You might remember earlier in March, the Target CIO resigned due to the huge breach in December last year. Now in an unprecedented move, the banks are suing Target’s security vendor – Trustwave. It’s a class-action suit accusing them of failing to detect the breach. It seems a bit of a stretch though, there’s no […]
Archives for March 2014
Blackhash – Audit Passwords Without Hashes
A traditional password audit typically involves extracting password hashes from systems and then sending those hashes to a third-party security auditor or an in-house security team. These security specialists have the knowledge and tools to effectively audit password hashes. They use password cracking software such as John the Ripper and Hashcat in an effort to […]
NSA Large Scale TURBINE Malware Also Target Sysadmins
So more revelations coming out about the NSA from the latest batch of documents leaked by Edward Snowden. This time they detail a huge malware infection system created for widespread infections, it seems fairly advanced with the ability to spit out different types of malware depending on the target. Other than the TURBINE malware engine, […]
ODA – Online Web Based Disassembler
ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes (part of binutils), ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex, and machine level instructions. ODA is an online Web […]
Target CIO Beth Jacob Resigns After Huge Breach
So the latest news this week is that the Target CIO Beth Jacob has resigned, it seems to be somewhat linked to the massive heist of credit card details from Target that took place in December last year. To be fair it was a fairly complex, high-level attack and I’m pretty sure most companies would […]