HNNCast.2011.03.25
HNNCast for the third week of March, 2011
Top Stories
Under the Comodo, Recent Security Acquisition turns Incident, PHPwned, b107
News
j35t3r sets DoS Record, Smart-phone Security Sucks, DoS Flurry, Going Wayback with the Saltine
T00l T1m3
Updates: PacketFence, winAUTOPWN, SAMHAIN, JBROFuzz, Arachni, Fiddler, Burpsuite, Skipfish, Yara, THICKNET
Fresh: J-HAT/HPROF, GnackTrackR6, MOSCRACK, Creepy
Hardwarez: FUNcube
Note: MoonSols Utilities
Quickies
Celebrity Twits, Plans to Nix IE6, pwned and Poppin’, Vendor Insecurity List, SHA-3 Field Narrows to Five, Ghostmarket Guy Sentenced to Five, Student Snagged Changing Grades, InterWACK, Jumbo Hoax, Pr0n h4x0r Sentenced to Six Years, One H0t H4x0r Chick
Con Fu
Note: Tokyo Hacker-Space
CSW and PWN2OWN, OWASP AppSec USA CFP, Hack Lu CFP, Notacon, CCC 2011 is ON, Source Boston/BeaCon, Carolina Con, B-Sides World-Wide, the SF to DC19 Hack-Bus
Stack of Shame
count: 89 (+35)
One Response to 'HNNCast.2011.03.25'
Subscribe to comments with RSS
Leave a Reply
You must be logged in to post a comment.
Posted: March 27th, 2011
at 10:30pm by tan
Tagged with "mobile phones", "North Korea", "South Korea", 18 sector disks, aa419, AM, AMSAT-UK, Android, Android Marketplace, Android SDK, anonymous, Apple, Apple II, AppSec USA 2011, Arachni, Austin, BeaCon, Berlin, BLAKE, BMI, bonnet, breach, BREIN, Broadcast Music Inc, BurpSuite, CanSecWest, Carolina Con, CCC, certificate provider, CFP, Chaos Communications Camp, Chicago, Christina Aguilera, cloud computing, clustering, Comodo, compromise, crack boots, cracker, cracking utilities, credit card fraud, Creepy, CSW, Dallas, data theft, DDMS, DDoS, debugging, Deep AtSea, Defcon, Denver, Detroit, disk copiers, DoS, email, EMC, exploit framework, fake certificates, FBI, Fiddler, file integrity, firewall management, FM, FUNCube, fuzzing, Geiger Counter, geo-location, Germany, Ghostmarket, GnackTrack, GNOME, Google, grade changing, Grøstl, Hack.LU, HackBus, heap analysis, HP, HPROF, IBM, IE6, IE9, Igor Blinnikov, Interwox, IOError, iOS, Iran, J-HAT, j35t3r, Jacob Applebaum, Japan, JBroFuzz, Jessica Alba, JH, jumbotron, Kansas City, Keccak, kindle, LA, Lady Ada, Las Vegas, LED Lanterns, Limor Fried, LinRad, Linux, LiveCloudKd, London, Luxembourg, Mac GUI Vault, mailing list, malware, McDonald's, Microsoft, Minneapolis, mobile computing, MoKGK, MOON SOLS, Moscow, MOSCRACK, Mosix, Mozilla, NIST, notacon, nude photos, Ohio, Operation b107, Operation B49, oracle, OWASP, PacketFence, Pahrump Valley High School, patch, Payroll, PHP, Prince of Persia, Pwn2Own, radio dongle, Raleigh, Renee Olstead, Rocky, RSA, Rustock, Safari, salutatorian, SAMHAIN, San Francisco, satellite, Scarlett Johansson, Scranton, Seattle, secret key, SecurID, Security B-Sides, security proxy, sentencing, SHA-3, Silverpop, Skein, Skipfish, Skype, Solar Lanterns, Source Boston, source code, Spectravue, SpiderLabs, SSB, SSH, SSL, The Saltine, thicknet, Times Square, Tipping Point, Tokyo Hacker-Space, trojan horse, TV sound, Ubuntu, US Marshals, USB, Vanessa Hudges, VendorSec, Vienna, VM debugger, Waldec, Walnut Township, War Games, WBC, web attack framework, web scanner, West Borough Baptist Church, wiki, winAUTOPWN, Windows, WIRED, Wordpress, WPA, Xerxes, Yahoo, YARA, ZDI, Zero Day Initiative
Comments: 1 comment
HNNCast for the third week of March, 2011
Top Stories
Under the Comodo
http://www.theregister.co.uk/2011/03/23/gmail_microsoft_web_credential_forgeries/
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
http://www.washingtonpost.com/wp-dyn/content/article/2011/03/14/AR2011031401029.html
http://en.trend.az/regions/iran/1844580.html
Recent Security Acquisition turns Incident
http://www.bostonherald.com/business/technology/general/view/2011_0317emc_division_rsa_warns_of_security_breach/srvc=home&position=recent
PHPwned
http://www.php.net/archive/2011.php#id2011-03-19-2
b107
http://krebsonsecurity.com/2011/03/rustock-botnet-flatlined-spam-volumes-plummet/
http://online.wsj.com/article/SB10001424052748703328404576207173861008758.html#ixzz1HYmK1m6V
http://blogs.technet.com/b/microsoft_blog/archive/2011/03/17/taking-down-botnets-microsoft-and-the-rustock-botnet.aspx
News
j35t3r sets DoS Record
http://www.yfrog.com/gybship
http://pastebin.com/vvE83Xs1
Smart-phone Security Sucks
http://www.zdnet.com/blog/open-source/google-kind-of-sort-of-addresses-android-malware/8409
http://threatpost.com/en_us/blogs/android-web-market-xss-bug-allowed-code-execution-mobile-devices-030711
http://techcrunch.com/2011/03/05/android-malware-rootkit-google-response/
DoS Flurry
http://www.bloomberg.com/news/2011-03-04/south-korea-says-government-websites-targeted-in-cyberattack-issues-alert.html
http://www.scmagazineus.com/wordpress-sustains-massive-ddos-attack/article/197566/
http://www.infosecurity-magazine.com/view/16351/dutch-antipiracy-site-suffers-ddos-attack/?utm_source=twitterfeed&utm_medium=twitter
http://twitter.com/#!/aa419/status/47452212267466753
http://www.techspot.com/news/42741-anonymous-knocks-bmi-website-offline.html?
Going Wayback with the Saltine
http://macgui.com/The_Saltine.tar.bz2
http://macgui.com/vault/
T00l T1m3
http://www.vulnerabilitydatabase.com/2011/03/yara-the-malware-identification-and-classification-utility-v1-5-released/
http://www.vulnerabilitydatabase.com/2011/03/skipfish-web-application-security-scanner-v1-85-beta-released/
http://blog.portswigger.net/2011/03/burp-v14-beta-now-available.html
http://www.vulnerabilitydatabase.com/2011/03/fiddler-the-web-debugging-proxy-v2-3-2-4/
http://www.vulnerabilitydatabase.com/2011/02/arachni-%E2%80%93-web-application-security-scanner-framework-v0-2-2-2-released/
http://security-sh3ll.blogspot.com/2011/03/owasp-jbrofuzz-v25-released.html?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+security-shell+%28Security-Shell%29
http://www.vulnerabilitydatabase.com/2011/03/samhain-file-integrity-intrusion-detection-system-v2-8-3a-released/
http://www.vulnerabilitydatabase.com/2011/03/winautopwn-the-windows-autohack-tool-v2-6-released/
http://www.packetfence.org/news/2011/article/packetfence-210-released.html
https://github.com/SpiderLabs/thicknet
http://download.oracle.com/javase/6/docs/technotes/tools/share/jhat.html
http://www.vulnerabilitydatabase.com/2011/03/gnacktrackr6-is-now-officially-released/
http://www.vulnerabilitydatabase.com/2011/03/moscrack-v2-02b-the-clustered-wpa-cracker-released/
http://www.vulnerabilitydatabase.com/2011/03/creepy-v0-1-7-the-geolocation-information-aggregator-released/
http://www.funcubedongle.com/?page_id=2
http://www.moonsols.com/ressources/
Quickies
http://www.newkerala.com/news/world/fullnews-173665.html
http://www.aceshowbiz.com/news/view/00039093.html
http://ie6countdown.com
http://news.netcraft.com/archives/2011/03/22/play-com-believes-security-breach-related-to-silverpop-hack.html
http://www.h-online.com/security/news/item/Crackers-destroy-security-mailing-list-for-Linux-distributors-1202221.html
http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/documents/Round2_Report_NISTIR_7764.pdf
http://www.theregister.co.uk/2011/03/03/uk_carders_jailed/
http://www.f-secure.com/weblog/archives/00002111.html
http://www.youtube.com/watch?v=jRVXQ-vGuwA
http://www.pcworld.com/businesscenter/article/221442/top_student_charged_with_fixing_grades_for_cash.html
http://www.computerworld.com/s/article/9213498/Top_student_charged_with_fixing_grades_for_cash
http://www.theregister.co.uk/2011/03/11/interworx_password_breach/
http://www.lancastereaglegazette.com/article/20110317/NEWS01/103170301/1002/Walnut-Township-school-payroll-records-hacked
http://blogs.villagevoice.com/runninscared/2011/03/iphone_times_square_hacker_screens.php
http://www.theregister.co.uk/2011/03/24/russian_billboard_smut_hacker_jailed/
http://blog.makezine.com/archive/2011/03/make-pioneer-limor-ladyada-fried-on-wired-cover.html
Con Fu
http://tokyohackerspace.org/en
http://lcamtuf.blogspot.com/2011/03/pwn2own-considered-somewhat-harmful.html
http://www.appsecusa.org
http://2011.hack.lu/cfp/
http://blog.notacon.org/?p=408
http://events.ccc.de/camp/2011/
http://masshackers.pbworks.com/w/page/37928735/BeaCon
http://blog.n0where.org/beacon
http://seclists.org/isn/2011/Mar/58
http://en.wikipedia.org/wiki/Renaissance_Center
http://www.securitybsides.com/w/page/36552449/BSidesLosAngeles
http://www.hackbus.net/
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
27 Mar 11 at 10:32 pm