HNNCast.2010.08.27
HNNCast for the last week of August 2010 -
Top Stories:
Dejavu Microsoft Style, Middle Eastern USB Sticks it to US, PayPal/iTunes Warning, SpanAir Malware not in the Air
News:
Far East Joint Police Actions, Halo Reach Leak, Yo Yo Dos, AutoTrader Raiders
Tool Time:
Fast HTTP Vulnerability Scanner, XSSer, HTTP4e, DotDotPwn, RootKitUnhooker, OpenSSH, RS Mangler Correction
Quickies:
Indian Election Integrity in Question, Miss Vietnam Election Integrity NOT in Question, Seymour’s Butt, Irish Youth Identities Likely Leaked, UN Still SQL Injectable, Holly Benson DoS’d, InfoSec M&A, a REAL MIT Hack
Con Fu:
DefCon 18 Archive, RuxCon CFP, BlackHat Abu Dhabi CFP, Source Barcelona Registration, BruCon Beta Schedule, HacKid Con Registration, Malcon CFP
Stack of Shame:
Count: 151
Birthdays:
- ZDI-CAN-381 from IBM ( 730 days )
- ZDI-CAN-375 from IBM ( 730 days )
- ZDI-CAN-374 from IBM ( 730 days )
- ZDI-CAN-373 from IBM ( 730 days )
- ZDI-CAN-372 from IBM ( 730 days )
- ZDI-CAN-371 from IBM ( 730 days )
Posted: August 29th, 2010
at 4:49pm by tan
Tagged with "South Korea", agent.btz, ATM fraud, Autotrader.com, BlackHat Abu Dhabi CFP, botnet, BruCon Beta Schedule, BSA, CAO, China, classified networks, credit card skimming, DC-9, DDoS, DefCon 18 Archive, DigiNinja, DOM, DotDotPwn, e-voting system, election fraud, Fast HTTP Vulnerability Scanner, FDC worm, Fortify, Fuzz, Germany, HacKid Con Registration, Halo reach, Hari Prasad, Holly Benson, HP, HTTP4e, IBM, Intel, Ireland, itunes, JSON, LNK bug, Malcon CFP, malware, McAffee, metasploit, Microsfot, Microsoft, Miss Vietnam World, MIT, online auction fraud, OpenSSH, password reset, Paypal Apple, process control vulnerability, Random Storm, REST, RKU, Robin, root-kit, RootKitUnhooker, RS Mangler, RuxCon CFP, Seymour Connecticut, Source Barcelona Registration, SpanAir, sql injection, Taiwan, TARDIS, telecom fraud, Tipping Point, Trojan, UN, United Nations, USB, voting machines, William J. Lynn III, Windows, XBox Live, XSSer, yoyodos, ZDI, Zero Day Initiative
Comments: 1 comment
HNNCast.2010.08.13
HNNCast for the second week of August, 2010
Top Stories
RBS Coming to a Close, Phat Patch Tuesday, Kryogeniks R0×0r3d by defiant
News
the Disclosure Game, pr0n m0de Still Unsafe Sex, Wireless Tires, moar Wargames, VxWorks because Rockwell Rox Well
Tool Time
Grid Computing Hackers Kit, Acunetix WVS beta, winAUTOPWN, listener, wpbruteforcer, Debian Live Studio, PHP IDS, IP Tables, Forensic Tool Kit, Titan Mist, Malheur, DOMScan, DOMTracer, Sploitware CORRECTION.
Quickies
RIM’s Lies, the Cyber Mongoose, Shot Heard Round the Facebook, Dutch Durka Durkas, Don’t Get Media Playa’d, Verizon Crypto Challenge, Too Many Holes
Con Phooey
the Next HOPE, Confcon 2010, DerbyCon 2011, Toorcon XII, B-Sides Abound, Notacon
Stack of Shame
count: 157
Birthdays:
ZDI-CAN-543 – v. Microsoft
Risk: 10 (High: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Discovered 2009-08-06 ( 370 days ago )
by: Peter Vreugdenhil (http://vreugdenhilresearch.nl)
Posted: August 14th, 2010
at 11:47pm by tan
Tagged with "Network Solutions", AccessData, account lockout, Acunetix WVS beta, Adobe, andriod, ATM, B-Sides Abound, Blackberry, Blackhat, Blue-infy, BSD, BSDAUTOPWN, Charlie Miller, China, Christopher Lewis, Cleaveland, Cold Fusion, Comcast, Confcon 2010, crypto challenge, Cyber Army, Cyber RAID, Debian Live Studio, Defiant, Delaware, DerbyCon 2011, disclosure, DOM, DOMScan, DOMTracer, Drupal, Dutch Intelligence Service, EBK, Eergei Tsurikov, EFF, Facebook, Firefox, firewall, font rendering engine, Forensic Tool Kit, Google, grid computing, Grid Computing Hackers Kit, GridFTP, Gridsphere, Haddonfield, HD Moore, Hilton Garden Inn, Hosni Mubarak, IBM, IE, IETF, India, IP Tables, IPSEC, Islamic, James Black, Kansas City, Kentucky, keystroke logger, Kryogeniks, listener, London, Los Angeles Times, Malheur, malware, Media Player, Michael Nebel, Microsoft, Mozilla, New Dehli, notacon, OASIS, Oleg Covelin, Opera, patch Tuesday, PHP IDS, phreak, PIN cracking, PKI, porn mode, portlet framework, premium text messages, private browsing mode, RBS WorldPay, Research in Motion, RIM, Rockwell Automation, Russian Federal Security Service, Rutgers University, Saudi Arabia, Slacker, SploitWare, Stanford University, Starving Hacker rate, static build, Tennable, the Next HOPE, Tipping Point, Titan Mist, TNG, Toorcon XII, Toronto, TPWS, Travis Ormandy, Trojan, Unix, Usenix, Verizon Data Breech Investigations Report, Viktor Pleshchuk, Vulnerability Scanner, VxWorks, webservice containers, winAUTOPWN, Windows, Wordpress, wpbruteforcer, ZDI, Zero Day Initiative
Comments: 1 comment
HNNCast.2010.06.18
HNNCast for the third week of June, 2010
Lead Stories
- Ormandy’s Help Goes Unappreciated, GoatSe’s Gaping Hole, IRC Back-doored, Dark Energy Reignites
News
- Attack@Rackspace, Big Skimmer Bust, South Korean fingers China… again, Cult of the Dead Hadopi
Tool Time
- Wireshark, Hydra, JTR, Immunet Protect Free, Fierce, Maltego, Researcher’s Bot Socialization
Quickies
- Taliban – Durka’d!, World Cup – Durka’d?, Riyad Bank – Durka’d!, Reddit Popped, Patebin for Keystrokes, LikeJacking on the Rise, How NOT to be Anonymous
Cons Call
- HOPE Badges, Assange Keynote in Question, B-Side Bait, Pwnie’s Still Open, D-EFF-CON Get-Away, D-EFF-CON T’s, Poker Con NOT On, Tamper Evident Tangent
Stack of Shame
- count: 129
Posted: June 21st, 2010
at 12:38am by tan
Tagged with "Network Solutions", "South Korea", 0day, Al Jazeera, Al Madina, Andrew Auernheimer, Anti-Virus, AT&T, ATM skimmers, banks, Barry Ardolf, Blackhat, botnet, broadcasts, bruce potter, China, click-jacking, cocaine, compromise, credit card cloning, crypt hashes, cryptographic signing, Dark Energy, Dark Tangent, data mining, DDoS, Defcon, DEFFCON 18 Get-Away, DNS enumeration, ecstasy, EFF, Elite Jihad Forum, Facebook, FBI, Fierce, full disclosure, Gene Kim, Georgia, GoatSe Security, GoDaddy, Google, Hadopi, HD Moore, Hydra, IBM, ICC-ID, Immunet Protect Free, IMSI, infiltration operation, iPad, IRC, ircd, ISP, java based authentication schemes, Jeff Moss, Joe Biden, John the Ripper, JtR, Julian Assange, keylogger, keynote, Korea Culture and Information Service, like-jacking, LSD, Maltego, malware, Media Temple, metasploit, MFA, Microsoft, Ministry of Justice, Ministry of Public Administration and Security, mirrors, multi-factor-authentication, nmap, nominations, off-line password cracker, online login cracker, OpenAMD, Orange Telecom, P2P file-sharing, P2P HADOPI law, PasteBin, Patvera, phishing, PHP, Pokercon, Pwnie Awards, RackSpace, Rapid7, Reddit, reddit.com, resort, Riyad Bank, Russia, sabotage, Saudi Arabia, Security B-Sides, social engineering and information correlation bot, source code, Spain, SSH2, Taliban, Tamper Evident Contest, tarball, Tavis Ormandy, THC, The Hacker's Choice, the Last HOPE, the Next HOPE, Twitter, UK, Ukraine, Unreal IRC, Weev, WHitePhosphorus, WiFi, WikiLeaks, Windows, Windows Help System, Wireshark, Wordpress, World Cup Soccer, XP, ZDI, Zero Day Initiative
Comments: 1 comment
