Linux Hacks & Cracks - Page 64
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A security expert working at Alert Logic has published a demonstration back door exploit for smartphones running Android. Criminals could use the principles of this exploit to gain control of a phone and install trojans. A potential victim need only call a malicious web site for infection to occur.
The revelation 5 years ago that Sony BMG was planting a secret rootkit onto its music customers' Windows PCs in the name of anti-piracy is seen now as one of the all-time significant events in IT security history.
It'll take the London region's public school board more than three weeks to fix a privacy breach created in about an hour - way too long for a basic security feature, says one technology specialist.
The trojan attack on visitors to the Nobel Peace Prize web site reported on Tuesday, exploited a previously unknown vulnerability in Firefox. No detailed information on the vulnerability is available at present, with access to the Bugzilla entry restricted to registered developers only.
Back in the 1990s fellow science and technology journalist Charles Mann and I wrote a book uncovering the true story of how a lone, young, cognitively impaired hacker with relatively few computer skills managed to perpetrate what was then the most extensive and scariest series of computer break-ins ever
Want to hack someone else's Amazon, Facebook, Twitter or Windows Live account in just one click? A Firefox extension called Firesheep claims you can by hijacking a person's current user session over an open Wi-Fi connection.
A vulnerability in the library loader of the GNU C library can be exploited to obtain root privileges under Linux and other systems. Attackers could exploit the hole, for instance, to gain full control of a system by escalating their privileges after breaking into a web server with restricted access rights. Various distributors are already working on updates.
A University of North Florida (UNF) computer file containing the sensitive information of students may have been accessed by a foreign hacker.
An interesting story reported by The Huffington Post suggests Conde Nast iPad (and iPhone) apps have a critical flaw that can allows anyone inclined to change a preference file to download new issues of magazines for free.
Corey "Xyrix" Barnhill, Michael "Virus" Nieves and Justin "Null" Perras are hacker-thugs suspected of repeatedly trashing Cryptome.org, John Young's email, and John Young's LAN on and about 2 October 2010.
A trojan recently analysed by Webroot is said to rely on retrieving web page passwords from a browser's password storage, rather than logging a user's keyboard inputs. To make sure it will find all the interesting passwords in Firefox, the malware, called PWS-Nslog, makes some changes to jog the browser's memory.
According to a report from Red Hat, two vulnerabilities in the free PDF reader Xpdf can be exploited via manipulated PDF documents to compromise a victim's system. The flaws are reportedly due to an uninitialised pointer and an array index error.
Policy group New America has written a scathing blog entry that criticizes the HTC G2 for including a "hardware rootkit" that prevents users from installing custom firmware on the device. The report appears, however, to be based on a misunderstanding of technical issues raised in an XDA discussion thread.
Is this year turning out to be even worse for getting hacked than last year? That's what a survey of 350 IT and network professionals would indicate, with large companies in particular reporting this to be worse than last in terms of suffering at least one network intrusion of their user machines, office network or servers.
The lack of a secured infrastructure is typically the reason hackers are able to gain access to enterprise servers and from there, implant malware to launch an attack, according to Verizon.
Security researchers in the States say they have developed a cunning new method of "fingerprinting" voice calls that could offer a route to trustworthy caller ID and a barrier against so-called "vishing" or voice phishing.
A recent study shows that organized criminals create approximately 8,000 malicious websites every day, or over 57,000 each week.
An internet voting system designed to allow District of Columbia residents to cast absentee ballots has been put on hold after computer scientists exploited vulnerabilities that would have allowed them to rig elections and view secret data.