Ethic Security

Papers | The Honeynet Project

2009-09-17T17:03:00.000-07:00

Hack In The Box Forums • View topic - Penetration Tester's Lab - Hack your own machine (win2k sp4)

2009-09-17T17:02:00.000-07:00

Hack In The Box Forums • View topic - Penetration Tester's Lab - Hack your own machine (win2k sp4):

"I just install windows 2000 pro sp4 into vmware & now I want to do some penetration testing on this machine…hopefully u can help me to find all vulnerabilities in this machine…"

CITRIX: Owning the Legitimate Backdoor | GNUCITIZEN

2009-09-17T17:00:00.000-07:00

CITRIX: Owning the Legitimate Backdoor | GNUCITIZEN:

"The other day I was performing some CITRIX poking, so I had a lot of fun with breaking GUIs, which, as most of you probably know, are trivial to break into. I did play around with .ICA files as well, just to make sure that the client is not affected by some obvious client-side vulnerabilities. This exercise led me to reevaluate many things about ICA (Independent Computing Architecture). For example, when querying Google and Yahoo for public .ICA files, I was presented with tones of wide open services, some of which were located on .gov and .mil domains."

Two convicted for refusal to decrypt data • The Register

2009-08-12T06:57:00.000-07:00

Two convicted for refusal to decrypt data • The Register:

"Two people have been successfully prosecuted for refusing to provide authorities with their encryption keys, resulting in landmark convictions that may have carried jail sentences of up to five years."

Chinese Spying Claimed in Purchases of NSA Crypto Gear | Threat Level | Wired.com

2009-07-10T12:32:00.000-07:00

Chinese Spying Claimed in Purchases of NSA Crypto Gear | Threat Level | Wired.com:

"A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources."

Microsoft knew of nasty IE bug a year before attacks • The Register

2009-07-09T06:20:00.000-07:00

Microsoft knew of nasty IE bug a year before attacks • The Register: "Microsoft was aware of a critical vulnerability in an Internet Explorer component at least 12 months before attackers started targeting it in lethal exploits that take full control of end-users' PCs, a member of its security team said Wednesday."

Online attack hits US government Web sites

2009-07-09T06:15:00.000-07:00

Online attack hits US government Web sites:

"A botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites and causing headaches for businesses in the U.S. and South Korea.

The attack started Saturday, and security experts have credited it with knocking the U.S. Federal Trade Commission's (FTC's) Web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the U.S. Department of Transportation (DOT)."

RIAA lawsuit throws good money after bad - Computerworld Blogs

2009-07-09T06:14:00.000-07:00

RIAA lawsuit throws good money after bad - Computerworld Blogs:
"It is hard to understand what possible good can come from the Recording Industry Association of America's continuing lawsuit against Jammie Thomas-Rasset. Earlier this year the single mother was hit by a $1.92 millon judgement for sharing 1,072 copyrighted songs on a home computer on which the Kazaa file sharing software was running. She continues to appeal."

spammimic - hide a message in spam

2009-07-01T23:38:00.000-07:00

spammimic - hide a message in spam

One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards

2009-06-30T07:01:00.000-07:00

One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards:

"One Hacker's Audacious Plan to Rule the Black Market in Stolen Credit Cards"

Superhacker Max Butler Pleads Guilty | Threat Level | Wired.com

2009-06-30T06:56:00.000-07:00

Superhacker Max Butler Pleads Guilty | Threat Level | Wired.com: "PITTSBURGH — A skilled San Francisco-based computer hacker who once sought to unite the cyber underworld under his benign rule pleaded guilty to federal wire fraud charges here Monday, admitting he stole nearly 2 million credit card numbers from banks, businesses and other hackers, which were used to rack up $86 million in fraudulent charges."

Pentagon signs off on Cyber Command

2009-06-30T06:46:00.000-07:00

Pentagon signs off on Cyber Command:

"The U.S. Secretary of Defense ordered the military to create a unified command to act as the nation's central hub for cyber capabilities and commanded the Pentagon to develop a policy framework for cyberspace operations."

Lifehacker - Geek to Live: Encrypt your data - Downloads

2009-06-08T19:59:00.000-07:00

Lifehacker - Geek to Live: Encrypt your data - Downloads:

"Everyone's got files they'd like to keep out the the hands of intruders or casual passerby. Ever concerned you'll lose the thumb drive where you backed up four years of post-graduate research? Every worried your 5-year-old will accidentally open the um, grownup files just meant for Mommy and Daddy? Worry no more. Today we'll go over a simple way to encrypt sensitive files or entire external disk drives to protect them from prying eyes."

L0phtCrack - Windows & Unix Password Auditing & Recovery

2009-06-08T14:49:00.000-07:00

L0phtCrack - Windows & Unix Password Auditing & Recovery

L3DGEWorld 2.3

2009-06-08T14:43:00.000-07:00

L3DGEWorld 2.3:

"L3DGEWorld 2.3 is a data visualisation utility based on Open Arena, a GPL'd game that makes use of the Quake III Arena (Q3A) game engine. It was initially designed to be a network monitoring and control application, but can be easily used for other purposes by developing other input and output daemons [1]. The daemons provided with L3DGEWorld 2.3 allow monitoring and control of a live network to take place from within a virtual world created by the L3DGEWorld engine."

IT Security - The Industry's Web Resource

2009-06-08T14:23:00.000-07:00

IT Security - The Industry's Web Resource

Home | Learn Security Online

2009-06-08T14:20:00.000-07:00

Home | Learn Security Online

Top Five (5) Best Criminal Computer Hackers of All Time | Marvquin, LLC

2009-06-08T14:13:00.000-07:00

Top Five (5) Best Criminal Computer Hackers of All Time | Marvquin, LLC:

"These hackers are the ones that you've seen in shackles arrested for cybercrimes when they were just getting out of puberty. Some have done it for financial gain others just for fun."

5 Best Pen-Test Linux Distributions | LinuxHaxor.net

2009-06-08T14:11:00.000-07:00

5 Best Pen-Test Linux Distributions | LinuxHaxor.net:

"Linux distributions are often customized to perform many specialized tasks cater to a particular industry, hobby or business. Security Penetration testing is one such niche where professional (and hobbyists) use customized Linux distributions with the whole purpose of doing security tests on networks and personal computer (hopefully with permission). Most of these distribution are live CDs which can be used without having to install them to your computer. Today we will take a look at some of best Pen-test distributions out there."

Hacker penetrates T-Mobile systems

2009-06-08T10:58:00.000-07:00

Hacker penetrates T-Mobile systems:
"A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned"

Swedish courts find The Pirate Bay guilty

2009-04-17T23:46:00.000-07:00

Swedish courts find The Pirate Bay guilty:
"A Swedish court sentenced on Friday four operators of the well-known file-sharing site The Pirate Bay to a year each in prison, a landmark victory for the music and movie industries."

Electricity Grid in U.S. Penetrated By Spies - WSJ.com

2009-04-15T18:24:00.000-07:00

Electricity Grid in U.S. Penetrated By Spies - WSJ.com:

"WASHINGTON -- Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials."

Behind GhostNet - F-Secure Weblog : News from the Lab

2009-04-15T18:22:00.000-07:00

Behind GhostNet - F-Secure Weblog : News from the Lab:

"The GhostNet spy network was built by infecting sensitive computers with backdoor/Remote Administration Tools (RAT). Most of these are modified and obfuscated versions of Poison Ivy (description) or Gh0st RAT.

These tools are open source backdoors, maintained by loose gangs of hackers.

And these gangs operate openly."

I-Hacked.com Taking Advantage Of Technology - Inside Programmable Road Signs

2009-04-15T18:21:00.000-07:00

I-Hacked.com Taking Advantage Of Technology - Inside Programmable Road Signs:
"How many times have you driven by an electronic road sign like one of these?"

I-Hacked.com Taking Advantage Of Technology - Twitter Security Cam

2009-04-15T18:20:00.000-07:00

I-Hacked.com Taking Advantage Of Technology - Twitter Security Cam:

"The following will walk you through setting up a video-surveillance system that will detect motion, enable your webcam, take pictures of the intruder, and upload the pics online and notify your cell phone via an twitter SMS message."