Alerts This Week
Warning Icon 1 825
Alerts This Week
Warning Icon 1 825

Linux Hacks & Cracks - Page 85

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Authorities have dismantled SocksEscort, a service that sold access to a large proxy network built from compromised residential routers. Investigators say much of the infrastructure sat on infected SOHO networking devices, many running embedded Linux...

We’ve been telling ourselves that Snap apps are sandbox...

UNC2891 has been working its way through gaps in ATM se...

Discover Hacks/Cracks News

LS Hmepg 337x500 34 Esm H267

Corporate Websites: Advisory on Risks from Cross-Site Scripting Issues

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Insecurely written software still looms as one of the greatest threats to Internet commerce, and user-generated Web content is becoming a vast new vulnerability hackers want to exploit, according to experts at RSA Conference. Cross-site scripting attacks on Web sites can lead to malware taking over the browsers of machines that use the sites, said Caleb Sima, a member of the Secure Software Forum and co-founder of SPI Dynamics.

LS Hmepg 337x500 34 Esm H267

Ransomware Trends: Rise in Data Encryption and Extortion Tactics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Online criminals are turning away from threatening companies with massive cyberattacks in favour of encrypting a victim's data and demanding money to release it, an antivirus expert claimed on Tuesday. Eugene Kaspersky, head of antivirus research at Russia's Kaspersky Labs, told the RSA Conference in San Francisco that the use of so-called "ransomware Trojans" is a key trend for 2007.

LS Hmepg 337x500 34 Esm H267

Understanding Rootkit Dangers and Escalating System Threats

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The rootkit problem is not going away any time soon. In fact, it's likely to get much worse before it gets better, according to the members of a panel on the topic at RSA Conference 2007 Tuesday. "Rootkit capability is at an apex, an all-time high for the attackers," said Jamie Butler, director of engineering at software security firm HBGary Inc. in Chevy Chase, Md.

LS Hmepg 337x500 34 Esm H267

Emerging Bank Trojans Challenge Security in Financial Sector

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mobility, money, and malicious intent have formed a toxic brew, a researcher at Kaspersky Lab said yesterday on the eve of the security conference here. And it's a mix that threatens banks and their customers alike. Cybercriminals are targeting financial services and consumer banking customers, which is no great surprise, acknowledged Eugene Kaspersky, head of research and development for the international antivirus vendor. But "bank Trojans," in particular, he told Dark Reading, have recently demonstrated more malevolence and effectiveness, threatening to overwhelm antivirus researchers and the methods they use to shut down such malware.

LS Hmepg 337x500 34 Esm H267

Keylogging Threat: Dozens Of Websites Infected With JavaScript Malware

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Dozens of unrelated websites contain malicious scripts that attempt to infect users' machines with malware, security experts said today. The reports come two days after the highly trafficked website for Dolphin Stadium, host of today's Super Bowl, was infected with a JavaScript-enabled keylogging trojan that took advantage of two previously patched Microsoft vulnerabilities.

LS Hmepg 337x500 34 Esm H267

Vermont: Data Breach Affects 70,000 Residents Through Trojan Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The personal information of as many as 70,000 current and former Vermont residents may have been compromised by hackers using a trojan to breach state PCs last month. The hackers may have accessed a server containing the names, Social Security numbers, birth dates and financial records of 12,000 Green Mountain State residents who are at least three months behind on child support payments.

LS Hmepg 337x500 34 Esm H267

Build A Targeted Password Cracking Tool With Ajax Techniques

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a proof of concept to exploit the registration functionality of a website to build targeted password cracking engine. I am using Ajax to automatically detect the parameters which are submitted for a successful password and automatically resubmitting the modified passwords. Of course other technologies can be used for the same.

LS Hmepg 337x500 34 Esm H267

Exploit Kit Q406 Roll-Up Drives 71% Of December Web Attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A multi-exploit hack pack was responsible for nearly three-fourths of all Web-based attacks during December, a security company said Tuesday. Tagged with the moniker "Q406 Roll-up," the attack kit was behind 70.9% of last month's attacks, reported Atlanta, Ga.-based Exploit Prevention Labs. Up to a dozen different exploits make up the kit, which includes several exploits derived from the proof-of-concept code that researcher HD Moore published in July 2006 during his "Month of Browser Bugs" project.

LS Hmepg 337x500 34 Esm H267

Exploring the Rise of Bug Bounties and Vulnerability Sales in Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The co-founder of security group Secure Network Operations Software (SNOSoft), Desautels has claimed to have brokered a number of deals between researchers and private firms--as well as the odd government agency--for information on critical flaws in software. Last week, he bluntly told members of SecurityFocus's BugTraq mailing list and the Full-Disclosure mailing list that he could sell significant flaw research, in many cases, for more than $75,000. "I've seen these exploits sell for as much as $120,000," Desautels told SecurityFocus in an online interview. It's a statement that underscores the increasing acceptance of the sale of vulnerability information. Once a frowned-upon practice, the sale of such information is taking off. Flaw bounty programs such as TippingPoint's Zero-Day Initiative (ZDI) and iDefense's Vulnerability Contributor Program (VCP) have added legitimacy to the practice, even if they remain controversial. Software vendors have had to increasingly get used to dealing with third parties reporting security flaws that were bought from anonymous researchers. Microsoft, for example, patched at least 17 flaws reported by the two programs in 2006, up from 11 reported in 2005.

LS Hmepg 337x500 34 Esm H267

Email Threat: Storm Worm Implements Rootkit Techniques For Phishing

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A Trojan horse that started spreading Friday in emails exploiting concern about European storms continued its advance over the weekend by adopting a wider variety of fake news headlines, according to Finnish antivirus firm F-Secure Corp. "The weekend has been very busy with Storm," F-Secure said in its blog. "We have lately discovered new variants that have started to use kernel-mode rootkit techniques to hide their files, registry keys, and active network connections." The Trojan is now using the following headlines in an attempt to trick email recipients into clicking the malicious attachment: * Russian missle shot down Chinese satellite * Russian missle shot down USA aircraft * Russian missle shot down USA satellite * Chinese missile shot down USA aircraft * Chinese missile shot down USA satellite * Sadam Hussein alive! * Sadam Hussein safe and sound! * Radical Muslim drinking enemies' blood * U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel * U.S. Southwest braces for another winter blast. More then 1000 people are dead./ * Venezuelan leader: "Let's the War beginning" * Fidel Castro dead. * Hugo Chavez dead

LS Hmepg 337x500 34 Esm H267

Dynamic Code Obfuscation and Its Impact on Antivirus Solutions

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One sign that digital miscreants are growing in their level of sophistication is their method of hiding malicious code to evade detection, according to new research from San Jose, Calif.-based Finjan Inc. Called dynamic code obfuscation, the method is being used by attackers to place encrypted virus code onto victims' computers, wreaking havoc for antivirus vendors, said Yuval Ben-Itzhak, chief technology officer of Finjan. For example, if two people visit a malicious Web site at the same time, each person will get a different encrypted or obfuscated code, generated on the fly with a different set of function and parameter names. The dynamic obfuscation method makes virus signatures virtually useless since different encryption keys change the way malicious code will exist on a victim's machine, Ben-Itzhak said. "Security vendors that post security updates to their customers will need to theoretically create millions of signatures for their customers," Ben-Itzhak said. "This is the kind of real threat to businesses that relies only on alternative based technologies to secure their business." Each time a surfer visits a malicious site, the encryption result is different using the dynamic obfuscation method because the key is changed, Ben-Itzhak said. This new method is being used to push out malicious code to end user machines, he said. Code obfuscation is not new. Programmers have used the technique to hide redirect functions in pop-up, ad-driven Websites to avoid being penalized by search engines.

Your message here