Thanks to Tadek for contributing to this security weekly news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “If Iran got some forged certificates, it’s only because they don’t have a CA of their own. It’s considerably less hassle for most countries.” – Moxie Marlinspike (Abraham’s …
Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime The Recent RA Compromise [blogs.comodo.com] On March 15th 2011, a Comodo affiliate RA was compromised resulting in the fraudulent issue of 9 SSL certificates to sites in …
First Check recognised HW: # dmesg|grep eth jme: JMicron JMC2XX ethernet driver version 1.0.4 eth0: registered as PCnet/PCI II 79C970A eth1: registered as PCnet/PCI II 79C970A eth2: registered as PCnet/PCI II 79C970A Option 1 – The manual way: Static IP assignment and nework configuration: a) Sets your IP address # ifconfig eth0 192.168.0.123 b) Set …
NOTE: For this to work you obviously need network connectivity first! this is explained here Ok guys, finally this is the definitive guide from the Backtrack guys themselves (source): Update Back|Track Linux: apt-get update && apt-get upgrade && apt-get dist-upgrade Update Metasploit: cd /pentest/exploits/framework3 && svn update Update the Social-Engineer Toolkit (SET): cd /pentest/exploits/SET && …
Thanks to Tadek for contributing to this weekly security news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “The media (and general community) responses on the nuke meltdown highlight human inability to contextualize risk.” – Rich Mogull “Getting a lot of enquiries lately to help orgs …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime Open Letter to RSA Customers [www.rsa.com] Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems …
This blog post will explain how to configure stunnel to allow non-SSL speaking tools (like for example netcat) to communicate with SSL protocols, in our example we will use HTTPS. Before stunnel, direct attempt of using a non-SSL tool: # nc www.example.com 443 HEAD / HTTP/1.0 .. 400 Bad Request Bad Request Your browser sent …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Pwn2own breaking news: browsers still have vulnerabilities, and there still are people who know how to exploit them.” – Michal Zalewski “Just reached a company CEO on his cell to tell him that his firm’s dbase & cust. CCs …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Physical Security Tools Funny Hacking Incidents / Cybercrime Cord Blood Registry Notifies 300,000 Of Potential Data Loss [www.darkreading.com] Backup tapes stolen from employee's car contained unencrypted data The Cord Blood Registry earlier this week …
Thanks to Tadek and Toby for contributing to this weekly security bulletin! Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “As a majority of security professionals know, there is more risk and a higher probability of an attacker causing mayhem from within an organisation than from outside …
