Join the God Side, Jesus is Coming…….

Archive for October, 2008

Critical Microsoft bug

Just hours after Microsoft posted details of a critical Windows bug, new attack code that exploits the flaw has surfaced. Microsoft took an unusual step of rushing out an emergency patch for the flaw this Thursday

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious web sites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings.

Full Post

Author: Michael Kassner

E-mail security advice for politicians

How much attention would you give e-mail security if you were running for office?

Read more

Traducción a Español

“Failed to refresh user policy”

Sometimes you try to apply a group policy executing the $ gpupdate and  the system display “Failed to refresh user policy. Error – The system cannot find the file specified.” I have solved this running the windows updates first.

The 10 most common Windows security vulnerabilities

We all know that Windows-based systems have plenty of potential security risks. But are your systems vulnerable? Likely so. Any given network is chock full of Windows vulnerabilities. It’s a law of nature and a side effect of doing business using networked computers. But with the thousands of Windows vulnerabilities in the wild, what do you really need to focus your efforts on? Well, let me share with you the Windows-based weaknesses I’m seeing most often in my work — things that can get you in a bind if you ignore them.  Check it out…

By: Kevin Beaver, CISSP

How to exploit two common Windows vulnerabilities

In a previous tip about the 10 most common Windows vulnerabilities, I outlined the Windows flaws I see the most in my security assessment work. Now I want to take the two particular vulnerabilities I see more than any others and show you how they’re exploited. You can then use these techniques on your Windows systems to find the holes before a malicious user does. One exploit is relatively non-technical and the other goes a little more in-depth but certainly doesn’t require “elite” hacker skills. Either way, you can execute each of them using free tools in a matter of minutes. Let’s jump right in.

By: Kevin Beaver, CISSP

Tag Cloud