Archive | Exploits/Vulnerabilities


28 May 2012 | 2,134 views

Complex Cyberwar Tool ‘Flamer’ Found Infecting Computers In Iran & Israel

In December last year, Microsoft released the patch for the vulnerability used by Duqu to propogate itself across Windows desktops. The other nasty worm going around was Stuxnet – both cyberwarfare tools, and most recently a piece of malware claimed to be more sophisticated than both has been found infecting computers in the middle east. [...]

Continue Reading


17 May 2012 | 1,380 views

Hackers Break Into Bitcoin Exchange Site Bitcoinica

Bitcoin hasn’t been having a great time lately, there have been a few high profile, large dollar amount hacks of Bitcoin Exchange sites (basically the Bitcoin banks). The latest involved $90,000USD and a high likelihood that the user database was compromised too. It seems like Bitcoin, despite all the hype, might die a slow death [...]

Continue Reading


23 April 2012 | 869 views

Anonymous Take Down Official F1 Site As Bahrain Protest

It seems like the latest target for Anonymous is the F1 due to the race that took place in Bahrain and the human rights issues in the country. They DDoSed the official F1 site (formula1.com), which was up and down on Saturday and defaced another related site (f1-racers.net) which also contains some details from ticket [...]

Continue Reading


11 April 2012 | 1,290 views

Microsoft Delivers 6 Out Of Band High Priority Security Updates

Now it was only last month when everyone was wrapped up in the MS12-020 RDP Exploit Code In The Wild issue. As it turns out, Microsoft have been hiding some more serious security issues under the carpet. Apparently attackers are already exploiting the MS12-027 flaw in ActiveX in the wild – although Microsoft of course [...]

Continue Reading


03 April 2012 | 1,748 views

Zero Day Java Vulnerability Exploited – Macs Infected With Flashback Malware

Interesting timing this one, just a couple of days ago we reported – Avira Joins The Crowd & Starts To Offer Mac Antivirus Software – and now an unpatched vulnerability in Java for Mac OS that is being exploited in the wild. The vulnerability (CVE-2012-0507) was patched in Java by Oracle back in February, but [...]

Continue Reading


19 March 2012 | 8,430 views

MS12-020 RDP Exploit Code In The Wild

The big news that erupted towards the end of last week was about the latest pretty serious vulnerability patched quietly by Microsoft, AKA MS12-020 (which plenty of people are using to bait skiddies into downloading dodgy code). The flaw is in the RDP (Remote Desktop Protocol) service – which is a pretty bad service to [...]

Continue Reading


16 March 2012 | 5,304 views

backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)

backfuzz is a fuzzing tool for different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer). The general idea is that this script has several functions already predefined in the file “functions.py”, so whoever wants to write their own plugin’s (for another protocol) you can do so in a few lines [...]

Continue Reading


21 February 2012 | 10,716 views

UK Facebook Hacker Jailed For 8 Months

It’s a pretty harsh sentence if you ask me, especially since Facebook decided in July 2011 to start paying bug bounties. I have to say though, this guy must be a pretty talented hacker to break into the Facebook servers – they aren’t exactly low hanging fruit. I’d imagine they are some of the most [...]

Continue Reading


28 December 2011 | 11,996 views

US Subway Stores POS Hacked For $3Million Dollars

Honestly there hasn’t been much news over the holiday period, well maybe there was but no one bothered reporting it. There was the Stratfor case of course, which Anonymous is saying wasn’t anything to do with them. The scale of this incident somehow reminds me of the whole TJ MAXX fiasco a few years back. [...]

Continue Reading


15 December 2011 | 8,080 views

No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Continue Reading