Linux Hacks & Cracks - Page 78
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
SocksEscort Linux Router Malware Botnet Takedown Operation Lightning
Authorities have dismantled SocksEscort, a service that sold access to a large proxy network built from compromised residential routers. Investigators say much of the infrastructure sat on infected SOHO networking devices, many running embedded Linux...
Linux Users Targeted as Crypto-stealing Malware Hits Snap Packages
We’ve been telling ourselves that Snap apps are sandbox...
UNC2891: Banking Heists with Linux Malware Exploiting Physical Access
UNC2891 has been working its way through gaps in ATM se...
Discover Hacks/Cracks News
Swedish Man Indicted For Cisco And NASA Hack: Trade Secret Theft
I found this indictment particularly interesting because it reaches across to another country, so there must have been substantial coordination with foreign authorities.A federal grand jury has indicted a Swedish man for allegedly hacking into networks at Cisco Systems and NASA. According to news reports, Philip Gabriel Pettersson, a 21-year-old man known as "Stakkato," faces five counts of intrusion and trade secret theft. He's accused of stealing programming information.
Pirate Bay: Attorneys Present Arguments Over Court Decision Conflict
The Pirate Bay battle with the courts has been going on for quite some time. This one looks pretty serious. The judge had a conflict of interest--that's one argument that will be used in appealing the Pirate Bay verdict, an attorney of one of the defendants told CNET News on Friday. Peter Sunde, Gottfrid Svartholm Warg, Fredrik Neij, and Carl Lundstr
Web 2.0 Security Threats: 21% Hacking Incidents and Methods
Web 2.0 sites are now the premier target for hackers, amounting to 21 percent of all reported hacking incidents, according to a report issued yesterday. The study by the Secure Enterprise 2.0 Forum, an organization devoted to the secure use of social media at work, says that Web 2.0 sites are now attacked more frequently than sites operated by the media (18 percent) and retail businesses (13 percent).
April 2023 Cyber Threat Report: Surge in Phishing and Malware Attacks
The number of web-based threats soared by nearly two-thirds in April, according to new figures from managed security vendor Network Box. The firm said that the 63 per cent rise in internet threats was due in large part to phishing attacks, which represented one in four of the threats.
Enhancing Cybersecurity: Government Seeks Hackers for National Defense
Wanted: Computer hackers. Federal authorities aren't looking to prosecute them, but to pay them to secure the nation's networks. General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.
1.9 Million PCs Infected: Severe Botnet Attack on U.S. Government and Firms
More than 70 government-owned domains hit, and nearly half of the overall infections are in the U.S. Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the U.S.
Exploring The First Botnet Targeting Linux Embedded Devices
Have you ever installed updates on your embedded devices such as wireless access points and gateway devices? Once in, it locks out other administrators with a series of iptables commands and then connects to the botnet over IRC. The botnet does not target Windows systems, at least not directly. The initial DroneBL blog on this botnet estimates its size at 100,000 units, which I consider to be impressively large.
Intel SMM Exploit Code Release: Major Threat to System Security
Could just be FUD but if it's not, get ready: This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill! No, I'm not just trying to sensationalize this or spread fear, uncertainty and doubt. This is serious and represents a massive new security threat for us all. Security Researchers Joanna Rutkowska and Loic Duflot are planning to release a research paper + exploit code for a new SMM (System Management Mode) exploit that installs via an Intel
The Growing Popularity of Cracking Services and Associated Security Risks
So now you can pay somebody to do your cracking for you: "It was inevitable that services would be sold to people who bought the malware toolkits but didn
PandaLabs Forecasts Malware Increase in 2009 Based on Past Trends
Glendale, CA (PRWEB) December 21, 2008 -- PandaLabs, Panda Security's malware analysis and detection laboratory, today announced that a significant increase in the volume of malware (viruses, worms, Trojans, etc.) is expected in 2009. Panda Security's laboratory detected more malware strains in the eight months between January and August of 2008 than in the previous 17 years combined. What is your prediction on Malware in 2009? Will it increase? This article states some reasons on why PandaLabs thinks that Malware will increase in 2009.
Exploring Linux's Involvement in Botnets and System Exploitation
Researchers at a major security vendor are exploring the extent to which Linux systems - especially servers - are involved in the botnet plague. A six-year old Linux virus is still in circulation, and Sophos suspects the high uptime exhibited by servers (compared with the typical home or office Windows PC that spends much of the day switched off or asleep) makes them valuable to bot-herders as central control points. What do think is the role of Linux in Botnets. This article presents a study on the relationship between Linux and Botnets.
Understanding OpenSSH Plaintext Recovery Attack And Prevention Methods
The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, we are unable to properly assess its impact. Have you heard about the latest reported attack on the SSH protocol version 2? Do you think the SSH team made the right decision in not doing an emergency release? If you are interested in ways to prevent this attack, please read on...
CSRF Warning: Top Websites Threaten Users' Data and Financial Security
Cross-site request forgery flaw on several prominent Web sites allows an attacker to perform actions on behalf of a victim who is already logged into the site Two Princeton University academics have found a type of coding flaw on several prominent Web sites that could jeopardize personal data and in one alarming case, drain a bank account. The type of flaw, called cross-site request forgery (CSRF), allows an attacker to perform actions on a Web site on behalf of a victim who is already logged into the site. Have you hear about the news that two Princeton University academics have published security flaws in some high traffic sites? Why do you you think these sites are taking their time in fixing the problem?
Immunity Inc. Releases Open Source Rootkit For Malware Evasion
The art of burying invisible malware deep inside a Linux machine is about to go mainstream, thanks to a new open-source rootkit released Thursday by Immunity Inc., a firm that supplies tools for penetration testers. When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate. It's notable because it cloaks itself by burrowing deep inside a server's processor and availing itself of debugging mechanisms available in Intel's chip architecture. The rootkit, in other words, mimics a kernel debugger. Rootkits are a treat that every computer user should think about. This article discusses one type of Linux rootkit which tries to mimics a kernel debugger.
VMware Security Update: Increased Attack Risks in Virtualization
VMware's recent release of a large number of patches for its virtualization offerings is likely to be the first of many, as hackers increasingly focus their attention on virtualized environments. That is according to security vendor, Fortify Software, which is urging caution among those companies looking to adopt virtualization technology. This article looks into the recent security patches for VMware's virtualization software. Do you still trust VMware as a secure platform after this?
New Firefox Plug-In Improves Site Security Verification and Safety
Like other new browsers, the latest version of Firefox has made security a top priority, and it will alert the user if a site you're about to click on appears to be a hacker's hook. However, the way it and other browsers go about determining that sometimes results in false positives. A new Firefox plug-in adds an additional layer of verification.Intercepting Internet traffic and spying on the communication Improve customer service and productivity with Avaya Unified Communications. between two computers is a gold mine for hackers. Now Carnegie Mellon University researchers hope software they've built will make it harder for criminals to hit that jackpot. This article looks at a new plug-in for Firefox that is designed to prevent users from going to malicious websites. Have you testing this plug-in out, if so what do you think about it? Does it have too many false negatives?
Understanding Security Risks of PHP's Weak Random Number Generators
PHP comes with two random number generators named rand() and mt_rand(). The first is just a wrapper around the libc rand() function and the second one is an implementation of the Mersenne Twister pseudo random number generator. Both of these algorithms are seeded by a single 32 bit dword when they are first used in a process or one of the seeding functions srand() or mt_srand() is called. This is a great article by Stefan Esser on attacking php PRNG. He explains the attack in such a way that it's easy to understand.
Google Calendar Phishing Attacks Target User Credentials
It seems like the Phishing crews at trying to get some new ideas on how to con people into giving away their credentials and leaking info. It seems to the same old style as normal e-mail phishing but utilising the Google Calendar interface. It comes bundled with the usual spelling and grammatical errors that plague phishing e-mails. I found this to be a interesting article about how e-mail phishing is on utilizing Google Calendar. What do you thin, is there any way that Google can combat this?
Adobe Flex 3: DOM-Based XSS Risk Due To JavaScript Manipulation
We recently researched an interesting DOM-based XSS vulnerability in Adobe Flex 3 applications that exploits a scenario in which two frames (parent & son) interact with each other, without properly validating their execution environment. In our research, we have seen that in some cases, it is possible to manipulate JavaScript code flow, by controlling the environment in which it runs. Specifically, we managed to return hacker-controlled boolean values to conditional statements, and by that force the application to be vulnerable to an existing DOM-based XSS, which was otherwise unexploitable.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!