Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them. The scale of this inciden…
.::anti-abuse.com::.
Security Revealed
General Hacking's archive
US Subway Stores POS Hacked For $3Million Dollars
Posted in December 28th, 2011
by admin in Cezar Iulian Butu, credit card hack, Exploits/Vulnerabilities, General Hacking, hack, hacking credit cards, Legal Issues, rss, stealing credit card details, subway, subway credit card fraud, subway hack, subway hacked, subway security
Comments Off
Security By Obscurity Not So Bad After All?
Posted in October 5th, 2011
by admin in Countermeasures, Dusko Pavlovic, General Hacking, information security concepts, information security practise, infosec concept, kerckhoffs principle, pavlovic, rss, security by obscurity, security defence, security-through-obscurity
I’m sure you’ve been taught, as have I – that security through or by obscurity is bad (changing port numbers, removing service banners and so on). I’ve personally always used it, as an additional line of defence on my systems. A…
Comments Off
MagicTree v1.0 Released – Productivity Tool For Penetration Testers
Posted in October 4th, 2011
by admin in data consolidation, external command execution, General Hacking, magictree, pen test report generation, pen test reports, pen-test, pen-testing, penetration tester productivity tool, penetration testing productivity tool, penetration testing report generation, penetration-testing, querying, report generation, rss, Security Software
We wrote about MagicTree back in January of this year when it was first launched – MagicTree – Penetration Tester Productivity Tool . It’s come quite a long way and the authors are happy to announce that MagicTree version 1.0 has been rel…
Comments Off
Coliseum Lab By eLearnSecurity – Web Application Security Lab
Posted in September 16th, 2011
by admin in coliseum lab, elearn, elearn security, elearnsecurity, General Hacking, online pen test lab, pen testing lab, penetration testing training, rss, web application security lab, web hacking lab
Coliseum Labs is a revolutionary new product by eLearnSecurity, it’s a 100% practical training device for people wanting to learn more about penetration testing. Basically Coliseum is a framework which allows students to learn web application sec…
Comments Off
Facebook To Start Paying Bug Bounties
Posted in July 29th, 2011
by admin in bug bounty, Exploits/Vulnerabilities, Facebook, facebook bounty, facebook bug bounty, facebook exploit, facebook pays hackers, facebook security, facebook vulnerability, General Hacking, hacking-facebook, hacking-for-money, rss
We’ve covered various stories about companies offering hackers and security researchers bounties for giving them working exploits for their software/website etc. Early runners in the game were – Google Willing To Pay Bounty For Chrome Brows…
Comments Off
Last Chance To Get 10% Off Penetration Testing – Student Course
Posted in June 27th, 2011
by admin in elearn, elearnsecurity, General Hacking, learn penetration testing, learn to hack, learn to pen test, learning to hack, online security course, penetration testing student course, rss, starting penetration testing
A couple of weeks back we posted about the new course suited to beginners by eLearnSecurity – we also offered an exclusive 10% Discount for Darknet readers – Penetration Testing – Student Course/Training by eLearnSecurity (Get 10% Off Unt…
Comments Off
IMF (International Monetary Fund) Suffer Major Breach In Sophisticated Cyberattack
Posted in June 13th, 2011
by admin in bank hack, Exploits/Vulnerabilities, General Hacking, hacking banks, hacking imf, imf, imf breach, imf hack, imf hacked, imf security breach, international monentary fund, Legal Issues, rss, world bank
Oh dear, another big organization has fallen foul to the whole RSA SecurID hack – it seems that way anyway. In combination with a Spear Phishing attack (similar to the one carried out on high level US officials via Gmail recently) hackers have bu…
Comments Off
Penetration Testing – Student Course/Training by eLearnSecurity (Get 10% Off Until June 30th!)
Posted in June 9th, 2011
by admin in basic pen testing course, elearn, elearn security, elearnsecurity, General Hacking, learn hacking, learn pen testing, learn penetration testing, penetration testing student, rss
Introduction You may remember a while back we reviewed the Penetration Testing – Pro course by eLearnSecurity here – eLearnSecurity – Online Penetration Testing Training and we posted about the course update here – Penetration Testi…
Comments Off
VUPEN Whitehats Claim To Have Broken Chrome Sandbox
Posted in May 10th, 2011
by admin in chrome security, Exploits/Vulnerabilities, General Hacking, google, google chrome security, google-chrome, hacking chrome, hacking google chrome, rss, vupen, vupen security
The big news recently is that someone has finally managed to pop the formidable Chrome browser, as we know from following Pwn2Own – it’s been safe for 3 years in a row. It has a sandbox, ASLR and DEP and that’s a pretty heavy combinat…
Comments Off
Adobe Patches Latest Flash Zero Day Vulnerability
Posted in April 18th, 2011
by admin in Adobe, adobe flash, adobe flash player, adobe flash security, adobe security, browser-security, Exploits/Vulnerabilities, flash, flash 0day, flash exploit, flash player 0day, flash player exploit, flash player zero day, flash vulnerability, flash zero day, General Hacking, hacking-flash, rss
There’s been a lot of news about this Adobe Flash Player vulnerability as apparently it has been exploited in the wild and Adobe were willing to push out an out-of-band patch for it – which means in their eyes it is really serious. They don…
Comments Off
TJX Hacker Albert Gonzalez Claims Government Made Him Do It
Posted in April 11th, 2011
by admin in albert gonzalez, General Hacking, hacker community, hacking community, Legal Issues, rss, segvec, tjx, tjx hack, tjx hacker, underground, underground hacker community
The latest news from the tinfoil hat wearing conspiracy camp is that Albert Gonzalez the TJX hacker who was convicted in 2009 was authorized to hack by the US Government. Back in 2009 we posted about that too – TJX Hacker Albert “Segvec” Gonz…
Comments Off
Apple Adds greenpois0n Jailbreak Detection to iBooks Software
Posted in February 16th, 2011
by admin in Apple, apple ibooks, apple ios, Exploits/Vulnerabilities, General Hacking, greenpois0n, ibooks, ios, ios 4.2.1 jailbreak, ios ibooks, iphone 4 jailbreak, jail break, jailbreak, jailbreak detection, rss, untethered jailbreak
Apple has pulled out some new tricks in it’s war against the unstoppable jailbreak machine, this time leveraging on the iBooks application. It’s quite a neat implementation, it appears the new iOS update with iBooks dropped an un-signed app…
Comments Off
Penetration Testing Course Pro 1.1 – New Version & New Module
Posted in February 9th, 2011
by admin in ceh, cisco ccie, eCPPT, elearnsecurity, GCIA, General Hacking, giac, GSEC, learn hacking, learn penetration testing, learn social engineering, learn to hack, network-security, online penetration testing course, online penetration testing training, online security course, online security training, pen-test, pen-testing, penetration testing course, penetration testing lab, penetration testing training, penetration-testing, rss, sans gcia, sans giac, sans gsec, Social Engineering, social engineering toolkit, system-security, vulnerability-assessment, web-application-security, what ceh should have been
Penetration Testing Course Pro 1.1 release aims at addressing all of the suggestions collected in the first 6 months of activity and adds 1 new module and 50 minutes of video training on Social Engineering Toolkit. As reviewed by us before (eLearnSecur…
Comments Off
MagicTree – Penetration Tester Productivity Tool
Posted in January 12th, 2011
by admin in data consolidation, external command execution, General Hacking, pen test report generation, pen test reports, pen-test, pen-testing, penetration tester productivity tool, penetration testing productivity tool, penetration testing report generation, penetration-testing, querying, report generation, rss, Security Software
MagicTree is a penetration tester productivity tool, it allows easy and straightforward data consolidation, querying, external command execution, and report generation. In case you wonder, “Tree” is because its stores all the data in a tree, and …
Comments Off
Cloud Computing Use By Criminals Increasing
Posted in December 2nd, 2010
by admin in afp, australa, cloud computing, cloud computing security, cloud security, criminal cloud, criminals use cloud computing, General Hacking, hiding data in the cloud, rss, Web Hacking
Over the last couple of years Cloud Computing has started gaining some real leverage, it’s being deployed on a wide scale, it’s becoming more affordable and the platforms supplying such services are becoming more stable. Of course the natur…
Comments Off
TA-Mapper v1.1 – Time and Attack Mapper – Effort Estimator For Pen-Testing
Posted in September 27th, 2010
by admin in application penetration testing, application pentest, black security assessment, blackbox, effor estimator, General Hacking, penetration testing effort estimator, penetration testing planning, penetration-testing, rss, Security Software, ta-map, ta-mapper, time and attack mapper
We wrote about this tool back in January 2009 when it was first released, recently v1.1 has become available for download. Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for blackbox security assessment (or Penetr…
Comments Off
Adobe Scrambling To Fix Another Serious PDF Flaw
Posted in August 9th, 2010
by admin in adobe pdf 0-day, adobe pdf exploit, adobe pdf security, adobe pdf zero day, application-security, charlie miller, CoolType.dll, Exploits/Vulnerabilities, foxit, foxit pdf reader, General Hacking, hacking pdf, integer overflow, pdf, pdf exploit, pdf hacking, pdf integer overflow, pdf security, pdf vulnerability, rss
It was only the start of July when we talked about Adobe Patching PDF Vulnerabilities Being Exploited In The Wild and once again they are suffering a serious vulnerability which allows code execution from a malicious PDF document. This time the vulnera…
Comments Off
Adobe Patches PDF Vulnerabilities Being Exploited In The Wild
Posted in July 2nd, 2010
by admin in adobe acrobat, adobe pdf, adobe pdf exploit, adobe pdf security, adobe pdf vulnerability, adobe reader, Exploits/Vulnerabilities, General Hacking, google, hacking adobe pdf, hacking pdf, pdf, pdf exploit, pdf hacking, pdf security, pdf vulnerability, rss, tavis ormany
At least! Adobe has sorted itself out and released patches for 17 critical vulnerabilities in their Reader and Acrobat applications. We reported back in January about Active Exploitation Of Unpatched PDF Vulnerabilities. The latest slew of vulnerabilit…
Comments Off
eLearnSecurity – Online Penetration Testing Training
Posted in May 27th, 2010
by admin in armando romeo, brett d arion, ceh, cisco ccie, dev-cpp, eCPPT, elearnsecurity, forging security professionals, GCIA, General Hacking, giac, GSEC, learn hacking, learn penetration testing, learn to hack, network-security, nitin kumar, online penetration testing course, online penetration testing training, online security course, online security training, pen-test, pen-testing, penetration testing course, penetration testing lab, penetration testing training, penetration-testing, rss, sans gcia, sans giac, sans gsec, system-security, vipin kumar, vulnerability-assessment, web-application-security, what ceh should have been
Introduction
If you are in the information security industry, or plan to be you’ve probably been looking at the various infosec certifications available. Back when I started there really wasn’t anything available, there were no infosec degr…
Comments Off
New Malware Variants More Malicious Than ILOVEYOU Bug
Posted in May 3rd, 2010
by admin in botnets, bots, cutwail, General Hacking, ilove you virus, iloveyou, love bug, loveletter, malicious botnets, malicious malware, malicious viruses, Malware, messagelabs, messagelabs intelligence report, rss, rustock, symantec
So no big surprise here, malware is getting more malicious! It’s good to know though and it’s good that companies out there like Messagelabs, under the watchful eye of Symantec, are trying to measure what is going on in malware land.
The ma…
Comments Off
Hackers Penetrate Apache.org In Direct Targeted Attack
Posted in April 14th, 2010
by admin in apache-security, apache.org, apache.org bug tracker, apache.org hacked, apache.org passwords, apache.org security, atlassian, Exploits/Vulnerabilities, General Hacking, jira, privacy, rss, Web Hacking, web-application-security, web-security
This is not the first time Apache.org has been hacked, it was comprised back in September 2009 using SSH keys.
This time another targeted attack against the site was successful and allowed the attackers to capture the passwords of users logging into th…
Comments Off
US Investigators Pinpoint Author Of Google Attack Code
Posted in February 23rd, 2010
by admin in aurora, aurora attack, chinese government, Exploits/Vulnerabilities, General Hacking, google attack code, google aurora, google aurora attacks, hacking, ie6, ie6 exploit, lanxiang vocational school, rss, shanghai jiaotong university
The big news over the past few months were the Aurora attacks and how they seemed to originate from China, last month Microsoft took the unusual step and released an Out-Of-Band patch for the IE6 0-Day vulnerability used in the attacks.
Within the last…
Comments Off
Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability
Posted in January 21st, 2010
by admin in crc-16, data execution prevention, dep, exploit, General Hacking, hacking-IE, ie 0day, IE-exploit, IE-security, IE-vulnerability, internet explorer security, internet explorer vulnerability, internet explorere 0day, internet-explorer-exploit, microsoft, microsoft patch tuesday, microsoft security, oob patch, out of band patch, rss, vulnerability
Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE.
The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution…
Comments Off
Home Secretary says McKinnon must face US trial
Posted in November 30th, 2009
by admin in alan johnson, appeal, aspergers, ass burgers, european court of human rights, extradition, gary mckinnon appeal, gary-mckinnon, General Hacking, hacker, human right, Legal Issues, mckinnon, nasa-hacker, rss, uk hacker
Since the last update almost a year ago when Gary won the right to appeal against extradition, the latest news in the Gary Mckinnon saga is that his extradition to the US for trial will be going ahead.
Even with his apparent medical condition of Ass Bu…
Comments Off
Metasploit 3.3 Released! Exploitation Framework
Posted in November 24th, 2009
by admin in exploit-framework, General Hacking, hacking, Hacking Tools, hacking-software, Linux Hacking, metasploit, metasploit-exploit-framework, rss, ruby, security-tools, vulnerabilities
What is Metasploit?
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, …
Comments Off
UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool
Posted in November 4th, 2009
by admin in ettercap, General Hacking, hacking ip video, Hacking Tools, hacking voip, ip video security, ip video sniffer, ip video sniffing, ip video sniffing tool, Network Hacking, privacy, rss, sniffing tool, sniffing voip, ucsniff, videosnarf, voip sniffer, voip-security
UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and…
Comments Off
Using Cloud Computing To Crack Passwords – Amazon’s EC2
Posted in November 3rd, 2009
by admin in amazon ec2, Amazon Elastic Compute Cloud, Black Hat, black hat conference, brute force, brute-forcing, cloud computing, david campbell, ec2, General Hacking, haroon meer, Password Cracking, password-hacking, password-security, rss, sensepost
Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down.
And guess what, someon…
Comments Off
UK Government To Launch ‘Hack Idol’
Posted in October 13th, 2009
by admin in cyberdefenders, General Hacking, hack idol, hacking, hacking idol, hacking talent, hacking talent contest, hacking-news, mentoring, rss, sans, uk hacking contest
Now this should be interesting, perhaps they should turn it into a hacking based reality TV show? From the description though it looks more centered around defense than offense and perhaps should be called ‘System Administrator Idol’.
Not q…
Comments Off
Flawfinder – Source Code Auditing Tool
Posted in September 16th, 2009
by admin in code auditing tool, code-auditing, flaw finder, flawfinder, General Hacking, rss, source code auditing, source code auditing tool, static analysis, static analysis tool
Flawfinder is a program that examines source code and reports possible security weaknesses (flaws) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely releas…
Comments Off
TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury
Posted in August 25th, 2009
by admin in albert gonzalez, credit card hacker, credit-card-fraud, data-security, data-theft, General Hacking, hacking tjx, Legal Issues, privacy, rss, russian-hackers, segvec, stealing credit cards, tjx, tjx hack, tjx hacker
We’ve been following the whole TJX saga for quite some time now since way back in September 2007 when the hack became public as the Largest Breach of Customer Data in U.S. History and in August 2008 when the TJX Credit Card Hackers Got Busted.
Th…
Comments Off
Advertisments
Popular Tags
Recent Entries
- 6 Reasons Why Windows 8 Tablets Are Not A Threat To Android
- Adventures in Self-Publishing, Ch. 9: How to Price your Book – and Does it Matter?
- U.S. Government, Military To Get Secure Android Phones
- Anonymous Continues Attacks On Brazilian Financial Sites
- FBI Probes Anonymous Intercept Of US-UK Hacking Call
- DNS Service Oriented DoS / DDoS Attacks
- Analysis Of A MIDI Remote Code Execution Vulnerability
- Infocon: green
- How to create facebook application using PHP and graph api
- Wine 1.4-rc2 released
Recent Comments
- Keine Kommentare vorhanden.
Social Network
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jan | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||
Subscribes
Meta
Archives
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- August 2005
- July 2005
- June 2005
- May 2005
- January 2005
- November 2004
- October 2004
- September 2004
- October 2002
- December 2001
- January 1970
- December 1969
Also
rss
- SANS Internet Storm Center, InfoCON: green
- SANS Internet Storm Center, InfoCON: green
- (IN)SECURE Magazine Notifications RSS
- 0DayCar
- A Day in the Life of an Information Security Investigator
- Advisory Files ≈ Packet Storm
- Advisory Files ≈ Packet Storm
- All about Linux
- All about Linux
- AlterNet.org
- AlterNet.org
- Astalavista.net – Directory
- Astalavista.net – Exploits
- cmw.me blogs
- Confessions of a Penetration Tester
- Darknet – The Darkside
- Darknet – The Darkside
- Debian GNU/Linux System Administration Resources
- Debian GNU/Linux System Administration Resources
- DesktopLinux.com
- DesktopLinux.com
- Exploit Files ≈ Packet Storm
- Exploit Files ≈ Packet Storm
- F-Secure Antivirus Research Weblog
- F-Secure Antivirus Research Weblog
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Files ≈ Packet Storm
- Got Root Articles
- Got Root Articles
- Got Root Blogs
- Got Root Blogs
- Got Root Library and Wiki
- Got Root Library and Wiki
- Hack a Day
- Hack a Day
- HowtoForge – Linux Howtos and Tutorials –
- HowtoForge – Linux Howtos and Tutorials –
- izik
- izik
- Joomla! powered Site
- kaos.theory: fractal blog
- kaos.theory: fractal blog
- Latest Secunia Advisories
- Librenix.com | Linux Sysadmin Central
- Librenix.com | Linux Sysadmin Central
- Linux Gazette
- Linux Gazette
- Linux Journal – The Original Magazine of the Linux Community
- Linux Journal – The Original Magazine of the Linux Community
- Linux.com :: Feature
- Linux.com :: Feature
- LXer Linux News
- LXer Linux News
- milw0rm.com
- milw0rm.com
- News ≈ Packet Storm
- News ≈ Packet Storm
- nixCraft Linux Sys Admin Blog
- nixCraft Linux Sys Admin Blog
- Open Source Networking
- Open Source Networking
- Own-the.net – Web application security and SEO
- RootPrompt — Nothing but Unix
- RootPrompt — Nothing but Unix
- Rootsecure.net
- Rootsecure.net
- SecuriTeam
- SecuriTeam
- Security Tool Files ≈ Packet Storm
- Security Tool Files ≈ Packet Storm
- SecurityDocs
- SecurityDOT Articles
- SecurityDOT Articles
- SecurityDOT Exploits
- SecurityDOT Exploits
- SecurityDot News
- SecurityDot News
- SecurityDot Vulnerabilities
- SecurityDot Vulnerabilities
- SecurityFocus News
- SecurityFocus News
- SecurityFocus Vulnerabilities
- SecurityFocus Vulnerabilities
- SpiderLabs Anterior
- SpiderLabs Anterior
- Spyware Warrior
- Spyware Warrior
- TaoSecurity
- TaoSecurity
- TechCrunch
- The Ethical Hacker Network RSS News Feed
- The Ethical Hacker Network RSS News Feed
- The most recent articles from vnunet.com
- The most recent articles from vnunet.com
- US-CERT Cyber Security Alerts
- US-CERT Cyber Security Alerts
- US-CERT Cyber Security Bulletins
- US-CERT Cyber Security Bulletins
- US-CERT Cyber Security Tips
- US-CERT Cyber Security Tips
- US-CERT Technical Cyber Security Alerts
- US-CERT Technical Cyber Security Alerts
- VulnWatch
- VulnWatch
- XSSed syndication
- XSSed syndication
- XSSed syndication
- XSSed syndication