From Security Weekly WikiJump to navigationJump to search
PaulDotCom Security Weekly - Episode 234 for Thursday March 10th, 2011.
- SOURCE Boston on April 20 - 22- Paul and Larry will be there to hang out, talk security and drink beer.
Stories For Discussion
- Wireshark multiple vulnerabilities - [Larry] -
- XSS in Nagios - [Larry]
- RRouter Root - [Larry] - ELF file that bruteforces passwords on your router, then places an IRC backdoor on them. D-link routers. WANT!
- FinFisher - [Larry] - So, how do AV vendors deal with matters of State?
- Google Offers additional $20k as price on Pwn20wn [Carlos] Google is showing its support to researcher to show they do see the business value of making sure their products are secure.
- Safari and IE first to fall on Pwn20wn[Carlos] Browsers Safari and IE8 first to fall, IE was a difficult one according to Stephen Fewer the winner that exploited IE8, 6 weeks of work and chaining of 2 bugs to be able to get code execution, Safari was easier.
- JBoss Autopwn [Carlos] Nice to see more tools to test midleware and business logic centric infrastructure.