Archive | March, 2012

Avira Joins The Crowd & Starts To Offer Mac Antivirus Software

Keep on Guard!


For years the Apple geeks were always self-praising and postulating that their OS was so secure and superior that it didn’t need any silly Anti Virus software. Things changed a couple of years back though, probably in 2009 when Mac OS X Snow Leopard Bundled With Malware Detector.

Not long after that the commercial crowd starting moving into the Mac anti virus arena – in 2010 Sophos Launched a FREE Anti-Virus Software For Mac.

And last year in 2011, it was claimed that Mac Malware was Becoming a Serious Threat. The latest entrant into this area is Avira.

German security company Avira has released free antivirus software for Apple Macs, joining a host of security software providers offering protection for OS X.

Avira said Apple’s market share for computers has increased, which has been followed by an increase in malicious software programs. The company said the product will not contain advertising or marketing pop-up ads.

Many of the top security software companies offer security software for Macs, with some for free. Kaspersky Lab, Intego, PC Tools, Symantec, McAfee and Trend Micro all offer paid security software, while Sophos offers its Mac product for free.

Apple has marketed itself as inherently more secure than Windows. Security experts have said its platform is just as prone to software vulnerabilities as other operating systems, but Windows is targeted more due to its high market share.

Again it’s a free offering, I guess Avira wants to move into the market too before anyone else like Sopho/Mcafee/Symantec manages to dominate it. With the Apple marketshare growing it’s a wise move to get in before they get excluded.

It’s an interesting move to offer free software though, perhaps they just want to use it as a bait and if the Mac market grows enough they can release a paid for ‘premium version’.


In a sign of the increasing prevalence of Mac malware, Apple rolled out an antimalware tool called XProtect in 2009, which is periodically updated to detect new malware.

Avira also released an application for Android phones that can remotely lock or locate a device as well as erase its data. Using a web-based interface, the phone’s owner can display a “call owner” message on the device with a number.

A missing Android device can be plotted on Google Maps. It can also be commanded to make a loud sound for 20 seconds, Avira said. Up to five phones can be managed remotely. The application is free and works with Android 2.2, known as Froyo, and 2.3, nicknamed Gingerbread.

And as we all know, OSX isn’t really any more secure than Windows – it just so happens the marketshare and pure mass of Windows users is so large that it makes a lot more sense to target them. Plus Mac users tended to be more tech savvy (a few years back before all the clueless hipster douchebags jumped on the Apple bandwagon) so they kept their software up to date.

Mac malware is becoming a serious threat though and I’d suggest any of you using Macs may want to consider installing some kind of AV software.

Source: Network World

Learn about Apple



Posted in: Apple, Countermeasures, Malware, Security Software

Topic: Apple, Countermeasures, Malware, Security Software

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


SSLyze v0.4 Released – Scan & Analyze SSL Server Configuration

Outsmart Malicious Hackers


SSLyze is a Fast and Full-Featured SSL Scanner – it enables Better, faster scanning to analyze the configuration of SSL servers.

Supports cipher suites scanning, insecure renegotiation verification, session resumption testing, client certificates, and more. Tested on Python 2.6 & 2.7 with Ubuntu and Windows 7, both 32 and 64 bits. Might work on other platforms as well. Based on OpenSSL and a custom SSL Python wrapper.

We first mentioned SSLyze when it popped up last year in December –

sslyze – Fast and Full-Featured SSL Configuration Scanner

New in v0.4

  • Support for OpenSSL 1.0.1 and TLS 1.1 and 1.2 scanning. See –tlsv1_1 and –tlsv1_2.
  • Support for HTTP CONNECT proxies. See –https_tunnel.
  • Support for StartTLS with SMTP and XMPP. See –starttls.
  • Improved/clarified output.
  • Various bug fixes.

You can download SSLyze v0.4 here:

sslyze-0.4_src.zip

Or read more here.

Learn about Countermeasures



Posted in: Countermeasures, Networking Hacking, Web Hacking

Topic: Countermeasures, Networking Hacking, Web Hacking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


eLearnSecurity Launches Newly Updated & Refreshed Penetration Testing Professional Training v2

Keep on Guard!


Introduction

It’s been a while since we’ve mentioned this course, of course since we mentioned it back in May 2010 – eLearnSecurity – Online Penetration Testing Training – eLearnSecurity has been making continuous improvements to the course-ware and the subject matter.

But now in 2012, it’s time for them to release their major facelift – Penetration Testing Professional Version 2.

eLearnSecurity

The crew over at eLearnSecurity has drastically improved the overall course material, and if you are familiar with the first iteration you can see they’ve put a lot of effort into it.

Whats New With v2

There’s a lot of new stuff 4 hours of new up to date videos, 800 new slides and even completely new modules – with a makeover on all material.

PTP V2

All new material is now based on Backtrack 5 and Metasploit 4.2/4.3 – so you don’t have to worry about learning to use outdated tools and techniques. Some of the changes/additions are below:

  • The first two sections of the course (Network & System Security) have seen the most changes. Whilst the Web Application security section has undergone a content review but has had no new additions in terms of contents.
  • The use and the samples within the course have been updated to match the new features of the most important tools: Metasploit, Maltego, SET, Nmap and others.
  • Many new tools like FOCA, ShodanHQ, ncrack, Immunity Debugger, HPing2 have been added and covered in-depth within the new videos.
  • The slide deck has been completely redone and significant improvements have been made in readability and usability. You will now find immediate access to videos contained in each module and also references for further reading about each topic.
  • Hera Lab is the new virtual lab that our students can access through VPN to practice all the techniques related to system security and network testing.
  • A very detailed and in-depth analysis of Windows authentication protocols such as LM, NTLMv1 and NTLMv2 is provided through videos and real world examples that the student can test against the Hera Lab machines (This is a completely new chapter).

A lot of feedback has been gathered from the students and users of the course-ware and those have been implemented in this new version to enable faster, more efficient learning.

The Course – Details About The New Stuff!

The training course is still divided in three main knowledge domains:

  1. System Security
  2. Network Security
  3. Web Application Security

System Security (& Exploit Development)

This section covers:

  • Module 1: Introduction
  • Module 2: Cryptography and Password Cracking
  • Module 3: Buffer Overflow
  • Module 4: Shellcoding
  • Module 5: Malware
  • Module 6: Rootkit coding

This section included some of the simplest explanations of Exploit development and shell-coding available today, however it has been further improved with more samples, videos and tools that aid in the process of exploitation.

The videos are really clear, move at a good pace and have a very easy to follow voice-over – you can see the video demo running Metasploit on BackTrack 5.

PTP V2

More C++ and ASM basics are covered in the Introductory model and this should lower the entrance barrier for someone without these kinds of skills. The contents in this section are a lot better organized now and much easier to understand in practice thanks to a Virtual Machine pre-built with C++ compilers, Assemblers, Debuggers, Disassemblers and all the samples included throughout the section.

The Virtual Machine is available within Hera Lab and accessible in VPN/RDP. This drastically minimize the time required to the student to configure the environment. The good part is that the student is also taught how to configure the environment on his own machine for use even after the Lab time expires.

Network Security testing

This section covers:

  • Module 1: Information Gathering
  • Module 2: Scanning
  • Module 3: Enumeration
  • Module 4: Sniffing and MITM attacks
  • Module 5: Exploitation
  • Module 6: Post-exploitation
  • Module 7: Anonymity
  • Module 8: Social Engineering

4 out of 8 modules in this section have undergone major changes, the Information Gathering module in v1 had some overlapping information with Information Gathering module in Web Application security so it really required a re-work.

The Information Gathering module has been completely redone from scratch and has been created systematically along side a methodology which will allow you to thoroughly investigate a target organization from a business and technical perspective.

At the end of the module students can practice all the business related investigation techniques against a fictitious company created by eLearnSecurity with an actual web presence and documents available online. This real world exercise and the Information Gathering lab included in Hera Lab, makes this module a very hands on module.

The Port Scanning module now includes techniques to evade IDS’s and Firewalls as well as an in depth study of the Idle Scan technique that most of the times goes unused even by experienced pentesters. The author decided to use HPing2 to first demonstrate the technique at low level and then Nmap.

Exploitation module is now not just an introduction to the use of Metasploit but offers some great coverage of:

  • Low hanging fruits – Weak or non-existent authentication in network services like RDP or SSH
  • Windows Authentication Protocols Weaknesses
  • More advanced Client side and Remote exploitation

The exploitation module also contains a thorough review of the Java Rhino client side exploit with two videos on how to use it against Windows and Linux by modifying SET and mount a fairly complex attack.

But the part that shines the most in v2 of this training course is the Post Exploitation module that provides a clear cyclic process in 4 steps to escalate privileges, maintain access, harvest internal documents or credentials and exploit and infiltrate further internal networks through pivoting.

The depth of the information in section and the logical flow with which it has been assembled shows the stark difference between free stuff you can find online and a course you need to pay for.

Conclusion

It’s a great update to an already very strong course, I honestly can’t wait to see where they take it next. I want to clear some time to check out Hera Lab properly and get a hands on feel of what they are doing with that.

Remember if you are looking for something more basic/entry level – there is also the Penetration Testing – Student Course/Training by eLearnSecurity.

eLearnSecurity crew has confirmed to me that they are going to add new labs and scenarios every month to cover new parts of the training material and new tools that will be released in the future.

The feedback they’ve gotten on the first version is testament enough, over 2,000 professionals from 81 different countries worldwide have taken the first version of the training course.

Total price of the Penetration Testing Professional Training v2 + eCPPT Certification Exam + 30 days access or 30 hours usage time of Hera Lab is $699.

Find out more here: http://www.elearnsecurity.com/

Learn about Advertorial



Posted in: Advertorial, Hacking News

Topic: Advertorial, Hacking News

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


MS12-020 RDP Exploit Code In The Wild

Outsmart Malicious Hackers


The big news that erupted towards the end of last week was about the latest pretty serious vulnerability patched quietly by Microsoft, AKA MS12-020 (which plenty of people are using to bait skiddies into downloading dodgy code).

The flaw is in the RDP (Remote Desktop Protocol) service – which is a pretty bad service to have a flaw in as it’s generally exposed over the Internet – as that’s the whole point of it (remote access huhu).

It reminds me of the predecessor to RDP – TS (Terminal Services) – who remembers that one? And TSGrinder of course..

Luigi Auriemma, the researcher who discovered a recently patched critical vulnerability in Microsoft’s Remote Desktop Protocol (RDP), published a proof-of-concept exploit for it after a separate working exploit, which he said possibly originated from Microsoft, was leaked online on Friday.

Identified as CVE-2012-0002 and patched by Microsoft on Tuesday, the critical vulnerability can be exploited remotely to execute arbitrary code on systems that accept RDP connections.

Security experts have expressed concern because exploiting this vulnerability does not require authentication, which means that it can be used to create a computer worm.

However, the fact that RDP is disabled by default on Windows workstations limits the number of potential targets, so we shouldn’t worry about the next Conficker, said Carsten Eiram, chief security specialist at Danish vulnerability research firm Secunia.

Even so, the vulnerability still presents an interest for attackers because the RDP service is commonly used in enterprise environments and is usually accessible through firewalls.

“This is an attractive vulnerability from an exploitation standpoint and various parties are spending significant resources on developing reliable exploits for this,” Eiram said.

The upside? RDP is disabled by default, and most home users wouldn’t even know what it is. So I think we are pretty safe from some kind of mass infection worm type malware spawning from this vulnerability. Also, right now only the PoC code is out there, not an actual working exploit – that keeps us safe from the people dealing with low hanging fruit.

The downside? A LOT of businesses use RDP for support, desktop management and so on – and it’s quite often exposed to the Internet facing interfaces. Not a good idea, but since when did corporates make smart security decisions? Plus I don’t think it will take a massive amount of time for someone nefarious character to convert the PoC into a working exploit.


Creating a working exploit for the CVE-2012-0002 vulnerability is not trivial, Microsoft security engineers Suha Can and Jonathan Ness said in a blog post on Tuesday. “We would be surprised to see one developed in the next few days. However, we expect to see working exploit code developed within the next 30 days.”

However, an exploit appeared earlier Friday on a Chinese file hosting website, and its creator is most likely Microsoft itself, Auriemma said. “The executable PoC [proof-of-concept exploit] was compiled in November 2011 and contains some debugging strings like MSRC11678, which is a clear reference to the Microsoft Security Response Center (MSRC).”

Furthermore, the exploit sends a special packet that is identical to the one the researcher included in his report to ZDI (Zero Day Initiative), a program that pays researchers for vulnerability reports and later shares the details with the affected vendors. Auriemma is sure it’s the same packet because it contains unique elements that he added to it.

The researcher believes that Microsoft created the exploit for internal testing and then shared it with other security vendors through its Microsoft Active Protections Program (MAPP) to enable them to create attack and malware signatures.

The file might have been leaked by one of those companies or by a Microsoft employee, either directly or indirectly, Auriemma said. There is also the possibility of a hacker stealing it from Microsoft, but that’s unlikely, he added.

It seems it was the same PoC code that was originally submitted to Microsoft, as confirmed by a Microsoft representative in a blog post here:

Proof-of-Concept Code available for MS12-020

The details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protections Program (MAPP) partners. Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements.

So much for trusted partners eh?

Source: Network World

Learn about Exploits/Vulnerabilities



Posted in: Exploits/Vulnerabilities, Windows Hacking

Topic: Exploits/Vulnerabilities, Windows Hacking

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


backfuzz – Multi-Protocol Fuzzing Toolkit (Supports HTTP/FTP/IMAP etc)

Keep on Guard!


backfuzz is a fuzzing tool for different protocols (FTP, HTTP, IMAP, etc) but also has no-protocol plug-ins (Example: File Fuzzer). The general idea is that this script has several functions already predefined in the file “functions.py”, so whoever wants to write their own plugin’s (for another protocol) you can do so in a few lines and add it to the script.

That’s the main power of it, it’s extensible. You can follow the format of existing plugins – for example the HTTP fuzzing plugin.

The code is still in BETA and requires a lot of work to get better, so any questions / suggestions / criticism / comment are welcomed by the author.

backfuzz - Multi-protocol Fuzzing Toolkit

Installation

You can read more here.

Learn about Exploits/Vulnerabilities



Posted in: Exploits/Vulnerabilities, Secure Coding

Topic: Exploits/Vulnerabilities, Secure Coding

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.


Former LulzSec Leader Sabu Flips Sides & Informs For The FBI

Outsmart Malicious Hackers


This is pretty epic, the big buzz last week was all about Sabu and how he was a traitor to LulzSec and Anonymous.

Now most people think things like these only happen in the movies, secret arrests followed by strong-arm tactics to make the perp turn and be an informant for the feds. Sounds like a line straight out of the The Shield or Homeland.

It turns out the LulzSec leader was arrested some time last year and has been an informant for the FBI since then

In a major break for law enforcement, several members of the LulzSec and Anonymous hacking groups were arrested this morning based on information provided by “Sabu,” the shadowy LulzSec leader who was secretly arrested last year.

Sabu, LulzSec’s main spokesman who was identified today by FoxNews.com as Hector Xavier Monsegur, has been working as an informant for the FBI since his arrest. Those arrested today included a member of the AntiSec hacking group who is believed responsible for the massive intrusion at security think tank Stratfor last December.

News of the arrests, was first reported by FoxNews.com this morning. A law enforcement official in New York today confirmed the arrests and said that six hackers belonging to the Anonymous, LulzSec and Antisec groups were nabbed in U.S. and overseas locations. The official described those arrested as “principal members” of Anonymous and LulzSec.

The U.S. Department of Justice has scheduled a press conference this morning to release further details on the arrest, the official said. According to FoxNews, the FBI arrested two men from Great Britain, two from Ireland, and one from Chicago.

An indictment listing the charges is expected to be unsealed today in U.S. District Court for the Southern District of New York, FoxNews said.

A whole bunch of arrests were made today based on the information Sabu has been feeding to the feds, some pretty serious characters were taken down. Apparently Sabu was caught in the first place because of a rookie mistake – he logged onto IRC just once without using Tor and exposed his real IP address.

That was all it took for the feds to hunt him down and leverage him as an informant, and the fact he has kids – and well who wouldn’t want to stay out of prison for their offsprings?


FoxNews.com described Monsegur as an unemployed 28-year old father of two who apparently coordinated with thousands of hackers around the world from a room in a public housing project in New York’s Lower East Side. Monsegur, who was arrested by the FBI last year, pleaded guilty to several charges related to his hacking activities and has been a cooperating witness since then, according to Fox.

LulzSec, an offshoot of the Anonymous hacking collective, is believed to be responsible for numerous attacks against government, military and commercial entities. The group is said to be responsibile for a series of attacks last summer for a series of attacks against News International, Booz-Allen Hamilton and other high-profile organizations.

After the FBI arrested several members of Anonymous last July, LulzSec and Anonymous released a joint statement vowing not to let the arrests dampen their hacking attacks and daring law enforcement to catch them.

“We are not scared any more,” the joint statement had read. “Your threats to arrest us are meaningless to us as you cannot arrest an idea.”

Sabu appears to have been arrested by the FBI shortly after that boast.

News of Sabu’s arrest prompted several tweets from Anonymous this morning, including one that threatened retaliation. “The way Sabu & gang took control of Anonops.. anonops gonna retaliate,” the tweet said.

Sabu seems to have working from the FBI office, maintaining his online habits and conversations since August last year – whilst the feds sneakily collected information from the people he was talking to.

He even got busted last month for pretending to be a Federal Agent.

It’ll be interested to see how this pans out and if many more arrests will be made.

Source: Network World

Learn about Legal Issues



Posted in: Legal Issues, Privacy

Topic: Legal Issues, Privacy

Latest Posts:


AWSBucketDump - AWS S3 Security Scanning Tool AWSBucketDump – AWS S3 Security Scanning Tool
AWSBucketDump is an AWS S3 Security Scanning Tool, which allows you to quickly enumerate AWS S3 buckets to look for interesting or confidential files.
nbtscan Download - NetBIOS Scanner For Windows & Linux nbtscan Download – NetBIOS Scanner For Windows & Linux
nbtscan is a command-line NetBIOS scanner for Windows that is SUPER fast, it scans for open NetBIOS nameservers on a local or remote TCP/IP network.
Equifax Data Breach - Hack Due To Missed Apache Patch Equifax Data Breach – Hack Due To Missed Apache Patch
The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.
Seth - RDP Man In The Middle Attack Tool Seth – RDP Man In The Middle Attack Tool
Seth is an RDP Man In The Middle attack tool written in Python to MiTM RDP connections by attempting to downgrade the connection to extract clear text creds
dcrawl - Web Crawler For Unique Domains dcrawl – Web Crawler For Unique Domains
dcrawl is a simple, but smart, multithreaded web crawler for randomly gathering huge lists of unique domain names. It will branch out indefinitely.
Time Warner Hacked - AWS Config Exposes 4M Subscribers Time Warner Hacked – AWS Config Exposes 4M Subscribers
What's the latest on the web, Time Warner Hacked is what it's about now as a bad AWS S3 config (once again) exposes the details of approximately 4M subs.