In addition to CGISecurity I work on other side projects from time to time. Below is an announcement about my latest project. Introduction I've worked in the security industry for over 20 years and, during this time, have built and shaped many security programs. At every company I join, I find myself...
I've worked in the security field in various roles (script kiddie, security researcher, incident response, application security engineer, security consultant, strategy, etc..) and thought I'd share a few points to those of you starting out in the security industry. Things are worse than you expect The reality is that companies, even large...
Someone has published a SQL Injection in labs.oracle.com at http://www.thehackernews.com/2011/07/oracle-website-vulnerable-to-sql.html . That is all.
Ryan Barnett (Leader of the WASC Web Hacking Incidents Database Project) has announced a new mailing list where users can subscribe to hear about the latest hacking incidents. From his email to The Web Security Mailing List "Greetings everyone, I wanted to let everyone know that we have setup a mail-list for...
Gawker was recently compromised and had its source code and user passwords leaked onto the web. The Wall Street Journal has published a list of the top 50 passwords with the #1 password being '123456'. The full list can be found at http://blogs.wsj.com/digits/2010/12/13/the-top-50-gawker-media-passwords/
"Former college student David Kernell, whose criminal prying into Sarah Palin's personal e-mail account caused an uproar two months before the 2008 presidential election, was today sentenced to a year and a day in federal custody by a judge who recommended that the time be served in a Knoxville, Tenn. halfway house....
An XSS worm has hit twitter this morning and appears to have affected hundreds of thousands of users. Sophos has a good technical writeup at http://www.sophos.com/blogs/gc/g/2010/09/21/twitter-onmouseover-security-flaw-widely-exploited/ ARSTechnica has some coverage about Magnus Holm, the author of the worm. http://arstechnica.com/security/news/2010/09/twitter-worms-spread-quickly-thanks-to-blatant-security-flaw.ars I'll update this post once a more accurate count of affected users is...
"A hack attack that can expose users to malware exploits has infected more than 1 million webpages, at least two of which belong to Apple. The SQL injection attacks bombard the websites of legitimate companies with database commands that attempt to add hidden links that lead to malware exploits. While most of...
Update2: Further proof that people are abusing this in a wide scale and likely wouldn't have had the exploit code not been released. Update: I've clarified a few points and added a few others. Recently Tavis Ormandy (a google employee) discovered a security issue in windows, and days after notifying Microsoft published...
It appears someone used a combination of XSS on an Apache domain, a url shortener, and an issue tracking system to ultimately lead to rooting of 2 core Apache machines used to host bugzilla, and the main shell server. This is a great breakdown of a real world incident that people rarely...
Could the trend of claiming not to know any better while hacking due to asperger's be coming to an end? From Wired "Convicted TJX hacker Albert Gonzalez was sentenced to 20 years in prison on Thursday for leading a gang of cyberthieves who stole more than 90 million credit and debit card...
An interview claiming to be with a facebook employee discusses a few things that you probably were hoping didn't happen. Here are some choice quotes from the article " Rumpus: Have you ever logged in to anyone’s account? Employee: I have. For engineering reasons. Rumpus: Have you ever done it outside of...
Stephen Watt (alias JimJones/Unix Terrorist/PHC/etc) was sentenced to 2 years in prison for his role in writing the blablah sniffer used by the folks involved in the TJX credit card incident. From wired magazine "While accused TJX hacker kingpin Albert Gonzalez awaits a possible sentence of 17 years or more in prison,...
Net-Security has posted an article on the discovery of 132k+ sites that have been SQL Injected. From the article "A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites. ScanSafe reports that the injected iframe loads malicious content from 318x.com, which eventually leads to...
"The Romanian hacker who successfully broke into a web site owned by security vendor Kaspersky Lab has struck again, this time exposing shortcomings in a Symantec web server. The hacker, known only as Unu, said in a blog post today that he was able to access a server belonging to the security...
Steve Dispensa and Marsh Ray have published a paper describing a weakness in the TLS negotiation process. This is the same attack discussed on the IETF TLS list. From the whitepaper "Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle...
"What was essentially a typo last night resulted in the temporary disappearance from the Internet of almost a million Web sites in Sweden -- every address with a .se top-level down name. According to Web monitoring company Pingdom, which happens to be based in Sweden, the disablement of an entire top-level domain...
The WASC Distributed Open Proxy Honeypots project has published an entry on people performing brute force attacks against tomcat administrative interfaces through WASC's open relay proxies. Tomcat Brute Forcing: http://tacticalwebappsec.blogspot.com/2009/10/wasc-honeypots-apache-tomcat-admin.html
UPDATE: Reddit has posted a blog entry at http://blog.reddit.com/2009/09/we-had-some-bugs-and-it-hurt-us.html addressing this. "Popular social news website Reddit has stopped the spread of a cross-site scripting (XSS) worm that hit the site on Monday. The XSS worm spread via comments on the site, originally from the account of a user called xssfinder. Reddit failed...
"A Russian security group has posted a detailed blog post about how they managed to extract the source code to over 3,300 websites. The group found that some of the largest and best known domains on the web, such as apache.org and php.net, amongst others, are vulnerable to an elementary information leak...
Fellow WASC officer Ryan Barnett has published findings pertaining to a distributed brute force attack against Yahoo's login pages as part of his findings for the WASC Distributed Open Proxy Honeypot Project . For those not aware of this project, Ryan leads an initiative where people run open relay proxies and centrally...
From the report "Our initial running theory was correct--the server that hosted the apachecon.com (dv35.apachecon.com) website had been compromised. The machine was running CentOS, and we suspect they may have used the recent local root exploits patched in RHSA-2009-1222 to escalate their privileges on this machine. The attackers fully compromised this machine,...
Netcraft is reporting that apache.org has been compromised. The apache blog posted the following message indicating an SSH key compromise. "This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will come at a later time after we complete the audit...
Sans has write up about a recent flash worm. "A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyzed it (thanks to Peter Kruse of CSIS for the samples). First of all, while the exploit code contains Flash, it is...
"Gary McKinnon has lost a judicial review against his extradition to the United States on hacking charges. Lawyers for the Briton hoped his recent diagnosis with Asperger's Syndrome would be enough to persuade judges to overturn previous rulings and allow McKinnon to be tried in the UK." - The Register Long story...
Just got back from vegas and finally started catching up. Looks like a fake ATM was placed at defcon (no surprise). "As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn't quite look right,...
The hacking group/movement antisec has replaced every image on imageshack with a hacked image and has posted the following to the full disclosure mailing list. " __ .__ _____ _____/ |_|__| ______ ____ ____ \__ \ / \ __\ | ______ / ___// __ \_/ ___\ / __ \| | \ |...
“I have no faith in the ‘justice’ system,” he wrote. ” Perhaps my actions today, and this letter, will send a stronger message to the public. Either way, I have lost control over this situation, and this is my only way to regain control.” The note was provided to Wired.com this week...
"The three were charged two years ago for a 2006 scheme in which they allegedly hacked into online brokerages or created new accounts using stolen identities, then bought and sold stocks in order to manipulate prices to their benefit. They hacked into more than 60 accounts in nine brokerage firms, including ETrade...
"A former security guard for a Dallas hospital has been arrested by federal authorities for allegedly breaking into the facility's HVAC and confidential patient information computer systems. In a bizarre twist, he posted videos of his hacks on YouTube, and was trying to recruit other hackers to help him wage a massive...
"A legally blind Massachusetts phone hacker was sentenced Friday to over 11 years in federal prison, following his guilty plea on computer intrusion and witness intimidation charges earlier this year. Matthew Weigman, 19, was sentenced in Dallas by U.S. District Judge Barbara M.G. Lynn, according to the U.S. Attorney’s Office there. There...
"A San Francisco man pleaded guilty today in Pittsburgh this afternoon to federal charges of hacking into computer systems of financial institutions and other hackers to steal nearly 2 million credit card numbers, which were used to rack up more than $86 million in fraudulent charges. Max Ray Vision, formerly Max Ray...
"A trojan has reportedly been uncovered that is harvesting FTP login data of major corporations, including the Bank of America, BBC, Amazon, Cisco, Monster.com, Symantec and McAfee. According to a report in the Friday edition of The Register, Jacques Erasmus, CTO at Prevx, an internet security vendor headquartered in the U.K., discovered...
"Iran's foreign ministry spokesman accused the cable network CNN of "officially" training people to "hack government and foreign ministry" websites on Monday, citing a CNN.com article that explained how hackers were launching distributed denial-of-service (DDOS) attacks on Iranian government sites. "They officially trained the people to come and hack Iran's government websites,"...
Original Photo (c) from sensepost, butchered by cgisecurity Watt (also known as Unix Terrorist and JimJones) pictured far right during a Defcon talk (video available). "Watt, a 7-foot-tall software engineer who was working for Morgan Stanley at the time the hacks occurred, pleaded guilty in December to creating a sniffing program dubbed...
"A URL-shortening service that condenses long Web addresses for use on micro-blogging sites like Twitter was hacked over the weekend, sending millions of users to an unintended destination, a security researcher said today. After Cligs, a rival to the better known TinyURL and bit.ly shortening services, was attacked Sunday, more than 2.2...
"The boss of Indian software firm LxLabs was found dead in a suspected suicide on Monday. Reports of the death of K T Ligesh, 32, come in the wake of the exploitation of a critical vulnerability in HyperVM, a virtualization application made by LXLabs, to wipe out data on 100,000 sites hosted...
"The information posted over the weekend by hackers who claimed to have hacked T-Mobile is legit, T-Mobile now says. But, it's not clear that the hackers have the full access to T-Mobile systems they claim. On Saturday, hackers posted what appear to be logfiles taken from T-Mobile's networks to the Full Disclosure...
"Did you hear the one about the hacker-free e-mail service that was so confident about its enhanced security measure that it offered up $10,000 to anyone who could hack into it? It got hacked. Here’s the part that’s really crazy, though. There was initially some question as to whether or not the...
"For those who don't know of Astalavista, it was a popular website for "hackers" with relatively low-quality content. It started in 1994, and was one of the first search engines for computer security information. It hosted software exploits, and quickly degenerated into a forum for sharing software cracks, spyware, and virii. Yes...
"Researchers at Websense have discovered a mass injection attack that is redirecting Web browsers to a malware-bearing site. According to a weekend report by researchers at Websense, thousands of legitimate Web sites have been discovered to be injected with malicious Javascript, obfuscated code that leads to an active exploit site. "The active...
"The site, which launched in 1996, covered all aspects of flight simulation, although its main focus was on Microsoft's Flight Simulator. The attack took down the site's two servers and the owners had not established an external backup system. The site's founder, Tom Allensworth, said that the site would be down for...
"In a text book case of web applications being abused due to insufficient anti-automation defenses, the Time Magazine's Internet poll of the most influential 100 people was bombarded with various methods to manipulate the results. The WASC Web Hacking Incident Database provides a great overview of the various tactics that Moot supporters...
"The University of California at Berkeley started warning students and alumni on Friday that online thieves infiltrated the school's restricted servers and stole medical records on more than 160,000 individuals. The database exposed by the breach held information on UC Berkeley's students, alumni and staff, including health insurance information and Social Security...
"A 21-year-old Swede has been charged with hacking into Cisco Systems Inc. (NASDAQ:CSCO)'s computers and stealing trade secrets, U.S. officials say. Philip Gabriel Pettersson, also known as "Stakkato," was named in a five-count indictment that includes one count of intrusion and two of trade secret misappropriation involving the San Jose, Calif., computer...
"Hackers last week broke into a Virginia state Web site used by pharmacists to track prescription drug abuse. They deleted records on more than 8 million patients and replaced the site's homepage with a ransom note demanding $10 million for the return of the records, according to a posting on Wikileaks.org, an...
"McAfee, widely recognized as one of the leading providers of online security software for both home and business, appears to be struggling to secure its own Web sites, which at the time of writing this post, allow anyone with enough tech savvy to covertly do whatever they want on, and with, the...
Twitter has been hacked again and had it's administrative panel (which shouldn't be web accessible) breached. "This week, unauthorized access to Twitter was gained by an outside party. Our initial security reviews and investigations indicate that no account information was altered or removed in any way. However, we discovered that 10 individual...
UPDATE: According to an updated Wired news story this is a sham and no hacker was involved. RSnake recently posted an entry linking to the write up on how a Cross-Site Request Forgery flaw in amazon was used to get Gay and Lesbian books banned from amazon's site via their reputation system....
"A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, newly declassified documents show. First reported by Wired.com, the software, called a "computer and internet protocol address verifier," or CIPAV, is designed...
Twitter has posted an entry on it's xss worm issues this weekend. "On a weekend normally reserved for bunnies, a worm took center stage. A computer worm is a self-replicating computer program sometimes introduced by folks with malicious intent to do some harm to a network. Please note that no passwords, phone...
UPDATE: F-Secure has posted more detailed information. "Some 24 hours after a worm spread advertising on Twitter, the popular social networking website, a second worm emerged on Sunday. Both worms appear to be created by Mikeyy Mooney, a 17-year-old from Brooklyn, New York. The first worm emerged on Saturday when Twitter profiles...
"Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical...
"Previously, when people typed in a legitimate e-mail address on Facebook's password reset page they got a message either saying that their password had been reset or that an e-mail with instructions on how to reset the password had been sent to their e-mail account, thus providing verification that the e-mail address...
There's been a bunch of news regarding a new report published indicating a wide spread Chinese espionage network dubbed 'ghostnet'. From the paper "This report documents the GhostNet - a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign...
"With only a few days left before the tournament starts, if a user searches for popular March Madness-related terms in Google, malicious URLs as high as the first result are returned. Search terms that currently exist within the Top 10 of Google's Hot Trends (the most popular search results) return these malicious...
"Security researcher Charlie Miller held onto a vulnerability for an entire year, before using it on Wednesday to win $5,000 and an Apple laptop at the Pwn2Own contest here at the CanSecWest conference. Miller — a principal analyst at Independent Security Evaluators — found two flaws in Apple's Safari Web browser more...
"A Los Angeles federal grand jury indicted a disgruntled tech employee Tuesday on allegations of temporarily disabling a computer system detecting pipeline leaks for three oil derricks off the Southern California coast. Mario Azar, 28, faces a maximum 10-year term after being accused of purposely impairing a computer system that monitored for...
"The BBC hacked into 22,000 computers as part of an investigation into cybercrime but the move quickly backfired, with legal experts claiming the broadcaster broke the law and security gurus saying the experiment went too far. The technology show Click acquired a network of 22,000 hijacked computers - known as a botnet...
"Google confessed to a serious bug in its Docs sharing system over the weekend, but downplayed the security cockup by claiming only a tiny number of users had been affected. The internet search kingpin said that less than 0.05 per cent of Google Docs accounts were hit by a privacy breach after...
"A fix against an SMS spoofing flaw involving micro-blogging service Twitter offers only partial protection. Tests by Heise Security found that providing a user knew the number of a phone associated with a Twitter account, it would be possible to use an SMS sender faking service to post fake status updates that...
"A researcher today released a proof-of-concept for a vulnerability he discovered in Google Gmail that lets an attacker change a Gmail user's password, wage a denial-of-service attack on the account, or even access other Gmail users' email. The cross-site request forgery (CSRF) flaw -- which researcher Vicente Aguilera Diaz from Madrid-based Internet...
"Today’s aggressive and spooky abuse of trusted giants reveals just how sophisticated and manipulative these guys have become. By following Google Trends, and with some sharp SEO skills to take advantage of Google’s famed real-time indexing, Scammers are directly targeting Google’s search results, trusted by as many as 70 percent of Internet...
"Hacker Gary McKinnon is set to face extradition to the US following a Crown Prosecution Service ruling. The service has refused to bring charges against him after a decision found that there was sufficient evidence to prosecute him, the evidence is not reflected in the criminality that is alleged by the American...
"The botnet, or collection of compromised PCs, can decipher Live Hotmail's CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) registration safeguard in about 20 seconds, said Websense Inc. security researcher Sumeet Prasad. CAPTCHA is the term for the distorted characters that many Web sites, such as e-mail services...
"What's Wikileaks, the net's foremost document leaking site, supposed to do when a whistle-blower submits a list of email addresses belonging to the site's confidential donors as a leaked document? That's exactly the conundrum Wikileaks faced this week after someone from the controversial whistle-blowing site sent an emergency fund-raising appeal on Saturday...
Sans is reporting the MS09-002 exploit is in the wild. "Several AV vendors reported about MS09-002 exploits in the wild. We can confirm this – the exploit for the CVE-2009-0075 vulnerability (Uninitialized Memory Corruption) in Internet Explorer 7 is definitely in the wild and working as charm on an unpatched Windows XP...
"Several renowned white-hat hacker security sites have been hit during the past few days with a distributed denial-of-service attack (DDoS). Immunity, Milw0rm, and Packet Storm were in the clear as of this posting, but attackers were still hammering away at Metasploit. The attackers behind the DDoS -- which began on Feb. 6...
A security lapse at Kaspersky has exposed a wealth of proprietary information about the anti-virus provider's products and customers, according to a blogger, who posted screen shots and other details that appeared to substantiate the claims. In a posting made Saturday, the hacker claimed a simple SQL injection gave access to a...
Dave Ferguson writes "Back in 2006, I put out some findings about CSRF on Netflix's web site. I thought people might be interested to know that I revisited the issue recently and was shocked to find Netflix still hasn't fixed all their CSRF issues, at least when it comes to movie queues....
"In a post on Blogger on Saturday, a person who claims to have breached the Web site of open-source online community software phpBB gave a detailed account of how he did it. Using a vulnerability in PHPlist publicly disclosed on January 14, the attacker gained access to the password and configuration files...
"We took area51.phpBB.com down along with phpBB.com to ensure integrity and prevent further damage. While we actively work to bring phpBB.com back online, we would also like to inform you of the damage that has been done. The attacker gained entry through the PHPList application and was able to dump a complete...
"Instead of video clips, researchers at Trend Micro discovered that around 400,000 queries returning malicious results that lead to a single redirection point, which leads onto an array of maliciously constructed websites designed to load malware onto vulnerable Windows PCs. The strain of malware spread using the attack - named as AQPlay-A...
" Boris Johnson's outspoken defence of Gary McKinnon in his extradition fight has been criticised by a former security consultant, who complains he was denied such support when he himself was charged with hacking offences. Daniel Cuthbert was convicted in October 2005 of breaking the Computer Misuse Act by "hacking" into a...
"A fired computer engineer for Fannie Mae has been arrested and charged with planting a malicious software script designed to permanently destroy millions of dollars worth of data from all 4,000 servers operated by the mortgage giant. Rajendrasinh Babubahai Makwana, 35, of Virginia, concealed the Unix script on Fannie Mae's main administrative...
"Transportation officials in Texas are scrambling to prevent hackers from changing messages on digital road signs after one sign in Austin was altered to read, "Zombies Ahead." Chris Lippincott, director of media relations for the Texas Department of Transportation, confirmed that a portable traffic sign at Lamar Boulevard and West 15th Street,...
"The sniffer malware that surreptitiously siphoned tons of payment card data from card processor Heartland Payment Systems hid in an unallocated portion of a server’s disk. The malware, which was ultimately detected courtesy of a trail of temp files, was hidden so well that it eluded two different teams of forensic investigators...
"In what may prove to be one of the ways global conflicts are fought in the 21st century, Israel used search engine optimization (SEO) to halt the online backlash it was receiving during the recent conflict in Gaza. As well as some search engine optimization work (SEO) done by a Texas company...
"An American security consultant who stole hundreds of thousands of online bank passwords by employing a massive botnet that he often administered from work deserves at least five years in prison, prosecutors have told a federal judge. The request for a minimum 60-month sentence, followed by five years of supervised release, came...
Monster.com has recently experienced yet another breach. "As is the case with many companies that maintain large databases of information, Monster is the target of illegal attempts to access and extract information from its database. We recently learned our database was illegally accessed and certain contact and account data were taken, including...
"A widely-circulated URL which points to a image that purports to be a Wired.com story about Steve Jobs health is a hack job. We won't provide the URL here, but the Twitterverse quickly surmised that the item was not correct. As have Mashable and Gizmodo. I've written a number of stories about...
"A six-strong hacker gang attempted to plunder £229million from a Japanese bank in an audacious high-tech scam, a court heard. A crooked security guard at Japanese bank Sumitomo Mitsui let alleged computer hackers into the building in the dead of night where they installed spy software on computers used for multi-million pound...
The Washington Post reports today a new breach: "A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have led to the theft of more than 100 million credit and debit card accounts, the company said today." More info on the article.
"COMPUTER hacker Gary McKinnon has signed a formal confession in a last-ditch attempt to avoid his extradition to the US, his family have confirmed. Former Highgate Wood School pupil Mr McKinnon, 42, is currently awaiting extradition after being accused of causing $700,000 worth of damage when he allegedly hacked into US security...
"Hackers have taken down two high-profile targets as they continue their ongoing Web attacks in support of Palestine, defacing Web sites run by the U.S. Army and the North Atlantic Treaty Organization (NATO). The attacks on Thursday took down the Web sites for The United States Army Military District of Washington and...
We've previously covered the TJX compromise. It appears one of the attackers involved is going to prison. "Maksym Yastremskiy, the Ukrainian accused of being a key figure in the infamous TJX Maxx Wi-Fi hack of 2005, has been sentenced to 30-years in prison by a Turkish court. Yastremskiy - or 'Maksik' as...
"An IT expert sacked for lying on his CV hacked into his company's computer system to spy on his former colleagues - and deleted vital information which led to the loss of jobs. Julius Oladiran, 46, was dismissed from after his employers discovered his boasts of a master's degree, and top Government...
"A teenage hacker, known in the digital underground as GMZ, claims he obtained access to the micro-blogging site’s admin controls using a brute force dictionary attack. After guessing the login identity of an administrator, in part based on the large number of people she followed, GMZ ran an automated password guessing program...
"Tolley wouldn't say what banks were affected by the hack, but the majority of these five million customers were CheckFree's own users, she said. In total, about 42 million customers access CheckFree's bill payment site, she said. Customers who went to CheckFree's Web sites between 12:35 a.m. and 10:10 a.m. on the...
"MacRumors, one of the many sites which cover Apple's annual Macworld product launches, has had its live coverage infiltrated, with someone adding the false news of Steve Jobs's death to the blow-by-blow reports." Here's the very amusing screenshot of the incident. http://cache.gawker.com/assets/images/gawker/2009/01/macrumorshacked.jpg Read more: http://valleywag.gawker.com/5124580/hackers-post-faked-report-of-steve-jobss-death
"After the Mumbai terror strikes, anti-India elements in Pakistan are now planning an attack on Indian computer networks, intelligence agencies have warned. Already Pakistani hackers are trying out a dry run against Indian networks through popular websites registered there after the Mumbai terror strikes, Home Ministry sources told PTI here today. "Every...
"Israeli military forces have reportedly hacked into a Hamas-run TV station to broadcast propaganda. The hijack of the Al-Aqsa television station last weekend represents the latest phase in a war in cyberspace that has accompanied the ongoing conflict in Gaza. Al-Aqsa is known for featuring allegedly antisemitic childrens' cartoons as part of...
From Twitter's blog "The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their...
The Home Office has quietly adopted a new plan to allow police across Britain routinely to hack into people’s personal computers without a warrant. The move, which follows a decision by the European Union’s council of ministers in Brussels, has angered civil liberties groups and opposition MPs. They described it as a...
"It didn't take long after Israel's bombing of Gaza began for cyberwarfare to erupt as well: over 300 Israeli Websites over the past few days have been hacked and defaced with anti-Israeli and anti-US messages in an online propaganda campaign, a security expert says. Gary Warner, director of research in computer forensics...
UPDATE: I've added a link to the presentation slides and some other sites providing coverage of this. The following paper was published today at the CCC conference by Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, and Benne de Weger. "We have identified a vulnerability in the...
"Data breaches continued to make their very public mark on cybersecurity news in 2008. And this time it wasn't TJX making headlines. Despite being PCI compliant, Hannaford Brothers supermarkets announced that 4.2 million credit and debit card numbers were pilfered from its servers. We also learned in 2008 that attackers aren't necessarily...
"The State Bank of India, the country’s largest bank, has had to shut down its corporate website after overseas hackers tried to break in. While the bank said that transactions took place through www.onlinesbi.com, a senior SBI source said that the transactions were slow as the entire system was under watch. The...
"The heat in Max Butler's safe house was nearly unbearable. It was the equipment's fault. Butler had crammed several servers and laptops into the studio apartment high above San Francisco's Tenderloin neighborhood, and the mass of processors and displays produced a swelter that pulsed through the room. Butler brought in some fans,...
"German researchers have discovered more than 300 cybercrime servers full of stolen credentials on more than 170,000 people -- and it is only the tip of the iceberg, they say. Researchers at the University of Mannheim's Laboratory for Dependable Distributed Systems were able to access nearly 100 so-called "dropzone" machines, and say...
