HNNCast.2010.07.23
HNNCast for the third week of July, 2010
Top Stories
- Bug Bounties, Developments in Disclosure, Stuxnet Stalks Siemans SIMATIC WinCC SCADA, PDF to Play in Sandbox, Dell Malware, Spanish Mariposa is Slovenian
News
- The Next HOPE, FREE BYRONE, U.S. Cyber Defenses Suck – but Who’s Don’t?, Jews for Cheese Lover’s Pizza?, PlayNow Shut Down, Solo – Raised Where Nobody Cares
Tool Time
- Microsoft Security Essentials, Kraken, PacketFence, NMap – Defcon Edition, TrueCrypt, Nikto 2.1.2, PDF Dissector, HaraldScan, Shell of the Future, BackTrack 4 – Defcon Edition, SploitWare
Quickies
- Baidu gets to Sue, Fake French Fun, Sail the Net Like a Pirate, Schoolgirl Spycam, Vatican, Postini, Presidential Commission: Infosec Certification Creates Dangerously False Sense of Security
Cons Call
- HacKid Con, Kiwi Con, RuxCon, Source Barcelona, Defcon 18 – Pwnies, B-Sides Las Vegas, Badge Sneak Peaks, HNN@Defcon18
Stack of Shame
THANK YOU Predram Amini
Count: 122
Turning 1 This Week:
- ZDI-CAN-533 Microsoft 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) Discovered 2009-07-23 (363 days ago) by: surerun
Posted: July 25th, 2010
at 6:38am by tan
Tagged with "cross-site scripting", A5/1, A5/3, Adobe, Adrian Lamo, AES, Anti-Virus, Apple, B-Sides, B-Sides Las Vegas, backtrack, Badges, Biadu, Blackhat, bluetooth, BNAP BNAP, botnet, Bradley manning, British Columbia Lottery Corporation, Bug Bounties, Byrone Sonne, Cameron, Commission on Cybersecurity, coordinated disclosure, crack, credit card fraud, Cross Origin, Defcon, Defcon 18, Defcon18, Dell, encryption, Ethical Disclosure, FBI, FREE BYRONE, French Foreign Ministry, full disclosure, g20, Gary McKinnon, Gaza flotilla, Google, google-bomb, gsm, Hack Lab, Hacker Haraoke, Hacker-Space Village, HacKid Con, HaraldScan, hardcoded password, hardcoded username, HNN, HOPE, I O Error, Identity Theft, Internet Storm Centre, Iranian Cyber Army, Israel, Jacob Applebaum, Javascript Injection, Jeremy Brown, JMicron, Jullian Assange, Kingpin, kiwicon, Kraken, LNK, Lund, malware, Mariposa, Microsoft, Microsoft Security Essentials, Mizilla, NAC, NASA, Network Access Control, Nikto, Ninja Networks, nmap, Obama, obfuscated javascript, online casino, OpenAMD, OS detection, PacketFence, PDF Dissector, PDF Reader, Pirate ISP, Pizzahut, PlayNow.com, Postini, PowerEdge, Pwnie's, RealTek, Register.com, responsible disclosure, RFID, Ruxcon, sandboxing, SANS, SCADA, Security B-Sides, Segway Races, Seimans, Session Hijacking, Shell of the Future, SIMATIC WinCC, Snort, Solo, Solvenia, Source Barcelona, SPAM, SploitWare, Stuxnet, Swedish Pirate Party, Tenable, the Next HOPE, TOR, Torrent, TrueCrypt, Turky, Vatican, webcam, Wiki Leaks, Windows Hibernation Files, windows shortcut, wireless drivers, www.pedofilo.com, XSS, Yellow Alert, Zymanics
Comments: 1 comment
HNNCast.2010.07.16
HNNCast for the second week of July, 2010
Top Stories
- Skype’s Defensive Hype, Mozilla Back Door, Home Routers Rebindable, Apps Tore Wider than Reported, Secunia’s Shit-List, Stuxnet Brought to You by the Letter I
News
- iGov Robbed, Only Haung’in out this Year, the Riv Runs Dry, the NEXT HOPE, Electronic Trials and Tribulations
Tool Time
- Metasploit, NBTool, DIC, log2timeline
Quickies
- Defacement for Dummies, An Ounce of Detection, Pegasus Slayed, Icky Wiki, Ligatt gets Litigious, Banks are Suckers Too, Car Dealership Scam
Cons Call
- Club Hack, Defcon Skytalks, Hacker Karaoke, Defcon18
Stack of Shame
the end?
Dualcore & Dr. Raid Freestyle
Posted: July 19th, 2010
at 2:28am by tan
Tagged with "Kevin Mitnick", #1 Hacker, admin access, Adobe, Aladdin, App Store, Apple, Autopsy, back door, Bank of Spring Valley, Ben Rothke, Black Hat, Blackhat, Bruce Schnier, Carell Clinic, Chaos Communication Congress, Chapter 11, Chinese Cyber Army, Chris Riley, Circus Circus, CISSP, Club Hack 2010, ComputerWorld, DDoS, Default Password, Defcon, Defcon Skytalks, Dell, DIC, DNS rebinding, DNScat, Download Indexed Cache, Dr. Raid, Dualcore, Egypt, Electronik Tribulation Army, ETA, Facebook, fake car dealer, FBI, Firefox, fraud examiner, Ghost Buster, Ghost Exodus, Google Cache, Google SOAP Search API, Gregory Evans, Hacker Karaoke, harassment, HD Moore, HOPE, HP, iGov Technologies, India, Ingenico, itunes, James Lee, Joe Grand, Kingpin, Ligatt Security, Linksys, LNK, log2timeline, malware, Melby Bank, metasploit, Meterpreter, Miami Dade Police, Microsoft, Monte Carlo, Mozilla Sniffer, Myspace, NBTool, Ninja Networks, Nisha Kappor, null routed, oracle, orkut, OWASP, Panasonic Toughbooks, Pegsas Hosting, Pigeon Falls State Bank, Plaza, POS, private investigator, Pune, RC4, Realtek Semiconductor, RecOn, RFID, Rivera, rogue plug-in, routers, Sahara, Sands, Sean O'niel, Search Engine Reconnaissance, Secunia, Security Financial Bank, skimming, Skull Security, Skype, slander, SPAM, Special Operations Command, stack of shame, stock manipulation, Stuxnet, Taiwanese, the Next HOPE, timeline, Tipping Point, Trojan, Tropicana, Tunisa, Ukraine, USB, Verizon, Visa, Wayne Huang, Web Application Security Penetration Testing Collection, Wesley McGrew, wikipedia, wire transfer, witness intimidation, world cup, Wu Shi, ZDI
Comments: 2 comments
HNNCast.2010.07.09
HNNCast for the first week of July, 2010
Lead Stories:
- the iTunes Blues, YouTube XSS, Pirate Bay SQL Injections, Jackpotting, Facebook Admin pwned, Cisco Live SPAM, Cyber Command Code
News:
- Disclosure Debated Again, Photo Kioskery, Cybaby, Romanian FlexiSpies, Symbian Malware, South Korean Poker Jokers, Back Track Backed to get Stacked
Tool Time:
- BinNavi, PDF Dissector, ida2sql, Deblaze, KillerBee, Ostinato, NeoPwn, Cubes, SIP Vicious, SmartCarving
Quickies:
- PAK Bugs Busted, Biden Wifi Taunter Temps Fate, Hacker Croll Update, Brit Banking Boinked by da Boys, GEXA Getsa Disgruntled Ex, PHP Attacks Continue, FBI Truely Crypt-up, Dvorsky Pulls a Palin, Another Superman III Scam, Butterflies and Octopi, I Will Never Click Again, Maine-stay for Malware, Bush gets “Hi” from Saudi Hackers, XPSP3
Cons Call:
- B-Sides Detroit, B-Sides Cleveland, B-Sides Las Vegas, CCC 2011, the NEXT HOPE, dEFFcon 18 Getaway Results, #1 Hacker Contest, DC18 Ninja Party, pwnie Award Nominations Still Open, Hacker Poker Invitational
Stack of Shame
count: 141
There is no Stack of Shame this week. ZDI seems to be split between going with CVSS2 scores or H/M/L… and went BOTH ways… Perhaps this will be worked out soon?
Posted: July 11th, 2010
at 5:57am by tan
Tagged with "cross-site scripting", "Hacker Croll", "Hi from Saudi Hackers", "I Will Never Text Again", "Offensive Security", "South Korea", 0day, 2m, 70cm, 802.11.15.4, ActionScript, Anti-Virus, Ap Store, Apple, Ashton Kuchner, ATM jackpotting, Automatic Teller Machines, B-Sides, Back Track Linux, backtrack, Badges, Barnaby Jack, BinNavi, Blackberry, Blackhat, Bluehost, Bob Dvorsky, botnet, carding forum, CCC 2011, Cisco Live, Cleveland, CnC, Cubes, Cybaby, DDoS, Deblaze, defaced, Defcon, Defcon forums, dEFFcon 18 Getaway Contest, Detroit, EFF, email, encrypted string, Ethical Disclosure, Facebook, FBI, Federal Investigative Agency of Pakistan, Flash Remoting, Flexi Spy, forensic, Francois Cousteix, fraud, Fraud Prevention Specialist, FTC, full disclosure, Gen. Keith Alexander, George Bush Presidential Library and Museum, GEXA Energy, GPS, Hack In The Box, Hacker Poker Invitational, HAM radio, ida2sql, International Roll-Call, iPhone, itunes, Japanese Manga, javascript, Joomla, Justin Beiber, KillerBee, Kraken, Las Vegas, Legatt, Lilly Allen, Maine, mainelegislature.org, malware, Mariposa, md5, Microsoft, Microsoft Security Response Center, Microsoft Spurned Researcher Collective, MSRC, N900, NeoPwn, NetBot Attacker, Ninja Networks, NSA, online poker, Ostinato, PAKbugs, PDF Dissector, photo kiosk, PHP, Pirate Bay, piratebay.org, Pokercon, President Obama, Pwnie Awards, Raoul Chiesa, responsible disclosure, Riviera, Sarah Palin, SCADA, security challenge, Service Pack 2, Service Pack 3, Shawn Merdinger, SIP Vicious, smart phone, SmartCarving, SMS, software certification, SPAM, sql injection, Superman III, Symbian, Symbian Series 60, Tavis Ormandy, the Next HOPE, the Underground Economy, the World's #1 Hacker Contest, TrueCrypt, Twitter, U.S. Cyber Command, upSploit, US House of Representatives, USB, Vice President Biden, VM, WiFi, windows mobile, Windows XP, Wireshark, Wordpress, XSS, Yahoo, YouTube, youtube.com, zero-day, Zigbee, Zynamics
Comments: 1 comment
