Archive for September, 2007
One of the BlackBerry’s main selling points is that it provides an integrated wireless messaging system, providing push email access over cellular wireless networks throughout the world. Another major factor in the BlackBerry’s popularity is its comprehensive and systematic approach to security. BlackBerry devices are versatile, and can be used for a range of functions including telephony, SMS, email, and Web browsing amongst other things.
Releases Metasploit Framework for device “HD Moore, one of the developers of the Metasploit hacking software, is supporting the iPhone within the Metasploit framework and providing tools to run ‘shellcode’ prompts.
On his way to federal prison, the 23-year-old hacker says breaking into computers at telecom companies and major corporations was “so easy a caveman could do it.”
This page allows you to submit a suspicious URL to our high interaction client honeypot Capture to determine whether the suspicious URL is indeed malicious. The client honeypot, which runs Windows XP and Internet Explorer 6, will make the request to the server and determine whether any unauthorized state changes, such as placing an executable file in the start-up folder, have been made. If these state changes are detected, our client honeypot will classify the URL as malicious.
How to generate public/private key pairs and strong passphrases, and how to use the wonderful Keychain utility to automate your SSH logins.
According to Symantec, ‘Internet security is headed toward a major reversal in philosophy, where a ‘white list’ which allows only benevolent programs to run on a computer will replace the current ‘black list’ system’.
Security researcher said he would not release code that shows how a PDF attack works until Adobe provided a patch for the problem.
The objective of this research is to traverse the hidden artifacts of SIP realm to expose the infection oriented vectors.
Real-time Steganography with RTP, A Brief Analysis of PatchGuard Version 3, Escaping Internet Explorer Protected Mode, OS X Kernel-mode Exploitation in a Weekend, A Catalog of Windows Local Kernel-mode Backdoors and Generalizing Data Flow Information.
Why is the U.S. District Court for the Central District of California’s recent ruling that defendants in a copyright infringement case “collect and produce” information stored in their servers’ random access memory significant?
Discusses the emerging trend of Personal Desktop Searching utilities on desktop computers, and how the information cached and stored with these systems can be retrieved and analysed, even after the original document has been removed.
An attempt to smear the good name of a legitimate organization by tainting them with the stain of illegal activity – known as a “reputation attack” – by making it look to the victims of the stolen PayPal accounts as if the legitimate organisation is the one stealing their money.
The Computer Security Institute has just released the 2007 edition (PDF) of its long-running “Computer Crime and Security Survey,” and it offers some dreary news for overworked computer security admins: average losses from attacks have surged this year. More surprising is the finding that the single biggest security threat faced by corporate networks doesn’t come from virus writers any more; instead, it comes from company insiders.
End users were far less likely to receive malware programs in their in-boxes and far more likely to get attacked as they visited legitimate Web sites over the first six months of 2007.
The company MediaDefender works with the RIAA and MPAA against piracy, setting up fake torrents and trackers and disrupting p2p traffic. Previously, the TorrentFreak site accused them of setting up a fake internet video download site designed to catch and bust users. MediaDefender denied the entrapment charges. Now 700MB of MediaDefender’s internal emails from the last 6 months have been leaked onto BitTorrent trackers. The emails detail their entire plan, including how they intended to distance themselves from the fake company they set up and future strategies.
Two research teams have independently made quantum computers that run the prime-number-factorising Shor’s algorithm — a significant step towards breaking public key cryptography.
Last month, Swedish security specialist Dan Egerstad exposed the passwords and login information for 100 e-mail accounts on embassy and government servers. In a blog entry today, Egerstad disclosed his methodology. He collected the information by running a specialized packet sniffer on five Tor exit nodes operated by his organization, Deranged Security.
PIRANA is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform.
A worm spreading to Windows PCs through Skype’s IM. The worm is variously called Ramex.a and Pykspa.d.
iPhone hackers have released a free software unlock for the iPhone. Apparently there are two solutions – a script based on ieraser, and the other is called iUnlock.