Penetration Testing mailing list archives
[Tools update] The Security-Database Watch Newsletter -- v20090815
From: "SD List" <list () security-database com>
Date: Sun, 16 Aug 2009 17:28:12 +0200 (CEST)
Hello Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** OVAL interpreter release 5.5.25 available ** by Tools Tracker Team - 13 August 2009 Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community. Changelog : Corrected bug in processing of set objects. If a set object results in an (...) -> http://www.security-database.com/toolswatch/OVAL-interpreter-release-5-5-25.html ** Advanced Mac OS X Rootkits released ** by Tools Tracker Team - 13 August 2009 At BlackHat USA 2009, Dino Zovi presented Advanced Mac OS X Rootkits covering a number of Mach-based rootkit techniques and some tools that he has developed to demonstrate them. While the majority of Mac OS X rootkits employ known and traditional Unix-based rootkit techniques, these Mach-based techniques show what else is possible using the powerful Mach abstractions in Mac OS X. The presentation covered a number of Mach-based rootkit tools and techniques including user-mode Mach-O bundle (...) -> http://www.security-database.com/toolswatch/Advanced-Mac-OS-X-Rootkits.html ** The quite release of PCI DSS v1.2.1 ** by Tools Tracker Team - 13 August 2009 The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. The majore changes in this v1.2.1 of july 2009 For Compensating Controls Worksheet (...) -> http://www.security-database.com/toolswatch/The-quite-release-of-PCI-DSS-v1-2.html ** FireCAT credited at a Booz Allen Keynote ** by Tools Tracker Team - 11 August 2009 Michael Schearer is a security consultant for Booz Allen Hamilton in Central Maryland and an active member of many forums as well as Netstumbler, DEFCON and Remote Exploit. Michael goes by the handle of The Prez98. And it has posted many good stuffs. I've just gone thru, while crawling the web, this great keynote delivered by Michael Schearer at Booz Allen during June 2009. It is called : "Pen Testing the Web with Firefox". Here is the full (...) -> http://www.security-database.com/toolswatch/FireCAT-credited-at-a-Booz-Allen.html ** [Focus on] The TurnKey Linux Project ** by Tools Tracker Team - 10 August 2009 Turnkey Linux is an open source project that's developing a family of free, Ubuntu-based software appliances which are optimized for ease of use in server-type usage scenarios and can be deployed in just a few minutes on bare metal, a virtual machine and in the cloud. Packaging a solution as a software appliance can be incredibly useful because it allows you to leverage guru integration skills to build ready to use systems (I.e., turn key solutions) that just work out of the box with little (...) -> http://www.security-database.com/toolswatch/Focus-on-The-TurnKey-Linux-Project.html ** PVS-Studio v3.10 the code analyzer released ** by Tools Tracker Team - 9 August 2009 PVS-Studio is a project by a Russian company "Program Verification Systems" designed to help the developers in mastering modern programming techniques. PVS-Studio is a source code static analyzer for diagnosis of errors and mistakes appearing during adaptation of applications code to 64-bit and multi-core systems. PVS-Studio tool represents the development of specialized code analyzers Viva64 and VivaMP range. Combining their features and being Visual Studio 2005/2008 environment plug-in, (...) -> http://www.security-database.com/toolswatch/PVS-Studio-v3-10-the-code-analyzer.html Regards N.OUCHN CEO & Founder at Security-Database ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Conficker - your opion on how to determine the source of infection on a given network Tiflin, Conrad (ZA - Cape Town) (Aug 15)
- Re: Conficker - your opion on how to determine the source of infection on a given network Guy (Aug 15)
- Message not available
- Re: Conficker - your opion on how to determine the source of infection on a given network Fabien Vincent (Aug 15)
- Re: Conficker - your opion on how to determine the source of infection on a given network Juan Luis Susillo (Aug 16)
- Re: Conficker - your opion on how to determine the source of infection on a given network 51l3n73y3s (Aug 16)
- Message not available
- Re: Conficker - your opion on how to determine the source of infection on a given network 51l3n73y3s (Aug 17)
- Re: Conficker - your opion on how to determine the source of infection on a given network Fabien Vincent (Aug 15)
- [Suspected Spam]RE: Conficker - your opion on how to determine the source of infection on a given network Adrián Auguet (Aug 17)
- [Tools update] The Security-Database Watch Newsletter -- v20090815 SD List (Aug 16)
- RE: Conficker - your opion on how to determine the source of infection on a given network Banks, Jason (R.J.) (Aug 27)