2013-01-31

Banks Under Cyber Attack

Operation Ababil
Project Blitzkrieg

Update: 26-Sep-2012:
Looks like a number of banks are under cyber attacks. The reason of the attack (as if hackers need a reason), varies from a controversial Youtube video to Iraq wars, etc.
Wells Fargo
JP Morgan, Citi Bank
BNL

Update: 08-Oct-2012:
Banks, especially EU, are gearing up for such attacks. "Cyber Europe 2012" exercise.

Update 09-Oct-2012:
Risk rating went up, as companies gear up for attacks.

Update 20-Oct-2012:
HSBC DDoSed for about one day! For this attack Mrt. Izz ad-Din al-Qassam Cyber Fighters take credit on their pastebin page.

Update 22-Oct-2012:
Looks like we have too many parties taking credit for the HSBC attack

Update 31-Jan-2013:
Now the attack has been called off.

2013-01-29

LOIC & DDoS

A very good article to explain the technical and legal implications of DDoS, using such tools (as LOIC).

2013-01-19

Encrypt (almost) anything

A good cheat-sheet article around how to encrypt the usual day-to-day data (emails, USB, hard disks, etc.)

Pwn2Own 2013

All right get set for the most interesting 'capture the flag' battle. This time there is a record $560K on the line, and Google is supportive and one of the funders. This is mostly because, they have flipped back to the previous rules, and not using 2012's rules

Update 29-Jan-2013:
Google stakes Pwnium hacking contest to $3.14M in potential prizes

Update 14-Sep-2013:
Second annual event scheduled in Tokyo, in Nov 2013

Update 14-Nov-2013:
Pinkie Pie breaks Samsung S4 and Chrome!

Nokia's MITM on HTTPS Traffic

A security researcher discovered that Nokia was intercepting encrypted traffic, and decrypting it. Which of course is a major security concern. Nokia has admitted that they do decrypt, but only to improve the performance.

Makes you wonder what is the "right" balance between security and performance? Schneier thinks Nokia's action may become the industry norm.


2013-01-15

Another Critical Java Vulnerability

A few days ago, another critical 0-day vulnerability was released on Java.
Troy has an interesting article, if it is possible to survive without Java today - he believes it is possible.

2013-01-12

Make DDoS legal!

Anonymous requests President Obama to make DDoS legal. However, doesn't look like their petition is doing too well.

2013-01-02

PGP, TrueCrypt-encrypted files CRACKED by £300 tool

Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt.
Full Story

Cuckoo Sand Box - Analyse Malware

Malware? Tear it apart, discover its ins and outs and collect actionable threat data. Cuckoo is the leading open source automated malware analysis system.
CuckooSandBox

10,000 Indian government and military emails hacked

Another case of a major govt embarrassment.