Tag Archives: hacking

GoDaddy is Down, Anonymous Claims Responsibility

Posted on by

Godaddy.com is down, but so are some of the site’s DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It’s currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve.

via GoDaddy is Down, Anonymous Claims Responsibility.

Pingdom flagged this site as being down for 55 minutes starting at around 5:15AM.

On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces

Posted on by

The security risks involved in using consumer-grade BCI devices have never been studied and the impact of malicious software with access to the device is unexplored. We take a first step in studying the security implications of such devices and demonstrate that this upcoming technology could be turned against users to reveal their private and secret information. We use inexpensive electroencephalography (EEG) based BCI devices to test the feasibility of simple, yet effective, attacks. The captured EEG signal could reveal the user’s private informa- tion about, e.g., bank cards, PIN numbers, area of living, the knowledge of the known persons. This is the first attempt to study the security implications of consumer-grade BCI devices. We show that the entropy of the private information is decreased on the average by approximately 15 % – 40 % compared to random guessing attacks.

via On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces | USENIX.

Canadian hacker dupes Walmart to win Def Con prize

Posted on by

In short, he got all sorts of information that could be used in a hacker attack. How? A bit of research and an ability to spin a few lies over the phone.

As security systems get increasingly difficult to crack, hackers are turning toward a new source of information: people.

via  Canadian hacker dupes Walmart to win Def Con prize

Hackers have always utilized people or social engineering.

Chris Hadnagy, who organizes the Def Con contest, said social engineering is a “hardly discussed, trained or defended against” threat.

“Social engineering is the easiest and most widely used way to infiltrate companies,” Hadnagy said.

Reverse-Engineered Irises Look So Real, They Fool Eye-Scanners

Posted on by

The academics have found a way to recreate iris images that match digital iris codes that are stored in databases and used by iris-recognition systems to identify people. The replica images, they say, can trick commercial iris-recognition systems into believing they’re real images and could help someone thwart identification at border crossings or gain entry to secure facilities protected by biometric systems.

via Reverse-Engineered Irises Look So Real, They Fool Eye-Scanners | Threat Level | Wired.com.

US man convicted for helping thousands steal Internet service

Posted on by

The products included a packet sniffer, called Coax Thief, that intercepted Internet traffic so that the users could obtain the media access control addresses and configuration files of surrounding modems. TCNISO and Harris offered customer support, primarily through forums on the TCNISO website, to assist customers in their cable modem hacking activities, the DOJ said.

via US man convicted for helping thousands steal Internet service – U.S. Department of Justice, Ryan Harris, legal, Lanny Breuer, Internet service providers, internet, Criminal – Software – Techworld.

‘Anonymous’ hackers intercept conversation between FBI and Scotland Yard on how to deal with hackers

Posted on by

The recording, which was posted on Youtube, refers to the on-going court case against Ryan Cleary, arrested last June for his alleged role in the group LulzSec, and reveals legally sensitive information.

via ‘Anonymous’ hackers intercept conversation between FBI and Scotland Yard on how to deal with hackers – Telegraph.

I’d like to hear more as to how this was done.

Online Reputation Manager Hacked Websites To ‘inject’ Illegal Code

Posted on by

But Meade said Rexxfield owner and operator Michael Roberts was preparing to purchase a coding hack he called “injection source code” that lets the user manipulate the metadata behind a website, adding a “noindex” tag that drops the results on search engines like Google and Bing — hiding them completely.

Meade said Roberts showed him the code injector’s effectiveness by hacking into Ripoff Report, a complaint board site.

via EXCLUSIVE: Online Reputation Manager Hacked Websites To ‘inject’ Illegal Code | Fox News.

Packet injection tool suite

Posted on by

Nemesis is a command-line network packet crafting and injection utility for UNIX-like and Windows systems. Nemesis, is well suited for testing Network Intrusion Detection Systems, firewalls, IP stacks and a variety of other tasks. As a command-line driven utility, Nemesis is perfect for automation and scripting.

Nemesis can natively craft and inject ARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP packets. Using the IP and the Ethernet injection modes, almost any custom packet can be crafted and injected.

via nemesis.sourceforge.net – Packet injection tool suite.

Packetstan: NBNS Spoofing on your way to World Domination

Posted on by

Since the look up is just a hostname, windows adds the local DNS suffix to the query and asks its DNS server(s). The suffix picked up my the Windows box usually comes from the DHCP server. As you can see, the DNS server replied that it had no idea on how to lookup that name. Next, you’ll see the NBNS Request. The beautiful thing is, the NBNS Request is a broadcast, so anyone can reply easily and redirect traffic.

via Packetstan: NBNS Spoofing on your way to World Domination.