THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

continue reading.....

CNet Crave: TomTom admits to sending your routes and speed information to the police

continue reading.....

Ever heard of Dropship? It’s an open-source project that “enables arbitrary, anonymous transfers of files between Dropbox accounts.” Dropbox hopes you haven’t; they tried to squelch it this week, and even accidentally reported that it was subject to a DMCA takedown notice, with predictably futile results. I’m mostly sympathetic: I’m a huge fan of their service, Dropship was a clear violation of their terms, and for obvious reasons they don’t want to turn into an anonymous peer-to-peer file-sharing service. Unfortunately, they accidentally built a system which enabled just that.

How about Sony’s PlayStation Network? Of course you have. It was so thoroughly hacked this week that Sony had to shut it down indefinitely. Did you also know that Sony’s PS3 firmware is effectively wide open, because they made a hilariously stupid security mistake? Did you know that that’s probably how PSN got hacked, and that it raised the spectre of the hacker(s) taking over every connected PlayStation 3 in the world and turning them into by far the biggest botnet in history? That probably wasn’t what Sony had in mind, but they accidentally built a system which enabled just that.

continue reading.....

Oracle has released Java SE 6 Update 25 (6u25); this update contains no security updates to the Java runtime, but does include wider platform support with Windows 7 and SP1, Windows 2008 R2 with SP1, Oracle Linux 6 and Oracle Solaris 11 Express 2010.11…

continue reading.....

The KDE Edu Team is proud to present its new website at http://edu.kde.org as the central place to start to discover KDE Edu. With this new website, we are also officially presenting the new KDE Edu logo as the stamp for KDE in Education. The logo emph…

continue reading.....

The Gillmor Gang — Kevin Marks, Danny Sullivan, JP Rangaswami, John Taschek, and Steve Gillmor — christened the new Gang studio with a surprise welcome to Kevin Marks. It turns out he’s joining salesforce.com on Monday, following JP (six months), JT (7 years), and me, who is celebrating my one year anniversary. Kevin has been a forceful champion of open standards at Apple, Technorati, Google, BT (Ribbit), the Gillmor Gang, and now salesforce.com. Before, and once the festivities were out of the way, we got back to Gang business, namely the continued aftermath of the phone location recording crisis.

With free lunch debunked, we tackled the Amazon outage and its impact on the Cloud. You can decide for yourselves, but the consensus is that such challenges will be remembered fondly as a validation of the moment, as with the Gmail outage of several years ago, when the Cloud passed from inflection point to basic services. The velocity of business in the iPad age, where CEOs can see deeply into their companies in realtime, demands a level of interactive services and an iterative feedback loop not possible with the previous generation of software. And that lead to a debate about iPhone video calls and what Danny is looking for in a flying car.

continue reading.....

continue reading.....

Debian Linux Security Advisory 2227-1 – Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

continue reading.....

Mandriva Linux Security Advisory 2011-079 – Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some case…

continue reading.....

Ubuntu Security Notice 1121-1 – Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. It was dis…

continue reading.....

Ubuntu Security Notice 1123-1 – A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser securit…

continue reading.....

This Metasploit module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 (Multi-target exploit). When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting …

continue reading.....

This Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 When opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, a…

continue reading.....

Ubuntu Security Notice 1112-1 – Multiple vulnerabilities have been identified and fixed in Firefox. It was discovered that there was a vulnerability in the memory handling of certain types of content. It was discovered that Firefox incorrectly handled …

continue reading.....

Custom EBike with a 200+ km range [Doctorbass] constructed an awesome electrical bike back in 2008 from a Mongoose bicycle. The bike boasts a top speed of 76km/h and a total range of 210 km on a single charge. Some car company needs to hire this guy STAT. [via Make] Build to order Xbox 360 [...]

continue reading.....

Along with Ubuntu 11.04, Xubuntu, Kubuntu and Lubuntu were also release. In this post I’ll try to cover the changes in Xubuntu 11.04 – a very interesting Ubuntu flavor based on Xfce. The latest Xubuntu 11.04 comes with a complete makeover: a new defaul…

continue reading.....

The talent wars that were common back in the late 90′s appear to have returned whether it’s using LOLCats or cheeseburgers to recruit talent. While I love the creativity, when it comes down to making a decision to join a new company, the lumbering tech giants (Google, Microsoft, Amazon, Zynga, Facebook) which startups compete against for talent have one giant ace up their sleeve — great healthcare benefits.

When I left Microsoft 8 years ago, my wife expressed only one concern — losing health benefits. At the time, I told her that it’s just a matter of paying those costs directly. The reality has been that it’s been a significant hassle and cost that we’d rather not deal with.  The excitement of working with startups has outweighed that hassle, but even to this day it remains a burr in the saddle. Periodically, I will get an offer to join some company and her first question is “how are their health benefits?” Startups have repeatedly shown an ability to outmaneuver the behemoths we compete with but this is one area where the behemoths still have an edge.  It’s time to turn the tables with what I call Do-it-Yourself (DIY) Healthcare Reform.

continue reading.....

Ubuntu Software Center in 11.04 has got a really nice ratings and reviews system in place that allows us to review our favorite applications and install top rated applications in one click. So here is a list of 17 highly rated applications not installe…

continue reading.....

The big issues in the world of Linux right now are the Gnome3 desktop interface and Ubuntu’s pending Natty release which will use the Unity desktop interface by default. The tried and tested Gnome2 desktop is finally making way for a new generation of …

continue reading.....

[Windell] over at Evil Mad Scientist Laboratories has reached out in order to help them identify a mystery piece of electronics equipment they came across a few years ago. Discovered at an electronics surplus store, the mystery component looks like a cross between an over-sized chess board and a breadboard. Failing to identify it they [...]

continue reading.....

Right after the announcement for Ubuntu 11.04 (Natty Narwhal), Andrew Zajac proudly announced the immediate availability for download of the Ubuntu Rescue Remix 11.04 operating system.

continue reading.....

ISPConfig Monitor App For Android

The ISPConfig Monitor App is for all servers, not only for servers
running ISPConfig. With the ISPConfig Monitor App, you can check your
server status and find out if all services are running as expected. You
can c…

continue reading.....

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

continue reading.....

Secunia Security Advisory – Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user’s system.

continue reading.....

Secunia Security Advisory – James Burton has discovered a vulnerability in Up.Time Monitoring Station, which can be exploited by malicious people to bypass certain security restrictions.

continue reading.....

Secunia Security Advisory – SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious users to cause a…

continue reading.....

Secunia Security Advisory – Multiple vulnerabilities have been reported in Mozilla Firefox and Mozilla SeaMonkey, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information an…

continue reading.....

Secunia Security Advisory – Multiple vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose sensitive information and compromise a user’s system.

continue reading.....

Secunia Security Advisory – Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user’s system.

continue reading.....

Secunia Security Advisory – Insomnia Security has reported a vulnerability in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to compromise a vulnerable system.

continue reading.....