Linux Hacks & Cracks - Page 52
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
What good are secure servers if they can get kicked off the Internet? This is the premise of a new distributed denial-of-service (DDos) tool released by a German hacker group, targeting servers using secure sockets layer (SSL).
The Germans have wreaked all kinds of mass destruction on the security forefront. The hacking group "The Hacker's Choice" released a new THC-SSL-DOS tool that allows a single laptop's DSL connection to take down a server. Other German researchers found a flaw and broke the W3C standard with a serious attack against XML Encryption that works in all cases, including against Microsoft, IBM, Red Hat, Apache and other XLM framework providers.
A glaring security flaw's been uncovered in Skype and other VoIP systems, potentially allowing hackers to access users' identities, locations and even files.
If the Internet is the new Wild West, then hackers are the wanted outlaws of our time. And like the gun-slinging bad boys before them, all it takes is one wrong move to land them in jail.
A mass-injection attack similar to the highly publicized LizaMoon attacks this past spring has infected more than 1 million ASP.NET Web pages, Armorize researchers said today. According to database security experts, the SQL injection technique used in this attack depends on the same sloppy misconfiguration of website servers and back-end databases that led to LizaMoon's infiltration.
The hacker collective known as Anonymous has expressed interest in hacking industrial systems that control critical infrastructures, such as gas and oil pipelines, chemical plants and water and sewage treatment facilities, according to a Department of Homeland Security bulletin.
IT security experts have long loved to troll through hacker forums to gather intelligence on emerging threats and even (as in the ill-fated case of HBGary Federal CEO Aaron Barr) try to profile the hackers themselves. But as a report from IT security firm Imperva shows, many of the so-called hacker portals out there are more hangouts for newbie hackers (and possibly a few budding FBI informants) looking at how to get started in the game.
The Department of Homeland Security (DHS) is warning that hackers from the loose online protest collective called Anonymous have threatened attacks against the computer systems that run factories, power stations, chemical plants, and water and sewage facilities.
The child-friendly Internet home of Ernie, Big Bird and Kermit the Frog went X-rate on Sunday as Sesame Street
Malicious hackers exploit vulnerabilities in phpmyadmin to gain access to WineHQ
Two separate hacker groups whose activities are already known to authorities were behind the serious breach of RSA Security earlier this year and were likely working at the behest of a government, according to new statements from the company
An eavesdropping tool allegedly used by the German government to intercept Skype calls is full of security problems and may violate a ruling by the country's constitutional court, according to a European hacker club.
Sabu, the erstwhile leader of the hacking crew, says he is effectively on the run as he gives interview to Reddit readers about LulzSec's achievements, Facebook, sentencing and more.
Maintainers of the open-source Apache webserver are warning that their HTTP daemon is vulnerable to exploits that expose internal servers to remote attackers who embed special commands in website addresses.
Security experts at Context have discovered a hole in the Apache web server that allows remote attackers to access internal servers. The mod_rewrite rewrite engine ensures that requests are distributed across different servers according to definable rules, for example, in order to balance loads or to separate dynamic and static content.
Russian VXers have begun using obnoxious barcode-on-steroids QR codes as a launchpad for mobile malware. A recently identified malicious Quick Response code on a Russian website links through a series of redirections to a site punting a Trojan version of the Jimm mobile ICQ client.
THE US Department of Homeland Security has warned financial companies to be vigilant about a cyber security threat from Anonymous.
Hackers have posted personal information about the chief executive of J.P. Morgan Chase in solidarity with the Occupy Wall Street protests.
From 2005 through today, SQL injection has been responsible for 83% of successful hacking-related data breaches. It is estimated that there are a total of 115,048,024 SQL injection vulnerabilities in active circulation today.