This is a story that keeps getting more interesting… I have been closely following the news that I blogged about last week regarding 1st Source bank of Indiana that fell victim to a pretty serious security breach. 1st Source ended up reissuing their entire credit card portfolio to their customer base. The latest news is […]
FBI gets involved in the Indiana bank security breach Read More »
Interesting story that hit the wire last week about another bank security breach. This time 1st Source Bank of South Bend Indiana became the next victim of stolen debit card data. Not a ton of details have emerged yet but we do know the following: 1. A external monitoring service (an MSSP perhaps?) or hired
Indiana Bank gets Hacked…Who’s really to blame? Read More »
You probably have read about the interesting Comcast domain hijack that took very little technical skill a few weeks ago. Apparently these two hackers were able to social engineer their way to obtain access to the Comcast domain registration account that is being managed by Network Solutions. Once they had access they apparently changed the
How not to get your domain hijacked Read More »
This past Monday, some silly hacker got the idea that he could easily redirect traffic from Metasploit.com to some Chinese forum using some ARP poisoning directed at the router that the metasploit.com domain resides. Basically he did a MITM attack. Here is an excerpt from HD Moore’s reply on the Full Disclosure mailing list: “Problem
Metasploit.com Attempted Hijack Read More »
According to 2600 News, 1,500 attendees of this years Last HOPE (Hackers On Planet Earth) hacker conference will be tracked via RFID in a large social experiment which will include games focused on RFID technology. From the press release: “Players will seek ways to protect their privacy, find vulnerabilities in the tracking system, employ data
Attendees to be tracked with RFID at The Last HOPE Read More »
Brain Salcedo was convicted back in 2004 of hacking the Lowe’s (a national home improvement retail chain) computer network through an unsecured wireless network. Brian and his partner found the unsecured wireless network while Wardriving. Brian’s plan was to eventually tap in and siphon off millions of credit card’s through a backdoor installed in a
Lessons Learned from the Lowe’s Hacker Brian Salcedo Read More »
I have seen a couple blogs posts, articles and even the creator of winlockpwn (the hack/script that allows you to bypass Windows authentication through FireWire) saying that this script is nothing more then a “partytrick”… “Wow and amaze your friends by magically unlocking a Windows PC without a password!” While this seems like a fun
Winlockpwn: More then a Partytrick Read More »
Looks like the latest issue of Phrack was released. Phrack is one of those hacker magazines that seemed to have disappeared and now is starting to slowly come back into existence. Phrack is famous for posting the infamous Hacker Manifesto and also provides a good insight into the current (and past) state of the hacker
Phrack Issue #65 Released Read More »
Interesting article on CNN today about a covert group of Chinese “hackers” who apparently have broken into the Pentagon and other high profile sites. Actually, they “know” someone who broke into the Pentagon, they didn’t actually do it themselves. This isn’t breaking news by any means. There are hackers all over the world trying to
Chinese Hackers or Script Kiddies? Read More »
The infamous Cult of the Dead Cow (cDc) has released a very cool Google vulnerability scanner called Goolag Scanner. This tool allows you to search a specific web site or domain for known vulnerabilities and misconfigurations. From an eWeek article: “The open-source program comes with about 1,500 custom Google search queries embedded by default to
Goolag Scanner – Google Vulnerability Scanner Released Read More »
