Archive for the ‘Security’ Category

Unu on a rampage

Using SQL injection and the recent IIS faults, a grey hat hacker called Unu from Romania has hacked 4 large banks and a UK government website. He’s on a roll, and MS has no fix for their IIS holes… Hacker ‘Unu’ valt Europese banken aan | Webwereld.

MI6 gets into the secret losing business

True to the Labour Governments’ form, yet ANOTHER serious data breach has been executed by government agencies. What’s surprising this time, is that it was done by a trained MI6 operative, who lost all the details about covert anti-drug operations in Columbia! Yes, that would be contact names, agent names and adresses and other details, […]

The UK will lose your data one way or another

If the government isn’t handing out your personal data on USB sticks, laptops or just through their unsecure own networks, they’ll dump computers containing your hospital and patient data unencrypted on the streets for you to take home with you. They can’t give it away fast enough! Now, let’s make a database with all the […]

ID card staff lose security passes

Not only does the UK seem to have an uncanny way of losing their huge centralised databases unencrypted, they also have a hand in losing the physical cards the data is supposed to go on. Which means that it won’t be a problem to fake ID’s in the UK, no matter what biometrics and clever […]

Debian Security Tools

Debian comes installed standard without much in the way of active security (such as a firewall, a file state checker, disk encryption, etc) but has got the packages to implement an actively secure environment. Given a little work you can securify Debian with existing packages quite nicely. This article has a nice list of the […]

Secure your Quantum Computer

Researchers are allready looking into the security of quantum computers. Basically they throw up a castle of fake data and take the computer off the network for a loooooong time compared to normal computers. This is necessary due to the inherent fragility of the states of the qubits, but surprisingly doesn’t really contribute to slower […]

How to go round the no fly list

Christopher Soghoian set up a site that allowed you to print your own boarding passes, exploiting a big hole in US domestic flight security, which allows anyone to board domestic flights without showing IDs if they allready have a boarding pass.

Vista woes

Vista is upsetting everyone, with rumours that you can’t turn off the starting sound or have access to the kernel etc. but now it’s getting quite serious. First, Patchguard has been compormised by Authentium prompting a backlash from Redmond stating that companies have no business even trying to compromise the kernel protection because it makes […]

Security Engineering

This book was reccomended by Bruce Schneier and is now downloadable for free.

DIY Cryptbook

Use Linux to create a cryptographically protected laptop. Cheap and easy.

An oblique attack on DRM

In an interesting new vector, now it’s the libraries that are attacking DRM – on the grounds that as libraries they are exempted from these DRM laws as it’s their job to provide anyone who wants it with content. Also, as copyright expires legally, so does the legality of the DRM – but will the […]

Fake your fingerprints

Easy to do and takes, what, 5 hours on a free sunday afternoon?

Read and retransmit proximity cards

DIY way to go do it

How to crack WEP

Well, we all knew wifi is unsafe – here’s how to make it unsafe for yourself using 2 laptops with wifi cards. Script kiddies eat your heart out. And this is part 2

BluejackQ

There’s a page dedicated to hijacking your mobile phone via Bluetooth. Appropriately enough, it’s called BluejackQ. Linkie: http://www.bluejackq.com/index.shtml

Windows 2003 and XP vulnerable to LAND DoS attack

LAND attack: Sending TCP packet with SYN flag set, source and destination IP address and source and destination port as of destination machine, results in 15-30 seconds DoS condition. Which is funny. The last time the LAND attack was seen was about 8 years ago. It’s a trivial remote DoS and you’d think that even […]

PaX: One bug and they roll over and die, how lame is that?

http://msgs.securepoint.com/cgi-bin/get/bugtraq0503/73.html

 
Skip to toolbar