Prefect
Turning an ATM into a Slot Machine
In a talk originally slated for last year before it was muffled by Juniper based on the concerns of “an affected ATM vendor”, Jack demonstrates what he calls jackpotting an ATM.
PCI Rock, WTH?
Security Awareness Programs can be a daunting task. It is not atypical to try to mix security awareness programs with some element of fun, such as humor with a message.
Asian Men Prefer LIGATT
A number of new Twitter accounts spawned today, all tweeting positively about the disgraced security firm LIGATT security (plagiarism, threats, stock manipulation), responding to actual security professionals, and all using avatars that are easily attributable to other web sites.
Persistent XSS on Twitter.com
Twitter user 0wn3d_5ys has demonstrated a persistent cross site scripting (XSS) vulnerability he found on June 21st using his own Twitter account (visit at your own risk) that appears to be due to a lack of input validation of the application name field when accepting new requests for Twitter applications.
Sextortion via Hacking
At least 186 women and 44 girls were caught in a bizarre scheme by 31 year old Santa Ana CA resident Luis Mijangos who attempted to extort pornographic videos from his victims. Mijangos, a paraplegic due to a gang shooting, was arrested yesterday following a two year investigation by the FBI, is charged with extortion and faces a maximum of two years in federal prison.
NationalCyberSecurity.com has all “Original Content”
Readers of Yahoo Finance were treated to the following wackadoo press release on Friday: National Cyber Security Uncovers Racism Within the Computer Security Industry.
LIGATT’s Evans Strikes Back
Gregory Evans, the CEO of LIGATT Security, is not taking the criticism heaped upon himself and his firm or his latest book lying down.
Did LIGATT Security’s CEO Threaten the Life of a Security Professional?
How did one of these men come to threaten the lives of the other and his family?
F-Secure XSS on Anti-Theft Website
In a new section supporting the release of an anti-theft product for mobile phones, the web site of Helsinki based anti-virus company F-Secure is vulnerable to cross site scripting (XSS).
iPhone 4 Ordering and Session Switching
Upon logging into AT&T online to place an order for the new iPhone, some users are reporting that another user’s information is coming up including billing information, call history, and so forth.
Categories
- Access Control
- Administration
- Botnet
- Censorship
- Certification
- Content Filtering
- Cross Site Scripting
- Cyberwar
- Data Breach
- data leak prevention
- Disaster Recovery
- enumeration
- Forensics
- funny
- homeland security
- Incident Response
- Industry News
- Intrusion Detection
- Law
- Malware
- Networking
- Patch Management
- Phishing
- Physical Security
- Remote Exploit
- scareware
- Security
- Security Policy
- Social Networking
- SQL Injection
- Stay Safe Online
- Technology in Society
- Tools
- Uncategorized
- Vulnerability
- Web Site Defacement
- windows
Recent Comments