RSS Feed
Feb 8

Shmoocon 2010 Media

Posted on Monday, February 8, 2010 in 127.0.0.1, Cons

  • Archived UStream videos - http://www.ustream.tv/shmoocon2010
  • Live streaming during the con - http://www.shmoocon.org/video.html
Comments Off | Tags:
Jan 16

IE 0day “Aurora” released

Posted on Saturday, January 16, 2010 in InfoSec, Security, cybercrime

Some info I gathered about the new IE 0day deemed “Operation Aurora”… who uses IE6 these days and why?

IExplorer 0day CVE-2010-0249

  • wepawet : here.
  • Metasploit info : here.
  • Metasploit module : here.
  • Demo : here.

(more…)

Comments Off | Tags: , , , ,
Jan 6

Secure USB Drives Not So Secure

Posted on Wednesday, January 6, 2010 in Security

Several hardware-encrypted USB memory sticks are now part of a worldwide recall and require security updates because they contain a flaw which could allow hackers to easily gain access to the sensitive information contained on the device.

When USB maker SanDisk first received news of the problem last month, the vendor issued a security bulletin  that warned customers its Cruzer Enterprise series of USB flash drives contained a vulnerability in the access control mechanism. SanDisk offered a product update online to address the issue and made sure to note the problem only applied to the application running on the host, not the device hardware or firmware.

Now USB vendor Kingston has jumped in with a similar warning , probably because their drives utilize the same code from SanDisk. Kingston’s alert informs customers that “a skilled person with the proper tools and physical access to the drives may be able to gain unauthorized access to data contained” on the drives. The company has issued a recall on the devices and urged customers to return them. A warning has also been issued by USB vendor Verbatim.

(more…)

Comments Off | Tags: , ,
« Previous Posts