Linux Hacks & Cracks - Page 62

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors

U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies. This attack has reignited debate about encryption backdoors, an ongoing contention a...
Oct 16, 2024
  0

FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems

As malware threats evolve to increasingly target Linux ...
Oct 16, 2024
  0
32.Lock Code Circular Esm H115

The Infiltration of Supply Chain Attacks in Open-Source Software Management

Open-source projects are renowned for their collaborati...
Oct 15, 2024
  0
30.Lock Globe Motherboard Esm H115

Discover Hacks/Cracks News

27C3: danger lurks in PDF documents

27C3: danger lurks in PDF documents

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At the 27th Chaos Communication Congress (27C3) in Berlin, security researcher Julia Wolf of US company FireEye pointed out numerous, previously hardly known, security problems in connection with Adobe's PDF standard. For instance, a PDF can reportedly contain a database scanner that becomes active and scans a network when the document is printed on a network printer.

What you missed: A major Internet security hole was finally plugged

What you missed: A major Internet security hole was finally plugged

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The typical end-of-year security story generally involves a looming cyber threat or yet another major misstep by Microsoft. Well, there's good news on the security front this year -- and, like our other picks, it's gone largely unnoticed. A major hole in security has been plugged with the full deployment of Domain Name System Security Extensions (DNSSec) at the Internet's authoritative root zone.

Alleged hack cracks PS3 master key

Alleged hack cracks PS3 master key

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At this week's Chaos Communication Conference, a group of hackers known as fail0verflow appeared to crack the PS3's randomized key cryptography and access the system's master code. The team demoed the alleged security flaw by creating a hack and installing Linux on the system.

Windows Phone 7 Marketplace Prone to App Piracy

Windows Phone 7 Marketplace Prone to App Piracy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Microsoft needs to start beefing up the security of its Windows Phone 7 App Marketplace. An ethical hacker provided WPCentral, a Windows Phone centric site, with a video showing proof-of-concept program that could grab any App from Marketplace and be installed for free sans any DRM security.

Feds raid server farms in bid to root out PayPal DDoS perps

Feds raid server farms in bid to root out PayPal DDoS perps

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Federal investigators have seized servers allegedly abused to launch a denial of service attack against PayPal earlier this month. An affidavit obtained by the Smoking Gun contains testimony by federal agents convinced that systems at Texan hosting firm Tailor Made Services are likely to contain clues in the hunt for hacktivists who launched an attack against PayPal in response to its decision to freeze an account used by WikiLeaks.

Breaking GSM With a $15 Phone

Breaking GSM With a $15 Phone

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Whatever assurances have been given about the security of GSM cellphone calls, forget about them now. Speaking at the Chaos Computer Club (CCC) Congress here Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network

Mozilla users data was open to access

Mozilla users' data was open to access

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A database of 44,000 users' registration information from the Add-Ons server belonging to Mozilla was found to have been exposed for download. Mozilla says that it was informed by a security researcher, through Mozilla's Web Bounty Program, that the database was visible in mid-December.

Hackulous Teases DRM-free Mac App Store, Reverse BitTorrent

Hackulous Teases DRM-free Mac App Store, 'Reverse BitTorrent'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hackulous, the picaresque pirates best known for plundering Apple's DRM and capturing unprotected software for iPhone, iPod and iPad, yesterday unleashed an onslaught of updates, including cracking software for the much-anticipated Mac App Store and a "reverse BitTorrent" for jailbroken devices that aims to increase availability of cracked apps across the Web.

Hacktivism Could Escalate Security Problems in 2011

Hacktivism Could Escalate Security Problems in 2011

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The security problems of 2010 are likely to continue and even escalate in 2011, with state-sponsored crime and data leaks from unhappy employees. State-sponsored crime has far more resources than ordinary hackers, and social networking is making the bad guys' job easier. But with Virtualization established, more security software may appear.

100,000 Credit Cards Compromised By Data Breach

100,000 Credit Cards Compromised By Data Breach

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A data breach affecting Twin America, the parent company of CitySights NY, potentially compromised an estimated 100,000 customers' personal details, including credit card numbers. According to a security breach notification letter sent to the New Hampshire attorney general, as required by that state's laws, attackers successfully exploited a Twin America Web server by using a SQL injection attack.

Phrack hole closed in ProFTPD

Phrack hole closed in ProFTPD

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The development team behind ProFTPD has released version 1.3.3d, which closes a critical security hole in the SQL module of all previous versions. The flaw was reported roughly a month ago in Phrack, the hacker magazine. A buffer overflow in the function sql_prepare_where() allows attackers to remotely execute arbitrary code on the server.

Attackers Exploiting Exim Bugs with Rootkit

Attackers Exploiting Exim Bugs with Rootkit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Attackers are already exploiting a bug in the Exim mailer to remotely execute code on compromised Linux machines, according to a pair of Linux security advisories. Posted on US-Cert as Vulnerability Note VU #682457, the bug exists in Exim mail server software prior to version 4.70. Affected systems include Debian Linux, Novell's SUSE Linux, and Canonical's Ubuntu Linux.

Gawker Hack Exposes Ridiculous Password Habits

Gawker Hack Exposes Ridiculous Password Habits

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Whew! Is it just me, or is it getting tough to keep track of all the info spilled via this week's massive Gawker hack? The please-don't-call-it-Gawkergate. Gawker hacking story sprung up over the weekend, when a group known as "Gnosis" apparently made its way into the servers of Gawker Media. Gawker Media, if you aren't aware, is a publication group that runs gossip blog Gawker (no big surprise there) along with a slew of other websites like Lifehacker, Gizmodo, and Jezebel.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved