Archive | General Hacking


02 July 2010 | 4,855 views

Adobe Patches PDF Vulnerabilities Being Exploited In The Wild

At least! Adobe has sorted itself out and released patches for 17 critical vulnerabilities in their Reader and Acrobat applications. We reported back in January about Active Exploitation Of Unpatched PDF Vulnerabilities. The latest slew of vulnerabilities has been actively exploited by hackers for at least the past month as detected in the wild by […]

Continue Reading


27 May 2010 | 39,408 views

eLearnSecurity – Online Penetration Testing Training

Introduction If you are in the information security industry, or plan to be you’ve probably been looking at the various infosec certifications available. Back when I started there really wasn’t anything available, there were no infosec degrees and no professional certs. Only later some high level ones came from SANS, then more jumped on the […]

Continue Reading


03 May 2010 | 7,478 views

New Malware Variants More Malicious Than ILOVEYOU Bug

So no big surprise here, malware is getting more malicious! It’s good to know though and it’s good that companies out there like Messagelabs, under the watchful eye of Symantec, are trying to measure what is going on in malware land. The malware/worm landscape has always been a fast moving one and my guess is […]

Continue Reading


14 April 2010 | 7,367 views

Hackers Penetrate Apache.org In Direct Targeted Attack

This is not the first time Apache.org has been hacked, it was comprised back in September 2009 using SSH keys. This time another targeted attack against the site was successful and allowed the attackers to capture the passwords of users logging into the bug-tracking service. It also exposed the entire password list, which sadly although […]

Continue Reading


23 February 2010 | 8,528 views

US Investigators Pinpoint Author Of Google Attack Code

The big news over the past few months were the Aurora attacks and how they seemed to originate from China, last month Microsoft took the unusual step and released an Out-Of-Band patch for the IE6 0-Day vulnerability used in the attacks. Within the last few days the origin of the code was traced to 2 […]

Continue Reading


21 January 2010 | 7,939 views

Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability

Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE. The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution Prevention). It was rumoured this was the exploit used last week to compromise Google […]

Continue Reading


30 November 2009 | 6,284 views

Home Secretary says McKinnon must face US trial

Since the last update almost a year ago when Gary won the right to appeal against extradition, the latest news in the Gary Mckinnon saga is that his extradition to the US for trial will be going ahead. Even with his apparent medical condition of Ass Burgers Asperger’s it seems he will be extradited anyway […]

Continue Reading


04 November 2009 | 10,903 views

UCSniff 3.0 Released – VoIP/IP Video Sniffing Tool

UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free and […]

Continue Reading


03 November 2009 | 21,956 views

Using Cloud Computing To Crack Passwords – Amazon’s EC2

Now this is interesting a proper mathematical calculation for using cloud computing to crack passwords, now Amazon has opened up their EC2 (Elastic Compute Cloud) the cost of massive parallel processing power has come right down. And guess what, someone thought of using it to crack passwords. It seems the cut-off would be a 12 […]

Continue Reading


13 October 2009 | 9,459 views

UK Government To Launch ‘Hack Idol’

Now this should be interesting, perhaps they should turn it into a hacking based reality TV show? From the description though it looks more centered around defense than offense and perhaps should be called ‘System Administrator Idol’. Not quite so catchy though is it. Well at least they doing something to try and nurture talent […]

Continue Reading