HNNCast.2010.08.13
HNNCast for the second week of August, 2010
Top Stories
RBS Coming to a Close, Phat Patch Tuesday, Kryogeniks R0×0r3d by defiant
News
the Disclosure Game, pr0n m0de Still Unsafe Sex, Wireless Tires, moar Wargames, VxWorks because Rockwell Rox Well
Tool Time
Grid Computing Hackers Kit, Acunetix WVS beta, winAUTOPWN, listener, wpbruteforcer, Debian Live Studio, PHP IDS, IP Tables, Forensic Tool Kit, Titan Mist, Malheur, DOMScan, DOMTracer, Sploitware CORRECTION.
Quickies
RIM’s Lies, the Cyber Mongoose, Shot Heard Round the Facebook, Dutch Durka Durkas, Don’t Get Media Playa’d, Verizon Crypto Challenge, Too Many Holes
Con Phooey
the Next HOPE, Confcon 2010, DerbyCon 2011, Toorcon XII, B-Sides Abound, Notacon
Stack of Shame
count: 157
Birthdays:
ZDI-CAN-543 – v. Microsoft
Risk: 10 (High: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Discovered 2009-08-06 ( 370 days ago )
by: Peter Vreugdenhil (http://vreugdenhilresearch.nl)
Posted: August 14th, 2010
at 11:47pm by tan
Tagged with "Network Solutions", AccessData, account lockout, Acunetix WVS beta, Adobe, andriod, ATM, B-Sides Abound, Blackberry, Blackhat, Blue-infy, BSD, BSDAUTOPWN, Charlie Miller, China, Christopher Lewis, Cleaveland, Cold Fusion, Comcast, Confcon 2010, crypto challenge, Cyber Army, Cyber RAID, Debian Live Studio, Defiant, Delaware, DerbyCon 2011, disclosure, DOM, DOMScan, DOMTracer, Drupal, Dutch Intelligence Service, EBK, Eergei Tsurikov, EFF, Facebook, Firefox, firewall, font rendering engine, Forensic Tool Kit, Google, grid computing, Grid Computing Hackers Kit, GridFTP, Gridsphere, Haddonfield, HD Moore, Hilton Garden Inn, Hosni Mubarak, IBM, IE, IETF, India, IP Tables, IPSEC, Islamic, James Black, Kansas City, Kentucky, keystroke logger, Kryogeniks, listener, London, Los Angeles Times, Malheur, malware, Media Player, Michael Nebel, Microsoft, Mozilla, New Dehli, notacon, OASIS, Oleg Covelin, Opera, patch Tuesday, PHP IDS, phreak, PIN cracking, PKI, porn mode, portlet framework, premium text messages, private browsing mode, RBS WorldPay, Research in Motion, RIM, Rockwell Automation, Russian Federal Security Service, Rutgers University, Saudi Arabia, Slacker, SploitWare, Stanford University, Starving Hacker rate, static build, Tennable, the Next HOPE, Tipping Point, Titan Mist, TNG, Toorcon XII, Toronto, TPWS, Travis Ormandy, Trojan, Unix, Usenix, Verizon Data Breech Investigations Report, Viktor Pleshchuk, Vulnerability Scanner, VxWorks, webservice containers, winAUTOPWN, Windows, Wordpress, wpbruteforcer, ZDI, Zero Day Initiative
Comments: 1 comment
HNNCast.2010.08.06
HNNCast for the second week of August 2010
Top Stories
Jailbreak Me Demos Threat, Full Disclosure: Crappy Software Ahead
Courtnee: BlackHat/B-Sides/Defcon Wrap-Up
News
StuxNet Tongue-Twister, Masato Notoutforlong, Citi App Spills Secrets, Wake Up People
T00l Time
Aanval, Razorback, DFF, Passware, BinPack, BinNavi, PDF Dissector, PinTool, Seccubus, SotF, L0phtCrack
Quickies
Bulletin on vBulletin, Houston We Have a < 140 Character Problem, Carbon Trading Site Polluted, the Mets Bust Some Marlins, Ausi Malware Author Pleas, Virus Variants Spike, Inside Mumba, Moving Money from QA
Hong CON Phooey
Excaliber Con, H2H, HoaP, Thotcon 2, Shmoocon, HacKid Con, HNN in the Defcon Badge
Stack of Shame
count: 117
Posted: August 8th, 2010
at 1:47pm by tan
Tagged with "cross-site scripting", "open source", Aanval, ACME Pharm, activists, Adobe, airpwn, android rootkit, Anthony Harrison, anti-carbon trading, Apple, arrest, ATM, B-Sides, back door, banking credentials, Banking Trojan, barcode, Barnaby Jack, Behind the Firewall, binary analysis, BinNavi, BinPack, Blackhat, botnet, Brad Threatt, breeches, bugs, c, cancelled talks, Capture the Flag, carbon trading, Central e-Crime Unit, Chinese Cyber Army, Chymine, Cigigroup, CityBank, compiler optimization, coordinated disclosure, Cross Site Scripting Filters, CTF, Dark Tangent, debugging, decrypt, Defcon 18, Defcon 19, Defcon Badge, DFF, Digital Forensic Framework, digital forensics, disclosure, distribution, distro, driver debugging, dynamic instrumentation, dynamic instrumentation framework, eBay, emo, emulator, enterprise equipment, Excaliber Con, exploit, filters", flat screen TV, forensic framework, Forrester, forum software, framework, full disclosure, Goat Bar, Google, GPU, Grand Idea Studio, grandideastudio.com, GSM eavesdropping, guilty, H2H, Hacker News, Hacker News Network, HacKid Con, hacktivism, high speed trading, HNN, HoaP, IBM, IDA Pro, IE, Intel, Internet Explorer 8, iPad, iPhone, jackpotting, jailbreaking, jailbreakme.com, java script, javascript, Jeff Moss, Joe Grand, kernel debugging, keynote, L0phtCrack, Las Vegas Edition, LNK, local, malware, management console, manga octopus, manga sea urchin, manga squid, Masato Nakatsuji, McAffee, Members 1st Federal Credit Union, metasploit, Metropolitan Police, Microsoft, mobile banking, mobile device security, Most Epic Fail, Mozilla, Mumba, NASA, Nessus, obfuscated java script, Octopus virus, Passware, passwords, patches, PDF, PDF Dissector, phishing, PIN, PinTool, plea, Power Point, profiling, Pwnie Awards, python, Razorback, RC4, remote, remote debugging, remote jailbreak, responsible disclosure, Rio, Riv, Riviera, Robin Sage, Sality, SANS, SANS Boston, SCADA, Seccubus, Security, security research, security researchers, security tools, Seimans, ShmooCon, SIMATIC, smart phone botnet, SMTP, Snort, social engineering contest, social networking, SotF, Sourcefire, stack of shame, Stuxnet, syslog, Thotcon 2, Tipping Point, TrueCrypt, Twitter, University of Virginia, UPC, usernames, vBulletin, Vegas, Verizon Data Breach Investigations Report, Vobfus, vulnerability reporting, website defacement, West Coast Hackers, Win32 driver debugging, Win32 kernel debugging, WinCC, Word, worm, XSS, ZDI, Zero Day Initiative, Zeus, Zeus botnet, Zynamics
Comments: 1 comment
HNNCast050710
HNNCast for the first week of May, 2010
Lead Stories
- Transforming the Troops, ATM Jack-Potting with Barnaby Jack, Mariposo Must be Loco, Another Netsol Breach
News
- Free Solo So He Can Pwn My Colo, Palin-2/Rubico-2, WEP Crack Pack, NZ Parking Police, Romanian National Security
Quickies
- Stormy Skies, Fakebook, Kentucky Fried Mohamed, SONY SOCOM so mad, US Navy Takes CDE, LoveBug Anniversary, Cons Call
Stack of Shame
count: 130
Bottom Dweller POPed after 3 yrs!
- ZDI-CAN-177: Hewlett-Packard – High Risk; Discovered 1136 days ago (2007-03-19) by: Tenable Network Security
New Bottom Dweller: IBM!
- ZDI-CAN-200: IBM – High Risk; Discovered 1080 days ago (2007-05-22) by: Sebastian Apelt (sebastian.apelt@siberas.de)
Posted: May 8th, 2010
at 4:27am by tan
Tagged with "Network Solutions", 10th annual Cyber Defense Exercise, 2007, 99 Red Balloons, ATM, ATM jack-potting, ATM security, Aukland, backtrack, Barnaby Jack, Blackburn, Blackhat, Boston, bot-net, botnet, Bureau of Engraving and Printing, car park, Chicago, China, Connecticut, Corriere della Sera, credit card fraud, David Kernell, DDoS, deadlocked, Delancey Bar, Denmark, destroying records to obstruct justice, Excalibur Con, Facebook, FBI, France, Free Gary, Gary McKinnon, Greater Latrobe High School, Guam Air Force base's 36th Communications Squadron, guilty, gypsies, HP, IBM, Identity Theft, iFrame, innoscent, Islamic, Italy, Jack Straw, Janish Sharp, Juniper networks, Kentucky Fried Chicken, KFC, Krilios, La Stampa, Linux, Live CD, Love Bug, Lower East Side, Mariposa, Message Labs, military academies, Muhammad, netkairo, NYC, operational readiness exercise, ostiator, Panda Security, Philadelphia Times Tribune, phishing, QuahogCon, Radiotelevisione Italiana, rns, Romanian National Security, root-kit, rootkit, Rubico, Safe Labour, Sarah Palin, SOCOM, Solo, Sony, SOURCE, SPAM, spam engine, Spoonwep, Spoonwpa, sql injection, Storm, Summercon, Symantec, Thotcon, Transformers 3, UK, unauthorized access to a computer, United States Air Force, US Naval Acadamy, US Navy Seals, US Treasury, USB, virus, Watergate, WEP, WiFi adapter, wire fraud, worm, WPA, Wuxi, ZDI
Comments: 1 comment
