Archive | April, 2009


30 April 2009 | 3,250 views

Amazon Disputes Hacker Claims of Ranking Manipulation

A while back it was all over the blogs and Twitter that Amazon had somehow demoted Gay and Lesbian themed books to keep them from showing up in searches. There was outrage from all the civil rights folks especially in the LBGT camp (rightfully so if it was true). After that the rumour started the [...]

Continue Reading


29 April 2009 | 6,575 views

ScreenStamp! – Free Screenshot Tool With Timestamp

What is ScreenStamp! ScreenStamp! is basically a screen grabbing application for pen-testing and people working in forensics. The app will ask you for a location to save your screen shots to, along with a name that the program will number, allowing the user to concentrate on the job at hand as opposed to saving screen [...]

Continue Reading


28 April 2009 | 3,795 views

Industrial Control Systems Safe? I Think Not

It seems like there is some serious hacking going on, attacks on power stations and industrial control systems. You’d think most of these systems would be offline, or at least behind a solid DMZ. But as we’ve seen before they often get exposed by people plugging into the LAN then accessing the net through dial-up [...]

Continue Reading


27 April 2009 | 3,991 views

OAT (OCS Assessment Tool) – Office Communication Server Security Assessment Tool

OAT is an Open Source Security tool designed to check the password strength of Microsoft Office Communication Server users. After a password is compromised, OAT demonstrates potential UC attacks that can be performed by legitimate users if proper security controls are not in place. Features Online Dictionary Attack Presence Stealing Contact List Stealing Single User [...]

Continue Reading


23 April 2009 | 4,045 views

Spammers Recover from McColo Shutdown – Spam Back To 91%

You might remember back in November last year Spam ISP McColo was Cut Off From the Internet and there was a fairly drastic drop in spam e-mail traffic. Well it looks like the spammers have got their acts back together as spam levels are back up to 91% of their previous volume. Having McColo shut [...]

Continue Reading


22 April 2009 | 6,560 views

EFIPW – Modify Apple EFI Firmware Passwords

EFIPW is a tool that can be used to decode and modify Apple EFI firmware passwords via the command line. It is designed after the non open source OFPW utility and is designed to work on Intel machines running Leopard or newer. Useful for lab deployments (setting the firmware password of machines as a post [...]

Continue Reading


21 April 2009 | 8,630 views

Hacker Develops Tool To Hide Malware in .NET Framework

Once again something is wrong with part of the Microsoft suite of software and once again they are denying it’s anything to do with them. This time a researcher has developed a rootkit style infection tool aimed at the .Net framework. Most modern computers come with .Net of some description installed so this could be [...]

Continue Reading


17 April 2009 | 15,008 views

Charles Web Debugging Proxy – HTTP Monitor & Reverse Proxy

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). Charles can act as a man-in-the-middle for HTTP/SSL communication, enabling you to [...]

Continue Reading


16 April 2009 | 6,009 views

Multiple Bugs In Anti-Virus Software Revealed

A spate of bugs have popped up recently in quite a few of the major anti-virus brands, some are old bugs which have just been made public and some are apparently new bugs – just discovered. Nothing too serious it seems (no remote takeover vulnerabilities) mostly just crashes and annoyances. Included are Symantec’s Norton Anti-virus, [...]

Continue Reading


15 April 2009 | 5,513 views

Lynis 1.2.6 Released – UNIX System & Security Auditing Tool

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. It [...]

Continue Reading