Crooks Reused Passwords on Hansa and Dream, so Dutch Police Hijacked Their Accounts after running Hansa for a month

Currently, the infosec community and former Hansa vendors themselves have spotted two ways in which Dutch authorities are going after former Hansa vendors. Police gain access to Dream accounts via password reuse In the first, Dutch investigators have taken the passwords of vendors who have the same usernames on both the old Hansa Market and Read more about Crooks Reused Passwords on Hansa and Dream, so Dutch Police Hijacked Their Accounts after running Hansa for a month[…]

It took DEF CON hackers minutes to pwn these US voting machines

This year at the DEF CON hacking conference in Las Vegas, 30 computer-powered ballot boxes used in American elections were set up in a simulated national White House race – and hackers got to work physically breaking the gear open to find out what was hidden inside. In less than 90 minutes, the first cracks Read more about It took DEF CON hackers minutes to pwn these US voting machines[…]

Netherlands turns into total surveillance state: unsupervised mass internet tapping, storage and sharing with whoever they feel like

AMSTERDAM (Reuters) – The Dutch Senate passed a law early on Wednesday giving intelligence agencies broad new surveillance and other powers, including the ability to gather data from large groups of people at once. The Senate’s approval was the last hurdle for the “tapping law,” which was moulded into its current form after years of Read more about Netherlands turns into total surveillance state: unsupervised mass internet tapping, storage and sharing with whoever they feel like[…]

Bloke takes over every .io domain by snapping up crucial name servers

Want to control over 270,000 websites? That’ll be $96 and a handover cockup, please Late Friday, Matthew Bryant noticed an unusual response to some test code he was using to map top-level domains: several of the .io authoritative name servers were available to register. Out of interest, he tried to buy them and was amazed Read more about Bloke takes over every .io domain by snapping up crucial name servers[…]

CIA Vault 7 tools steal active SSH sessions on Linux and Windows

BothanSpy is an implant that targets the SSH client program Xshell on the Microsoft Windows platform and steals user credentials for all active SSH sessions. These credentials are either username and password in case of password-authenticated SSH sessions or username, filename of private SSH key and key password if public key authentication is used. BothanSpy Read more about CIA Vault 7 tools steal active SSH sessions on Linux and Windows[…]

Web inventor Sir Tim and W3C decide to close up the web: world has 2 weeks to appeal

Traditionally, web technology has been open. HTML markup, CSS, and JavaScript code can be viewed (though not necessarily easily understood, thanks to minification), remixed, and reused. The web’s openness allowed it to flourish. But those selling costly content – software and media companies – prefer open wallets to anything goes. So they have employed copy Read more about Web inventor Sir Tim and W3C decide to close up the web: world has 2 weeks to appeal[…]

Create a user called ‘0day’, get bonus root privs – thanks, Systemd!

To obtain root privileges on a Linux distribution that utilizes systemd for initialization, start with an invalid user name in the systemd.unit file. Linux usernames are not supposed to begin with numbers, to avoid ambiguity between numeric UIDs and alphanumeric user names. Nevertheless, some modern Linux distributions, like RHEL7 and CentOS, allow this. The systemd Read more about Create a user called ‘0day’, get bonus root privs – thanks, Systemd![…]

At 18, He Strapped a Rocket Engine to His Bike. Now He’s Taking on SpaceX: Rocket Lab, led by someone who knows what he’s  doing!

After decades of tinkering, Peter Beck and Rocket Lab are poised to bring low-cost launches to the world. Source: At 18, He Strapped a Rocket Engine to His Bike. Now He’s Taking on SpaceX As opposed to running a company on insane working hours and crazy project changes, this guy is launching rockets at $5m Read more about At 18, He Strapped a Rocket Engine to His Bike. Now He’s Taking on SpaceX: Rocket Lab, led by someone who knows what he’s  doing![…]