| Wednesday October 22nd 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

‘exploit’ Archives

“Choose your own job title for the Census,” they said.

“Choose your own job title for the Census,” they said.

VeriFone vs Square

VeriFone vs Square

VeriFone, a huge provider of credit card processing systems that's been around since time immemorial, has taken a huge swipe at upstart Square today, branding its free, headphone jack-based credit card readers "skimming devices" and demanding their immediate removal from the market. Crazy, right? Let me explain how easy it is to exploit the [...]

PS3 completely hacked. Security on the system is apparently the worst security ever seen.

Basically, the ps3 has a hard outer shell, but once you break through the outer layer there is absolutely nothing stopping you... (more…)

Microsoft’s DRM makes your computer vulnerable to attack

Microsoft’s DRM makes your computer vulnerable to attack

The msnetobj.dll library is an ActiveX control used by Microsoft's DRM; it is intended to prevent the owner of a computer from saving or viewing certain files except under limited circumstances, and to prevent the computer's owner from disabling it or interfering with it. As if that wasn't bad enough, it is also vulnerable to three separate [...]

How a 15-year-old kid tricked Apple with a disguised iPhone tethering app

How a 15-year-old kid tricked Apple with a disguised iPhone tethering app

Fifteen-year-old Nick Lee tricked Apple with a very simple iPhone application: Handy Light. On the surface it looked like any other $0.99 flashlight application. But, secretly, it was a lot more useful. On the surface, Handy Light just allowed you to make your iPhone's screen go blank with a color of your choice. You opened it, clicked a [...]

4chan has field day with YouTube injection flaw

4chan has field day with YouTube injection flaw

Eager YouTube fans were greeted with annoying pop-ups, disabled comments, and even porn redirects over Independence Day weekend as they tried to scope out their favorite videos. A group of malicious pranksters (believed to be from 4chan) was able to take advantage of an cross-site scripting vulnerability in YouTube's comments Sunday, breaking [...]

Commercially available ATM skimmers

Commercially available ATM skimmers

Brian Krebs continues his excellent series of posts on ATM skimmers, this time with a report on the state of the art in commercially available artisan-crafted skimmers that can be bought through the criminal underground... Generally, these custom-made devices are not cheap, and you won't find images of them plastered all over the Web. Take [...]

Facebook search hax!

Facebook search hax!

The admins at Facebook are concerned with your personal information: weekend call me sex delete sad facebook party slut new pics

iPhone SMS database hacked in 20 seconds

iPhone SMS database hacked in 20 seconds

It's a story tailor-made for the fear-mongering subset of news media. This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and, with no other input from the user, stole the phone's entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal [...]

Russian botnet tries to kill rival botnet

Russian botnet tries to kill rival botnet

This is so frustrating...how are we supposed to destroy the humans when we just keep fighting each other? ....er, they...how are they supposed to destroy the humans? An upstart Trojan horse program has decided to take on its much-larger rival by stealing data and then removing the malicious program from infected computers. Security [...]

Hacker Unleashes BlackBerry Spyware Source Code

Hacker Unleashes BlackBerry Spyware Source Code

A researcher at the ShmooCon hacker conference yesterday demonstrated how BlackBerry applications can be used to expose sensitive information without the use of exploits. Tyler Shields, senior researcher for Veracode's Research Lab, also released proof-of-concept source code for a spyware app he created and demonstrated at the hacker confab in [...]

ATM Skimmers Part II

ATM Skimmers Part II

Brian Krebs continues to scare the pants off the public with his ongoing series on sophisticated ATM skimmers (devices that capture your card number, working with a hidden camera to catch your PIN). His slideshow of next-gen skimmers has me convinced that there's no way I'd notice a skimmer on an ATM that I was using: "According to Doten, the U.S. [...]

Windows hole discovered after 17 years… Affects 3.1 through to Windows 7

Windows hole discovered after 17 years… Affects 3.1 through to Windows 7

Just to clarify, that's Windows NT 3.1, not the old 16-bit Windows 3.1. I was wondering how the hell you could have a privilege escalation bug on an OS with only one level of privilege. The problem is caused by flaws in the Virtual DOS Machine (VDM) introduced in 1993 to support 16-bit applications (real mode applications for 8086). VDM is based [...]

Windows 7 “GodMode”

Windows 7 “GodMode”

Although its name suggests perhaps even grander capabilities, Windows enthusiasts are excited over the discovery of a hidden "GodMode" feature that lets users access all of the operating system's control panels from within a single folder. To enter "GodMode," one need only create a new folder and then rename the folder to the [...]

Microsoft orders removal of blog about Bing cashback flaw

Microsoft orders removal of blog about Bing cashback flaw

Attorneys for Microsoft, on Friday, sent a letter to Samir Meghani, co-founder of price-comparison search engine Bountii.com, demanding that he remove a blog post containing information about generating fake Bing cashback payments. Bing cashback is a search marketing program that provides online shoppers with cash rebate credit for purchases [...]

Shady Microsoft Plugin Pokes “Critical” Hole In Firefox Security

Shady Microsoft Plugin Pokes “Critical” Hole In Firefox Security

Microsoft has acknowledged that they slipped the .NET Framework Assistant plugin into Firefox via Windows Update this past February, and that it has poked a "critical" hole in the browser's security (effectively bringing Firefox down to IE's level). Microsoft has deemed the hole to be a "critical" security threat, as it gives webmasters the [...]

Linux botnet discovery worry

Linux botnet discovery worry

Bad guys have created a botnet of Linux Web servers. In a way, that's even more frightening than regular botnets of compromised Windows PCs. Bloggers ask if this is the end for Linux's claim to be more secure than Windows; or is it just a load of old hokum? Your humble blogwatcher selected these bloggy morsels for your enjoyment. Not to mention [...]

Time to party like its Windows 95!

Remember the good old days of the 1990s, when you could teardrop attack any Windows user who'd annoyed you and bluescreen them? Microsoft reintroduces this popular feature in Windows 7, courtesy the rewritten TCP/IP and SMB2 stacks. IV. PROOF OF CONCEPT #!/usr/bin/python # When SMB2.0 recieve a "&" char in the "Process Id High" SMB header [...]

SQL Injection used to steal 130,000,000 credit card numbers at Heartland

SQL Injection used to steal 130,000,000 credit card numbers at Heartland

Officials say it is the biggest case of identity theft in American history. They say Albert Gonzalez, 28, and two un-named Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain. Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzalez faces up to 20 years in jail for wire fraud [...]

How To Hijack “Every iPhone In The World”

How To Hijack “Every iPhone In The World”

If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly. That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner [...]

 Page 1 of 4  1  2  3  4 »