Archive | November, 2008


27 November 2008 | 5,176 views

FireCAT 1.4 Released – Firefox Catalog of Auditing Extensions

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment You can find an online map of Firecat v1.4 here. Changes for version 1.4 Information Gathering (Enumeration and Fingerprinting) Passive Recon : PassiveRecon allows Information Security professionals the ability to perform [...]

Continue Reading


26 November 2008 | 3,574 views

Spam Back on the Rise with Srizbi Resurrected

After McColo was partially disconnected from the Internet by it’s peers global spam dropped noticeably. It seems however that the spam was emanating from a zombie network and the control servers were hosted by McColo, the creators of the botnet (Srizbi) were smart about it though and built a fail-safe system into the the malware. [...]

Continue Reading


25 November 2008 | 7,499 views

Browser Rider – Web Browser Exploitation Framework

Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out [...]

Continue Reading


24 November 2008 | 4,817 views

Julie Amero Spyware Case Finally Comes To An End

It’s a sad case when someone loses their career over an incident which was outside of their control, not everyone can be expected to keep their computers free of spyware and malware. It just doesn’t happen. Unfortunately for Julie Amero, she got some porn pop-ups at the wrong time in a class full of students. [...]

Continue Reading


20 November 2008 | 12,631 views

ike-scan – IPsec VPN Scanning, Fingerprinting and Testing Tool

ike-scan is a command-line tool for discovering, fingerprinting and testing IPsec VPN systems. It constructs and sends IKE Phase-1 packets to the specified hosts, and displays any responses that are received. ike-scan allows you to: Send IKE packets to any number of destination hosts, using a configurable output bandwidth or packet rate. (This is useful [...]

Continue Reading


19 November 2008 | 6,640 views

Dshocker AKA Aush0k Hacker Pleads Guilty to Computer Felonies

Another teen hacker in the news, this guy looks like he has some formidable skills though with the list of crimes he’s perpetrated. He’s pleaded guilty though, so he should get a reduced sentence and he’s still classified as a juvenile offender being only 17 – so that works in his favour too. A juvenile [...]

Continue Reading


18 November 2008 | 5,774 views

Microsoft Security Assessment Tool – Free for Windows

The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and [...]

Continue Reading


17 November 2008 | 5,707 views

Spam ISP McColo Cut Off From the Internet

You might recall we reported a while ago about ‘spam friendly’ ISP Intercage coming back online after having their plug pulled by upstream provider UnitedLayer. They pledged to clean up their act though and drop their biggest client who was an Eastern European malware and phishing host. This time another ISP has been suspected of [...]

Continue Reading


14 November 2008 | 15,093 views

Maltego – Forensics and Intelligence Application & Information Gathering Tool

Maltego is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have [...]

Continue Reading


13 November 2008 | 5,975 views

Express Scripts Offers $1million Reward for Cyber Extortionists

This is an interesting story, I’ll be watching how it develops – it’s not often you see a bounty for online crimes and especially one as enticing as 1 million dollars! That’s a hell of a sum for nailing down some dodgy hackers who are running an extortion scam after a data leak. I really [...]

Continue Reading