Tag: "post-wide"

OSINT: Arizona Shooter Jared Lee Loughner – Internet Profile, Photographs

OSINT: Arizona Shooter Jared Lee Loughner – Internet Profile, Photographs

The 22 year old shooter, Jared Lee Loughner, is no exception. He had a MySpace profile and a Youtube channel, revealing both what he looks like, some biographical details, and a bizarre personal philosophy mentioning grammer, the timeline of man, and currency creation.

Anonymous Defaces NASA Web Site, Sort Of

Anonymous Defaces NASA Web Site, Sort Of

Reports are emerging that members of the hacker, or something because they don’t want to be called that anymore (from the IRC: To the idiot reporters: we’re not hackers), collective Anonymous defaced NASA in support of Wikileaks.

Anonymous Releases Very Unanonymous Press Release

Anonymous Releases Very Unanonymous Press Release

Today, December 10th, Anonymous, an Internet gathering, released a press release which you can read below. In it, a description is provided of what Anonymous is about, what Operation Payback is, and where the media is getting it wrong. Also in it, its author forgot to remove his name in the pdf’s Meta information.

Anonymous Turns Operation Payback Toward “The Jester”

Anonymous Turns Operation Payback Toward “The Jester”

The Jester, a hacktivist who is normally known for short term denial of service attacks against Jihadist web forums and who recently claimed responsibility for an outage at Wikileaks in the middle of Cablegate (Wikileaks publication of U.S. diplomatic cables) has himself become the target of the large scale hacktivist protest called Operation Payback.

Paypal Sender Country XSS

Paypal Sender Country XSS

A new XSS vulnerability was identified on Paypal.com earlier today, found by d3v1l and disclosed on both Security-Shell and XSSed. The problem is with the parameter sender_country in a transaction called nvpsm.

Persistent XSS on Twitter.com

Persistent XSS on Twitter.com

Twitter user 0wn3d_5ys has demonstrated a persistent cross site scripting (XSS) vulnerability he found on June 21st using his own Twitter account (visit at your own risk) that appears to be due to a lack of input validation of the application name field when accepting new requests for Twitter applications.

F-Secure XSS on Anti-Theft Website

F-Secure XSS on Anti-Theft Website

In a new section supporting the release of an anti-theft product for mobile phones, the web site of Helsinki based anti-virus company F-Secure is vulnerable to cross site scripting (XSS).

114,000 iPad Owners: The Script that Harvested Their E-mail Addresses

114,000 iPad Owners: The Script that Harvested Their E-mail Addresses

Here is the script referenced in the Gawker story from earlier that describes how a number of early iPad 3G subscribers, including names like Harvey Weinstein, Michael Bloomberg, Diane Sawyer, and Rahm Emanuel had their e-mails revealed via a poorly designed web application hosted by AT&T.

Formspring.me XSS Vulnerability

Formspring.me XSS Vulnerability

Formspring.me, a newly popular social networking site, has a fundamental cross site scripting flaw that allows one logged in user to steal another user’s session, but also may allow users to find out who posted a nasty comment about them.

WinPE 3.0 & Forensics

WinPE 3.0 & Forensics

It is a common task for an investigator to boot a machine using bootable media in the form of DVD or USB and there are countless options available. This tutorial is not intended to replace your favorite Helix CD or preferred method, but you may find this analysis interesting if you are a Windows expert performing a forensics analysis.

Page 1 of 212