Do I still have any regular readers left? I hope so, even though I’ve greatly neglected you. I wont even bother with excuses. BUT, here’s a post to prove that I still know what I’m doing! So, if you’ve been following some of the other blogs (specifically, Krebs), you’ve probably seen the hubbub about ZeusTracker. [...]
Archive for the ‘security’ Category
Lets see if I still remember how to do this…
Posted: 10th March 2011 by Matt in securityTags: ACL, botnet, Chrome, crime, information, Java, Krebs, network, squid, worm, ZeuS, ZeusTracker
19
Geolocation Using BSSID
Posted: 22nd September 2010 by Matt in code, hacks, news, securityTags: attack, BSSID, DefCon, demo, Geolocation, GPS, mac, Skyhook, SSID, war, WiFi
This was discussed at DefCon 18 in a talk by Sammy Kamkar, but as far as I know, Sammy didn’t release his code, so I had to come up with something on my own. First, one big difference. His version of this uses the Google Location Services API. I’ve opted to use the Skyhook service [...]
Really, Adobe?
Posted: 20th September 2010 by Matt in code, hacks, news, securityTags: 0day, Acrobat, Adobe, cooltype, corporate, dll, exploitation, information, own, PDF, penetration, SING, software, strncat, SumatraPDF, vulnerability, Xpdf
So, I’ve come across a lot more information regarding the no-longer-0day Adobe vulnerability (oh, wait, that’s right.. there have been like, 12 in the last 30 days.. I’m referring just to the SING table one). Anyway, a penetration testing company named Ramz Afzar has released an unofficial patch to fix the Adobe vulnerability, because apparently [...]
0day “Here you have” Worm – Prevention at the Gateway
Posted: 10th September 2010 by Matt in code, hacks, news, securityTags: gateway, infect, INPUTMSG, mimedefang, perl, Prevention, protect, rule, rules, script, sendmail, spam, virus, worm
“…that we all feared might happen someday…”? Where has this chick been? ANYWAY….. Whenever I hear about an email worm going around an infecting people left and right, I kind of chuckle to myself. These are absurdly easy to block, yet no one seems to do it. I’m in charge of all the network operations [...]
Vendor Response to Backdoor in Accton Switches Post
Posted: 10th September 2010 by Matt in news, securityTags: Accton, Accton-based, attack, backdoor, fix, hack, hacked, lan, network, owned, password, passwords, risk, secure, security, SNMP, vlan, vulnerable, workaround
A few days ago I posted an article that was circulating regarding a backdoor in to Accton based switches. You can read that post here. Shortly after, a person by the name of “CK”, who apparently works for the vendor, responded with the company’s side of the story. I then issued my response, and CK [...]
An Open Letter to Microsoft
Posted: 8th September 2010 by Matt in news, securityTags: Apache, Blaster, Boink, Bonk, code, Code Red, company, computer, Conficker, crash, denial of service, denial of service attack, exploits, Frag, IIS, ILOVEYOU, irc, Land, Linux, Microsoft, MyDoom, Nestea, NewTear, Nimda, Sandmind, Sasser, Sircam, Slammer, SoBig, Sping, spyware, SQL, TearDrop, vulnerability, vulnerable, Windows, WinNuke, worm
Dear Microsoft, I have watched you develop as a company, starting with Windows 3.1. It was most peoples first experience with a PC and considering that there was really no other marketed OS (Linux was brand new and not really totally “usable” yet. I ran it, but it was not for the faint of heart. [...]
Compromising Hosts With SNMP
Posted: 3rd September 2010 by Matt in hacks, securityTags: change, community, MIB, msfcli, nmap, OID, read, set, SNMP, snmpget, snmpset, snmpwalk, value, write
First, if you’ve never fully researched SNMP (Simple Network Management Protocol), I suggest you go do that now because you’re doing yourself a major disservice by not knowing/using the information that’s available through the use of this protocol… not to mention the amount of remote control you have over a machine if you’re able to [...]