Archive | June, 2009


30 June 2009 | 133,799 views

Kon-Boot – Reset Windows & Linux Passwords

Kon-Boot is an prototype piece of software which allows to change contents of a Linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a Linux system as ’root’ user without typing the correct password or to elevate privileges from current user to [...]

Continue Reading


29 June 2009 | 25,506 views

Michael Jackon Spam/Malware – RIP The King Of Pop

For people of my age and generation and I’d guess for most readers of Darknet, Michael Jackson would have had a great influence on our lives. The biggest news last week was most certainly his death, as usual the bad guys were extremely quick to capitalize on this and were sending out spam within hours [...]

Continue Reading


25 June 2009 | 62,003 views

BackTrack 4 Pre Release Available For Download

You may remember back in February the BETA of BackTrack 4 was released for download, the team have made many changes and have now released BackTrack 4 Pre Release. For those that don’t know BackTrack is the top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started [...]

Continue Reading


24 June 2009 | 10,045 views

Twitter Hack Spreads P*rn Trojan

I had a spam tweet appear in my stream a while back and like Guy Kawasaki I also had absolutely no idea where it came from. Perhaps some kinda XSS flaw in Twitter when I visited a site that spawned the message (in a hidden iframe perhaps). It wouldn’t be the first time Twitter was [...]

Continue Reading


23 June 2009 | 15,714 views

Slowloris – HTTP DoS Tool in PERL

This tool has been hitting the news, including some mentions in the SANS ISC Diary. It’s not actually a new attack (it’s been around since 2005) but this is the first time a packaged tool has been released for the attack. Slowloris holds connections open by sending partial HTTP requests. It continues to send subsequent [...]

Continue Reading


22 June 2009 | 6,221 views

IT Managers Under-Estimate Impact Of Data Loss

I find it a little surprising in this day and age that such a low percentage of IT managers believe data loss is a low impact issue. Don’t they read the news? Don’t they understand how losing customer trust can really effect your bottom-line? I would have thought 30% of respondents thinking data loss was [...]

Continue Reading


19 June 2009 | 11,195 views

Acunetix Web Vulnerability Scanner (WVS) 6.5 Released

You may remember a while back we did a Review of Acunetix Web Vulnerability Scanner 6 – the very full featured web vulnerability scanning software. Well the latest version has been released recently with some updates, bug fixes and improvements on the web application security front. I’m hoping to try out the AcuSensor on a [...]

Continue Reading


18 June 2009 | 4,065 views

Apple iPhone OS 3.0 Released – 46 Security Patches

With the latest version of the Apple iPhone OS being released last night or this morning (depending where in the World you are) I guess most of the iPhone users amongst you would have already installed the software. Everyone I know using an iPhone has already done it without a hitch, it’s been long awaited [...]

Continue Reading


17 June 2009 | 4,471 views

fm-fsf – Freakin’ Simple Fuzzer – Cross Platform Fuzzing Tool

fm-fsf is a new fuzzer/data scraper that works under OSX, Linux (with Mono) and Windows (.NET Framework). Fuzzing tools are always useful if you are looking at discovering some new flaws in a software or web service. Quick Info FSF is a plug-in based freakin’ simple fuzzer for fuzzing web applications and scraping data. It [...]

Continue Reading


16 June 2009 | 10,190 views

Massive Malware Outbreak Infects 30,000 Websites

This looks like a fairly complex infection mechanism combining exploiting websites, injecting JavaScript code then attempted exploitation of host machines and failing that prompting a download for some fake malware. The way they have it all setup is pretty clever too hiding behind common technologies so their infections don’t look out of place. An obfuscated [...]

Continue Reading