home contact keylogger.org add keylogger.org to favorites set keylogger.org as homepage Anti-Keylogger.org
Keylogger testing and reviews

Keylogger testing policy

Press-releases

Keylogger developers

Links 		Monitoring Software Keylogger articles

Get Free Software

Keylogger chat

Keylogger forum

Sponsorship & services
Advertising
Your Ad Here
Site News
Current section

June 24, 2008

New version of All In One Keylogger added

Free monitoring and anti-keylogging Software!
World news

July 03, 2008

Information Security Management: The Basics

Industry View: Web Application Security Today - Are We All Insane?

Ignore Malware? Some Leaders Imply Yes

Chinese bloggers evade great firewall

HMRC blunder leads to further private data leak

Reports reveal poor security practices behind data losses

Thieves steal millions from Citibank customers

Trojans stop play for web gamers

Google open sources RatProxy security tool

IBM Develops Audio-masking Technology

ATO admits callers are 'chopped off'

E-security review to probe broadband network

Stolen: Google's employee records

Microsoft trumpets security additions in upcoming IE8

Mozilla patches 13 bugs in Firefox 2
Newsletter
E-mail: 
Subscribe
Send to friend
E-mail: 
Send
Voting

We are planning to redesign our site. We would like You to express your opinion in this respect. Would you like to leave the site as it is? What changes would you like to suggest?

Yes, I like the site as it is.
It's ok, but some changes are necessary.
It should be changed completely.
VotingView results
DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

May 16, 2008

After 'treasure Hunt,' Hacker Releases IE Attack Code

One week after hiding Internet Explorer attack code on his Web site, security researcher Aviv Raff has posted details on how to launch the attack.

The bug lies in the "Print Table of Links" feature, which lets IE users print out a Web page along with a list of all the links on the page tacked onto the end. Raff discovered that if an attacker added special scripting code to a Web page, he could then run unauthorized software on the PCs of IE users who printed using this feature.

The flaw affects IE 7 and IE 8, Raff said. Security vendor Secunia said that the bug also affects IE 6.

Because the hack requires that the user be tricked into following so many steps -- not only visiting a Web page, but then printing a page with this feature selected -- Secunia has rated it as a "less critical."

Raff said that the flaw could be a more serious issue if hackers were to add the code to Web pages that were frequently printed out, such as those on Wikipedia.

The bug has not been patched by Microsoft, which was notified of the issue just last week.

Raff disclosed the flaw in an unusual way, embedding it in his own Web site and then inviting other hackers to come and find it. He called this a "treasure hunt."

The Israeli hacker said that the treasure hunt idea came from a local custom of playing such games during Israel's Independence Day. The contest was won Tuesday by someone calling himself "George the Greek."

Microsoft didn't get much time to fix the vulnerability, but Raff said he didn't feel that Microsoft would address the issue quickly unless he went public with the vulnerability.

When he has followed Microsoft's responsible disclosure guidelines in the past, the company has been too slow to fix bugs, he said.

Microsoft is thinking about putting a fix for the problem in an upcoming security update, the company said in a statement. It too downplayed the risk. "Our investigation has shown an attack would require significant user interaction," the company said. " An attacker would need to convince a user to select a non-default printing option and print a malicious web page in order for an attack to be successful."

Though Raff's attack code has been posted to the Millworm Web site, Microsoft says it's not heard of any attacks that exploit this vulnerability.


Source: PC World




All news for July 03, 2008:
14:06Information Security Management: The Basics
14:06Industry View: Web Application Security Today - Are We All Insane?
14:04Ignore Malware? Some Leaders Imply Yes
14:02Chinese bloggers evade great firewall
13:01HMRC blunder leads to further private data leak
12:54Reports reveal poor security practices behind data losses
12:53Thieves steal millions from Citibank customers
12:51Trojans stop play for web gamers
12:50Google open sources RatProxy security tool
12:48IBM Develops Audio-masking Technology
12:40ATO admits callers are 'chopped off'
12:39E-security review to probe broadband network
12:37Stolen: Google's employee records
12:33Microsoft trumpets security additions in upcoming IE8
12:32Mozilla patches 13 bugs in Firefox 2

All news for July 02, 2008:
16:50Start-up nexTier debuts data-leak prevention appliance
16:49ACLU, EFF sue US gov't over mobile phone tracking
16:47UK scientists demo graphic passwords
16:46SecureWorks unmasks the Coreflood Trojan
16:45Web threats hit 12-month high
16:43Malware growth slowing, say experts
16:42World of Warcraft Trojan spreads from Asia
16:42Hackers hit Sony PS3 website
16:41SMEs failing at IT security
16:37Hacking Tools: A New Version of BackTrack Helps Ethical Hackers
16:36Hands On: 12 Quick Hacks for Firefox 3
16:35Swedish Data Inspection Protects Messy Apartment Dwellers
16:06DIAC security threatened by flood of contractors
16:02Lords questions gov't over web-data retention laws
16:00Barclays gives online users free Kaspersky software
16:00Report: Outdated browsers put 637m users at risk
15:57Trojan lurks, waiting to steal admin passwords
15:57Unstructured data at risk in most firms, survey finds
15:55Microsoft scrutinizes WSUS patch snafu
15:53Apple OS update fixes Adobe corruption bug



All news for July, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!

Advertising
Your Ad Here
| home | testing and reviews | testing policy | press_releases | developers |

| articles | contest | chat | forum | sponsorship & services | contacts | links |
Copyright © 2003-2008, Keylogger.Org Team. All Rights Reserved.
Use of any information from this website is permitted only with hypertext link to www.keylogger.org.