We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
With the sniffer, Fluffy Bunny captured logon IDs and passwords for other sites, then installed Trojan horses at each new site. Exodus declined to comment on Fluffy Bunny's claims. Fluffy said that he did not write his own exploits, he merely took advantage of known bugs with existing exploit code.. . .
A team of academics asked a federal court Wednesday for permission to publicly reveal how they cracked an anti-piracy technology backed by the music industry. Princeton University researchers headed by professor Edward Felten filed the challenge in order to present their . . .
As you've probably heard by now, Apache.org was broken into last week, and the system was compromised. How this happened is much more interesting then your usual "known hole in an old piece of software" scenario (although this was the final . . .
They're a brash, fun-loving lot who revel in their notoriety as two-time champions of Capture the Flag, the Daytona 500 of the computer underground. They also enjoy a measure of renown as hosts of a celebrated bacchanal-a combination trivia contest and . . .
The cracker who broke into the Web servers of open source development site SourceForge has broken cover to boast of his exploits, and brag he also compromised the systems of the Apache project. Fluffy Bunny defaced a Web site (themes.org) to . . .
When someone cracked Slip.net's computer system, altered customer accounts and deleted important databases, the Internet service provider didn't need to look far to find the attacker. It wasn't a criminal outfit seeking credit card numbers, and it wasn't a scrawny whiz . . .
This notice contains official details provided by the SourceForge.net team. On Tuesday, 22 May, 2001, the security was compromised on one of the SourceForge.net project shell servers. Security and data integrity has since been restored and SourceForge.net services are currently online . . .
Open source software portal Sourceforge has published details of the server compromise that forced the group to reset all its users' passwords. The postmortem follows news today that another open source portal, themes.org, had also been struck down . . .
Earlier this month, a public server of the Apache Software Foundation (ASF) was illegally accessed by unknown crackers. The intrusion into this server, which handles the public mail lists, web services, and the source code repositories of all ASF projects was quickly discovered, and the server immediately taken offline. . . .
One of my favorite bookmarks is attrition.org. Offering computer security candor often wrapped around a raised middle finger, Attrition is best known for hosting the Web's largest collection of defacement mirrors. But no longer. The site recently announced it . . .
A single misconfigured server exposed broadband provider Excite@Home's internal corporate network to hackers for at least three months, making its customer list of 2.95 million cable modem subscribers accessible to anyone with a web browser and a modicum of cyber smarts . . .
The servers of open source development site SourceForge have been compromised. Active subscribers to the site, which is owned by VA Linux, received the following terse message from its administrators. "This week, one of our systems was compromised. We have promptly . . .
Wurzler found that system administrators working on open source systems tend to be better trained and stay with their employers longer than those at firms using Windows software, where turnover can exceed 33 percent per year. That turnover contributes to another . . .
Max Butler lived three lives for five years. As "Max Vision," he was an incredibly skilled hacker and security expert who boasted that he'd never met a computer system he couldn't crack. As "The Equalizer," he was an FBI informant, reporting . . .
Even if you run your business from a spare bedroom, hackers and computer pranksters from around the world are probably trying to break into your computer systems. Sound implausible? Well, it's not. Some may simply send a virus on the Internet . . .
The Software & Information Industry Association (SIIA) calls for a fresh approach to protect credit card details from Internet crackers. According to the SIIA, many businesses today implement an 'eggshell' security model: hard on the outside and soft in the centre. . . .
Dubbed the Cheese worm, the program is basically a self-spreading patch. It enters servers that have already have been compromised by a previous bit of malicious code--the 3-month-old 1i0n worm--and closes the back door behind it, adding security to . . .
A useful resource in this area is Attrition.org's Web site. Hackers notify this group when they deface a site, and Attrition.org makes a mirror copy of it as a record. This means it has accurate data reflecting trends in this area. . . .
Guerrilla geeks of the world unite! Whether it's Vietnamese student techies taking on the state, South Koreans trying to rewrite Japanese history, antiglobalization protesters pinching presidential credit cards or the latest Web wars between American and Chinese zealots, hackers are getting . . .
Companies should be wary of carrying our counter attacks against hackers, even despite the fact that they still cannot rely on police for help. Companies cannot rely on the police to protect them from computer crime, but . . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
