Archive | April, 2006


10 April 2006 | 4,251 views

Homeland Security Scores an F for Internal Security AGAIN

Well I would have thought these guys should have had a little better security.. The Department of Homeland Security received an F (Failing) grade in cybersecurity from the House Government Reform Committee for the third year in a row. The Committee will likely give the Fed a D+ overall for its cybersecurity efforts. The grades [...]

Continue Reading


08 April 2006 | 8,100 views

CIA Employees Identified Online

Pretty Scary eh? Although some people do call them the Central Lack-of Intelligence Agency. Privacy is a major issue and well people should be a little more careful about what they reveal online, perhaps I’ll rehash my old Google Hacking Presentation and write it up as a post for Darknet. I guess it would be [...]

Continue Reading


07 April 2006 | 3,610 views

Serious Vulnerability/Flaw Found in GPG – GnuPG

Just in case you didn’t read it, found this one in the archives. A serious problem in the use of GPG to verify digital signatures has been discovered, which also affects the use of gpg in email. It is possible for an attacker to take any signed message and inject extra arbitrary data without affecting [...]

Continue Reading


06 April 2006 | 9,914 views

China taking control of it’s own DNS servers

China are moving further away from the rest of the world when it comes to the Internet, taking control, making sure information doesn’t get out and making sure other people don’t have access to anything behind the Great Firewall of China. China’s Ministry of Information Industry (MII) has made adjustment to China’s Internet domain name [...]

Continue Reading


05 April 2006 | 118,945 views

AJAX: Is your application secure enough?

Introduction We see it all around us, recently. Web applications get niftier by the day by utilising the various new techniques recently introduced in a few web-browsers, like I.E. and Firefox. One of those new techniques involves using Javascript. More specifically, the XmlHttpRequest-class, or object. Webmail applications use it to quickly update the list of [...]

Continue Reading


04 April 2006 | 9,783 views

IE Address Bar Spoofing

I recently found on securityfocus mailinglist a bug in IE which can be exploited with a simple javascript code to spoof the address bar location… This allow attacker inject a malicious shockwave-flash application into Internet Explorer while it is display another URL (even trusted sites). The vulnerability has been confirmed on a fully patched system [...]

Continue Reading


04 April 2006 | 10,461 views

The Tale of a Real Malaysian E-mail Spammer Exposed – Webflexx

So a friend of mine received a spam, which is not unusual, but this one was a little different. This guy is in Malaysia, and the spam he usually receives is from all over the place, mostly US-centric, but this one was targeting Malaysians, Malaysian spammer producing Malaysian spam, is it the first? I asked [...]

Continue Reading


04 April 2006 | 6,964 views

Google Safe Browsing Extension for Firefox & Netcraft Toolbar – Anti-Phishing

I remember some time back Netcraft developed an anti-phishing toolbar for Internet Explorer Exploder and Firefox. You can check it out here: Netcraft Toolbar Protect your savings from Phishing attacks. See the hosting location and Risk Rating of every site you visit. Help defend the Internet community from fraudsters. Then recently Google has come out [...]

Continue Reading


03 April 2006 | 12,216 views

Slashdot Effect vs Digg Effect Traffic Report

As I’ve been Digged about 5 times now…and somehow got Slashdotted (whilst I was sleeping) until my server crashed and my host started crying..and my bandwidth went out. I can give a reasonable comparison between Slashdot and Digg traffic. From what I’ve seen Digg traffic is between 4,000 and 20,000 hits depending what time it [...]

Continue Reading


01 April 2006 | 16,785 views

P*rn Database Hacked – Buyers Exposed!

Haha, well serves them right, get out and get laid guys. Online payment company iBill on Thursday said a massive cache of stolen consumer data uncovered by security experts did not come from its database. “I’m the first person that would have taken this to the FBI and the first person to have gone on [...]

Continue Reading