HNNCast.2011.01.28
HNNCast for the last week of January, 2011
Top Stories
Funny Facebook, Peeping the Net, Goat Insurance, Wikilution Chapter Two, Operation Egypt
News
Hey there’s a Hole in your Hat, Lush Needs to Sober Up, Android Tales, Zeus Gettin Loose
T00l T1m3
Updates: Armitage, SET, RAT, L0phtCrack, ZAP
Phresh: Web Scanner Weview@WAVSEP, CANVAS is VoIPPackin, Recover the Orb in Mobius, Tu Luka Round Yer System, Bounce Riff-Raff at the Door, MAEC New Friends by Speaking Their Language
Quickies
Dancho Returns, UFOs in Argentina,Khorashad K0ps, Communication Breakdown, Apple’s Orchard, URL Shortners are for Shady char(1)s, POOPNUGGET, Dont’ Fear the Torrent
Con Fu
HackInParis, Defcon 19, Security B-Sides San Francisco, ThreatScapes
Stack of Shame
count: 111 (-8)
38/19 up for release on 2/4/11 (-5)
Birthdays
- Turning 1:
- ZDI-CAN-628 Sun Microsystems CVSS: 10 2010-01-26 (359 days ago) 2011-02-04 Discovered by: Sami Koivu
- Turning 2:
- ZDI-CAN-420 Hewlett-Packard CVSS: 10 2009-01-26 (724 days ago) 2011-02-04 Discovered by: Anonymous
- ZDI-CAN-419 Hewlett-Packard CVSS: 10 2009-01-26 (724 days ago) 2011-02-04 Discovered by: Anonymous
- ZDI-CAN-418 Hewlett-Packard CVSS: 10 2009-01-26 (724 days ago) 2011-02-04 Discovered by: Anonymous
- ZDI-CAN-417 Hewlett-Packard CVSS: 10 2009-01-26 (724 days ago) 2011-02-04 Discovered by: Anonymous
7 Days until 2/4/11
One Response to 'HNNCast.2011.01.28'
Subscribe to comments with RSS
Leave a Reply
You must be logged in to post a comment.
Posted: January 30th, 2011
at 9:09am by tan
Tagged with ACH, admin, Andrew Weinhamer, Android OS, anonymous, Apple, Argentine Air Force, Armitage, AT&T, Blackhat DC, botnet, Bouncer, breech, Brian Krebs, CA, Canvas, comprmise, Computer Associates, Conficker, credit card numbers, cyber police, Dancho Danchev, Daniel Spitler, David Rice, defacement, Defcon 19, Department of Defense, eGold, Egypt, Facebook, fake AV, FBI, Fear the MusicBay, Fedora Infrastructure Team, Fedora Project, Fedora SCM, Geekonomics, GoatSe Security, Google, HackInParis, HP, Imperva, insurance file, internet forums, iPad, Iran, Italian Government, Ivan Krstifa, Jackson Brown, Jon Callas, L0phtCrack, Lush, MAEC, malware, Mark Zuckerberg, Massachusettes Legislature, Mendozza, metasploit, Microsoft, Mobius, Money Broker, Mozilla, netSpend, Nicolas Sarkozy, Noche, OLPC, online pharmacies, Operation Egypt, oracle, OWASP, password guessing 4chan, PGP, Plainfield School District, poopnugget, RAT, Security B-Sides San Francisco, SET, Social Engineering Toolkit, Soundminer, SSL, State of Michigan, State of Utah, Stuxnet, Sun, The Pirate Bay, ThreatScapes, Trojan, Tuluka, Tunisa, Twitter, UFO, URL shortner, USB, VoIPPack, WAVSEP, Web Application Vulnerability Scanner, Web Money, Weev, Window Snyder, ZAP, ZDI, Zero Day Initiative, Zeus
Comments: 1 comment
Top Stories
Funny Facebook
http://www.net-security.org/secworld.php?id=10493
https://threatpost.com/en_us/blogs/facebook-uses-social-authentication-shield-tunisian-protesters-012411
http://www.dailymail.co.uk/news/article-1350026/Hackers-break-Sarkozys-Facebook-page-announce-resignation.html
http://blog.facebook.com/blog.php?post=486790652130
http://news.cnet.com/8301-27080_3-20029630-245.html
Peeping the Net
http://blog.imperva.com/2011/01/major-websites-govmiledu-are-hacked-and-up-for-sale.html
http://krebsonsecurity.com/2011/01/ready-for-cyberwar/
http://www.computerworld.com/s/article/9205905/Got_500_You_can_buy_a_hacked_U.S._military_website
http://h30501.www3.hp.com/t5/Following-the-White-Rabbit-A/Exclusive-Q-amp-A-with-hacker-quot-srblche-srblchez-quot/ba-p/18361
Goat Insurance
http://security.goatse.fr/making-things-right
http://security.goatse.fr/gaping-hole-exposed
http://praetorianprefect.com/archives/2010/06/114000-ipad-owners-the-script-that-harvested-their-e-mail-addresses/
http://www.zdnet.co.uk/news/security-threats/2011/01/27/atandt-ipad-hackers-become-hacking-targets-40091577/?s_cid=938
Wikilution Chapter Two
https://threatpost.com/en_us/blogs/facebook-uses-social-authentication-shield-tunisian-protesters-012411
http://www.theregister.co.uk/2011/01/25/tunisia_facebook_password_slurping/
Operation Egypt
http://www.youtube.com/watch?v=yOLc3B2V4AM
http://www.theregister.co.uk/2011/01/27/anonymous_egyptian_protest/
http://www.bostonherald.com/news/columnists/view/20110124some_pols_say_twitter_ban_for_the_birds/
News
Hey there’s a Hole in your Hat
http://threatpost.com/en_us/blogs/fedora-system-compromised-012511
http://lists.fedoraproject.org/pipermail/announce/2011-January/002911.html
Lush Needs to Sober Up
http://www.youtube.com/watch?v=tmPgKe0E7-k&feature=player_embedded
http://www.lush.co.uk/
http://www.net-security.org/secworld.php?id=10478
Android Tales
http://www.youtube.com/watch?v=_wDhzLuyR68&feature=youtu.be
http://www.pcworld.com/businesscenter/article/217133/soundminer_android_malware_listens_then_steals_phone_data.html
http://www.pcworld.com/businesscenter/article/217384/dont_fear_the_android_security_bogeyman.html
http://www.thinq.co.uk/2011/1/20/android-phone-used-usb-hack-attack/
Zeus Gettin Loose
http://threatpost.com/en_us/blogs/zeus-targeting-online-payment-services-012011
http://www.theregister.co.uk/2011/01/21/zeus_payment_provider_diversification/
T00l T1m3
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/25/artmitage-ui-for-metasploit-v01-21-11-released/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/the-social-engineer-toolkit-v1-2-%E2%80%9Cshakawkaw%E2%80%9D-released/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/darkcomet-rat-updated-to-v3-0-1/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/l0phtcrack-v6-0-11-available/
http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/wavsep-1-0-web-application-vulnerability-scanner-evaluation-project/
http://enablesecurity.com/2011/01/25/voippack-1-4-with-added-support-for-cisco-and-trixbox/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/mobius-forensic-toolkit-v0-5-6-1-fix-released/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/tuluka-kernel-inspector-v1-0-394-77-released/
http://www.coretraceblogs.com/2011-01/bouncer-6-brings-enterprise-ready-application-whitelisting-to-mac-and-linux-platforms/#more-2752
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/26/maec-malware-attribute-enumeration-characterization-v1-1-released/
Quickies
http://www.scmagazineus.com/dancho-danchev-returns/article/194786/
http://www.ufo-blogger.com/2011/01/argentina-air-force-website-hacked-to.html
http://www.msnbc.msn.com/id/41223191/ns/technology_and_science-security/
http://www.malwarecity.com/community/index.php?app=downloads&showfile=12
http://online.wsj.com/article/SB10001424052748704279704576102433926728902.html?mod=googlenews_wsj
http://www.zdnet.com/blog/security/apple-signs-on-for-some-geekonomics/7968
http://www.thinq.co.uk/2011/1/20/twitter-hit-new-googl-worm/?
http://www.zdnet.com/blog/security/twitter-worm-hits-googl-redirects-to-fake-anti-virus/7938
http://www.pcworld.com/businesscenter/article/217601/hackers_get_access_to_new_jersey_school_data_system.html
http://torrentfreak.com/the-music-bay-pirate-bay-110122/
http://fear.themusicbay.org/
Con Fu
http://www.hackinparis.com/
https://forum.defcon.org/forumdisplay.php?f=559
http://www.securitybsides.com/w/page/30975276/BSidesSanFrancisco
http://thinkst.com/threatscapes.shtml
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
30 Jan 11 at 9:59 am