So, tomorrow I leave for Las Vegas. 10 days of gambling, drinking, and partaking in sins which will, undoubtedly, either wind me up in prison or hell. Possibly both. I’ve accepted this fate, so I’m going to push it as far as I can. Prior to all that, though, I will be attending DefCon 18. [...]
Archive for July, 2010
The Hackers Behind Stuxnet
Posted: 22nd July 2010 by Matt in news, securityTags: attack, attacker, company, hack, hackers, incident, infect, Microsoft, motive, private, root, rootkit, SCADA, software, steal, study, Symantec, threat, USB, vulnerability, W32.Stuxnet
I thought this was a pretty interesting article that I felt I should share. It talks about the different types of hackers that may have been behind the original stuxnet attack. (Credit: Symantec) W32.Stuxnet has received a lot of media attention over the last few days. This incident provides almost a complete case study of [...]
File Server LNK Protection
Posted: 22nd July 2010 by Matt in hacks, news, securityTags: bat, block, dll, exe, file, file screening, file server, Linux, LNK, NAS, protect, Protection, Samba, screen, share, spread, Stuxnet, Veto, vulnerability, Windows
I figured I’d throw this out there.. I wanted to make sure that in the event that somehow my network were infected by something that used this vulnerability that it would be limited to an individual machine. Basically, I didn’t want it on my file server. Also, at the bottom of this post I give [...]
Damn Vulnerable Linux (DVL)
Posted: 19th July 2010 by Matt in hacks, news, securityTags: computer, damnvulnerablelinux, exploit, exploits, hack, Linux, security, vmware, vulnerable
All I have to say is.. awesome! This is a Linux distro that is intentionally made as vulnerable as possible. Why? Because it allows you to throw it on to some old computer (or run it as a vmware image!) and hack the living you know what out of it. You can test new tools, [...]
UPDATE: New virus spreading
Posted: 19th July 2010 by Matt in news, securityTags: analysis, computer, detection, downloader, firewall, random, trojan, victim, virus, zip
I’m being flooded by emails regarding this new virus. The account associated with the IP address that I posted on Thursday is no longer active, but there are, from what I can tell based on the analysis that I’m being sent, now using random domains/ip addresses, making it difficult to simply firewall. However, from what [...]
ALERT: New virus spreading
Posted: 15th July 2010 by Matt in hacks, news, securityTags: AntiVirus, download, email, exploit, files, firewall, gateway, iptables, mailscanner, mimedefang, network, PREROUTING, protect, rule, scan, security, virus
I was reading the ISC handlers diary today and saw a post entitled “Be on the Alert” The email comes with an attachment.. either a .zip or a .html file. If this is a truly new virus, antivirus will not detect it yet. Here’s what I’ve done to protect my network. 1) Through the use [...]
Where the #%@$ did Matt go??
Posted: 12th July 2010 by Matt in newsTags: abducted by aliens, alcohol, back alley, conference, consuming, DefCon, government, hiatus, hot desert, las vegas, NSA, santa clause, secret government agencies
First, I want to thank all of you who emailed me worried that I had been abducted by aliens, the NSA, or other secret government agencies. If only my absence had been due to something as cool as that. No, instead my hiatus was due to life. The last few weeks have been crazy and [...]