Hacking

Forget DNS, Intel CPU hack hastens Amish era

July 29, 2008

There has been alot of coverage of Dan Kaminsky’s DNS hack as he prepares to reveal the details next week at BlackHat USA, however, what if I told you that this wasn’t the only scary security news in our near future? Kris Kapersky is set to reveal an Intel CPU hack at “Hack In The [...]

Read the full article →

Russia attacks Lithuania

July 21, 2008

Lithuania instituted a law to remove and prohibit symbols of Communism and in response over 300 Lithuania websites were defaced by Russian hackers. Welcome to Estonia 2.0 From Blogs.ZDNet.com: According to Lithuanian media reports, the attacks shut down the Web sites of the national ethics body, the securities and exchange commission, the Lithuanian Social Democratic [...]

Read the full article →

Scary PDFs and Serious Word of Warning

June 12, 2008

F-Secure’s Research Lab recently disclosed a sample PDF with a nasty payload. Here is an excerpt of their clear and concise summary: ” When this PDF is opened in Acrobat Reader, it uses a known exploit to to drop files. Specifically, it creates two files in the TEMP folder: D50E.tmp.exe and 0521.pdf. Then it executes [...]

Read the full article →

Cisco IOS SSH DoS Vulnerability

May 22, 2008

Cisco IOS version 12.4 is vulnerable to an SSH DoS attack. A Cisco device could be rebooted continually by a crafted SSH packet. Please update your Cisco devices ASAP. Cisco Advisory

Read the full article →

Scanning the Internet with SNMP

April 9, 2008

This is a great article that reveals the results of Gnucitizen.org scanning the Internet for open SNMP (Simple Network Management Protocol) ports. First they detail why SNMP makes such a juicy target, namely the UDP port scans are fast and SNMP holds a wealth of infomation. Gnucitizen scanned 2.5 million IP’s and 5320 responded to [...]

Read the full article →

Hack a Windows PC without a password

March 21, 2008

Smh.com.au | Asher Moses | Mar 4 2008 | Hack into a Windows PC – no password needed This is priceless. The security researcher told Microsoft about this vulnerability in 2006. 2006!!! Microsoft shrugged the issue off and since they haven’t patched the problem the researcher decided to release the tool to the public. Excellent. [...]

Read the full article →

Tiger Team on TruTV

March 14, 2008

This is a great special series that TruTv ran called “Tiger Team”. Tiger Team featured a small team of professional penetration testers. They show social skills, physical security skills, and of course cracking. I like how they use real world techniques instead of Hollywoodesque flash tactics. (To install a trojan on the internal network they [...]

Read the full article →

← Previous Entries