Top 20 of the Last 2 Weeks
|
Hack In The Box Heading to Holland
Posted by l33tdawg on Monday, November 30, 2009 - 12:00 AM (Reads: 281)
|
Source: PC World
The organizers of the Hack In The Box security conferences in Malaysia are planning their first European show for Amsterdam next July. Hack In The Box (HITB) held its first security conference, or hacker convention, in Kuala Lumpur in 2003, one of the first major shows of its kind in Asia. HITB organizers added a show in the Middle East in Dubai, United Arab Emirates in 2007. The two shows run yearly and draw high profile security industry people every year.
Next year, HITB will host its first show in Amsterdam from July 5 to 8, according to Dhillon Andrew Kannabhiran, the head of HITB. The Amsterdam show, HITBSecConf2010 - Amsterdam, will follow a similar schedule to the other HITB exhibitions. There will be two days of training sessions and two days of the conference, complete with Web hacking competitions.
[   ]
| |
How to recover your Windows Administrator password
Posted by l33tdawg on Sunday, November 29, 2009 - 04:50 PM (Reads: 1222)
|
Source: Tech Radar
Most operating systems have restricted user accounts for everyday use and one administrator account that has full functionality, which is only used for system maintenance and software installation.
This makes for a more secure system, because malware on a restricted account can't cause nearly as much trouble. Windows is usually run in admin mode, but if you're a security conscious person and you usually run a restricted account, there's a chance you could forget your admin password because it's so rarely used.
Ophcrack can help in this situation. All Windows passwords are encrypted for security purposes, so getting into an account where you've forgotten the password is nigh-on impossible without outside help. In order to recover your password, Ophcrack cracks your Windows passwords using a huge table of data (over 600MB).
[ ]
| |
Secure Software Needs Careful Testing--And Lots Of It
Posted by l33tdawg on Sunday, November 29, 2009 - 04:50 PM (Reads: 265)
| |
Source: Information Week
Software testing comes in many flavors. Unit testing analyzes individual components before they're integrated into larger systems. System and integration testing checks that modules work together. Regression testing verifies that everything still works after a change is made to the code. And security testing checks that data is protected.
Tools such as source-code scanners, security-aware compilers, and application scanners help developers find vulnerabilities in code. And techniques like fuzz testing uncover inputs that can cause apps to behave badly. With fuzzing, we deliberately attack software with random data in search of weaknesses and unexpected responses.
Fuzz testing is particularly important in Web application development, and it's playing a growing role in ensuring that "security quality"--the confidentiality, integrity, and availability of systems and data for users--is integrated into every phase of development.
[ ]
| |
New scheme to give 270,000 needy kids free computers
Posted by l33tdawg on Sunday, November 29, 2009 - 04:49 PM (Reads: 222)
|
Source: News of the World (UK)
HUNDREDS of thousands of poor children are to be given FREE laptops and computers with broadband internet in the New Year.
The astonishing multi-million-pound Government handout - involving big name suppliers like Comet - will benefit 270,000 low-income families across England.
Each will be given ÂŁ528 to spend as part of the Home Access programme aimed at ensuring kids from deprived backgrounds all have access to the web. To take part familes must have a child between seven and 14 who qualifies for free school meals which normally means being on income support or with an overall annual income less than ÂŁ16,040.
[ ]
| |
10 Firefox Extensions Google Chrome Should Have Too
Posted by l33tdawg on Sunday, November 29, 2009 - 04:48 PM (Reads: 326)
|
Source: Mashable
Extensions are coming to Google Chrome in the near future. The current developer build supports them, and there’s a lot to be excited about in the implementation -, you don’t have to restart the browser to use an extension you’ve just installed like you do in Firefox, for example.
On the other hand, the group of brave folks using the developer build don’t have nearly as many extensions to pick from yet. Firefox has the best lineup in the browser biz, so let’s play a wishing game; here are some Firefox extensions we’d love to see pop up in Chrome’s gallery, too. Some of our favorites are already in the works, but we haven’t yet heard a peep about any of the ones on this list.
If you’ve already thought of at least one plugin without which you just can’t make the switch from Firefox to Chrome, feel free to add to our list in the comments.
[ ]
| |
Windows 7 tricks: 20 top tips and tweaks
Posted by l33tdawg on Sunday, November 29, 2009 - 04:47 PM (Reads: 1109)
|
Source: PC World (NZ)
Just got your hands on Windows 7 and want to bend it to your will? No problem. We've got plenty of tips, hacks and secrets to keep you busy for a long time, including automatically opening Windows Explorer to a folder of your choice, speeding up taskbar thumbnails, finding hidden desktop themes, forcing User Account Control to act the way you'd like, keeping your Explorer searches secret from others, and more.
So check out these tips. If you like them, we'll keep more coming.
[ ]
| |
New Website Publicizes iPhone App Rejections
Posted by l33tdawg on Sunday, November 29, 2009 - 04:39 PM (Reads: 294)
|
Source: Read Write Web
A new website aims to publicize the details surrounding the much-maligned iPhone application review process - Apple's secretive procedures that have been under heavy scrutiny this year, especially since the FCC's involvement regarding Apple's rejection of the Google Voice application. Notable iPhone developers have publically called out the company for this "broken" process and some have even announced their retirement from creating iPhone apps, including Facebook app developer, Joe Hewitt, based on philosophical differences with the perceived tyranny of the Apple gatekeepers.
On the recently launched site, App Rejections, iPhone developer turned blogger Adam Martin, has begun to document individual app rejections in an effort to help the development community understand what they can and cannot expect from the company's stringent, and sometimes seemingly arbitrary, vetting process for new apps.
[ ]
| |
Intel's Six-Core 'Gulftown' processor revealed, possibly headed to Mac Pro
Posted by l33tdawg on Sunday, November 29, 2009 - 04:38 PM (Reads: 254)
|
Source: Apple Insider
Performance numbers of Intel's new six-core Xeon were prematurely revealed by Polish website PCLab, showing strong increases in performance for the chip rumored to be in the next iteration of the Mac Pro.
Hardmac reported that test and performance results of Intel's new 6-core Xeon chips code-named "Gulftown" were briefly featured on PCLab before being taken down at the request of Intel. According to the test results, the new chips are nearly 50% faster than the previous quad-core Xenon during parallel tasks, and use up to 50% less power.
This chip will, according to sources, be featured in future Mac Pro models that could arrive as early as the first quarter of 2010. The "Gulftown" chip will be sold under the Core i9 name and will be Intel's first six-core, dual-socket processor. The 32 nanometer chips feature 12MB of L3 cache. If paired with another chip, as Apple usually does in its high-end workstations, the processors will offer 12 physical and 24 logical cores.
[ ]
| |
3D TV gets closer
Posted by l33tdawg on Sunday, November 29, 2009 - 04:37 PM (Reads: 202)
|
Source: The Inquirer
SKY TELEVISION will blast 3D football into your living room by 2010, according to reports.
Yes, if the thought of having Wayne Rooney and gang looming out at you in full 3D doesn't fill you with dread, you should start preparing to watch them in all their, almost like the real thing, glory. And by preparing we mean going out and getting yourself a 3D television.
Today the firm said that it would initially show matches from the Premiership on the service, so home viewers will have the delightful prospect of seeing their favourite player running out for a throw in just by the side of their sleeping dog.
[ ]
| |
Clue to Mystery of How Biological Clock Operates on 24-Hour Cycle
Posted by l33tdawg on Sunday, November 29, 2009 - 04:36 PM (Reads: 219)
|
Source: Science Daily
How does our biological system know that it is supposed to operate on a 24-hour cycle? Scientists at the Hebrew University of Jerusalem have discovered that a tiny molecule holds the clue to the mystery.
Human as well as most living organisms on earth possess circadian a (24-hour) life rhythm. This rhythm is generated from an internal clock that is located in the brain and regulates many bodily functions, including the sleep-wake cycle and eating. Although the evidence for their existence is obvious and they have been studied for more than 150 years, only recently the mechanisms that generate these rhythms have begun to be unraveled.
[ ]
| |
Pub fined $13k for Wi-Fi copyright infringement
Posted by l33tdawg on Sunday, November 29, 2009 - 04:36 PM (Reads: 186)
|
Source: CNet News
A pub owner in the U.K. has been fined ÂŁ8,000 (about $13,183) because someone unlawfully downloaded copyrighted material over its open Wi-Fi hotspot, according to the managing director of hotspot provider The Cloud.
Graham Cove told CNET sister site ZDNet UK on Friday he believes the case to be the first of its kind in the U.K. However, he would not identify the pub concerned, because its owner--a pub that is a client of The Cloud's--had not yet given their permission for the case to be publicized.
Cove would say only that the fine had been levied in a civil case, brought about by a rights holder, "sometime this summer." The Cloud's pubco clients include Fullers, Greene King, Marsdens, Scottish & Newcastle, Mitchell & Butlers, and Punch Taverns.
[ ]
| |
Windows 7 beats out OSX in sales in November
Posted by l33tdawg on Sunday, November 29, 2009 - 04:33 PM (Reads: 184)
| |
Source: Examiner
Windows 7 has a had a very successful launch and has sold more copies than OSX during the second and third weeks in November. Overall sales of Windows 7 are projected to oversell both OSX and Windows Vista next year.
Windows 7 has been hyped by some as a challenger to OSX's sleek interface. According to Dan Nystedt on Computerworld, Windows 7 has had a very positive launch and is regaining ground slightly lost in the past several months to OSX and other operating systems.
Different versions of Windows 7 have been released by Microsoft. There is even a version for Netbooks. Windows 7 has many new features including a more streamlined interface, faster file access, new graphics standards, and even sticky notes.
[ ]
| |
iPhone worm author hired by Aussie software developer
Posted by l33tdawg on Sunday, November 29, 2009 - 04:30 PM (Reads: 346)
| |
Source: Info Security Magazine
In a situation that mirrors that of Michael Mooney, the Twitter worm creator who was hired on the back of his coding exploits, it appears that the jailbroken iPhone worm creator Ashley Towns - aka Ikee_x - has also landed a job.
Reports from Australia say that Towns has been hired as an iPhone software developer, after his Ikee worm alarmed unlocked (jailbroken) iPhone owners with the first iPhone worm. The iPhone worm author is reported to have been sufficiently proud of his new job that he tweeted his achievement on the Twitter social networking service.
Graham Cluley, a senior security analyst with Sophos, has criticised the appointment of the iPhone worm author - as he did with Mooney's case - noting in a blog posting that the development of the relatively benign iKee worm led to creation of a new dangerous worm, Ikee-B, that steals financial information from iPhones and iPod Touches,
[ ]
| |
Proper use of English could get a virus past security
Posted by l33tdawg on Sunday, November 29, 2009 - 04:29 PM (Reads: 199)
|
Source: New Scientist
Hackers could evade most existing antivirus protection by hiding malicious code within ordinary text, according to security researchers.
One of the most common ways of hijacking other people's computers is to use "code-injection" attacks, in which malicious computer code is delivered to and then run on victims' machines. Current security measures work on the assumption that the code used has a different structure to plain text such as English prose.
Now a team of researchers has highlighted a potential future theatre in the virus-security arms race by working out how to hide malware within English-language sentences.
[ ]
| |
Virus attacks Apple iPhone via internet
Posted by l33tdawg on Sunday, November 29, 2009 - 04:28 PM (Reads: 270)
| |
Source: India Times
Hackers have built a virus that attacks Apple Inc’s iPhone by secretly taking control of the devices via their internet connections, security experts said.
The virus has been detected in the Netherlands and can only attack iPhones whose users have disabled some pre-installed security features, according to analysts monitoring the progress of the virus.
The hackers are trying to use the virus to obtain passwords to banking sites, according to Graham Cluley, a researcher with anti-virus software maker Sophos. When an iPhone user tries to access a bank website, the Duh Worm directs the browser to a look-a-like site controlled by the hackers, Cluley said.
[ ]
| |
Hackers stalk Facebook to harvest cash secrets
Posted by l33tdawg on Sunday, November 29, 2009 - 04:27 PM (Reads: 294)
| |
Source: guardian.co.uk
Britain faces a new threat from the sharp increase in cyber-crime with sophisticated hackers leaving the government far behind in its attempts to catch them, according to the world's leading expert in online security.
Mikko Hyppönen, who regularly works with Scotland Yard, the FBI, the US National Security Agency and Interpol, said popular networking sites such as Facebook, Twitter and Linkedin were now prime targets for criminals.
"It's happening all over the world," said Hyppönen, who refuses to use Facebook. "These guys steal an individual's profile, then email everyone in their contacts with a link and a subject heading like 'check this out'. You trust the email because it's from your friend. So you click on the link and before you know it all your security information has been stolen. I don't use Facebook because I know who's watching and I don't want these guys looking at pictures of me and my family. People think no one phishing will be able to make money from Facebook, but cyber-criminals can. This is only the beginning. You will see this happening more and more."
[ ]
| |
Electronic Voting Machines and a New Era of Fixing Elections
Posted by l33tdawg on Sunday, November 29, 2009 - 04:26 PM (Reads: 190)
| |
Source: Ghana Web
The purpose for writing this article is to discuss some of the vulnerabilities inherent in electronic voting and to also point out some historical voting irregularities in relation to two past US elections where electronic voting machines have been extensively used. The specific aim is to provide some information on the subject of e-voting, since it looks like Ghana may be going down that route soon or at least some Ghanaians are campaigning strongly for the introduction of electronic voting machines to be used in Ghanaian elections. This article is also a response to the November 26th Ghanaweb article entitled Why Ghanaians must push for Biometric Voting in 2012 and to other articles written by both NPP and NDC supporters calling for Biometric/E-voting. I hope that by looking at some of the difficulties brought about by using electronic voting machines in the US, Ghana may be able to avoid such pitfalls in order to maintain our election record and our democratic reputation.
[ ]
| |
Web Host Hack Results in Mass Defacement
Posted by l33tdawg on Sunday, November 29, 2009 - 04:26 PM (Reads: 202)
| |
Source: Softpedia News
Customers of an UK-based web host called Daily Internet Services, had their websites defaced by hackers, who replaced their index pages with an image featuring Tux, the Linux penguin mascot. The company has restored the affected pages from back-ups and is currently investigating the attack.
Daily Internet Services issued a warning regarding this incident, which was marked with "high severity," Thursday at 09:52 am. "We have received reports this morning of a small number of customer websites having their index or start page replaced with an image and in some cases text as well," the company announced.
Subsequent investigations revealed that this was a mass-defacement attack, where all pages with "index" in their name, such as index.html, index.htm or index.php, have been replaced. A restoration process from back-ups was initiated at 10:45 am and completed by 09:00 pm on Thursday evening.
[ ]
| |
Secure on-line shopping tips for Cyber Monday
Posted by l33tdawg on Sunday, November 29, 2009 - 04:24 PM (Reads: 218)
| |
Source: Examiner
"Cyber Monday", the Monday after Thanksgiving when we begin our holiday online shopping activities in earnest, is upon us. More of us than ever will be tickling the keyboards to use this convenient shopping method this year.
One recent survey reported that 55 percent of surveyed shoppers plan to do their holiday shopping online in 2009, up from 49 percent last year. As the number of online shoppers increases however, so do the threats to our online security.
One rising threat is "SideJacking", as hackers break into a wireless Internet connection to steal data, like credit card numbers. SideJackers frequently target businesses, public hot spots and even residential areas where personal home networks can be discovered and accessed from the street. These threats, plus common phishing scams, malware and viruses, and spyware place personal information at risk for identity theft.
[ ]
| |
Psystar boldy predicted sales of OSX clones in the millions
Posted by l33tdawg on Sunday, November 29, 2009 - 04:22 PM (Reads: 159)
| |
Source: Examiner
There is some news about Apple's case against Psystar. Now it appears that Psystar was planning on selling millions of Macintosh OSX clones through 2011.
According to Gregg Keizer on Computerworld, Psystar was found guilty of violating the DMCA act by copying and creating special versions of OSX that could be installed on non Apple PC hardware. However, both companies are still fighting it out in Federal court.
Another article by CNET's Chris Snow detailed how Apple lawyers had combed through Psystar's records to discover an ambitious plan to take out a segment of Apple's business through lower priced clones running OSX. The cash strapped company was promising new investors that they had plans to unveil a laptop with OSX and to sell up-wards of a million clone computers by 2011.
[ ]
| |
|
Last 15 Postings to HITB Forum
Packet Storm Security Latest
· USN-862-1.txtUbuntu Security Notice 862-1 - Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. It was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. Bogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service.
· serenityaudio-overflow.txtSerenity Audio Player playlist buffer overflow exploit that creates a malicious .m3u file. Versions 3.2.3 and below are affected.
· phpbazar211fix-sql.txtphpBazar versions 2.1.1fix and below suffer from a remote SQL injection vulnerability.
· lyften-sql.txtThe Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.
· MDVSA-2009-304.txtMandriva Linux Security Advisory 2009-304 - Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO. Additionally BIND has been upgraded to the latest point release or closest supported version by ISC.
· glsa-200911-06.txtGentoo Linux Security Advisory 200911-6 - An input sanitation error in PEAR Net_Traceroute might allow remote attackers to execute arbitrary commands. Pasquale Imperato reported that the $host parameter to the traceroute() function in Traceroute.php is not properly sanitized before being passed to exec(). Versions less than 0.21.2 are affected.
· cacti087e-xss.txtCacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.
· dsa-1940-1.txtDebian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.
Topics
· All topics
· AMD News (Nov 13, 2009)
· Apple News (Nov 29, 2009)
· Articles (Mar 03, 2009)
· Ask Us (Feb 01, 2003)
· Audio/Video (Nov 19, 2009)
· Encryption (Nov 17, 2009)
· Games (Nov 13, 2009)
· Hardware (Nov 23, 2009)
· HITB News (Nov 30, 2009)
· Industry News (Nov 29, 2009)
· Intel News (Nov 29, 2009)
· Law and Order (Nov 23, 2009)
· Linux (Oct 30, 2009)
· Microsoft (Nov 29, 2009)
· Networking (Nov 23, 2009)
· PDAs (Feb 09, 2007)
· Privacy (Nov 24, 2009)
· Red Hat (Nov 18, 2009)
· Science (Nov 29, 2009)
· Security (Nov 29, 2009)
· Software & Programming (Nov 29, 2009)
· Spam (Nov 16, 2009)
· Technology (Nov 29, 2009)
· Transmeta (Jul 07, 2007)
· Viruses & Malware (Nov 29, 2009)
· Wireless (Nov 29, 2009)
Follow us
Join our Facebook Group 
Follow us on Twitter 
Follow our RSS feed 
|
Re: [Solved] External Harddrive not recognized