Ah another trojan, this time targeting MSN Live logins for. The trojan has been made public by some kind citizen calling himself “Our Godfather” on the BitTorrent network. The sad thing is…I guess it works and hundreds of people will have installed it. Malware designed to steal users’ Windows Live Messenger password has been released […]
Archives for 2007
Stompy – The Web Application Session Analyzer Tool
A new tool dealing with web sessions was recently announced, it’s called stompy, a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they’re predictable or simply vulnerable to brute-force attacks, we do have a problem. […]
Huge Online Loss by Swedish Bank Nordea – Claimed to be Biggest Loss?
[ad] A massive online heist, some (like McAfee) claim it’s the biggest ever online sting involving a bank, it’s comes in at about half a million pounds or or $1.1 million USD. Using some l33t0 custom trojan, it seems to be more a case of lack of education and the whole situation could have been […]
PwdHash from Stanford – Generate Passwords by Hashing the URL
[ad] The Common Password Problem. Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As […]
Blue-Ray DRM Cracked Already?
[ad] It didn’t take them long! A while ago some smart chaps worked out the a way to extract the HD DVD and Blu-ray Disc “volume keys” to decrypt AACS DRM on individual films (This was about 2 months ago). Now they have cracked the scheme behind it, the so called “processing key” used to […]