5 posts tagged with security by These Premises Are Alarmed.
Displaying 1 through 5 of 5.

ida-cracked-files-sostituire agli originali.rar

Italian surveillence software vendor Hacking Team were hacked, with 400GB of data dumped. According to leaked invoices, Hacking Team sold offensive software to countries including South Korea, Sudan, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia, Ethiopia, Egypt, and Luxemburg. There are initial indications that Hacking Team had pretty poor operation security, for example, using the password Ht2015!. [more inside]
posted by These Premises Are Alarmed on Jul 6, 2015 - 44 comments

ms12-020 mistery: the packet stored in the "chinese" rdpclient.exe PoC is the EXACT ONE I gave to ZDI!!! @thezdi? @microsoft? who leaked?

Included in this month's Patch Tuesday was MS12-020, which is a remote exploit in Microsoft's widely deployed Remote Desktop Protocol (RDP). Microsoft projected an exploit would be out 'within a month', but a Proof-of-Concept (PoC) appeared on a Chinese website within a few days. Professionals are concerned. The discoverer of the vulnerability noted that the PoC included the exact packet he had crafted to help Microsoft understand he issue; this points to a leak in the MAPP early vulnerability sharing program. A full remote exploit isn't out yet, but is expected soon.
posted by These Premises Are Alarmed on Mar 18, 2012 - 36 comments

“Duuuuuuuudddde! It’s 7 a.m. where you are, who died?”

Security reporter Brian Krebs [previously] visits Russian illicit online prescription baron Pavel Vrublevsky.
posted by These Premises Are Alarmed on Feb 21, 2011 - 3 comments

Subject: Allegations regarding OpenBSD IPSEC

Theo de Raadt: I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. [more inside]
posted by These Premises Are Alarmed on Dec 14, 2010 - 94 comments

Stir in poisoned DNS and add a dash of transparent proxying...

The embargo has been lifted on the newest research on growing internet infrastructure insecurity. Using an army of Playstations, researchers have managed to forge a RapidSSL (owned by Verisign) CA certificate in a couple hours due to known flaws in MD5.
posted by These Premises Are Alarmed on Dec 30, 2008 - 33 comments

Page: 1