HNNCast.2011.06.24
HNNCast for the fourth week of June, 2011
Top stories
#AngrySec, Lulzy Lockup, AnonOps, an Active Fan Base, Think Again
News
Bit of a Problem, DropBox Popped, ISP Raids, Another Damned Penetration, Tripping Up Malware, Judgement Dayz for Banking, the Jackin’ Five, Shrek a Scam?, Revenge with a Side of Pr0n
T00l T1m3
updates: JtR Performance Boost, Whisper Core Selective Permissions, SET Convergence Edition, 11 New Metasploits, Packet Fence Reinforced, SAMHAIN Mystery Update, WoanWarez, Long Live to Mona
phresh: Metasploit Bug Bounty, DOM Snitch for Chrome, AndroGuard, Fuse4X… OS X, BackTrack VPS Beta, SSL Analyzer, B to tha SQL to tha BF
Quickies
Children Chrooted, Network Solutions DDoS, WordPress Compromised, Cyber Bon Bons, the Go to da Jail Birus, ATM Cops, Credit Safe?, Canuck PIN-heads, Die DoS, Holiday with Melissa, Clueless News
ConFu
Wargames.MY, TrustWave SQL Injection and Filter Evasion Challenge, B-Sides Cape Town Venue, B-Sides Vegas CFP, Defcon in Transition
Program Note: There will be NO HNNCast for the 4th of July Weekend – Don’t Blow Yourselves Up Now Ya’ll Hear?
Stack of Shame
count: 126 (-3)
Top Offender: Apple (23)
One Response to 'HNNCast.2011.06.24'
Subscribe to comments with RSS
Leave a Reply
You must be logged in to post a comment.
Posted: June 26th, 2011
at 6:40pm by tan
Tagged with "Network Solutions", "online banking", "Ready Boost", "Zero for Owned", #AntiSec, .class, .DEX, 0day, Ac1db1tch3z, ACH fraud, ACL, ADP, Air Berlin, AndorGuard, Android, Android Guard, anonymous, anonymous ftp, anti-sec, Anti-Security, API, APK, Apple, ATM, atm skimming, authentication failure, Automatic Data Processing, autorun, B-Sides, BackTrack VPS, Baltimore Substance Abuse System, Barnaby Jack, beautiful people, Ben Bernake, binary XML, bitcoin, bitCoin exchange, blind SQL injection, botnet, breach, BSQLBF, Canvas, Cape Town, Capture the Flag, CFP, Chrome, Chrome Forensics, CIA, cipher suites, Comercia Bank, Comodo, computer sabotage, CreditSafe, cryptography, CSV, Cyber Defense Facility, DDoS, Defcon 19, DES, digital forensics, digital signature strength, digital wallet, disgruntled employee, Distribute IT, DJ Stolen, DOM Snitch, dox, drive-by malware, DropBox, eBay, el8, embedded devices, encryption, energy sector, Experi Metal, Exploit Bounty, Facebook, Fake Anti-Virus, FBI, Federal Reserve Bank, file system, forensic, Frequent Flyer Miles, full disclosure, FUSE, Fuse4X, gate count, Google, Gringo Warrior, Hack Forums, hackable badges, Hackerspace Kuala Lumpur, History Index files, hoax, HP, Indi Shell, Indian Army, Indian Registrar, intrusion, IRC, ISP, JAR, Joe Grand, John the Ripper, JtR, Justin Timberlake, Ke$ha, keylogging, Kingpin, Lady Gaga, Las Vegas, Latvia, lock-picking competition, Lockheed, LulzBoat, LulzRaft, lulzsec, Lulzsec Brazil, Mac OS X, malware, McAfee, metasploit, Microsoft, ModSecurity SQL Injection and Filter Evasion Challenge, Mona, MT GOX, Net Registry, Network Scan Viewer, network security, Oceans Bank, Operation Empire State Rebellion, Operation Malaysia, Packet Fence, password dump, password-stealing, PasteBin, PATCO Construction, paypal, Payroll Processing, pHC, PIN-pad scam, Prefetch Forensics, Project mayhem, puzzles, PVEfindadder, python, Ramsey New Jersey PD, Rapid 7, reverse engineering, RSA, Ryan Cleary, S-box, Salt Lake City PD, SAMHAIN, Scareware, Scotland Yard, security vulnerabilities, Sega Pass, Serious Organized Crime Agency, SET, shrek viris, SOCA, Social Engineering Toolkit, Software Security, splits, spyeye, SSL Analyzer, TeamPoison, th3j35t3r, Tipping Point, Tools Watch, Tribal Wars, TrustWave, Twitter, US Senate, USB Device Forensics, ViraL, virus, Wargames.MY, web application security, Web Ninjas, Whisper Core, Windows Update, Windows Vista, Windows XP, woanware, Wordpress, world cup, ZDI, Zero Day Initiative, zero-day
Comments: 1 comment
HNNCast for the fourth week of June, 2011
Top stories
#AngrySec
http://www.informationweek.com/news/security/cybercrime/230800019
http://www.rafekettler.com/2011/06/16/analyzing-the-lulzsec-password-leak/
http://gizmodo.com/5812530/lulzsec-leaks-62000-emailpassword-combo-internet-goodie-bag
http://www.zdnet.com.au/netregistry-swoops-on-distributeit-339317311.htm
http://distributeitsupport.blogspot.com/search?updated-max=2011-06-14T00:45:00-07:00&max-results=7
http://seclists.org/isn/2011/Jun/3
http://risky.biz/distributeit
http://tribalwars.net/
http://www.hackforums.net/
http://www.ibtimes.com/articles/165076/20110617/sega-pass-lulzsec-hacking.htm
http://www.google.com/hostednews/afp/article/ALeqM5hyERFDEIes-0lGDcjAcFHeeIi-rg?docId=CNG.2815212460caf40cf199f85e8ffb446d.3e1
http://www.dailytech.com/LulzSec+Fights+Hacker+Civil+War+as+it+Continues+Govt+Takedowns/article21973.htm
http://zone-h.org/mirror/id/14233017
http://en.wikipedia.org/wiki/Antisec_Movement
http://mashable.com/2009/07/10/imageshack-hacked/
http://pastebin.com/9KyA0E5v
http://www.nma.tv/lulzsec-hacking-rampage-lolz/
http://www.nma.tv/lulzsec-anonymous-join-forces-hack-governments/
Lulzy Lockup
http://www.thesun.co.uk/sol/homepage/news/3653684/Bleary-eyed-internet-hacking-suspect-Ryan-Cleary-looks-wasted-after-inhaling-gas.html?OTC-RSS&ATTR=News
http://news.hostexploit.com/cybercrime-news/4919-suspected-teenage-hacker-arrested-by-pceu.html
http://threatpost.com/en_us/blogs/alleged-lulzsec-member-arrested-cia-sony-hacks-issue-062111
http://feeds.arstechnica.com/~r/arstechnica/security/~3/S_e_mMBK4aE/lulzsec-blamed-for-uk-census-theft-hacker-arrest-lulzsec-denies-everything.ars
http://www.bbc.co.uk/news/technology-13859868
AnonOps
http://www.freemalaysiatoday.com/2011/06/20/hackers-now-target-pm-depts-website/
http://www.gmanews.tv/story/223486/technology/anonymous-threatens-impostor-hacker-group-in-india
an Active Fan Base
http://www.lulzraft.com/
http://www.computerworld.com/s/article/9217860/Brazilian_government_energy_company_latest_LulzSec_victims
Think Again
News
Bit of a Problem
http://forum.bitcoin.org/index.php?topic=16457.0
http://www.theregister.co.uk/2011/06/16/bitcoin_theft_claims/
http://www.symantec.com/connect/blogs/all-your-bitcoins-are-ours
http://forum.bitcoin.org/index.php?topic=18709.0
http://evilpacket.net/2011/may/17/stealing-bitcoins/
http://sickdump.blogspot.com/2011/06/mtgox-db-got-leaked.html
DropBox Popped
http://pastebin.com/yBKwDY6T
http://techcrunch.com/2011/06/20/dropbox-security-bug-made-passwords-optional-for-four-hours/
ISP Raids
http://www.reuters.com/article/2011/06/22/us-cyber-scareware-idUSTRE75L7HV20110622
http://latimesblogs.latimes.com/technology/2011/06/feds-bust-scareware-ring-accused-of-making-72-million-by-selling-phony-anti-virus-software.html
Another Damned Penetration
http://www.securityweek.com/adp-experiences-security-breach
Tripping Up Malware
http://www.v3.co.uk/v3-uk/news/2079177/autorun-infections-drop-million-microsoft-security-update
Judgement Dayz for Banking
http://www.cio.com.au/article/390356/court_says_comerica_bank_must_pay_after_customer_hacked/
http://www.banktech.com/risk-management/230500135
http://krebsonsecurity.com/2011/06/court-favors-small-business-in-ebanking-fraud-case/
the Jackin’ Five
http://www.foxbusiness.com/technology/2011/06/17/mcafee-assembles-hacking-team-to-unearth-vulnerabilities/
Shrek a Scam?
http://www.guardian.co.uk/lifeandstyle/2011/jun/20/dating-website-beautiful-people-members
http://www.bbc.co.uk/news/technology-13854953
Revenge with a Side of Pr0n
http://www.baltimoresun.com/news/maryland/baltimore-city/bs-md-ci-computer-hacking-sentence-20110621,0,857376.story
T00l T1m3
updates:
http://www.net-security.org/secworld.php?id=11212
http://www.openwall.com/lists/john-users/2011/06/22/1
http://whispersys.com/permissions.html
http://www.secmaniac.com/
https://community.rapid7.com/community/metasploit/blog/2011/06/21/metasploit-framework-372-released
http://www.vulnerabilitydatabase.com/2011/06/packetfence-v2-2-1-released/?utm_content=Tools+Watch&utm_source=ToolsWatch&utm_term=Security
http://www.la-samhna.de/samhain/archive.html
http://woanware.co.uk/
http://www.vulnerabilitydatabase.com/2011/06/exclusive-mona-1-0-released-pvefindaddr-is-dead-long-live-to-mona/?utm_content=Tools+Watch&utm_source=ToolsWatch&utm_term=Security
phresh:
https://community.rapid7.com/community/metasploit/blog/2011/06/14/metasploit-exploit-bounty-30-exploits-500000-in-5-weeks
http://threatpost.com/en_us/blogs/googles-new-tool-dom-snitch-finds-javascript-flaws-062111
http://code.google.com/p/androguard/
http://fuse4x.org/
http://www.hackingmachines.com/
http://www.net-security.org/secworld.php?id=11207
https://sslanalyzer.comodoca.com/
http://code.google.com/p/bsqlbf-v2/downloads/list
Quickies
http://www.theregister.co.uk/2011/06/17/lady_gaga_hackers/
http://www.bbc.co.uk/newsbeat/13807773
http://www.networksolutions.com/blog/2011/06/network-solutions-customer-advisory-june-21st-2011/?channelid=P99C425S627N0B142A1D38E0000V100
http://wordpress.org/news/2011/06/passwords-reset/
http://www.theregister.co.uk/2011/06/16/germany_cyber_defence_to_defend_infrastructure/
http://www.thinq.co.uk/2011/6/17/japan-outlaws-creation-computer-viruses/
http://www.whatsonxiamen.com/news19592.html
http://www.theregister.co.uk/2011/06/15/creditsafe_suspends_website/
http://www.vancouverite.com/2011/06/14/toronto-family-operated-ontario-wide-fraudulent-debit-and-credit-card-ring/
http://www.theregister.co.uk/2011/06/17/german_bookmaker_ddoser_jailed/
http://www.dw-world.de/dw/article/0,,15155182,00.html
http://www.v3.co.uk/v3-uk/news/2078626/spyeye-malware-connected-german-airline-scams
http://www.computerworld.com/s/article/9217732/Pakistani_hacker_claims_HP_systems_attack
http://www.youtube.com/watch?v=2qPxRZqlPcw&feature=BFa&list=HL1309112354&index=2
http://www.youtube.com/watch?v=sLXlwKbLjDM&feature=BFa&list=HL1309112354&index=9
http://www.youtube.com/watch?v=Dx2A6G-AF30&feature=BFa&list=HL1309112354&index=13
ConFu
http://news.hitb.org/content/wargamesmy-2011-can-you-hack-it
http://www.modsecurity.org/demo/challenge.html
https://forum.defcon.org/showthread.php?t=12223
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
26 Jun 11 at 6:40 pm