Category: Security News
-
Exploiting Intel CPU cache mechanism
Since I did not get out to Black Hat DC last month I was just reviewing the papers and came across one very interesting one. Aside from the white paper I also enjoy the story about the new “Friends” disclosing such an exploit brings. All in all a good read and just more wood for […]
-
Interview with Charlie the man behind the pwn2own Macbook Hacks
During the PWN2OWN security competition the hacker best known for hacking the iPhone, discusses hacking fully patched Macbooks in under 2 min shares some information. Yes, I took down the Mac in under a minute each time. However, this doesn’t show the fact that I spent many days doing research and writing the exploit before […]
-
Critical IE Flaw & Emergency Patch
New 0 Day in the wild.. For those poor souls still using Internet Explorer take heed! Here are the details on the vulnerability and the emergency patch Good Luck! And if you haven’t already Do Yourself A Favor
-
Fighting SSH Brute Force
To anyone that has had to deal with this issue, I feel you. I can recall less than 2 years ago how an SSH brute force attempt, our preventive/corrective actions, and their response (a weak DoS attempt) triggered a change in our internal process regarding SSH access to the outside world. There was a fairly […]
-
“Your Auto Warranty is about to Expire!” Today’s Scammers
So over the past 4-5 months I have been getting very strange calls. I have gotten these calls on all of my mobile or landlines. They usually all start the same way. “This is an Automated message informing you that your auto warranty is about to expire. Please stay on the line to renew” The […]
-
World Bank Hacked for a while now it seem’s
The article states that at least 18 servers (and maybe as many as 40) had been penetrated, including Human Resources and the banks “security and password server”. More Info…
-
ATM Skimming Revisited
While ATM Skimming is nothing new it really is interesting to look at the current situation with this technology and the way its being abused. ZDNet had a good write up revisiting the process in today’s world. Starting from $8,500 and capable of sending 1,856 SMS messages — processed credit card details — without any […]
-
Scientists show off 1st commercial network with unbreakable quantum encryption
Rather than base the encryption on complex maths, such systems use the laws of quantum theory – in particular, the Heisenberg Uncertainty Principle, which says quantum information cannot be measured without disturbing it. More Info…
-
To Clickjack Or Not To Clickjack?
Security researchers warned today that a new class of vulnerabilities dubbed “clickjacking” puts users of every major browser at risk from attack. More Info…
-
Multiple flaws in the TCP stack could lead to DoS attacks
“Jack found some anomalies in which machines would stop working in some very specific circumstances while being scanned,” Lee told CNET News. One of the behaviors experienced was packet loss where the packets just kept trying, and trying, and trying, creating, more or less, a denial of service (DoS) on that machine.” More Info…
[security.pimp] 