HNNCast.2011.02.04
HNNCast for the first week of February, 2011
Top Stories
SourceForged, Amazon’s Emergence from the Bronze Age, Online Dating Site Smells Fishy (Must Have Lotsa Girls), Who’s LeaKEY?, pwn2own the Masters Cup for Hackers
News
Anonymous Arrests, STOP-THINK-CONNECT, Virtual Chips to RL Sentence, N0 M0ar 0days, Cyber Patriot III
T00l T1m3
Hardwarez: Ubertooth One Needs a Kickstart
Updates: NoScript, netBIOS ShareScanner, PacketFence, SysInternals
NPE File Analyzer, pyOLE Scanner, Veracode XSS Scan Service, Knock on Mockapetris’ Door, WebService-Attacker, iKAT, NMAP NSE, Seas0nPass to Apple TV, Web Browsers Traces Eraser, Use NIELD to watch your shields
Quickies
Celebrity Twits: Wale Falorin
The State of Data Breach, 1923 Turks, Stuxnet Fall-out, 50 Million Malware Mark, Your Mission Should You Choose to Accept It, Happy Birthday to the Virus, Happy Birthday to the EFF, Number 1 Sucka
Con Fu
Derby Con Calls for Moar Speakers, OWASP Summit THIS Week
B-Sides Round-Up: Greensboro – NC, St. Johns New Brunswick, Cleveland, Austin
Plan Ahead for DefCon, ThotCon SOLD-OUT, Plan Ahead for CanSecWest
Stack of Shame
count: 105 (-6)
34/19 up for release on 2/4/11 – THAT’S TODAY! (-4)
Birthdays:
- Turning 1:
- ZDI-CAN-672 Microsoft CVSS: 10 2010-02-02 (366 days ago) 2011-02-04 Discovered by: Moti Joseph
One Response to 'HNNCast.2011.02.04'
Subscribe to comments with RSS
Leave a Reply
You must be logged in to post a comment.
Posted: February 7th, 2011
at 2:07am by tan
Tagged with 0wned and Exposed, 1923 Turks, amazon, anonymous, Anti-Virus, AppleTV jailbreak, Ashley Mitchell, Austin, AV-Test, Avant, awareness, Back Track Linux, Black&Berg Security, black-mail, brain virus, Breach Disclosure Law, Brian Krebs, Bushehr, CA, Can Sec West, CanSecWest, Central e-Crime Unit, Chernobyl, Chrome, Citrix, Cleveland, Computer Associates, Computer Misuse Act, contest, Contig, Crashfaster, Credit Card data, crypt, Cyber Foundations, Cyber Patriot III, DDoS, Defcon, Derby Con, DHS, DNS enumeration, Dual COre, EFF, Egypt, Electronic Frontier Foundation, exploit database, FBI, Firefox, Google, Greensboro - NC, hacktivism, Hamilton Beach, Happy Ninjas, IE, iKAT, Intel, Iran, Justin Rattner, Kaspersky, Kiosk hacking, Knock, leak, Leggatt, local privilege escalation, malware, McAffee, Metropolitan Police Service, Microsoft, NATO, New Hampshire, NIELD, nmap, NPE File Analyzer, NSE, online dating, Opera, OWASP Summit, passwords, PC computer virus, personal information, Plenty of Fish, prize money, ProcDump, Pwn2Own, pyOLE Scanner, Rio, Russia, Safari, SANS, Seas0nPass, Security B-Sides, source code, SourceForge, St. Johns New Brunswick, STOP-THINK-CONNECT, Stuxnet, TCPView, Thotcon, Trash80, Twitter, USAF, Veracode, virtual poker chips, Wale Falorin, Web Browsers Traces Eraser, WikiLeaks, WS-Attacker, XSS Scan Service, Yemen, ZDI, Zero Day Initiative, Zynga Corporation
Comments: 1 comment
SourceForged
http://sourceforge.net/blog/sourceforge-attack-full-report/
http://sourceforge.net/apps/wordpress/sourceforge/
http://www.theregister.co.uk/2011/01/31/sorceforge_hack_response/
Amazon’s Emergence from the Bronze Age
http://www.reddit.com/r/WTF/comments/f96w7/amazon_security_flaw_wtf
http://www.huffingtonpost.com/2011/01/29/amazon-security-flaw-password-problem_n_815634.html
Online Dating Site Smells Fishy (Must Have Lotsa Girls)
http://plentyoffish.wordpress.com/2011/01/31/plentyoffish-hacked/
http://grumomedia.com/plenty-of-fish-hacked-chris-russos-explains-how-he-did-it/
Who’s leaKEY?
http://news.softpedia.com/news/Former-Kaspersky-Employee-Responsible-for-Leaked-Source-Code-181367.shtml
http://news.softpedia.com/news/Kaspersky-Confirms-Source-Code-Leak-Threatens-Legal-Action-Against-Downloaders-181456.shtml
http://www.zdnet.com/blog/security/pwn2own-2011-google-offering-20000-for-chrome-sandbox-exploit/8051
pwn2own the Masters Cup for Hackers
http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
http://www.theregister.co.uk/2011/02/02/pwn2own_2011/
News
Anonymous Arrests
http://www.pcmag.com/article2/0,2817,2376861,00.asp
http://www.zdnet.co.uk/news/security/2011/01/27/anonymous-ddos-swoop-results-in-five-arrests-40091581/?s_cid=938
http://www.bbc.co.uk/news/technology-12299137
http://www.scmagazineuk.com/anonymous-group-warns-uk-government-about-arrest-of-five-men-saying-it-cannot-arrest-an-ideology/article/195313/
http://gawker.com/5750513/anonymous-hackers-already-taking-down-yemeni-websites
STOP-THINK-CONNECT
http://www.dhs.gov/ynews/releases/pr_1286211160622.shtm
http://www.dhs.gov/files/events/stop-think-connect-psa-challenge.shtm
Virtual Chips to RL Sentence
http://uk.pokernews.com/news/2011/02/uk-hacker-faces-jail-after-stealing-virtual-poker-chips-6188.htm
http://www.thisissouthdevon.co.uk/news/HACKER-ADMITS-STEALING-12m-POKER-CHIPS/article-3170994-detail/article.html
N0 M0ar 0days
http://www.techrevu.com/php/Review-id.php?id=4939
Cyber Patriot III
http://www.uscyberchallenge.org/
http://www.ahherald.com/index.php/2011012210127/Schools/rbr-aoit-students-advance-to-national-finals.html
T00l T1m3
http://www.kickstarter.com/projects/mossmann/ubertooth-one-an-open-source-bluetooth-test-tool
http://ubertooth.sourceforge.net/
http://noscript.net/getit
http://www.vulnerabilitydatabase.com/toolswatch/2011/02/02/netbios-share-scanner-updated-to-v0-3/
http://security-sh3ll.blogspot.com/2011/01/packetfence-v201-released.html?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+security-shell+%28Security-Shell%29
http://www.packetfence.org/news/2011/article/packetfence-201-released.html
http://blogs.technet.com/b/sysinternals/archive/2011/02/01/updates-procdump-v3-02-contig-v1-6-tcpview-v3-03-and-a-new-mark-s-blog-post.aspx
http://www.vulnerabilitydatabase.com/toolswatch/2011/02/02/npe-file-analyzer-v1-0-0-0-released/
http://xchg.info/?p=508
http://www.businesswire.com/news/home/20110131005660/en/Stop-Cross-Site-Scripting-Errors-Veracode-Launches-Free
http://www.darkreading.com/security-services/167801101/security/vulnerabilities/229200109/veracode-launches-free-xss-bug-scanning-service.html
http://www.veracode.com/freeservice
http://www.vulnerabilitydatabase.com/toolswatch/2011/02/02/knock-v1-4-4b/
http://sourceforge.net/projects/ws-attacker/files/WS-Attacker%201.0/
http://mesh.dl.sourceforge.net/project/ws-attacker/Documentation/User-Guide.pdf
http://ikat.ha.cked.net/Linux/
http://seclists.org/nmap-hackers/2011/0
http://www.youtube.com/watch?v=cHzS4L7_C3s
http://files.firecore.com/SP/Seas0nPass.html
http://www.macupdate.com/app/mac/36587/seas0npass
http://www.vulnerabilitydatabase.com/toolswatch/2011/02/02/web-browsers-traces-eraser-v1-2-0-0-released/
http://www.vulnerabilitydatabase.com/toolswatch/2011/01/31/nield-the-network-interface-events-logging-daemon-v0-1-released/
Quickies
http://www.hiphopdx.com/index/news/id.13869/title.hackers-take-over-wales-twitter-fire-shots-at-kid-cudi
http://www.darkreading.com/security/attacks-breaches/229200060/hamilton-beach-reports-hack-credit-card-data-at-risk.html
http://en.wikipedia.org/wiki/Armenian_genocide
http://www.zone-h.org/mirror/id/13001062
http://times.am/2011/02/03/an-expert-%E2%80%9Cturks-have-helped-us-by-breaking-the-web-sites%E2%80%9D/
http://www.armeniadiaspora.com/component/content/article/84-news/2096-turks-break-over-6000-armenian-websites-to-counter-genocide-recognition-process.html
http://www.thinq.co.uk/2011/1/26/russia-asks-nato-investigate-stuxnet-worm/?
[malware-site - URL removed]
http://www.h-online.com/security/news/item/50-million-viruses-and-rising-1178664.html
http://www.nytimes.com/2011/01/27/opinion/27Gibson.html?_r=3
http://www.blackbergsecurity.us/
https://w2.eff.org/birthday/
http://attrition.org/errata/charlatan/
Con Fu
http://www.derbycon.com/call-for-papers/
http://www.owasp.org/index.php/Summit_2011/Remote_Participants
http://owasp.blogspot.com/2011/02/owasp-summit-press-release.html
http://www.owasp.org/index.php/Summit_2011
http://www.owasp.org/index.php/Summit_2011_Remote_Registration
http://www.securitybsides.com/w/page/35130654/AustinAppSecCamp
http://www.securitybsides.com/w/page/27427415/BSidesCleveland
http://www.securitybsides.com/w/page/35302219/BSidesStJohns
http://www.securitybsides.com/w/page/32853890/BSidesGSO
https://www.defcon.org/index.html#riores
http://www.thotcon.org
http://cansecwest.com/
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
8 Feb 11 at 11:44 pm