2013-04-25

AP's Twitter account hacked; false 'Obama injured' tweet sent


Associated Press' twitter account gets hijacked. Intruder posts, "two explosions in the White House and Barack Obama is injured". The tweet was only visible for a matter of minutes, but the Dow Jones industrial average took a nose dive.

Anyone still thinks, cyberwar is science fiction?

Update 25-Apr-2013:
Some rocket-science theory (for me) that this news did not have that big an impact. However, this theory still confirms there was some impact.

LulzSec leader charged

Wonder if this is the real leader?!! In any case organizations like these are pretty loosely tied together. So the impact to the organization may not be permanent.

Update: 28-May-2014
Subu walks free. Guilty only for the time already serverd

P2P File Sharing

A much needed solution, for peer-2-peer secure sharing. I can already think of a hundred ways how this service is going to be misused!

2013-04-20

Home routers contain critical security vulnerabilities

Popular products like the following vulnerable:
Linksys WRT310v2, Netgear's WNDR4700, TP-Link's WR1043N, Verizon's FiOS Actiontec MI424WR-GEN3I, D-Link's DIR865L and Belkin's N300, N900 and F5D8236-4 v2 models

Different Types of CISO's

A good sum-up of the three types of CISO's:


  • The non-techie, but business-savvy CISO
  • The technically competent, but less business-articulate CISO
  • The hybrid CISO


2013-04-13

Bitcoinica, twice hacked in 2012, is being sued

Update 29-Aug-2012:
This may well be the beginning of the end for Bitcoinica..!

Update 05-Sep-2012:
Hackers stole about US$250,000 from BitFloor, a BitCoin exchange, on Monday, and it does not have the money to reimburse account holders, according to the website's founder.
More technical details here

Update 26-Sep-2012:
Back Online

Update 04-Apr-2013:
Bitcoin under attack again, a DDoS and a DB hack.

Update 13-Apr-2013:
Some explanation around the economics of bitcoin. Seems like the currency has been super volatile recently.

Programmable HID USB Keystroke Dongle

Programmable HID USB Keystroke Dongle
AKA :  Rubber Duck
AKA:  PHUKD
AKA:  Teensy 

Multiple names, to something small, but an extremely powerful attack:
It's a neat little USB dongle which looks like a thumbdrive that you could surreptitiously install in the back of someone's computer. The Phantom Keystroker acts as a keyboard/mouse USB HID (Human Interface Device) to send keystrokes, move the mouse pointer around randomly, toggle caps lock and other things to annoy your co-workers and loved ones. 
Read what IronGeek has to say, Hak5's version (available under $20 now).

Update 13-Apr-13:
Integrating it with Kali - A super easy tutorial for a powerful tool.

Kali is Here!!

The new, improved Backtrack, called KALI

2013-04-07

Malware Deep Dive

InfoWorld's report on malware analysis. As always some scary statistics - the accuracy of which is always doubtful, and biased coming from antivirus companies.

However, there is a good list of pointers for the newbies to stay safe from viruses.

Report is here