hackers

Insiders, everybody’s got ‘em.

stiennon — Sat, 14 Jun 2008 12:07:00 -0400

Comcast hacked 5/28/2008 by same

Thu, 29 May 2008 00:37:38 -0400

About 10:00 pm Denver time, I found that Comcast.net was hacked by this team as well. Comcast finally got the Defiants.net web page off for the Comcast.net login. RxMiller

Hackers will know what you’re wearing

Noah Schiffman — Wed, 07 May 2008 04:09:21 -0400

You purchased your clothes, you're wearing your clothes, but now someone else 0wns them.

Read more

Great Article

Fri, 18 Apr 2008 15:49:03 -0400

I enjoyed this much!

Only XP SP3 safe from hacker Windows exploit of a bug patched on Tuesday

Microsoft Subnet — Fri, 11 Apr 2008 19:04:49 -0400

Symantec issued a warning on Friday afternoon via its DeepSight threat service that hackers are working a bug that was patched via Microsoft's April Patch Tuesday. Only Windows XP SP3 is safe, the report says, according to the blog Neowin.net. Hackers are trying to exploit the critical Windows GDI (graphics device interface) bugs. The hole can be accessed through a malformed Windows Metafile or Enhanced Metafile image, Microsoft said.

Read more

Experts hack power grid in no time

Wed, 09 Apr 2008 15:24:44 -0400

Why in the world power control computers need to have Internet connectivity is beyond me. With the low price of desktops today, systems controlling power plants and the grid should be single-function machines on isolated/private networks. If power plant employees need Internet access to do their jobs, then those systems should be physically different and isolated from the control desktops. Seems a lot cheaper than trying to secure critical systems from hackers.

Poor PHP programming, lazy Google folks, clueless users ... what's going on?

xmachine — Sun, 30 Mar 2008 05:35:36 -0400

So let's calculate the current situation, we have (careless PHP programmers) + (careless web servers administrators) + (careless and clueless users) + (Google Search) = A losing security game and a winning hacker. Take it from a security practitioner, don't leave any vulnerable web application to run on your systems. Do code auditing or if you have a huge deployment, try to get a web applications firewall, for example Mod_Sec for Apache. Also, users training and awareness is an added value. http://extremesecurity.blogspot.com

Hackers hijacking routers and blackmailing firms to regain access

Cisco Subnet — Tue, 18 Mar 2008 18:57:31 -0400

A Cisco engineer is warning of scams by hackers who hijack routers and blackmail companies to regain access. Recounting incidents he heard at Black Hat 2008 in Washington D.C. last month, Brian Wilson, a.k.a Slimjim100 blogger, wrote: "I have heard of reports where this is happened to a large multi-site company and they where blackmailed for money to get access back to there routers ...

Read more

Reloading the WiFi Shotgun

Noah Schiffman — Mon, 03 Mar 2008 21:09:09 -0500

With the recent release of several new wireless exploits, I thought this might be a good time to revisit an "oldie but goodie" security tactic.

I don't' keep statistics on hackers-number, skill level, favorite targets, tools used-and I don't think anyone does (the feds have tried), because it's impossible. Feel free to try, but you'll probably get hacked.

But I can tell you about the current trends, the major players, the latest exploits and newest tools used in the hacker community; although, this information isn't always the most important. Many IT managers focus on the latest threats and hacks, while sometimes overlooking the more relevant ones.

Read more

Hat Black CD

Noah Schiffman — Mon, 25 Feb 2008 21:55:45 -0500

I mean...Black Hat DC.

This past Friday brought Black Hat DC to a close. While this year's agenda focused primarily on web applications, embedded, and wireless technology, as usual, the conference exposed exploits and vulnerabilities of all kinds. This year was no exception to the high standards of expert security training and talks by the brightest security minds, which Jeff Moss regularly puts together.

There were too many highlights (in my opinion) to refer to any of the presentations as true highlights, but there were some I found particularly fascinating.

Read more

Spoof this.

Noah Schiffman — Sun, 24 Feb 2008 21:28:38 -0500

There have been many recent articles published and posts circulating regarding caller ID spoofing (IP spoofing, but with phone numbers). I have no problem with reporting recent incidents that have resulted from caller ID exploitation, but it's important to understand that this is far from being a new security threat.

Read more

Call Me Tarragon.

Noah Schiffman — Fri, 22 Feb 2008 20:09:37 -0500

Security Blog....day 1, posting attempt 1.

This is my fist blog. Not just the 1^st entry of this blog, but my first experience with blogging in any form. So give me a few mulligans.

Read more

Is it safe to search?

chikt — Thu, 31 Jan 2008 08:39:52 -0500

Over the last few months there have been increasing reports of Malware and Phishers attacks utilizing Google to hack and spam users. Making us twice about the links you click next time you search. Search engine spammers have ramped up their efforts to ensnare the unwary Google users. In response Google removed tens of thousands of malicious Web pages from its index. But as quickly as Google can remove them there are thousands more ready to go up as these malicious spammers keep pumping out the pages.

Read more

Network World Community

Crapware Just As Susceptible To Security Vulnerabilities

Mitchell Ashley — Wed, 26 Dec 2007 15:53:11 -0500

Pre-installed software on new laptops and desktops, dubbed "crapware" by many, can just as easily be the entre point for malware as any other software. Most crapware is just that, crap software you don't likely use or want, and will need to be removed to get back some of that valuable system performance, clean up your file system, desktop and installed programs. But some of it can actually be useful, like update software or additional utilities, CD burning software, etc.

Useful or not, crapware can have it's own vulnerabilities too. If the distribution is widespread enough, crapware is a target rich environment for malware creators.

Read more

Cisco confirms ability to eavesdrop on remote calls using its VoIP phones

Cisco Subnet — Thu, 29 Nov 2007 18:17:35 -0500

Cisco confirmed it is possible to eavesdrop on remote conversations using Cisco voIP phones. In its security response, Cisco says: "an attacker with valid Extension Mobility authentication credentials could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol (RTP) audio stream."

Cisco adds that Extension Mobility authentication credentials are not tied to individual IP phones and that "any Extension Mobility account configured on an IP phone's Cisco Unified Communications Manager/CallManager (CUCM) server can be used to perform an eavesdropping attack."

Read more

LAN switch security: Your deepest fears answered

Cisco Subnet — Thu, 15 Nov 2007 17:59:33 -0500

ARP poisoning by a hacker is probably the worst attack your LAN could suffer because it's extremely sneaky, very efficient and all too easy to perform. But there are two ways to protect yourself from an ARP spoofing/posioning attack, according to Christoper Paggen, author of LAN Switch Security: What Hackers Know About Your Switches, published by Cisco Press.

The options for your defense are to either monitor suspicious ARP traffic on a machine connected to the LAN (using ARPWatch for instance, a free Linux utility) or rely on the switch's built-in security mechanism, Paggen told attendees to Network World's live online text chat with the author on Thursday.

Read more

Hackers Jack with Macs

James Gaskin — Fri, 02 Nov 2007 10:04:21 -0400

First, JJ (Jesper Jurcenoks of NetVigilance) told me to stop saying Macs were immune to hack attacks, and now Symantec says the same thing. I didn't put his Mac warning in this column about NetVigilance, but the news from other places reinforces what JJ told me.

Read more

Hackers gain access to private hotel network using Cisco VoIP

Cisco Subnet — Mon, 22 Oct 2007 18:58:18 -0400

Two security experts at hacker conference ToorCon9 in San Diego this week hacked into their hotel's corporate network using a Cisco VoIP phone.

The hackers, John Kindervag and Jason Ostrom said they were able to access the hotel's financial and corporate network and recorded other phone calls, according to a blog on Wired.com.

The hackers used penetration tests propounded by a tool called VoIP Hopper, which mimics the Cisco data packets sent at three minute intervals and then trades a new Ethernet interface, getting the PC - which the hackers switched in place of the hotel phone - into the network running the VoIP, according to the blog post.

Read more

Cisco: We embrace hackers

Cisco Subnet — Tue, 11 Sep 2007 18:44:50 -0400

Cisco says it has "moved on" since the ugly spat with Michael Lynn, who at Black Hat 2005 revealed information related to hacking Cisco routers.

In an article in Forbes.com, Mike Caudill, Cisco's product security incident manager, is quoted as saying: "We've worked with independent researchers for years, and we welcome them contacting us," he says.

Read more

RE: Hacker tips published in Wall Street Journal

Tue, 28 Aug 2007 10:47:44 -0400

Great reporting on your part - shame on WSJ. This screams journalistic improprieties. How could an editor working for a publication, no, an institution like the WSJ, knowingly allow such information to be disseminated to their readers? I commend you for your reporting of this and your opinions. However, I'm sure that many people who don't care about corporate policies already know much of this, those who are sitting on the fence will undoubtedly try some of these techniques. All this at a time when data breach laws are being passed that puts all of the responsibility on the employer and some heavy penalties too. Great job. I look forward to the rest of your follow-up.