Digital Attack Map.

With instructional sales video http://www.theregister.co.uk/2013/09/16/tampered_pos_market_surfaces/

You do need shell access for a user that has sudo’d before, but still, easy way to get root. http://arstechnica.com/security/2013/08/unpatched-mac-bug-gives-attackers-super-user-status-by-going-back-in-time/

In normal situations, when a call or SMS is sent over the network, a cellular tower “pages” nearby devices to find the one that should receive it. Normally, only the proper phone will answer—by, in effect, saying “It’s me,” as Seifert puts it. Then the actual call or SMS goes through. The rewritten firmware can Read more about Software Update to $20 Phones Could Topple 2G Cell Networks[…]

The researchers managed to control an $80 million 210 foot yacht using a cheaply built spoofer. Aircraft were a definite possible target too. EXCLUSIVE: GPS flaw could let terrorists hijack ships, planes | Fox News.

A US company called Emerging Objects researches different materials to use in 3D printers, apart from plastic. So far they can use paper, salt, cement polymer, nylon, wood and acrylics. emerging objects » Materials.

Just like Red October this has been going on for a long time and the antivirus / malware community has been caught with their pants down. They did this by sunberting TeamViewer. They were detected because after 10 years of impunity, the team has been getting sloppy. http://www.theregister.co.uk/2013/03/21/teamspy_cyber_espionage/

The researchers use a timing attack to break SSL Lucky Thirteen: Breaking the TLS and DTLS Record Protocols.

This is supposed to work in almost any application on OSX. Oops. rdar://13128709: OSX apps (TextEdit) crashing in spell-checker (I think)..

During the past five years, a high-level cyber-espionage campaign has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations, gathering data and intelligence from mobile devices, computer systems and network equipment. Kaspersky Lab’s researchers have spent several months analyzing this malware, which targets specific organizations mostly in Eastern Europe, former USSR members and Read more about The “Red October” Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies – Securelist[…]

Especially for entering passwords using your mouse this is a problem. 2 advertisers are known to use the expoit. Internet Explorer tracks cursor even when minimised • The Register.

And this is why it’s a bad idea to store all of this data for 5 years. Are you looking, holland? Two arrested for hacking personal data of 8.7 million phone users | ZDNet.

A useful summary: Cleanly Restarting Your System Used in sequence, some of these actions can be used to cleanly end processes, flush data to disk, unmount all file systems, and restart your computer. To perform this process, press and hold the Alt + SysRq key combination and – while holding the Alt and SysRq keys Read more about Use the Magic SysRq Key on Linux to Fix Frozen X Servers, Cleanly Reboot, and Run Other Low-Level Commands – How-To Geek[…]

Burgemeester hackt kritische site | Webwereld. He used the data he gained to strong arm political opponents. So if your elected mayor is capable of doing this, then what makes you think all the drones and other political forces sitting on top of huge centralised databases won’t be capable of this… to much larger effect?

Thanks to The Open Organisation of Lockpickers (TOOOL) and their ISO Standard Emergency Pick Card, there’s no need to worry! This handy lock-picking tool set will fit in your wallet next to your other cards and can be quickly snapped apart when a situation arises. After the tools have been removed you can put the Read more about TOOOL Emergency Lock-Pick Card[…]

Basically he has thousands of accounts which show amazon products, which link to his amazon account. People click on the links and end up buying the products! Daily Dot | A Pinterest spammer tells all.

Basically it comes down to implementing full disk encryption, creating an encrypted volume inside this with an easy password and a hidden encrypted volume with a hard password which people won’t bother to find. Then installing a tracker to find your laptop back if it gets stolen. Three steps to properly protect your personal data Read more about Three steps to properly protect your personal data[…]

The PANIC Button – thinkl33t.

Basically SCADA systems are so poorly secured you can find their logins on Google. In a protest that people are uncovering vulnerabilities but the suppliers aren’t fixing the problem but rather trying to silence the exploiters entirely, this twitter account is posting links to loads of SCADA systems. So if you want to play with Read more about Poorly secured SCADA systems logins posted live on Twitter[…]

How to Crack a Wi-Fi Network’s WPA Password with Reaver.

The CCC has published all the talks from the 28th Annual Chaos Communications Congress. Watch all of the freshly published talks from 28c3 – Hack a Day.