HNNCast.2010.07.09
HNNCast for the first week of July, 2010
Lead Stories:
- the iTunes Blues, YouTube XSS, Pirate Bay SQL Injections, Jackpotting, Facebook Admin pwned, Cisco Live SPAM, Cyber Command Code
News:
- Disclosure Debated Again, Photo Kioskery, Cybaby, Romanian FlexiSpies, Symbian Malware, South Korean Poker Jokers, Back Track Backed to get Stacked
Tool Time:
- BinNavi, PDF Dissector, ida2sql, Deblaze, KillerBee, Ostinato, NeoPwn, Cubes, SIP Vicious, SmartCarving
Quickies:
- PAK Bugs Busted, Biden Wifi Taunter Temps Fate, Hacker Croll Update, Brit Banking Boinked by da Boys, GEXA Getsa Disgruntled Ex, PHP Attacks Continue, FBI Truely Crypt-up, Dvorsky Pulls a Palin, Another Superman III Scam, Butterflies and Octopi, I Will Never Click Again, Maine-stay for Malware, Bush gets “Hi” from Saudi Hackers, XPSP3
Cons Call:
- B-Sides Detroit, B-Sides Cleveland, B-Sides Las Vegas, CCC 2011, the NEXT HOPE, dEFFcon 18 Getaway Results, #1 Hacker Contest, DC18 Ninja Party, pwnie Award Nominations Still Open, Hacker Poker Invitational
Stack of Shame
count: 141
There is no Stack of Shame this week. ZDI seems to be split between going with CVSS2 scores or H/M/L… and went BOTH ways… Perhaps this will be worked out soon?
One Response to 'HNNCast.2010.07.09'
Subscribe to comments with RSS or TrackBack to 'HNNCast.2010.07.09'.
Leave a Reply
You must be logged in to post a comment.
Posted: July 11th, 2010
at 5:57am by tan
Tagged with "cross-site scripting", "Hacker Croll", "Hi from Saudi Hackers", "I Will Never Text Again", "Offensive Security", "South Korea", 0day, 2m, 70cm, 802.11.15.4, ActionScript, Anti-Virus, Ap Store, Apple, Ashton Kuchner, ATM jackpotting, Automatic Teller Machines, B-Sides, Back Track Linux, backtrack, Badges, Barnaby Jack, BinNavi, Blackberry, Blackhat, Bluehost, Bob Dvorsky, botnet, carding forum, CCC 2011, Cisco Live, Cleveland, CnC, Cubes, Cybaby, DDoS, Deblaze, defaced, Defcon, Defcon forums, dEFFcon 18 Getaway Contest, Detroit, EFF, email, encrypted string, Ethical Disclosure, Facebook, FBI, Federal Investigative Agency of Pakistan, Flash Remoting, Flexi Spy, forensic, Francois Cousteix, fraud, Fraud Prevention Specialist, FTC, full disclosure, Gen. Keith Alexander, George Bush Presidential Library and Museum, GEXA Energy, GPS, Hack In The Box, Hacker Poker Invitational, HAM radio, ida2sql, International Roll-Call, iPhone, itunes, Japanese Manga, javascript, Joomla, Justin Beiber, KillerBee, Kraken, Las Vegas, Legatt, Lilly Allen, Maine, mainelegislature.org, malware, Mariposa, md5, Microsoft, Microsoft Security Response Center, Microsoft Spurned Researcher Collective, MSRC, N900, NeoPwn, NetBot Attacker, Ninja Networks, NSA, online poker, Ostinato, PAKbugs, PDF Dissector, photo kiosk, PHP, Pirate Bay, piratebay.org, Pokercon, President Obama, Pwnie Awards, Raoul Chiesa, responsible disclosure, Riviera, Sarah Palin, SCADA, security challenge, Service Pack 2, Service Pack 3, Shawn Merdinger, SIP Vicious, smart phone, SmartCarving, SMS, software certification, SPAM, sql injection, Superman III, Symbian, Symbian Series 60, Tavis Ormandy, the Next HOPE, the Underground Economy, the World's #1 Hacker Contest, TrueCrypt, Twitter, U.S. Cyber Command, upSploit, US House of Representatives, USB, Vice President Biden, VM, WiFi, windows mobile, Windows XP, Wireshark, Wordpress, XSS, Yahoo, YouTube, youtube.com, zero-day, Zigbee, Zynamics
Comments: 1 comment
HNNCast for the first week of July, 2010
Lead Stories
the iTunes Blues
http://thenextweb.com/apple/2010/07/07/400-impacted-in-itunes-hacking-apple-not-entirely-the-truth-now-is-it/
http://jobs.apple.com/index.ajs
YouTube XSS
http://www.infosecurity-us.com/view/10729/hackers-disrupt-youtube-itunes-and-wikipedia-on-us-independence-day/
http://www.theregister.co.uk/2010/07/05/youtube_xss_chaos/
Pirate Bay SQL Injections
http://krebsonsecurity.com/2010/07/pirate-bay-hack-exposes-user-booty/
Jackpotting
http://www.bytemods.com/news/201/hacker-forced-to-cancel-hitb-presentation-due-to-legal-threats-by-atm-vendors
Facebook Admin pwned
http://techcrunch.com/2010/07/05/employees-challenged-to-crack-facebook-security-succeed/
Cisco Live SPAM
http://www.networkworld.com/community/node/63432
Cyber Command Code
http://www.wired.com/dangerroom/2010/07/solve-the-mystery-code-in-cyber-commands-logo/#ixzz0t6TexnMk
News
Disclosure Debate
http://www.computerworld.com/s/article/9178768/Microsoft_10_000_PCs_hit_with_new_Windows_XP_zero_day_attack?
http://seclists.org/fulldisclosure/2010/Jul/3
http://tmacuk.co.uk/?p=240
Photo Kiosks
http://risky.biz/big-wirus
Cybaby
http://blog.teusink.net/2010/07/cybaby-software-you-can-use-to-hack.html
Romanian FlexiSpies
http://flexispy.com/
http://news.softpedia.com/news/Smartphone-Spyware-Used-for-Illegal-Wiretapping-in-Romania-143819.shtml
Symbian Malware
http://www.v3.co.uk/v3/news/2266108/symbian-malware-creating-mobile
South Korean Poker Jokers
http://joongangdaily.joins.com/article/view.asp?aid=2922391
Back Track Backed
http://www.backtrack-linux.org/backtrack/backtrack-present-and-future/
Tool Time
BinNavi
http://blog.zynamics.com/2010/07/07/binnavi-3-0-beta-2-released/
PDF Dissector
http://blog.zynamics.com/2010/07/04/pdf-dissector-1-3-0-released/
ida2sql
http://blog.zynamics.com/2010/06/29/ida2sql-exporting-ida-databases-to-mysql/
Deblaze
http://deblaze-tool.appspot.com/
KillerBee
http://killerbee.googlecode.com/svn/trunk/
Ostinato
http://code.google.com/p/ostinato/
NeoPwn
http://www.neopwn.com/index.php
Cubes
http://qubes-os.org/Home.html
SIP Vicious
http://blog.sipvicious.org/
SmartCarving
http://digital-assembly.com
Quickies
http://www.google.com/hostednews/afp/article/ALeqM5j4B8hR2sr-4yxwI8AqjgY7tWTcng
http://www.wired.com/threatlevel/2010/06/hacker-faces-decades-imprisonment/
http://www.pcmag.com/article2/0,2817,2365710,00.asp
http://news.softpedia.com/news/Two-Teenage-Hackers-Responsible-for-12-Million-Fraud-146451.shtml
http://www.securityweek.com/database-admin-sentenced-12-months-prison-hacking-former-employers-network
http://blog.sucuri.net/2010/06/bluehost-talks-down-malware-percentages.html
http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/
http://www.sophos.com/blogs/gc/g/2010/07/08/scammers-hack-senators-email-account/
http://www.computerworld.com/s/article/9178560/FTC_says_scammers_stole_millions_using_virtual_companies
http://blog.fireeye.com/research/2010/06/mariposa-still-alive.html
http://www.scmagazineus.com/kraken-botnet-re-emerges-318000-nodes-strong/article/173611/
http://www.macworld.com/article/152513/2010/07/facebook_app_spam.html
http://www.pressherald.com/news/Hacker-downs-Legislatures-website.html
http://www.chron.com/disp/story.mpl/ap/tx/7095825.html
http://www.govinfosecurity.com/articles.php?art_id=2712&rf=2010-07-02-eg
http://thenexthope.org/2010/06/amateur-radio-at-hope-radio-station-n2h-fcc-exams/
http://action.eff.org/site/TR?fr_id=1040&pg=entry
https://forum.defcon.org/showthread.php?t=11502
http://ninjas.org/badges/defcon18.html
tan
11 Jul 10 at 6:18 am