There’s a few valuable life lessons in the following story, so pay attention: A Pittsburgh news station recently reported on a 17-year-old boy who was disqualified from a SOCOM U.S. Navy Seals tournament after it was discovered he was cheating. In retaliation, the young man hacked into the official PlayStation site, and crashed it for [...]

Filed under: hax, lulz, news, pwned, security | No Comments »

‘Kill Zeus’ removes rival software from PCs, giving Spy Eye access to usernames, passwords.

Filed under: exploit, hax, malware, security | No Comments »

Proof-of-concept demonstrates ease at which mobile spyware can be created to pilfer text messages and email, eavesdrop, and track victim’s physical location via smartphone’s GPS.

Filed under: crackberry, exploit, hax | No Comments »

The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.

Filed under: google, hax, nsa, privacy, security | No Comments »

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be [...]

Filed under: google, hax, security | No Comments »

Botnet and malware creeps are setting up their own ISPs, with their own IP blocks, so that spamfighters don’t have anyone to complain to when they run them to ground…
“It’s gotten completely out of hand. The bad guys are going to some local registries in Europe and getting massive amounts of IP space and then [...]

Filed under: hax, malware, spam | No Comments »

We have just found out that the same defacement is appearing at at least one other site, mawjcamp.org. We are not able to see what was at this domain before, but it is now displaying the same defacement that Twitter was only a few minutes ago.
Twitter does not have the best record with security issues. [...]

Filed under: hax, myspace facebook twitter, news | No Comments »

The global crime ring that hit ATMs in 280 cities worldwide last year simultaneously for $9 million have allegedly been busted.
A federal grand jury in Atlanta has indicted eight men in connection with the scheme, including five Estonians, one Russian, one Moldovan and one unidentified man. Prosecutors allege that the men “used sophisticated hacking techniques” [...]

Filed under: encryption, hax | No Comments »

Designer Mark Campos has turned the tried-and-true “Masterlock hack” instructions into an easier-to-follow visual guide.
The instructions are pretty self-explanatory, and while there’s no secret sauce that’ll instantly crack the combination for you without a little bit of tedious trial and error, this method will crack that 64,000-possible-combinations lock in 100 tries or less.
Or you can [...]

Filed under: cool, hax, howto | No Comments »

Yesterday the official website for the Apache Software Foundation (of the Apache web server fame) was offline for several hours.
When it came back online, it briefly showed this message:

Filed under: hax | No Comments »

The Pwnie Awards are an annual event at the Black Hat security conference in Las Vegas. They award the Golden Pwnie in a variety of categories: mass 0wnage, most innovative research, most overhyped bug, most epic FAIL, and our favorite: Best Song. Embedded above is [Paco Hope]’s 50 Ways to Inject Your SQL. While a [...]

Filed under: exploit, hax, pwned | No Comments »

Attacks will continue until full-disclosure practices end, group says.

Filed under: hax, pwned, security, ugh | No Comments »

Online post offers sensitive data from wireless provider to the “highest bidder,” but security experts are skeptical the breach is severe.

Filed under: hax, security | No Comments »

A soon-to-be released ethical hacking report finds 60 percent of organizations budget for penetration testing.

Filed under: hax | No Comments »

Do you get the feeling that the information security industry has really changed the last 3-5 years? Remove the obvious: the industry is much larger, of higher public profile, and much better funded across the board. I would venture to guess, that way back when, say, in the dark ages of 1999, the primary reason [...]

Filed under: hax, personal, security | No Comments »

Wired has a great piece up on the world’s burgeoning crop of Hacker Spaces — clubhouses where members pitch in to share the rent in exchange for a role in governing a collectively managed collection of hacking kit: workbenches, tools, and components. I’ve visited hacker lofts in Vienna, San Diego, Los Angeles and elsewhere, and [...]

Filed under: .edu, hax | No Comments »

Researchers have come up with a way to create an even stealthier rootkit that survives reboots and evades antivirus software.
Anibal Sacco and Alfredo Ortega, both exploit writers for Core Security Technologies, were able to inject a rootkit into commercial BIOS firmware using their own Python-based tool that installed the rootkit via an update, or flash, [...]

Filed under: hax, malware, security | No Comments »

Security expert Ben Laurie has a scorching indictment of the “Verified by Visa” program used by British banks. This system is basically the perfect system for phishers and identity thieves, and conditions honest people to behave in foolish ways that leave them vulnerable to having their life’s saving taken off of them.
“Frame inline displays the [...]

Filed under: con, hax, privacy, security | No Comments »

The linux kernel has a facility called “usbmon” which can be used to sniff the USB bus. It’s been in there for ages, and the output is really easy to collect, even from the command line shell. Simply mount debugfs and insmod the usbmon module:
mount -t debugfs none_debugs /sys/kernel/debug
modprobe usbmon
Then you can just cat USB [...]

Filed under: cool, hax, howto, linux | No Comments »

The first round of the Pwn2Own was something of a redux of the previous one: the Mac was the first to fall (I’m actually not surprised given Apple’s culture of obscurity-over-security), with Windows 7 via IE 8 shortly thereafter. But Linux wasn’t even in the running this time. What gives?
A couple of comments posted on [...]

Filed under: hax, linux | No Comments »