Less than a week after our story about Facebook Introducing OTP (One-time Password) Functionality to make the site more secure, their dubious privacy standards have hit the news again. Facebook privacy has been in the news numerous times and it’s a subject we’ve also covered many times, with the sheer mass of users on the […]
USBsploit 0.3b – Generate Reverse TCP Backdoors & Malicious .LNK Files
PoC to generate Reverse TCP backdoors (x86, x64, all ports), running Autorun or LNK USB infections, but also dumping all USB files remotely on multiple targets at the same time. USBsploit works through Meterpreter sessions with a light (27MB) modified version of Metasploit. The interface is a mod of SET (The Social Engineering Toolkit). The […]
Half Of Home Wi-Fi Networks In The UK Vulnerable to Hacking/WiFi-Jacking
Once again WiFi security is in the news, this time a new report in the UK shows that almost half of UK home WiFi networks could be compromised within 5 seconds. While that sounds a little dramatic it wouldn’t surprise me if a lot still have no WEP key at all. And even if they […]
Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions
Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. Supported Platforms […]
Facebook Introduces OTP (One-time Password) Functionality
Nice to see an innovation on the security front for once rather than endless ‘feature’ updates and announcements of ‘the next big thing’. Facebook has had its fair share of security woes so it’s nice to see they are doing something which I think may be genuinely useful for it’s burgeoning user base. A lot […]