Pres Obama gets pwned

URL shortening service of twitter was hijacked, to point Obama's URL's to a youtube video on Syrian terrorism. The motive:

"Obama doesn't have any ethical issues with spying on the world, so we took it upon ourselves to return the favor"

LinkedIn ‘Intro’duces Insecurity

A disaster waiting to happen at Linkedin

Update 09-Feb-2014
Linkedin shuts down this service

Shodan Search Engine

Introducing a search engine, which goes beyond Google's (only web page) searches.

Lock your PC before leaving your desk!

As security professionals, it is extremely hard to educate users for basic security awareness. The simplest being, locking their PC (Windows Key + L), before leaving their desks. Here are some hilarious pranks to run on such users, to educate them (AKA teach them a lesson)!

Thousands of sites hacked via vBulletin vulnerability

If you are running vBulletin check your website now! Thousands have already been hacked.

AVG and WhatsApp hacked by Palestinian Hackers

It is always embarrassing when security companies get hacked! AVG joins that (not so) elite club. WhatsApp is pretty known to have security holes, so no news there.

Your corporate network is already compromised

A very interesting article from Troy. Good to know about Dedicatexpress, who sells RDP access to the servers of various companies. A cisco's server was available for $4.55!

Yahoo Reluctantly Joins A Bug Bounty Program

Seems like a half-hearted super-late plan from Yahoo

Adobe Hacked!

Hackers stole (hopefully) encrypted credit card data from Adobe. The hack apparently took place around 11-Sep, but was only 'recently' discovered!
Moreover, 40 GB of source code of Adobe products have been stolen as well. Which means we can now expect even more sophisticated malware

Update 29-Oct-2013:
3 million encrypted customer credit card records stolen. At least 38 Million users impacted. More details

Update 10-Nov-2013:
"Operation Hangover" based in India, and used a zero-day Microsoft vulnerability that has been patched now.

Web Penetration Testing with Kali Linux

I was requested by PacktPub to review a book on Penetration Testing (using Kali). The book is now published and available here.