Visits

 [+/-]
Today:
Yesterday:
Day before yesterday: 		226
683
624
+59
This week:
Last week:
Week before last week: 		2835
4156
3775
+381

Last month:
Month before last month:		5818
14827
11323
+3504

Visitor Data

IP ADDRESS
38.107.191.85
-
Location
United States
-
Browser
Unknown Browser
-
Operating System
Unknown Operating System

Most Downloaded


No Documents
Hack in the Box
Hack In The Box
  • Acer Founder: Apple is Like a Mutant Virus
    Wednesday during an interview, Acer founder Stan Shih took a slight jab at Apple, comparing its products--namely the iPad, iPhone, and iPod Touch--to mutant viruses. According to the exec, its difficult to find a cure for said viruses in the short-term, however he believes that the PC industry will eventually find a way to contain the infection, and become immune to its effects. However Shih didn't completely devalue Steve Jobs and his accomplishments. He noted the success of Apple's innovation and creativity through iTunes and the introduction of apps. Shih said that PC vendors need to follow the lead and focus less on hardware and more on innovative software in order to grab a portion of the growing market. Shih also added that Apple actually deserves a little respect. While PC manufacturers have evolved naturally and developed products "in a more solid way," the Apple boss has taken a different strategy, looking for a "revolution." But despite Apple's success, Shih believes that the PC market will eventually come out on top, as history dictates that a natural evolution builds a stronger industry backbone.

  • Rackspace pulls the plug on Koran-burning pastor's website
    The obscure Christian pastor who planned to mark the ninth anniversary of September 11 attacks by burning copies of the Koran has had his website pulled from the internet, the hosting company said. Dan Goodgame, a spokesman for popular web host Rackspace Hosting, said two websites operated by the Dove World Outreach Center, the tiny Gainesville, Florida church run by pastor Terry Jones, had been shut down. Jones, 58, has generated international attention and has been widely condemned for arguing that as an American Christian he has a right to burn Islam's holy book because "it's full of lies." One of two websites, used to drum up publicity ahead of Jones's planned Koran book-burning on Saturday, used the domain name "Islam is of the Devil." Goodgame said Dove World Outreach Center had violated "hate speech" provisions of its contract with Rackspace.

  • IT Contract Work Is Up, Permanent Hiring Slowly Increasing
    If you have in-demand skills, your asking price is probably above market rate—even with the slow growth of technology jobs, say hiring managers and recruiters polled in an August survey by online job board Dice.com. Fifty-one percent of 1,350 IT decision makers polled said they are having to sweeten salaries for highly sought-after tech talent, though about 22 percent of workers are not willing to leave their current jobs. Caution about the economy is still in the air for employers and workers alike. But if you are receiving offers, don't be afraid to try to get the best salary possible. "Indeed, money dominates the enticement list, whether it's higher salaries or sign-on bonuses sometimes necessary to help with relocation," Tom Silver, senior vice president of Dice, said in a Sept. 8 statement. "But No. 3 on the list might surprise you: flexible work options, including telecommuting."

  • Adobe To Resume “Dev Work” On Flash-to-iPhone Tool
    Hot on the heels of Apple’s decision to increase, ever so slightly, the opportunities for devs to use different frameworks for iPhone app creation, Adobe announced that its resuming work on its Flash-to-iPhone system for Flash Professional CS5. Here is the relevant quote: Apple’s announcement today that it has lifted restrictions on its third-party developer guidelines has direct implications for Adobe’s Packager for iPhone, a feature in the Flash Professional CS5 authoring tool. This feature was created to enable Flash developers to quickly and easily deliver applications for iOS devices. The feature is available for developers to use today in Flash Professional CS5, and we will now resume development work on this feature for future releases.

  • Bootrom exploit for iPhone iOS4.1 discovered
    Apple's servers are probably still steaming hot from the rush to download iOS4.1 but hackers have already found a bootrom-based exploit which will could allow them to tinker with any device that uses the mobile operating system. The recent update slammed the door on a number of methods including the web-based JailbreakMe, which allowed a number of iDevices to run unapproved software, but coders from both the infamous iPhone Dev Team and Chronic Dev Team are already reporting successful exploits aimed at the gadgets' bootroms. If this turns out to be the case, Apple will have its work cut out stopping jailbreakers, as a simple firmware update won't be enough to close the hole. Could this be the Holy Grail for iPhone fans... a permanent jailbreak that can't be circumvented my an iOS4 software update? We'll have to wait and see.

  • UK government breathes fresh life into Gary McKinnon case
    The government is to review the extradition situation between the UK and the US, prompted by cases such as the tug of war over accused hacker Gary McKinnon. In a speech in the House of Commons, home secretary Theresa May said: "I am today announcing to parliament the government's plans to review the UK's extradition arrangements", before acknowledging the flack that it has faced over McKinnon's and others' possible treatment in the US. "There are a number of areas of the UK's extradition arrangements which have attracted significant controversy in recent years," she noted, explaining that perhaps there is a need to give the UK some discretion in its extradition requirements. The review will also consider "whether the US-UK extradition treaty is unbalanced". May said that the laws would be subject to review, and that she expected this to be completed by the summer of 2011.

  • Google Instant could lead to blackhat SEO problems
    Google launched its streaming search engine yesterday called Google Instant, which provides people with instant, real-time search results, and also opens the doors to search engine optimisation (SEO) poisoning and other problems, according to insecurity experts. The problem comes from hackers who create malware or fake antivirus programs and then manage to poison Google's search results in order to get their software high on the list. This is often called blackhat SEO, as it will use traditional SEO tactics but for malicious reasons. All search engines, but Google in particular, are at risk of blackhat SEO and that is not a new problem. However, because Google Instant literally searches for everything as you type, you could be forced into a situation where you are unwittingly searching for rogueware.

  • New Android SMS Trojan Variant Distributed Through BHSEO
    A new variant of the SMS trojan for Android-based devices is being distributed through poisoned search results as an adult content video player. Early last month Kaspersky Lab discovered a trojan packaged as an .APK application for the Android smartphone operating system, which sent SMS messages to premium rate numbers without authorization. Security researchers from the Russian antivirus vendor have now identified a new version of the same malware being distributed through black hat search engine optimization (BHSEO) techniques. BHSEO involves artificially inflating the PageRank of malicious websites, with the purpose of pushing them at the top of the search engine results for particular keywords.

  • PS3 Hackers Gain Flash Access. Custom Firmware Coming?
    With the release of yesterday's PS3_FTP_Server which enabled easy access to dev_hdd0, dev_flash, dev_flash2, dev_flash3 and dev_bdvd on the PS3, several developers are now examining the PlayStation 3's dev_flash and registry entries. Forum user diemetal has let us know today that Spanish PS3 developer DemonHades has began to analyze dev_flash from PS3 Firmware version 3.41, stating the following (roughly translated): "TeamHades has removed the three dev_flash that PS3 has. Thanks to the Homebrew PS3News we needed to extract (PS3 FTP Server). We begin the analysis with some pictures of their content, we will later file by file documenting that we are not able to do anything and escape in the future a stable CFW." RichDevx has also tweeted some pictures of the PS3 flash contents and registry entries today.

  • Basics of vulnerability management
    The more apps companies deploy, the more complicated vulnerability management becomes. In the rush to find every security hole and seal it off from potential hackers, it's easy to let something important slip through. That's especially true if you're an IT administrator juggling several tasks of which security is one. Security practitioners can't catch everything. But by breaking vulnerability management down to the basic parts, it may be possible to mount a more effective defense. CSO attended SANS Boston 2010 last month in search of those basics. What follows is the first of a three-part series on vulnerability management, based on a training session taught by SANS Institute President Stephen Northcutt called "SANS Security Leadership Essentials for Managers with Knowledge Compression." Before getting into all the vulnerability management tools and techniques, which we'll cover in the next two articles, we begin by getting to the bottom of what vulnerability management is.

  • Greece orders new investigation into Olympics wiretapping
    Judicial authorities in Greece say they have ordered a new investigation into wiretapping that targeted Greece's prime minister and other senior officials during the 2004 Olympic Games in Athens. Senior judge Yiannis Sakellakos ordered the investigation Thursday. A probe that ended in 2008 failed to produce any suspects. The new investigation broadens the scope of potential charges from violation of privacy to espionage. Former Prime Minister Costas Karamanlis and senior government and military officials, as well as human rights activists and journalists, were among 106 users of the Greece Vodafone mobile network targeted by unknown hackers from just before the August 2004 Games until March 2005.

  • Misuse of Computers: Shadowcrew and soupnazi
    The Internet is a vehicle for bringing together people with common interests, but Shadowcrew was not your everyday social network. Shadowcrew was a notorious criminal conspiracy that operated from August 2002 to October 2004. It was a wake-up call for corporations, particularly retailers, with vulnerable networks. This community of credit-card fraudsters and identity thieves participated in an Internet-based exchange, a high-tech twist on trafficking in stolen goods. Shadowcrew.com was like a version of eBay for buyers and sellers from the black hat, or criminal side, of the hacker community The Shadowcrew conspiracy revealed network and database security problems were pervasive. Despite a decade of Internet commerce and an even longer history of criminal exploitation of credit cards, Shadowcrew confirmed there was still big money to be made due to weak security measures. It revealed a global community of criminal hackers was profiting from exploiting vulnerable networks and servers; the hacker's penetrations were not always detected. Why would a bank robber risk using explosives if he can find a bank vault that's routinely left open and no one notices repeated intrusions?

  • At ARM's length
    The biggest mobile phone chip designer successfully keeps competition at bay while venturing into new segments The demand for chipsets and microprocessors in the mobility space – mobile phones, navigation devices, iPods, music players and cameras – is virtually exploding. No wonder that chip manufacturer Intel has been trying to garner a pie of this growing market, which so far has been dominated by UK-based ARM. With a revenue of close to $490 million and a market cap of about $6 billion, ARM is no match to Intel because of the latter's sheer size. But the company (ARM), which is an undisputed leader in the mobile phone market has been giving Intel a run for its money.

  • Marriott, Sheraton, Westin warns 3400 customers of data breach
    HEI Hospitality, owner and operator of upscale hotels operating under the Marriott, Sheraton, Westin and other monikers, has sent letters informing some 3,400 customers that their credit card data may have been compromised. The warning stems from an intrusion into point of sale systems at several HEI properties earlier this year, which could have allowed card holder data being to be illegally accessed, the company said in the letter. The intrusion could have exposed to hackers a variety of information, including credit card types, credit card numbers, expiration dates and security codes stored in the magnetic stripe on the back of each card. The intrusions occurred between March and April, and the company sent out notification letters in August. The breach appears to have stayed largely under the media radar until it was reported this week by Databreaches.net.

  • Advanced Spam Sent via PHP Tool Hosted on Compromised Web Servers
    Traditional Web hackers are increasingly landing their services to spammers by allowing them to run advanced mass mailing tools from the compromised servers. Such a specialized Web-based application was located by security researchers from antivirus vendor Kaspersky Lab on hacked servers in Brazil, a country where spam and phishing are amongst the top cybercriminal activities. "During my daily analysis, I found an interesting shell for mass mailing. The code shows it was developed locally in Brazil," Dmitry Bestuzhev, a Kaspersky Lab expert, writes. "By editing the original PHP code, the criminal can fake the 'original headers' of the messages they send," he explains.

  • iPhone Jailbreakers May Get Their Freedom And Their Security, Too
    When Apple offered patches last month for two software vulnerabilities in its iOS operating system that allowed users–or cybercriminals–to completely take control of the phone, the company put customers who had used that “Jailbreakme” exploit in a quandary. Patch the system and stay secure from malicious attacks, or keep their freedom to install much-loved unauthorized apps? Just hours after Apple released iOS 4.1 today, however, a group of hackers confirmed that they’ve created a new method for jailbreaking iPhones. And this time the security-inclined needn’t worry. Unlike Jailbreakme, which required merely visiting a website, the new “bootrom” exploit, which has yet to be released, requires the phone to be hooked up to a computer with a cable. That means it’s fairly impossible for a cybercriminal to reverse engineer the exploit and use it for unfriendly purposes. “This is unlikely to create malware problems, as it can not be used to execute code just by clicking a link (as jailbreakme did),” F-secure researcher Mikko Hypponen reassured me in an email. Hypponen had been one of the most vocal critics of Jailbreakme, predicting that if Apple didn’t release a patch, it would be a matter of days until the exploit was reverse-engineered and used by malicious hackers.

  • Microsoft Cooking Up Baker's Dozen of Fixes for Patch Tuesday
    Microsoft plans to release nine patches for security holes in a handful of its products when it ships its September security fixes on Tuesday, the company said. The patches, which can each include numerous fixes, are part of Microsoft's (NASDAQ: MSFT) regular monthly "Patch Tuesday" security release, during which the company issues most of its fixes for security-related holes in its software. On the Thursday prior to Patch Tuesday, Microsoft sends advance notifications to customers as a heads-up to give them some idea of how much time and effort they'll have to plan for installing and testing the coming patches. "This month we will be releasing nine bulletins addressing 13 vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office," Carlene Chmaj, security response communications manager, said in a post to the Microsoft Security Response Center (MSRC) blog. Four of the nine patches are rated as "critical," the highest in Microsoft's four-tier vulnerability severity ranking.

  • Apple relaxes rules for iPhone-iPod-iPad applications
    Apple on Thursday loosened rules for applications built for its iPhones, iPods, and iPads in a move that promises to make it easier for friends and rivals to get programs on the popular gadgets. The California company also pulled back the curtain on its long private review guidelines that third-party applications must meet to get into Apple's online App Store. The announcement was expected to appease software makers who have complained about constraints on code for Apple gadgets and the mystery shrouding the App Store vetting process. "We are continually trying to make the App Store even better," Apple said in its announcement. "We have listened to our developers and taken much of their feedback to heart.

  • DNS Made Easy Suffers from Break in DDOS Attack
    DNS has restored services and mended customer relationship since being victim to a denial of service attack at a 50Gbps. It still remains unclear who the hacking culprits are and for what reason they interfered with DNS Made Easy’s System. One forecasted reason is that hackers with a possible grudge with the DNS Made Easy Website may have hired a botnet to flood DNS Made Easy with endless and worthless traffic. Lasting up to eight hours, the company said that 1.5 hours of actual downtime was experienced at the time of the attack. Just after the first sign of attack carriers such as Level3, Tata, Tinet, GlobalCrossing, and Deutsche Telekom supported DNS Made Easy to block the hackers. The size of the attack was so large that it immediately infested the core of the network with junky traffic.

  • UK MPs to hold emergency debate on phone hacking
    The Downing Street communications chief Andy Coulson is under renewed pressure as it was announced that MPs will hold an emergency Commons debate about newspaper phone hacking tomorrow. Nick Clegg, the deputy prime minster, gave only qualified backing to Coulson at prime minister's questions today as Labour strived to keep the affair at the top of the political agenda. As the Speaker, John Bercow, said he would grant a debate on phone hacking, Clegg refused to say whether he believed Coulson's insistence that he did not know about the illegal practices that took place when he was editor of the News of the World. Taking prime minster's questions in the absence of David Cameron, who flew to France to be with his ill father today, Clegg warned Labour not to "second guess" police inquiries into fresh allegations surrounding Cameron's press chief.



All Documents are Rights of their Owners :: 2008 Legitcode.com : All Rights Reserved