In association with heise online

01 March 2013, 15:14

Lost+Found: Skype, XSS, and a Java exploit examined

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Lost+Found icon Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H's radar this week. Today: Skype as a hacker's accomplice, measures to combat XSS, Keccak for C++, an analysis of a Java attack, a new security distribution, and the RSA Conference.

  • Address Space Layout Randomisation (ASLR) is a good security feature – provided people actually use it. The Skype developers haven't done so, or at least not consistently. As a result, a Skype library could potentially become a means to an end for attackers...

  • Version 5.6.2 of the Crypto++ crypto library for C++ supports Keccak – also known as SHA3.

  • The Security Obscurity blog has cast a look behind the scenes of the Java exploit that is contained in the Cool Exploit Pack.

  • The RŌNIN security distribution brings with it a variety of useful tools that should delight pen testers and forensic investigators. It is based on the Lubuntu 12.10 derivative of Ubuntu (Ubuntu with LXDE instead of Unity).


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit