Wordpress blog attacks... again
The good people at Websense have a new writeup on Wordpress blog attacks that have been occurring this week. Read the blog entry here.
-Kyle Haugsness
Metasploit 3.4.0 released
Version 3.4.0 of Metasploit was released today and it appears to contain some very nice features. Included now is some functionality for brute forcing credentials for daemons requiring authentication and many other new capabilities. Full information here: http://blog.metasploit.com/2010/05/metasploit-framework-340-released.html
-Kyle Haugsness
EFF paper about browser tracking
Electronic Frontier Foundation (EFF) has published a paper on browsers being tracked by it's unique fingerprint. It turns out our browsers are more unique than we would like to think they are so it is possible for websites to track users around using the unique fingerprint. While it may not be possible to know the exact user's identity, tracking from one web location to another is definitely a possibility. User agent sting, system fonts, screen resolutions and much more of the computer attributes all contributes to the unique fingerprint of computer + browser combination. For those of you really concerned about your privacy, maybe it's time to randomize the timezone settings, fonts and screen resolution frequently (joking). Disabling Javascript and active contents help with this a little bit but you need to decide whether privacy is worth losing the ability to view the active content.
Full paper can be found at https://panopticlick.eff.org/browser-uniqueness.pdf
Comments