Rock Phish Group Accounts for 50% of Online Scams?

It seems common in most things, and it’s the same in infosec and especially malware, phishing and spam. The majority of malware, phishing attacks and spam mails are coming from the same few sources, I’d say it’s a case of 80/20. 20% of the people are sending 80% of the messages, one of the big […]

Tags: , , , , , , , , , , , , , ,

Posted in: General News, Phishing, Spammers & Scammers | Add a Comment

Nmapview – Graphical Interface (GUI) for Nmap on Windows

Finally a replacement for the way outdated and rather crappy NmapFE! Unfortunately sometimes we do have to actually use Windows, and Nmap cleverly overcame the problems with raw sockets on Windows SP2 by using ATM frames instead, so it’s cool. Now we just need a decent GUI so it fits into the whole scheme of […]

Tags: , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment

Microsoft Word 0-day Exploits – QUESTION.DOC

There’s been quite a few Microsoft related exploits recently, but not in Windows, people have moved their focus towards the application layer and the top of the OSI stack. This time it was a 0-day Vulnerability in Microsoft Word. The original news comes from SANS Internet Storm Center Diary (ISC). Microsoft has reported Word 2003, […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

AttackAPI 2.0 Alpha – JavaScript Hacking Suite

AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies. AttackAPI 2.0 branch is a lot better then the 1.x. […]

Tags: , , , , , ,

Posted in: Hacking Tools, Programming, Web Hacking | Add a Comment

WordPress 2.0.5 Trackback Vulnerability with Exploit

WordPress was “born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL and licensed under the GPL. It is the official successor of b2/cafelog. WordPress is fresh software, but its roots and development go back to 2001. It is a mature and stable product. We hope by focusing […]

Tags: , , , , ,

Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment

MTR – Traceroute on Steroids

MTR was written by Matt Kimball, with contributions by many people. Take a look at the “AUTHORS” file in the distribution. Roger Wolff took over maintenance of MTR in october 1998. MTR combines the functionality of the ‘traceroute’ and ‘ping’ programs in a single network diagnostic tool. As MTR starts, it investigates the network connection […]

Tags: , , , , , , ,

Posted in: General Hacking, Network Hacking | Add a Comment

Organised Cyber Criminals Recruiting Fresh Grads

Criminals are not stupid, cyber criminals are the same breed, perhaps even smarter than the traditionalists as they are utilising new ways of doing the same old tricks online. Now the online criminals are recruiting fresh grads to help them push the boundaries further. Organised crime is “grooming” a new generation of would-be cybercriminals using […]

Tags: , , , , , , ,

Posted in: General News, Malware, Phishing | Add a Comment

LMCrack – Windows LanMan Hash Cracker Tool with Download

As a security consultant, job functions include Penetration Testing and Vulnerability Assessments. The aim of these types of engagements is to demonstrate risk to the customer. One of the steps involved in demonstrating risk is password auditing (“cracking”) in order to assess the strength and quality of passwords in use in the environment. On a […]

Tags: , , , , , , , , , , , , ,

Posted in: Hacking Tools, Password Cracking, Windows Hacking | Add a Comment

Serious Exploit in Windows Media Player (WMP)

Oh look! Another 0-day in Windows…this time in Media Player, there was a few in Word lately and the latest thing that just hit is an XSS flaw in PDF files online. I’ll report more on those later. The Windows Media Player library WMVCORE.DLL contains a potentially exploitable heap buffer overflow in its handling of […]

Tags: , , , , , , ,

Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment

SIFT Web Services Security Testing Framework

SIFT has released a new Intelligence Report titled ‘A Web Services Security Testing Framework‘. The framework covers the entire web services security testing process incorporating detailed threat modelling, scoping and planning methodologies tailored specifically for web services applications. Web services are a widely touted technology that aim to provide tangible benefits to both business and […]

Tags: , , , , , ,

Posted in: Web Hacking | Add a Comment