Latest Advisories

BMSA 2011-02
BMSA 2011-01
BMSA 2010-01
BMSA 2009-08
BMSA 2009-07

OWASP Vietnam
OWASP Vietnam

Published Articles

Security advisories


BMSA 2011-02: Cross site scripting in Yahoo! Pulse
BMSA 2011-01: Insecure secure cookie in web.go


BMSA 2010-01: Insecure secure cookie in Tornado


BMSA 2009-08: Multiple Vulnerabilities in PyForum
BMSA 2009-07: Backdoor in PyForum
BMSA 2009-06: Remote Code Execution in BKAV eOffice
BMSA 2009-05: Cross Site Request Forgery in Yahoo! 360plus
BMSA 2009-04: Remote DoS in Internet Explorer
BMSA 2009-03: Multiple vulnerabilities in OpenSite
BMSA 2009-02: XML injection in PyBlosxom
BMSA 2009-01: Authentication bypass in Interspire Shopping Cart


BMSA 2008-09: Two buffer overflow vulnerabilities in Rumpus
BMSA 2008-08: Insecure default FTP password in VTC iCafe
BMSA 2008-07: Format string vulnerability in 5th street
BMSA 2008-06: Multiple buffer overflows in BKAV Pro
BMSA 2008-05: SQL injection in VDC iNCM
BMSA 2008-04: Weak password protection in multiple Internet Cafe products
BMSA 2008-03: Buffer overflow in VinaGame Zing Chat
BMSA 2008-02: Directory traversal in VDC iNCM
BMSA 2008-01: SQL injection in VinaGame CSM


Solution to Online Game Hacks (in Vietnamese)
The Ethics of Vulnerability Research (in Vietnamese)
Uncovering Software Vulnerabilities (in Vietnamese)

Press releases

2009-09-01: Blue Moon Consulting warns of critical remote code execution vulnerability in BKAV eOffice (in Vietnamese)
2009-03-31: Blue Moon and Vietnam's first CSSLP (in Vietnamese)
2008-10-30: Team Blue Moon won CtF competition in HITB 2008 KL
2008-06-30: Blue Moon Consulting strengthens DongA Bank’s security team (in Vietnamese)
2008-06-03: Blue Moon Consulting warns of 2 critical buffer overflows in BKAV Pro (in Vietnamese)
2008-05-16: Blue Moon Consulting warns of possible remote attacks targetting Zing Chat (in Vietnamese)
2008-05-04: Blue Moon Consulting warns of mass attacks on Cyber Cafe outlets (in Vietnamese)
English | Tiếng Việt

Quick Contact