http://hakin9.org IT Security Magazine Fri, 18 May 2012 10:50:03 +0000 en hourly 1 http://wordpress.org/?v=3.3.2 http://hakin9.org/aasrc-2012-international-conference-2/ http://hakin9.org/aasrc-2012-international-conference-2/#comments Thu, 17 May 2012 18:08:11 +0000 pawelplocki http://hakin9.org/?p=3448
The Fourth AASRC 2012 International conference shall be held in the Middle East under the title “Business Intelligence in a volatile Economic and Information Technology Environment” BIEIT 2012. September 5-6, 2012. Istanbul, Turkey The proposed conference on the above theme will be held in Istanbul, Turkey From Sep 5-6, 2012 which aims to provide an [...]]]> http://hakin9.org/aasrc-2012-international-conference-2/feed/ 0 http://hakin9.org/hakin9-extra-52012/ http://hakin9.org/hakin9-extra-52012/#comments Thu, 17 May 2012 12:47:21 +0000 michal http://hakin9.org/?p=3439
Why Apple Doesn’t want Flash on its iOS by Keith DeBus Ever since the advent of the iPhone in June of 2007, Apple’s decision to forego Adobe’s ubiquitous Flash software has raised eyebrows and more than a few hackles. Then, when Apple introduced the now revolutionary iPad in April of 2010, the controversy escalated to [...]]]> http://hakin9.org/hakin9-extra-52012/feed/ 0 http://hakin9.org/fake-av-apps-circulating-on-google-play/ http://hakin9.org/fake-av-apps-circulating-on-google-play/#comments Fri, 11 May 2012 11:01:02 +0000 IDTP http://hakin9.org/?p=3422
Android users should beware. Developer “thasnimola” has uploaded over 15 fake AV and ‘free SMS’ apps to Google Play. This is the same developer who back in April was flagged for flogging fake NQ Mobile security apps. What is surprising is that Google Bouncer didn’t pick these fake apps up – it was a third-party research [...]]]> http://hakin9.org/fake-av-apps-circulating-on-google-play/feed/ 0 http://hakin9.org/millions-in-the-us-dont-use-facebook-privacy-settings/ http://hakin9.org/millions-in-the-us-dont-use-facebook-privacy-settings/#comments Fri, 11 May 2012 10:53:10 +0000 IDTP http://hakin9.org/?p=3418
A recent US study has found that nearly 13 million US users of Facebook are either simply unaware of, or simply don’t use privacy settings. The study found that 4.8 million people have shared details about their plans for a certain day and 4.7 million have ‘liked’ a Facebook page related to heath issues or treatments. The [...]]]> http://hakin9.org/millions-in-the-us-dont-use-facebook-privacy-settings/feed/ 0 http://hakin9.org/apple-release-mac-os-x-10-7-4-software-update/ http://hakin9.org/apple-release-mac-os-x-10-7-4-software-update/#comments Fri, 11 May 2012 10:49:46 +0000 IDTP http://hakin9.org/?p=3411
Yesterday (May 9th) Apple released two major updates for Mac OS X. The first being a software update from 10.7.3 to 10.7.4 which includes Safari 5.1.6. After installing this software update you will then be prompted to install Safari 5.1.7. Mac OS X 10.7.4 fixes the Mac OS 10.7.3 Lion login password debug file vulnerability. This exposed [...]]]> http://hakin9.org/apple-release-mac-os-x-10-7-4-software-update/feed/ 0 http://hakin9.org/mac-os-x-10-7-3-lion-login-passwords-exposed/ http://hakin9.org/mac-os-x-10-7-3-lion-login-passwords-exposed/#comments Fri, 11 May 2012 10:47:21 +0000 IDTP http://hakin9.org/?p=3408
The Mac OS X Lion 10.7.3 update turns on a system-wide debug log file which contains the login passwords of every user who has logged in since this update was applied. You are only vulnerable if you upgraded to Lion and kept your folders encrypted using FileVault 1. If you use FileVault 2, you will not [...]]]> http://hakin9.org/mac-os-x-10-7-3-lion-login-passwords-exposed/feed/ 0 http://hakin9.org/how-to-disable-the-windows-autorun-malware-threat/ http://hakin9.org/how-to-disable-the-windows-autorun-malware-threat/#comments Fri, 11 May 2012 10:43:36 +0000 IDTP http://hakin9.org/?p=3403
Julian’s security vendor friends at Bitdefender have reported that 12 percent of global Microsoft Windows infections in the first quarter of 2012 were Autorun-based threats. This doesn’t come as a surprise as most Windows users don’t understand the security implications of using the Windows Autorun feature. Most users also don’t know how to disable it, [...]]]> http://hakin9.org/how-to-disable-the-windows-autorun-malware-threat/feed/ 0 http://hakin9.org/microsoft-security-essentials-4-0-av-industry-is-dead/ http://hakin9.org/microsoft-security-essentials-4-0-av-industry-is-dead/#comments Fri, 11 May 2012 10:40:31 +0000 IDTP http://hakin9.org/?p=3397
  There has been quite a bit written by security researchers and media about Microsoft Security Essentials (MSE) over the past few years. Some complimentary and others not so. My personal opinion has always been that MSE is actually quite a good product, especially given it has always been 100% free. If you are wondering [...]]]> http://hakin9.org/microsoft-security-essentials-4-0-av-industry-is-dead/feed/ 0 http://hakin9.org/facebook-announces-anti-virus-marketplace/ http://hakin9.org/facebook-announces-anti-virus-marketplace/#comments Fri, 11 May 2012 10:33:34 +0000 IDTP http://hakin9.org/?p=3394
Yesterday (April 25th) Facebook announced the launch of Anti-Virus Marketplace. This Facebook page will allow users to download a six-month full version anti-virus software license from McAfee, Norton, Sophos for Macs and Trend Micro for PCs and Macs. Microsoft is free anyway, which strikes me as rather odd, that this was included. Did Microsoft offer Facebook [...]]]> http://hakin9.org/facebook-announces-anti-virus-marketplace/feed/ 0 http://hakin9.org/staffcop-activity-monitoring-software-network-performance-monitoring-remote-traffic-monitoring-tool-employee-monitoring-software-spying-program/ http://hakin9.org/staffcop-activity-monitoring-software-network-performance-monitoring-remote-traffic-monitoring-tool-employee-monitoring-software-spying-program/#comments Fri, 11 May 2012 09:20:48 +0000 Natalia http://hakin9.org/?p=3388 http://hakin9.org/staffcop-activity-monitoring-software-network-performance-monitoring-remote-traffic-monitoring-tool-employee-monitoring-software-spying-program/feed/ 0 http://hakin9.org/what-can-a-network-scanner-do-for-you/ http://hakin9.org/what-can-a-network-scanner-do-for-you/#comments Thu, 10 May 2012 10:24:15 +0000 Grzegorz http://hakin9.org/?p=3381
When it comes to network security there are a lot of choices as to what software you actually use. You can apply firewalls, antivirus software, internet access controls and network scanners. Seeing where the network scanner fits into this security puzzle can be a little difficult. However, a network scanner can actually perform a multitude [...]]]> http://hakin9.org/what-can-a-network-scanner-do-for-you/feed/ 0 http://hakin9.org/hakin9-on-demand-trojan-izing-usb-stics/ http://hakin9.org/hakin9-on-demand-trojan-izing-usb-stics/#comments Tue, 08 May 2012 07:03:55 +0000 pawelplocki http://hakin9.org/?p=3374
1. Secure memory stick by Amit Mishra Secure USB flash drives protect the data stored on them from access by unauthorized users. USB flash drive products have been on the market since 2000, and their use is increasing exponentially. As both consumers and businesses have increased demand for these drives, manufacturers are producing faster devices with greater data storage. [...]]]> http://hakin9.org/hakin9-on-demand-trojan-izing-usb-stics/feed/ 0 http://hakin9.org/hacktivity-2012-call-for-papers/ http://hakin9.org/hacktivity-2012-call-for-papers/#comments Mon, 07 May 2012 10:03:49 +0000 Grzegorz http://hakin9.org/?p=3372
Who we are Hacktivity 2012 – The IT Security Festival in Central and Eastern Europe – will be held on the 9th occasion. (Exact date and location is under negotiation, the Festival takes 2 days – Friday -Saturday – please check back soon.) Hacktivity conference/festival traditionally brings together the official and alternative representatives of information [...]]]> http://hakin9.org/hacktivity-2012-call-for-papers/feed/ 0 http://hakin9.org/hakin9-052012-cloud-computing/ http://hakin9.org/hakin9-052012-cloud-computing/#comments Wed, 02 May 2012 07:16:27 +0000 Marta http://hakin9.org/?p=3368
IN BRIEF By Armando Romeo, eLearnSecurity and ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. Cloud Security by Gurav Shah There are a number of security issues/concerns associated with cloud computing but these issues [...]]]> http://hakin9.org/hakin9-052012-cloud-computing/feed/ 0 http://hakin9.org/e-identity-managment-conference-2012/ http://hakin9.org/e-identity-managment-conference-2012/#comments Thu, 26 Apr 2012 12:18:54 +0000 Natalia http://hakin9.org/?p=3357
The European e-Identity Management Conference 2012 (EEMA’s 25th Annual Conference) is Europe’s leading forum for this critical security application – tackling the key issues surrounding e-identity as a core enabler of today’s personal, business and government processes.  This year the event is taking place in Paris, France on the 12 & 13 June. For further [...]]]> http://hakin9.org/e-identity-managment-conference-2012/feed/ 0 http://hakin9.org/hackingteacher-security-solutions/ http://hakin9.org/hackingteacher-security-solutions/#comments Thu, 26 Apr 2012 08:44:57 +0000 Natalia http://hakin9.org/?p=3355
Today business operates in a dynamic digital environment where timely information is the key to chalk its destiny. To implement organization’s vision,technology needs to be synergized with business strategy.And that information assets needs to be protected to stay competitive. We at HackingTeacher partner with our clients to protect their information assets while they achieve their [...]]]> http://hakin9.org/hackingteacher-security-solutions/feed/ 0 http://hakin9.org/exploiting-software-0412/ http://hakin9.org/exploiting-software-0412/#comments Mon, 23 Apr 2012 14:47:00 +0000 Natalia http://hakin9.org/?p=3348
Cisco IOS Rootkits and Malware: A practical guide By Jason Nehrboss Propagating the worm code into a new router can either be quite easy, difficult, or impossible. There are many variations of supported IOS code and hardware platforms. The author discusses the use of and demonstrates an IOS Embedded Event Manager rootkit and worm. When [...]]]> http://hakin9.org/exploiting-software-0412/feed/ 0 http://hakin9.org/mac-os-x-little-snitch-defines-who-you-can-trust/ http://hakin9.org/mac-os-x-little-snitch-defines-who-you-can-trust/#comments Mon, 23 Apr 2012 14:11:57 +0000 IDTP http://hakin9.org/?p=3347
If you use a Mac and you want to manage and control the flow of data that leaves your computer, then I suggest you might want to use Little Snitch. Tech geeks will know about this clever privacy tool, but the masses of my readers aren’t technical. So, I thought I would explain further why [...]]]> http://hakin9.org/mac-os-x-little-snitch-defines-who-you-can-trust/feed/ 0 http://hakin9.org/iphone-blackberry-and-android-motion-sensor-exploit/ http://hakin9.org/iphone-blackberry-and-android-motion-sensor-exploit/#comments Mon, 23 Apr 2012 14:07:42 +0000 IDTP http://hakin9.org/?p=3346
A team of researchers have devised an experimental Android-based Trojan called TapLogger that can manipulate the mobile onboard motion and orientation sensors to crack stored passwords. Motion and orientation sensors can also utilise the vibration sensor of a mobile device, which could then activate a Trojan to capture keyboard inputs using a malicious keylogger. TapLogger exploits [...]]]> http://hakin9.org/iphone-blackberry-and-android-motion-sensor-exploit/feed/ 0 http://hakin9.org/mac-trojan-exploiting-malformed-word-documents/ http://hakin9.org/mac-trojan-exploiting-malformed-word-documents/#comments Fri, 20 Apr 2012 10:35:30 +0000 IDTP http://hakin9.org/?p=3341
The Mac OS X platform has now been targeted for a second time by a Trojan called SabPub (Backdoor.OSX.SabPub.a). Several in the media are misreporting this latest Mac OS X Trojan as a Java exploit. Let me tell you, this isn’t a Java exploit. SabPub is actually exploiting malformed Word documents. SabPub is a typical backdoor [...]]]> http://hakin9.org/mac-trojan-exploiting-malformed-word-documents/feed/ 0 http://hakin9.org/the-single-sign-on-universal-login-security-debate/ http://hakin9.org/the-single-sign-on-universal-login-security-debate/#comments Fri, 20 Apr 2012 10:30:12 +0000 IDTP http://hakin9.org/?p=3339
The more apps and websites we register with, the more usernames and passwords we need to remember. You might end up managing hundreds which as you know means you have to find somewhere to store them as well as avoiding using the same password for more than one website. Your digital identity is your offline [...]]]> http://hakin9.org/the-single-sign-on-universal-login-security-debate/feed/ 0 http://hakin9.org/anonymous-launches-anonpaste-service-based-on-pastebin/ http://hakin9.org/anonymous-launches-anonpaste-service-based-on-pastebin/#comments Fri, 20 Apr 2012 10:04:39 +0000 IDTP http://hakin9.org/?p=3331
  The PLF and Anonymous have recently launched the AnonPaste service for the uploading and sharing of data. Paste services have been used by hackers for years to paste controversial data including data breaches, coding and website hacks. The motivation is based around ‘Information Activism’. Both groups are plugging AnonPaste as a ‘secure alternative’ but [...]]]> http://hakin9.org/anonymous-launches-anonpaste-service-based-on-pastebin/feed/ 0 http://hakin9.org/hundreds-of-compromised-twitter-accounts-in-circulation/ http://hakin9.org/hundreds-of-compromised-twitter-accounts-in-circulation/#comments Fri, 20 Apr 2012 09:50:56 +0000 IDTP http://hakin9.org/?p=3329
Compromised Twitter accounts spammed up to eight messages per second with links redirecting users to the infamous BlackHole exploit kit. The rogue tweet contained messages such as ‘online virus check, ‘proven anti-virus’, ‘excellent anti-virus’ and links to websites with .TK and .TW.SU domain names. The BlackHole exploit kit is a vicious exploit, so much so [...]]]> http://hakin9.org/hundreds-of-compromised-twitter-accounts-in-circulation/feed/ 0 http://hakin9.org/eu-cookie-tracking-directive-deadline-approaches/ http://hakin9.org/eu-cookie-tracking-directive-deadline-approaches/#comments Wed, 18 Apr 2012 10:42:01 +0000 IDTP http://hakin9.org/?p=3343
On the 26th May* the UK’s Information Commissioner’s Office (ICO)) will impose an EU directive designed to protect Internet users’ privacy.  As I saidlast year, European websites will have to police their own cookies but what about third-party cookies from advertisers? This will be more problematic to regulate under the European privacy law. The EU Internet Advertising [...]]]> http://hakin9.org/eu-cookie-tracking-directive-deadline-approaches/feed/ 0 http://hakin9.org/hakin9-extra-412/ http://hakin9.org/hakin9-extra-412/#comments Mon, 16 Apr 2012 13:16:51 +0000 michal http://hakin9.org/?p=3317
An Overview on Cloud Forensics By Federico Filacchione There’s not a single law. Preserving the chain of custody means that you’ve to comply with specific laws, regarding a specific country. But in a cloud perspective there’s no single country. A huge network of data centers means a huge network of jurisdictions. So could be very [...]]]> http://hakin9.org/hakin9-extra-412/feed/ 0 http://hakin9.org/apple-release-java-flashback-malware-removal-update/ http://hakin9.org/apple-release-java-flashback-malware-removal-update/#comments Fri, 13 Apr 2012 10:25:09 +0000 IDTP http://hakin9.org/?p=3338
Earlier this week I reported on the Java Flashback malware that has been targeting Mac OS X users. Apple has in the last few days developed a Flashback malware Java removal tool for those who might have been infected with this malware. I suggest you download* and install this Java software update immediately. This update also configures the Java web [...]]]> http://hakin9.org/apple-release-java-flashback-malware-removal-update/feed/ 0 http://hakin9.org/anonymous-takes-down-websites-in-cispa-protest/ http://hakin9.org/anonymous-takes-down-websites-in-cispa-protest/#comments Fri, 13 Apr 2012 10:21:13 +0000 IDTP http://hakin9.org/?p=3337
Anonymous is informing businesses that it opposes CISPA and has posted a video of a downed web site – US Telecom, as part of its ongoing anti-CISPA campaign. It has also recently downed the Boeing website. Both these companies have publicly supported CISPA. April 11th, 2012 CISPA (Cyber Intelligence Sharing and Protection Act) promises to raise lots [...]]]> http://hakin9.org/anonymous-takes-down-websites-in-cispa-protest/feed/ 0 http://hakin9.org/apple-fix-mac-os-x-trojan-flashback-with-java-update/ http://hakin9.org/apple-fix-mac-os-x-trojan-flashback-with-java-update/#comments Fri, 13 Apr 2012 10:16:23 +0000 IDTP http://hakin9.org/?p=3336
Over 600,000 Macs globally were reported last week by a leading security vendor to be infected with a Mac botnet. A couple of hundred of these infected Mac systems ironically were found to be based in Cupertino, California – I didn’t say Apple Inc here. So how does the Flashback infection work? The Mac system gets infected [...]]]> http://hakin9.org/apple-fix-mac-os-x-trojan-flashback-with-java-update/feed/ 0 http://hakin9.org/update-microsoft-office-2007-to-service-pack-sp-3/ http://hakin9.org/update-microsoft-office-2007-to-service-pack-sp-3/#comments Fri, 13 Apr 2012 10:13:21 +0000 IDTP http://hakin9.org/?p=3335
Microsoft Office 2007 Service Pack (SP) 3 like all SP releases is an optional update. If you use Microsoft Office 2007, then it’s important you make sure that you have the latest service pack release. For Office 2007, that means you should have installed SP3. These service pack releases are NOT security updates, so there isn’t an immediate [...]]]> http://hakin9.org/update-microsoft-office-2007-to-service-pack-sp-3/feed/ 0 http://hakin9.org/uk-email-and-web-monitoring-law-just-use-tor/ http://hakin9.org/uk-email-and-web-monitoring-law-just-use-tor/#comments Fri, 13 Apr 2012 10:10:19 +0000 IDTP http://hakin9.org/?p=3333
The UK is about to introduce a new law (late 2013 I suspect) that allows police and the intelligence community increased powers to monitor email and social media communications. The new surveillance system will involve Internet Service Providers (ISPs) collating and providing the intelligence community and Police with email and web browsing behaviour on every UK [...]]]> http://hakin9.org/uk-email-and-web-monitoring-law-just-use-tor/feed/ 0