The same technology that allows Web surfers to locate and connect to computers on the Internet can be used to create covert communications channels, bypass security measures and store distributed content, a security researcher said Saturday.
L33tdawg: I've been playing with Foundstone's SiteDigger which incidentally requires a license key from Google in order to operate. It's quite cool, although it doesn't come with a nifty interface for which to write your own signature files. You do have a basic XML template which is pretty easy to modify by hand. If you're an aspiring Google hacker, perhaps you should check it out.
Google, the world's most popular search engine, is one of the handiest tools for hackers, according to one security expert.
Microsoft has issued an update for Internet Explorer. This fixes three vulnerabilities, allowing malicious websites to cause a DoS (Denial of Service) or compromise a user's system.
1) An error can be exploited to bypass the zone restrictions in Internet Explorer.
2) An integer signedness error within the handling of BMP images can be exploited to execute arbitrary code. This vulnerability has already been fixed in prior service packs for Internet Explorer.
Viruses that target handhelds can be even more dangerous than their cousins that attack PCs, spawning self-replicating programs that hide easily, a security researcher told an audience of security professionals at the Black Hat Briefings conference here this week.
Smart-tag technology using radio frequency ID is being developed without security in mind, raising concerns about consumer privacy and risks to security of the organizations using the tags.
Some of these risks were demonstrated today at the Black Hat Briefings security conference using a new hacker tool that lets users read and write to the tags.