Security

The search continues for the sixth member of LulzSec

Last week in the UK ended the trial of four young boys, three of whom are considered key players in the famous hacker group LulzSec. Previously convicted of two more, including the informal leader Sabu, who for many months was working as an FBI informant . At the same time, law enforcement agencies simply can(…)

Statistics on the botnet Carna

Analyst in Information Security Parth Shukla at the conference AusCERT prepared an interesting presentation dedicated to botnet Carna. Recall that it was through this global botnet that the largest scan of the Internet was carried out for research purposes – Internet Census 2012. For ten months of 2012, all IP-addresses in the address space of(…)

MitmProxy 0.9

The new version of one of the best MiTM HTTP-proxy with support for SSL, having a console interface and allows you to check and edit the traffic flow “on the fly”, and save them for later analysis. According to the words of the program’s Aldo Cortes (Aldo Cortesi), this major release, with numerous improvements in all modules.Previous version(…)

The new 0day-vulnerability in Linux 2.6.37 – 3.8.8

A few days ago an exploit ready was published, which carries an escalation of privileges in Linux 2.6.37 – 3.8.8. The code shown on the link, anyone can compile and run on your system, checking its operation. If it does not work, it’s not a reason to calm: it may just need a more qualitative exploit. Detailed explanation of(…)

USB-Trojan

In modern operating systems, there is an interesting feature – they have complete trust in devices such as a keyboard or mouse. Accordingly, if you build the device, which will emulate the desired input, and connect it to your computer, you can do anything. WARNING:The information is provided solely for educational purposes. Any use in improper purpose(…)

Honeypot with fake passwords to hackers

It took just 18 hours after the expert in information security Kyle Wilhoit (Kyle Wilhoit) connected to the Internet with two fake and one real SCADA-system – and they have already started to attack someone. The widespread popularity among script kiddies search engines such as Shodan, as well as basic tools for hacking turns every industrial(…)

Hacked Google office building

Even established companies such as Google are not protected from tampering. Moreover, the trouble can come from where no one is waiting. For example, the Australian division of Google clearly complied with the rules of information security towards computer networks and broke them through the industrial management system of the building , which houses the(…)

Super Dimension Fortress: completely anonymous publishing

Today it is difficult to publish information on the Internet without leaving a trace. With social networks, it is clear: they want to become attached to the default user name. But even pick up an anonymous blog on free hosting like WordPress.com or Tumblr, – a non-trivial task. There is always the option with the(…)

Hacked database of dams in the USA

Unidentified attackers were able to gain access to the National Register of Dams – a database maintained by the U.S. Army Corps of Engineers (United States Army Corps of Engineers). This is a valuable database of 79,000 dams in America, with their weaknesses, evaluating the number of dead in the case of a breakage and(…)

Symantec: The number of attacks on small business has tripled

According to the results of 2012 the volume of hacker attacks against the theft of intellectual property, increased by 42%. This attack, typically aimed at small businesses, experts at Symantec said in its latest annual report 2013 Internet Security Threat Report, Volume 18 (ISTR 2013). “From the report ISTR 2013 it is clear that the(…)