HNNCast.2010.08.20
HNNCast for the third week of August 2010 -
Top Stories:
Free Malware from Network Solutions, Virgin’s Love Letter to the Bot Herd, V(D)-Cards, Facebook Likes Malware, iPhone Suck and Sell Scam
News:
Defacement Buffet, OhyouwantAUTH? Celebrity Twits, Month of Abyssec Bugs, Underworld Transaction Processor Popped, Facebook Hack 1.0
Tool Time:
RIPS, RS Mangler, ROPME, Halbred, SAMHAIN, nfex, URLVoid, MBSA 2.0 (NOT), nmapsi4
Quickies:
Cold Fusion’s Hot Mess, Facebook Leak, Passwords are Pointless, Insert Mens Room Joke Here, Smudge Attack, Shopping for SQL Injections
Con Phooey:
Hurricane Labs Hack Challenge, LockCon, Hack in the Box, Security B-Sides, ToonCON
Stack of Shame:
-count: 159
-Turning 1 Year Old This Week:
- RealNetworks: ZDI-CAN-569 & ZDI-CAN-568/RISK:HIGH (10=AV:N/AC:L/Au:N/C:C/I:C/A:C)&AV:N/AC:L/Au:N/C:C/I:C/A:C) Discovered 2009-08-20 (365 days ago) by: Anonymous
- Hewlett-Packard , IBM , Sun Microsystems: ZDI-CAN-561/RISK:HIGH (10=AV:N/AC:L/Au:N/C:C/I:C/A:C) Discovered 2009-08-20 (365 days ago) by: Rodrigo Rubira Branco (BSDaemon)
- Sun Microsystems: ZDI-CAN-552/RISK: HIGH (9.4=AV:N/AC:L/Au:N/C:C/I:C/A:N) Discovered 2009-08-20 (365 days ago) by: Sami Koivu
One Response to 'HNNCast.2010.08.20'
Subscribe to comments with RSS or TrackBack to 'HNNCast.2010.08.20'.
Leave a Reply
You must be logged in to post a comment.
Posted: August 21st, 2010
at 10:52pm by tan
Tagged with "Network Solutions", Abysssec, Adobe, Android, Anti-Virus, API, Apple, AV, Axel Rose, binary analysis, botnet, brute force, CCBill, ColdFusion, cPanel, Dallas, darknet.org, defacement, Delaware, dictionary, dislike button, DSS, Essen, Excel, exploit, exploit database, Facebook, Facebook Hacker 1.0, Fethard Finance, file integrity, Fort Worth, gadgets, Georgia Tech Research Institute, GPS Spy, GPU, Guns and Roses, Hack In The Box, Halbred, HP, Hurricane Labs Hack Challenge, IBM, India, Indian Cyber Army, IndiShell, Internet Explorer, Intrusion Detection, iPhone, ISP, Justin Bieber, Kansas City, Koobface, lockcon, LSASS, Malaysia, malware, MBSA 2.0 (NOT), Microsoft, Microsoft codecs, MOAUB, mobile security, Month of Abysssec Undisclosed Bugs, Mozilla, Newcastle, nfex, nmapsi4, OAUTH, Ohio, online supermarket, oracle, PAK Cyber Army, PAK haxors, Pakistan, Palm, passwords, patch, PCI, Penn State, PHP, Pre, python, QT, Real Networks, RIPS, rogue facebook application, ROP Exploit, ROPME, RS Mangler, SAMHAIN, scam, Security B-Sides, securitybsides.com, Shadowserver Foundation, SIM cards, smart phone, smudge attack, sql injection, static source code analysis, Sun, Tapsnake, tcpxtract, tinyurl, Tipping Point, ToonCON, Trojan, Twitter, URLVoid, vCard, Vijay Mallya, Virgin media, virtual business card, vulnerability, WebOS, widget, ZDI, Zero Day Initiative
Comments: 1 comment
Top Stories
Free Malware from Network Solutions
http://blog.armorize.com/2010/08/more-than-500000-network-solutions.html
http://www.pcworld.com/article/203505/koobface_variant_tainted_5_million_websites.html?tk=hp_new
Virgin’s Love Letter to the Bot Herd
http://www.theregister.co.uk/2010/08/16/vm_malware/
V(D)-Cards
http://www.zdnet.co.uk/news/security-threats/2010/08/12/palm-pre-flaw-lets-hackers-bug-calls-40089807/
Facebook Likes Malware
http://www.sophos.com/blogs/gc/g/2010/08/16/facebook-dislike-button-scam-spreads-virally/
iPhone Suck and Sell Scam
http://www.telegraph.co.uk/technology/apple/7951830/Police-crack-criminal-conspiracy-to-make-millions-from-stolen-iPhones.html
News
Defacement Buffet
http://english.peopledaily.com.cn/90001/90777/90851/7104920.html
http://www.hindustantimes.com/Mallya-s-site-hacked-by-Pakistan-Cyber-Army/Article1-587268.aspx
OhyouwantAUTH?
http://news.softpedia.com/news/Hundreds-of-Twitter-Accounts-Compromised-by-Spammers-152237.shtml
Celebrity Twits
http://www.monstersandcritics.com/people/news/article_1578361.php/Teen-hacker-apologises-to-Justin-Bieber
http://gawker.com/5613398/justin-bieber-tweets-enemys-phone-number-to-45-million-followers?skyline=true&s=i
http://www.spoonfed.co.uk/spooners/spoonfed-live-music-team-8190/hacker-pretends-to-be-axl-rose-and-cancels-guns-n-roses-tour-via-twitter-3546/
Month of Abyssec Bugs
http://www.abysssec.com/blog/2010/08/month-of-abysssec-undisclosed-bugs-coming/
Underworld Transaction Processor Popped
http://www.theregister.co.uk/2010/08/16/underground_credit_card_clearing_house_hacked/
http://fethard.biz/
Facebook Hack 1.0
http://www.malwarecity.com/blog/facebook-hacker-a-dangerous-tool-889.html
http://www.metacafe.com/watch/4861377/007_facebook_hack_1_0/
Tool Time
http://sourceforge.net/projects/rips-scanner/
http://www.php-security.org/
http://www.youtube.com/user/SpikeSorcerer
http://pixybox.seclab.tuwien.ac.at/pixy/
http://www.darknet.org.uk/2010/08/rsmangler-keyword-based-wordlist-generator-for-bruteforcing/
http://www.randomstorm.com/rsmangler-security-tool.php
http://www.remote-exploit.org/wyd.tar.gz
http://awlg.org/index.gen
http://www.vnsecurity.net/2010/08/ropeme-rop-exploit-made-easy/
http://halberd.superadditive.com/
http://www.la-samhna.de/samhain/s_faq.html
http://code.google.com/p/nfex/
http://www.urlvoid.com/
http://twitter.com/ToolsWatch/statuses/21500122384
http://sourceforge.net/projects/nmapsi/
Quickies
http://www.theregister.co.uk/2010/08/16/adobe_coldfusion_vuln/
http://seclists.org/fulldisclosure/2010/Aug/131
http://www.gtri.gatech.edu/casestudy/Teraflop-Troubles-Power-Graphics-Processing-Units-GPUs-Password-Security-System
http://www.theregister.co.uk/2010/08/16/andoid_stalking_app/
http://www.zdnet.com/blog/security/researchers-use-smudge-attack-identify-android-passcodes-68-percent-of-the-time/7165?tag=mantle_skin;content
http://seclists.org/fulldisclosure/2010/Aug/187
http://www.japantoday.com/category/crime/view/hackers-steal-customer-data-by-accessing-supermarket-database
Con Phooey
http://www.clevelandhacks.com/
http://toool.nl/LockCon
http://blackbag.nl/?p=1500
http://conference.hackinthebox.org/hitbsecconf2010kul/?page_id=961
http://www.securitybsides.com/BSidesDFW
http://www.tooncon.org.uk/
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
http://www.oracle.com/us/sun/index.html
http://www.real.com/
http://www.hp.com/#Product
http://www.ibm.com/us/en/
tan
22 Aug 10 at 12:21 am