theHarvester is a tool to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database. This tools is intended to help Penetration testers in th…

read more from this topic.....

I’m in midtown Manhattan, connected to the Net over my hotel’s slow but costly wi-fi connection. Normally when I’m traveling — at least here in the U.S. — I avoid lame hotel connections by u…

read more from this topic.....

Customers who used the self-checkout lanes at Lucky Supermarkets have been hacked. The grocer, which operates stores in California, says some of their credit card machines have been altered with sniffers to capture credit and debit card numbers. Lucky, owned by parent company Save Mart, is telling customers who used those machines to close their bank and credit card accounts. At least 80 at-risk accounts have been identified and the supermarket chain has gotten calls from more than 500 calls from customers who fear they are victims of fraud.

read more from this topic.....

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address range or stand-alone computer by multi-threading method, plug-ins are supported. This is an old tool (last update in 2005), but some people still find it useful an…

read more from this topic.....

It wasn’t too long ago (about 6 months) when we reported about Malaysia Government Sites Under Attack From Anonymous – which was somewhat suspicious. And well that’s about the only story we’ve had about Malaysia really. Perhaps …

read more from this topic.....

It’s always good to have some news about government conspiracy theories, or in this case government propagated malware. The last case I remember reporting on was – Tunisia Running Country Wide Facebook, Gmail & Yahoo! Password Capture….

read more from this topic.....

The bounty to get a workable version of the Android operating system installed on the now-discontinued HP TouchPad is up to $2,000+, as of today.

As we previously reported, the goal of this project is to get some version of Android 2.x onto the TouchPad and, most importantly, stable. If successful, this effort will help keep the HP tablet a little more relevant to those unfortunate early adopters who have been left with a mobile operating system whose future is decidedly uncertain.

read more from this topic.....

They’re out there. Be afraid. They could be anywhere, everywhere, anyone. They are shadowy, deadly, mysterious, guided by intellects vast and cool and unsympathetic. Security consultants and antivirus firms whisper legends of them to their clients to scare them straight. They’re the Voldemort of online security, except that everyone is all too eager to say their name: the Advanced Persistent Threat. Hide your children! You cannot stop them!

…well, actually you probably could, and pretty easily too, but apparently most folks can’t be bothered.

Vanity Fair just wrote breathlessly about “Operation Shady RAT”, which featured, quote, “a species of malware that had never been seen before: a spear-phishing e-mail containing a link to a Web page that, when clicked, automatically loaded a malicious program—a remote-access tool, or rat—onto the victim’s computer.” Military-industrial standard-bearer Northrop Grumman is “constantly under attack by cyber-gangs.” A few months ago Security firm RSA’s SecurID systems were the victim of “an advanced persistent threat, a slow and consistent attack used by hackers to obtain specific information.” The Pentagon is alive to the APT threat, and says it is beginning to focus more on deterrence than on defence, because “each year, a volume of intellectual property exceeding the size of the Library of Congress is stolen from U.S. government and private-sector networks.” Why, just this week, San Francisco’s government-owned BART system was hacked by -

…waaaaaait a minute.

read more from this topic.....

We just wanted to give a heads up to everyone to remind them that the annual layerOne hacking and security conference is coming up soon. They have announced their speaker line-up which includes talks on home monitoring, lockpicking, mobile malware and tons more. The event is located in Anaheim California on May 28-29. They sent [...]

read more from this topic.....

Unfortunately for PlayStation Network and Qriocity services users, it looks like the widespread network outages will continue.

Since Sony’s PlayStation and music networks went down two days ago, there has been a fair amount of public speculation over the cause of the outage. (Largely due to Sony’s tight-lipped handling of public relations.) Many blamed vengeful gremlins loose in Sony’s server clusters and datacenters, while others immediately pointed the finger at Anonymous, the merry band of hackers that metastasized out of 4chan.

Thankfully, after 24+ hours of communication silence, Sony has updated its blog and ended the speculation. According to the electronics colossus, “an external intrusion” is responsible for the ongoing outages of the PlayStation Network and Qriocity. (It probably sounded like this at Sony headquarters. Or this.)

read more from this topic.....

Sometimes it helps to have an entire set of tools with you to tackle a problem, and sometimes it helps to take the discreet route. [StenoPlasma] took the latter of these approaches, and stuffed a USB hub, a 16 GB flash drive, and an Atheros based USB wireless adapter into a regular looking USB mouse [...]

read more from this topic.....

Shaun Nichols in San Francisco, V3.co.uk, Thursday 4 November 2010 at 01:30:00

Mysterious traffic spikes take down government ISP

A major distributed denial-of-service (DDoS) attack has cut off network
traffic in the country of Myanmar (formerly…

read more from this topic.....

Shaun Nichols in San Francisco, V3.co.uk, Wednesday 3 November 2010 at 18:26:00

Company issues advisory over flaw in IE 6,7 and 8

Microsoft is warning users to be on the lookout following the discovery of a
security flaw in its Internet Explorer…

read more from this topic.....

David Neal, V3.co.uk, Tuesday 2 November 2010 at 11:36:00

Chrome bounty scheme extended to YouTube, Blogger et al

Google has extended its bounty payouts to researchers who spot security
issues in some of its web applications, following a number …

read more from this topic.....

Phil Muncaster, V3.co.uk, Saturday 30 October 2010 at 12:01:00

V3.co.uk rounds up the week’s top security news

This week in security has been a fairly quiet one. Adobe’s latest revelation
of a zero-day flaw in Reader, Acrobat and Flash was proba…

read more from this topic.....

Phil Muncaster, V3.co.uk, Saturday 30 October 2010 at 11:44:00

Detectives will be shown how to track suspects via social media under new
training programmes

Crime fighters will soon benefit from training on how to gather evidence from
mobile pho…

read more from this topic.....

Iain Thomson in San Francisco, V3.co.uk, Thursday 28 October 2010 at 22:24:00

Adobe provides workaround, but no patch yet

Adobe has warned of attacks on a zero-day flaw in its Reader, Acrobat and
Flash applications.

The company has not released…

read more from this topic.....

Phil Muncaster, V3.co.uk, Thursday 28 October 2010 at 16:39:00

Department of Energy official warns of increased threats to critical
infrastructure

The US is bracing for an attack on its national energy grid computing systems
involving Stuxnet-li…

read more from this topic.....

Iain Thomson in San Francisco, V3.co.uk, Thursday 28 October 2010 at 03:14:00

Igor Gusev’s spam empire said to have earned over $100m

Russian police are reported to have filed a criminal case against a man
accused of being one of the world’s mos…

read more from this topic.....

Phil Muncaster, V3.co.uk, Wednesday 27 October 2010 at 13:54:00

Hole in latest version of the Mozilla browser could lead to Trojan download

Browser manufacturer Mozilla is working on a fix for yet another critical
zero-day vulnerability in its …

read more from this topic.....

Shaun Nichols in San Francisco, V3.co.uk, Tuesday 26 October 2010 at 02:02:00

Experts warn of account theft and phishing scams

The Internet Crime Complaint Center has issued two fraud alerts warning of
attacks targeting enterprises and individua…

read more from this topic.....

Phil Muncaster, V3.co.uk, Sunday 24 October 2010 at 15:15:00

V3.co.uk rounds up the week’s top security news

This week was dominated by the government’s spending plans, and the IT
security sphere was no different. First up on our round-up list i…

read more from this topic.....

Iain Thomson in San Francisco, V3.co.uk, Friday 22 October 2010 at 23:25:00

Metropolitan Police and Finnish Pori Police get their man

A Scottish man arrested as part of an investigation into the m00p botnet and
hacking group has pleaded guilty t…

read more from this topic.....

Shaun Nichols in San Francisco, V3.co.uk, Friday 22 October 2010 at 01:04:00

Video chat application vulnerable to account theft

A security flaw has been uncovered in Apple’s FaceTime for Mac video chat
tool just one day after its introduction.

…

read more from this topic.....

Wendy M Grossman, V3.co.uk, Wednesday 20 October 2010 at 12:52:00

Former Pipex staffer calls for reinvention of the password

Stephen Howes, chief executive and co-founder of
GrIDsure,
has a not-so-modest ambition: to reinvent passwords to make t…

read more from this topic.....

Dan Worth, V3.co.uk, Wednesday 20 October 2010 at 12:26:00

Increased threat prompts Downing Street to raise spending

The government has earmarked a further £500m to help the UK defend against
the growing threat of cyber attacks.

Prime minister…

read more from this topic.....

David Neal, V3.co.uk, Wednesday 20 October 2010 at 12:18:00

Russian security firm admits to being infiltrated by fake anti-virus scam

Russian security firm Kaspersky Lab has admitted it was the victim of a
hacking attack on Sunday that exploited…

read more from this topic.....

Rosalie Marshall, V3.co.uk, Tuesday 19 October 2010 at 15:27:00

Monitoring web traffic or offering financial incentives to encourage
countries to protect systems could improve national security

Security experts have warned that the UK needs to a…

read more from this topic.....

Phil Muncaster, V3.co.uk, Tuesday 19 October 2010 at 10:52:00

Cloud-based services released in time for busy Christmas shopping period

Online authentication firm VeriSign has launched three cloud-based services
designed to help online retailers …

read more from this topic.....

Iain Thomson in San Francisco, V3.co.uk, Tuesday 19 October 2010 at 10:31:00

Hackers move on from PDFs

Microsoft has highlighted an “unprecedented” wave of attacks aimed at Java
over the past three months.

Attacks on Java vulnerabilities have i…

read more from this topic.....