacea for all security lacks, and it does not reveal any new attack vectors. I just saw a serious implementation of the fake for Google mail and decided to warn all UMumble users.
Recently, I have received an interesting letter, supposedly to confirm / cancel automatic forwarding to my mailbox.
It would be true to say that everything new is well forgotten old.
A feature to embed remote resources (such as images from other websites) on the page of your website is a very bad practice that at some point may lead to quite serious consequences for the website. As far back as 10 years ago, I was surprised to read about that possibility. Now after 10 years nothing changed, and it seems that it hardly ever will change.
Many people have faced the DDoS attacks and HTTP flooding. No, this is not just another tutorial on setting up nginx, but I would like to introduce my module that works as a quick filter between the bots and backend during L7 DDoS attacks, as well it allows filtering the garbage requests.
The module can do:
• To set cookies in a standard way through HTTP header Set-Cookie. After the cookies are set it redirects the user using the response code 301 and Location header.
• After the cookies are set it redirects the user using the response code 200 and HTML tag Meta refresh.
• To count the number of attempts to set the cookies and to direct the user to a specified URL after exceeding the maximum number of unsuccessful attempts.
Hello, UMumble users!
Recently, Dr. Web’s researchers have discovered a botnet of more than 550 thousands infected Mac’s machines. Probably, you may say "it is started all over again”. Presently, more than 670 thousands the infected computers were found around the world (see map):
Once again, we will try to debunk the myth about the platform impregnability and to help some people to understand this process.