Nenad Vijatov

Ubuntu Pentest Edition

Nenad Vijatov — Fri, 15 Jan 2010 11:41:00 +0000

netinfinity release Ubuntu Pentest Edition …
“Ubuntu pentest edition is primarily designed as a complete system (everyday usage – office, internet etc..) and can be used in pentesting purposes, which is a big advantage because you do not need to have a dual boot or use a virtual machine to run the system for pentest.”
Try it … link.

Sinergija 09

Nenad Vijatov — Sun, 11 Oct 2009 20:57:11 +0000

I will have a technical speak at Sinergija 09 about BitLocker & BitLocker to Go in Windows 7.
Title of presentation is Fighting stealers with BitLocker.

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Tue, 01 Sep 2009 06:40:32 +0000

… for July and August.
Thanks to Microsoft Security Response Center.

Security Researcher Acknowledgment

Nenad Vijatov — Thu, 16 Jul 2009 13:18:23 +0000

… for June 2009.

http://technet.microsoft.com/en-us/security/cc308589.aspx

NetFlow Analyzer 7 Cross-Site Scripting Vulnerabilities

Nenad Vijatov — Thu, 16 Jul 2009 13:14:01 +0000

I’ve discovered some XSS vulnerabilities in NetFlow Analyzer 7.

Link to Secunia SA.

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Thu, 04 Jun 2009 07:38:50 +0000

I got Acknowledgment for Security Researcher fourth time this year … Great me!

Security Researcher Acknowledgments for Microsoft Online Services

Nenad Vijatov — Mon, 06 Apr 2009 11:20:59 +0000

Third time in a row …
http://technet.microsoft.com/en-us/security/cc308589.aspx

PSCS VPOP3 Email Server Cross-Site Scripting Vulnerabilities

Nenad Vijatov — Wed, 25 Mar 2009 18:24:44 +0000

I’ve discovered new XSS vulnerabilities in PSCS VPOP3 Enterprise Email server, exactly on Web Mail interface. Vulnerability version is 2.6.0j. Vendor is informed but isn’t published fix for this vulnerabilities yet, so for solution use a proxy or IPS to filter malicious characters.

Secunia confirmed and published this vulnerability.

Pwn2Own 2009

Nenad Vijatov — Sat, 21 Mar 2009 23:11:07 +0000

This years Pwn2Own uncover 4 new never seen before critical vulnerabilities affecting the IE8, Safari and FireFox.
More about this contest you can read at DVLabs Blog.

Analysis of Conficker

Nenad Vijatov — Tue, 10 Mar 2009 12:02:45 +0000

Guys from the SRI International were made really good analysis on the currently most active Virus/Worm, Conficker, also known as Downup, Downadup and Kido.

Analysis can be found at http://mtc.sri.com/Conficker/.