Archive | August, 2008


29 August 2008 | 8,037 views

ISR-evilgrade – Inject Updates to Exploit Software

ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software. How does it work? It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of the victims DNS [...]

Continue Reading


28 August 2008 | 18,217 views

Webcam Hacker Jailed for 4 Years for Spying on Teenager

Another one bites the dust, this time for spying on a teenage girl via webcam. 4 years is a reasonable sentence this time I think as the case borders on many offenses such as blackmail, indecent behaviour, infringement of privacy, unlawful access and probably a few more. It was a pretty simple hack as it [...]

Continue Reading


18 August 2008 | 17,653 views

OpenVAS – Open Vulnerability Assessment System (Nessus is Back!)

As you all probably known since version 3 Nessus turned to a proprietary model and started charging for the latest plugins locking most of us out. Now we finally have a new, properly organised forked development with the name of OpenVAS – at last a decent and free Vulnerability Scanner! OpenVAS stands for Open Vulnerability [...]

Continue Reading


17 August 2008 | 7,011 views

New MySpace and Facebook Worm Target Social Networks

Well another reason for you guys (and gals) to avoid social networks, a new worm is spreading. Again they are using the same ploys that have been leveraged for years on e-mail and instant messaging. Trust is gained as the message or link/video/etc comes from a known source so people are more likely to click/open/play [...]

Continue Reading


13 August 2008 | 11,214 views

raWPacket HeX – Network Security Monitoring & Analysis LiveCD

HeX is a project aimed at the NSM (Network Security Monitoring) community for use by network security analysts. The developers believe that simplicity and analysis work flow logic must be enhanced and emphasized through-out the process of designing this liveCD. Not only have they carefully chosen all the necessary applications and tools to be included [...]

Continue Reading


12 August 2008 | 7,599 views

TJX Credit Card Hackers Busted – Largest US Data Breach

We reported on this case back in September 2007, the largest US data breach in history so far (45 million customer records!). It seems like finally the people behind it have been busted, 11 people have been charged by US authorities. The US authorities have charged 11 people in connection with the theft of credit-card [...]

Continue Reading


11 August 2008 | 11,282 views

PuttyHijack V1.0 – Hijack SSH/PuTTY Connections on Windows

PuttyHijack is a POC tool that injects a dll into the PuTTY process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket [...]

Continue Reading


06 August 2008 | 6,869 views

HD Moore’s Company BreakingPoint Suffers DNS Attack

It’s somewhat ironic that shortly after the Kaminsky DNS bug went wild and almost immediately got ported into Metasploit that it was then used to attack HD Moore’s very own company BreakingPoint. It happened just a couple of days ago, it doesnt seem to have been a targeted attack though more like mass spammers/scammers leveraging [...]

Continue Reading


05 August 2008 | 7,206 views

July Commenter of the Month Competition Winner 2008!

Competition time again! As you know we started the Darknet Commenter of the Month Competition on June 1st 2007 and it’s been running since then! We have just finished the fourteenth month of the competition in July and are now in the fifthteenth, starting a few days ago on August 1st – Sponsored by GFI. [...]

Continue Reading


04 August 2008 | 11,581 views

UK Hacker Gary McKinnon to Fight Extradition

For some of the long time readers, you might remember we’ve been covering the case of the UK Hacker Gary McKinnon for quite some time. The last post was about a year ago though in August 2007 when he Won Right to Lords Appeal Extradition Hearing. The first post on the case was over 2 [...]

Continue Reading