Archive | March, 2009


16 March 2009 | 5,384 views

BBC Unleashes Botnet For ‘Investigation’

The BBC has made an odd move recently by buying/seeding a botnet of 22,000 computers under the guise of investigative journalism. They claim it’s not illegal as they caused no harm and only sent spam to e-mail accounts used by themselves. Technically I think it’s still breaking the law under the Computer Misuse Act but [...]

Continue Reading


12 March 2009 | 29,647 views

WarVOX – Wardialing Tool Suite (Explore, Classify & Audit Telephone Systems)

WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, [...]

Continue Reading


11 March 2009 | 3,502 views

Malware Distributor & Bot Network Master Sentenced To 4 Years

It seems to the feds are really cracking down on cybercrime recently, with a special kind of attention paid to botnets and their handlers. The sentences are getting stiffer too, this time with 4 years in prison for running a botnet and data theft. I hope they keep it up, botnets are the scourge of [...]

Continue Reading


10 March 2009 | 4,474 views

VideoJak – IP Video Security Assessment Tool

What is VideoJak? VideoJak is an IP Video security assessment tool that can simulate a proof of concept DoS against a targeted, user-selected video session and IP video phone. VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264. VideoJak works by first capturing the RTP port used [...]

Continue Reading


09 March 2009 | 3,475 views

Google Native Client Security/Hacking Contest – Win $8,192 USD!

What is Native Client? Native Client is an open-source research technology for running x86 native code in web applications, with the goal of maintaining the browser neutrality, OS portability, and safety that people expect from web apps. We’ve released this project at an early, research stage to get feedback from the security and broader open-source [...]

Continue Reading


06 March 2009 | 4,377 views

fzem – MUA (Mail User Agent) / Mail Client Fuzzer

fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses. Purpose fzem’s purpose is to fuzz MUAs as they process email content and handle server reponses. How does it work? fzem has the three main mail protocols implemented as well as [...]

Continue Reading


05 March 2009 | 9,258 views

Twitter ClickJacking Vulnerability

Click-jacking has hit the news a few times recently with most browsers being susceptible to this kind of redirection attack. This time it’s Twitter that’s being hit, as with anything gaining popularity it’s going to become the focus of more attacks and attempts to compromise its security. It seems like click-jacking may well be here [...]

Continue Reading


04 March 2009 | 19,311 views

Medusa v1.5 Released – Parallel, Modular Login Brute Forcing Tool

Finally an update to Medusa! Version 1.5 of Medusa is now available for public download. Medusa 1.4 was released quite some time back in November 2007 and before that Medusa 1.3 showed up November 2006. You would have thought version 1.5 would have been released in November 2008! Looks like they missed by a few [...]

Continue Reading


03 March 2009 | 11,411 views

Koobface Worm Variant Hits Facebook

Koobface is computer worm that targets the users of the social networking websites Facebook and Myspace. Koobface ultimately attempts, upon successful infection, to gather sensitive information from the victims such as credit card numbers. A new variation of Koobface has popped up aggressively on Facebook and is attempting to steal login credentials for other social [...]

Continue Reading