DroidSheep: Android tool for session hijacking
DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the …
MI5 describes astonishing level of cyber attacks
MI5 has admitted that it is working to counter astonishing levels of cyber-attacks on UK industry. Head of MI5, Jonathan Evans, commented that vulnerabilities on the internet …
Video: Attacking XML preprocessing
Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format …
Network Forensics: Tracking Hackers Through Cyberspace
Learn to recognize hackers’ tracks and uncover network-based evidence in Network Forensics: Tracking Hackers through Cyberspace. Carve suspicious email attachments from …
LulzSec duo pleads guilty to hacking charges
UK nationals Jake Davis (aka “Topiary”) and Ryan Cleary have officially admitted to being members of the infamous LulzSec hacking collective as they pleaded guilty …
Massive botnet shut down after botmaster’s arrest
Following an investigation that lasted 10 months, Russian police authorities have managed to arrest the 22-year-old operator of one of the largest botnets known to date. …
Spammers bait users with “stolen nude photos”, deliver malware
If you get an email saying that nude pictures of you and/or of your girlfriend have been leaked on the Internet, don’t open the attachment. The same goes for attachments …
Fake Flash update leads to malicious add-ons
Fake Flash update notifications are old news, but users still fall for the trick. In the latest example unearthed by Zscaler’s Julien Sobrier, one such notification …
70% of teens hide their online behavior
When it comes to using the Internet, teens are not only engaging in risky behaviors, but how they are hiding it from their parents, many of whom don’t realize they are …
Online compliance and vulnerability scanning tool
First Data Corporation announced its PCI Rapid Comply solution, an online Self-Assessment Questionnaire (SAQ) and vulnerability scanning tool that can help small to mid-sized …
App retrieving contactless credit card details pulled from Google Play
The Near Field Communication (NFC) protocol – supported and present on the latest smartphones – can be misused to steal data, say Symantec researchers. They tested …
Most senior managers don’t know where their data is
67% of respondents say that senior management in their organizations either don’t know where all company data resides or are not sure, according to Varonis. In addition, …