WordPress 2.0.7 Follows Hot on the Tail of WordPress 2.0.6

Recently a bug in certain versions of PHP came to the attention of the WordPress developers, this bug could cause a security vulnerability in your any blogs running version 2.0.6 or below blog. It was fairly easy to work around, so they decided to release 2.0.7, just 10 days after the release of 2.0.6, to […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

Pentagon Hacker Gary McKinnon Appeals against US Extradition

It seems like it’s getting really serious in the Gary McKinnon case, he’s facing what looks like his last appeal against the US anti-terror law case against him for hacking some NASA systems by guessing the weak passwords. Not like he’s really a terrorist, or did any damage…he did something very stupid though, bruised the […]

Tags: , , , , , , , , , , ,

Posted in: General News, Legal Issues | Add a Comment

SPIKE Proxy – Application Level Security Assessment

SPIKE Proxy is part of the SPIKE Application Testing Suite, It functions as an HTTP and HTTPS proxy, and allows the web developer or web application auditor low level access to the entire web application interface, while also providing a bevy of automated tools and techniques for discovering common problems. These automated tools include: Automated […]

Tags: , , , , , , , , , , ,

Posted in: Hacking Tools, Network Hacking, Web Hacking | Add a Comment

Rock Phish Group Accounts for 50% of Online Scams?

It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam. The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20. 20% of the people are sending 80% of the messages, one of the big […]

Tags: , , , , , , , , , , , , , ,

Posted in: General News, Phishing, Spammers & Scammers | Add a Comment

Nmapview – Graphical Interface (GUI) for Nmap on Windows

Finally a replacement for the way outdated and rather crappy NmapFE! Unfortunately sometimes we do have to actually use Windows, and Nmap cleverly overcame the problems with raw sockets on Windows SP2 by using ATM frames instead, so it’s cool. Now we just need a decent GUI so it fits into the whole scheme of […]

Tags: , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

Microsoft Word 0-day Exploits – QUESTION.DOC

There’s been quite a few Microsoft related exploits recently, but not in Windows, people have moved their focus towards the application layer and the top of the OSI stack. This time it was a 0-day Vulnerability in Microsoft Word. The original news comes from SANS Internet Storm Center Diary (ISC). Microsoft has reported Word 2003, […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

AttackAPI 2.0 Alpha – JavaScript Hacking Suite

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. AttackAPI 2.0 branch is a lot better then the 1.x. […]

Tags: , , , , , ,

Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment

WordPress 2.0.5 Trackback Vulnerability with Exploit

WordPress was “born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL. It is the official successor of b2/cafelog. WordPress is fresh software, but its roots and development go back to 2001. It is a mature and stable product. We hope by focusing […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
MTR

MTR – Traceroute on Steroids

MTR was written by Matt Kimball, with contributions by many people. Take a look at the “AUTHORS” file in the distribution. Roger Wolff took over maintenance of MTR in october 1998. MTR combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool. As MTR starts, it investigates the network connection […]

Tags: , , , , , , ,

Posted in: General Hacking, Network Hacking | Add a Comment

Organised Cyber Criminals Recruiting Fresh Grads

Criminals are not stupid, cyber criminals are the same breed, perhaps even smarter than the traditionalists as they are utilising new ways of doing the same old tricks online. Now the online criminals are recruiting fresh grads to help them push the boundaries further. Organised crime is “grooming” a new generation of would-be cybercriminals using […]

Tags: , , , , , , ,

Posted in: General News, Malware, Phishing | Add a Comment