Archive | 2014


28 May 2014 | 2,049 views

Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet

Pretty smart idea this one, we wrote about Yahoo! spreading Bitcoin mining malware back in January, but we haven’t really seen any of that type of activity since then. But this, this is a much better target audience – gamers with high powered GPUs! Especially as this is one of most hyped ‘next-gen’ games for [...]

Continue Reading


26 May 2014 | 3,215 views

Moscrack – Cluster Cracking Tool For WPA Keys

Moscrack is a PERL application designed to facilitate cracking WPA keys in parallel on a group of computers. This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes. With Moscrack’s new plugin framework, hash cracking has become possible. SHA256/512, DES, MD5 and *Blowfish Unix password hashes [...]

Continue Reading


22 May 2014 | 1,201 views

eBay Hacked – 128 Million Users To Reset Passwords

The big news this week is that the massive online auction site eBay has been hacked, the compromise appears to have taken place a few months around February/March but has only come to light recently when employee login credentials were used. This is 3 times bigger than the massive 42 Million passwords leaked by Cupid [...]

Continue Reading


20 May 2014 | 2,885 views

Hook Analyser 3.1 – Malware Analysis Tool

Hook Analyser is a freeware application which allows an investigator/analyst to perform “static & run-time / dynamic” analysis of suspicious applications, also gather (analyse & co-related) threat intelligence related information (or data) from various open sources on the Internet. Essentially it’s a malware analysis tool that has evolved to add some cyber threat intelligence features [...]

Continue Reading


14 May 2014 | 1,654 views

Navy Sys Admin Hacks Into Databases From Aircraft Carrier

So this story caught my eye and I found it pretty interesting as it reads like something out of a Tom Clancy novel crossed with a bunch of script kiddies, a Navy Sys Admin has been charged with conspiracy to hack – the interesting part was that he hacked the Navy (whilst working there..) and [...]

Continue Reading


13 May 2014 | 1,948 views

Acunetix Vulnerability Scanner 9.5 Released

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing. This week the latest version was released, [...]

Continue Reading


07 May 2014 | 2,133 views

MagicTree v1.3 Available For Download – Pentesting Productivity

Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host or service? Or copy-pasting bits of output from a bunch of typescripts into a report? We certainly did, and that’s why we [...]

Continue Reading


06 May 2014 | 2,961 views

Teen Accused Of Hacking School To Change Grades

So an interested piece of news I spotted today is about Jose Bautista, an 18 year old from Miami-Data, USA who was arrested and charged with hacking school to change grades. It seems he’s being dealt with fairly harshly, which is a trend with ‘hacking’ related crimes nowadays. We did have a story similar to [...]

Continue Reading


02 May 2014 | 1,385 views

Host-Extract – Enumerate All IP/Host Patterns In A Web Page

host-extract is a little ruby script that tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. With it, you can quickly identify internal IPs/Hostnames, development IPs/ports, cdn, load balancers, additional attack entries related to your target that are revealed in inline js, css, html comment [...]

Continue Reading


01 May 2014 | 758 views

Microsoft Confirms Internet Explorer 0-Day

So during the past weekend, Microsoft confirmed an Internet Explorer 0-day that is actually being used in targeted online attacks. Vulnerability in Internet Explorer Could Allow Remote Code Execution It will be interesting to see if they push an out of band patch for this one or just wait for the next Patch Tuesday. It’s [...]

Continue Reading