http://hakin9.org IT Security Magazine Wed, 22 Feb 2012 13:55:08 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 http://hakin9.org/pingit-p2p-mobile-cash-payment-app-security/ http://hakin9.org/pingit-p2p-mobile-cash-payment-app-security/#comments Wed, 22 Feb 2012 13:55:07 +0000 IDTP http://hakin9.org/?p=3234
Pingit allows users in the UK to send payments from one mobile to another in the UK – it’s a kind of P2P application. The Pingit app is of course free to download to any smartphone such as a BlackBerry, Android or iPhone. Note to my readers – Some in the media claim this payment method is [...]]]> http://hakin9.org/pingit-p2p-mobile-cash-payment-app-security/feed/ 0 http://hakin9.org/mac-os-x-gatekeeper-and-the-apple-developer-id/ http://hakin9.org/mac-os-x-gatekeeper-and-the-apple-developer-id/#comments Tue, 21 Feb 2012 17:59:56 +0000 IDTP http://hakin9.org/?p=3233
Apple has introduced Gatekeeper to a select handful of developers recently, and given I like research I couldn’t help but notice that over 20 years ago the Mac had an antivirus software called, yes you’ve guessed it – Gatekeeper. It’s moved on a bit since then though – Macs don’t really need AV at the system/kernel [...]]]> http://hakin9.org/mac-os-x-gatekeeper-and-the-apple-developer-id/feed/ 0 http://hakin9.org/hacker-halted-october-25-31-2012/ http://hakin9.org/hacker-halted-october-25-31-2012/#comments Tue, 21 Feb 2012 07:27:54 +0000 Grzegorz http://hakin9.org/?p=3231
The objective of this industry-leading information security conference series is to raise international awareness towards increasededucation and ethics in Information Security. This information security conference seriescovers in-depth topics into the development of security issues plaguing the world. Hacker Halted always feature many renowned subject matter experts and high-level speakers, as well as some of the [...]]]> http://hakin9.org/hacker-halted-october-25-31-2012/feed/ 0 http://hakin9.org/ec-council-summit/ http://hakin9.org/ec-council-summit/#comments Tue, 21 Feb 2012 07:15:47 +0000 Grzegorz http://hakin9.org/?p=3227
The EC-Council Summit (formerly known as CAST Summit) is designed with one purpose in mind, to enrich security professionals with the skills and knowledge surrounding the ever-evolving information security landscape. Attendees get to choose from a selection of highly technical and advanced training workshops led by subject matter experts and industry practitioners, covering essential security [...]]]> http://hakin9.org/ec-council-summit/feed/ 0 http://hakin9.org/takedowncon-dallas-may-4-9-2012/ http://hakin9.org/takedowncon-dallas-may-4-9-2012/#comments Tue, 21 Feb 2012 07:11:01 +0000 Grzegorz http://hakin9.org/?p=3225
TakeDownCon Dallas TakeDownCon is a technical security conference series fundamentally developed to focus on specific information security domain(s) for each event. The upcoming TakeDownCon Dallas focuses on attack and defense vectors - Security Anatomized. Designed to be a highly technical conference, TakeDownCon will only showcase technical presentations. www.takedowncon.com]]> http://hakin9.org/takedowncon-dallas-may-4-9-2012/feed/ 0 http://hakin9.org/hardening-of-java-applications-against-aop-exploiting-software-0212/ http://hakin9.org/hardening-of-java-applications-against-aop-exploiting-software-0212/#comments Mon, 20 Feb 2012 07:41:16 +0000 Natalia http://hakin9.org/?p=3222
Beyond Automated Tools and Frameworks: the shellcode injection process By Craig Wright Automated frameworks (including Metasploit) have simplified the testing and exploitation process. This of course comes with a price. Many penetration testers have become tool jockeys with little understanding of just how software functions. This script kiddie approach to code testing does have its [...]]]> http://hakin9.org/hardening-of-java-applications-against-aop-exploiting-software-0212/feed/ 0 http://hakin9.org/hakin9-extra-0212/ http://hakin9.org/hakin9-extra-0212/#comments Wed, 15 Feb 2012 11:54:53 +0000 michal http://hakin9.org/?p=3219
Honey Pots - the Sitting Duck on the Network By Jeremiah Brott The purpose of this article is to provide details on what honey pots are, the characteristics of the two types down to the mechanics of how each one works. It will also analyze the benefits and pitfalls to explore multiple uses of a [...]]]> http://hakin9.org/hakin9-extra-0212/feed/ 0 http://hakin9.org/information-security-solutions-europe-isse-conference-20th-21st-november-2012-brussels/ http://hakin9.org/information-security-solutions-europe-isse-conference-20th-21st-november-2012-brussels/#comments Wed, 15 Feb 2012 09:11:08 +0000 Natalia http://hakin9.org/?p=3216
ISSE (Information Security Solutions Europe) is Europe's only independent, interdisciplinary security conference and exhibition. Regularly attracting up to 400 senior level delegates and 30 industry leading sponsors ISSE provides a forum for sharing real life experiences and learning from experts in the field. ISSE is renowned for its rich educational content and unbiased perspective - [...]]]> http://hakin9.org/information-security-solutions-europe-isse-conference-20th-21st-november-2012-brussels/feed/ 0 http://hakin9.org/the-european-eidentity-management-conference-12th-13th-june/ http://hakin9.org/the-european-eidentity-management-conference-12th-13th-june/#comments Wed, 15 Feb 2012 09:04:33 +0000 Natalia http://hakin9.org/?p=3213
The European e-Identity Management Conference 2012 is Europe’s leading forum for this critical security application - tackling the key issues surrounding e-identity as a core enabler of today's personal, business and government processes.   To find out more information and to book your place at the event, please visit www.eema.org/eidentityeurope  ]]> http://hakin9.org/the-european-eidentity-management-conference-12th-13th-june/feed/ 0 http://hakin9.org/how-to-deploy-patch-management/ http://hakin9.org/how-to-deploy-patch-management/#comments Tue, 14 Feb 2012 10:23:43 +0000 Natalia http://hakin9.org/?p=3211
How to Deploy Patch Management Keeping up with patches is one of the most important things you can do to protect your company from security issues. But if you are staying up late on a Saturday night, logging on to server after server to patch by hand, and sending out emails to users instructing them [...]]]> http://hakin9.org/how-to-deploy-patch-management/feed/ 0 http://hakin9.org/firefox-to-use-flash-player-sandbox/ http://hakin9.org/firefox-to-use-flash-player-sandbox/#comments Fri, 10 Feb 2012 14:59:30 +0000 IDTP http://hakin9.org/?p=3210
The new Flash Player sandbox for Firefox is currently still in public beta mode. Adobe has decided to sandbox each plugin process to ensure that  a plugin crash will not occur with the entire web browser (one of the main reasons why Apple never introduced Flash).  It appears though, that there are no security restrictions [...]]]> http://hakin9.org/firefox-to-use-flash-player-sandbox/feed/ 0 http://hakin9.org/security-flaw-identified-in-google-wallet/ http://hakin9.org/security-flaw-identified-in-google-wallet/#comments Fri, 10 Feb 2012 14:40:16 +0000 IDTP http://hakin9.org/?p=3208
Security researchers have uncovered a method of cracking Google Wallets PIN security in just a matter of seconds. The Google Wallet application stores a hash of the PIN, which allowed them to create a matching PIN simply by hashing all 10,000 possible numbers which only took a few seconds. Closer examination of the per-app DB, [...]]]> http://hakin9.org/security-flaw-identified-in-google-wallet/feed/ 0 http://hakin9.org/malware-scanning-improved-in-google-chrome-17/ http://hakin9.org/malware-scanning-improved-in-google-chrome-17/#comments Fri, 10 Feb 2012 14:21:26 +0000 IDTP http://hakin9.org/?p=3207
Google Chrome released it’s first stable (out of beta) release on the 8 February – Chrome 17. This has been some time in the making but it’s finally arrived. This stable release now incorporates a malware download scanner which scans for malicious “.exe” and “.msi” files which checks with a whitelist database (DB) for known [...]]]> http://hakin9.org/malware-scanning-improved-in-google-chrome-17/feed/ 0 http://hakin9.org/polymorphic-android-malware-requires-hips-analysis/ http://hakin9.org/polymorphic-android-malware-requires-hips-analysis/#comments Wed, 08 Feb 2012 16:05:42 +0000 IDTP http://hakin9.org/?p=3205
Mobile application morphing isn’t something we have heard of on mobile platforms - however I did read an article on some recent developments. I suspect malware writers are developing mobile apps that automatically modify on download as well as continuing to re-engineer the codebase on a daily basis which involves changing the file signature and [...]]]> http://hakin9.org/polymorphic-android-malware-requires-hips-analysis/feed/ 0 http://hakin9.org/hakin9-mobile-22012-2/ http://hakin9.org/hakin9-mobile-22012-2/#comments Wed, 08 Feb 2012 14:45:46 +0000 Angelika http://hakin9.org/?p=3203
Data Handling on iOS Devices   With over half a million apps in the App Store, Apple’s trademark slogan “There’s an app for that” is bordering on reality. We use these apps for online banking, social networking and e-mail without really knowing if they’re communicating and storing our personal data securely. With Apple controlling over [...]]]> http://hakin9.org/hakin9-mobile-22012-2/feed/ 0 http://hakin9.org/pc-fix-registry-cleaner/ http://hakin9.org/pc-fix-registry-cleaner/#comments Wed, 08 Feb 2012 10:12:40 +0000 Natalia http://hakin9.org/?p=3198
PC Fix Cleaner Registry Cleaner prevents system slowdowns, freezing or crashing problems, Windows startup issues, obsolete application shortcuts, Missing DLL & OCX files, JavaScript, browser and ActiveX errors. Using a high performance Windows registry detection algorithm and a very simple and intuitive user interface, PC Fix analyzes your entire system's registry and repair all PC [...]]]> http://hakin9.org/pc-fix-registry-cleaner/feed/ 0 http://hakin9.org/remote-locate-lock-and-wipe-your-apple-ios-iphone/ http://hakin9.org/remote-locate-lock-and-wipe-your-apple-ios-iphone/#comments Tue, 07 Feb 2012 15:26:28 +0000 IDTP http://hakin9.org/?p=3194
If you own an iPhone, it’s imperative that you consider how you might protect your device and the personal information you store on it in the event you lose or have your device stolen. There are now many apps that provide OTA backup, device tracking and device lock and wipe feature sets, which all do [...]]]> http://hakin9.org/remote-locate-lock-and-wipe-your-apple-ios-iphone/feed/ 0 http://hakin9.org/just4meeting-3-0/ http://hakin9.org/just4meeting-3-0/#comments Mon, 06 Feb 2012 13:10:17 +0000 Natalia http://hakin9.org/?p=3186
6th to 8th July 2012 in Cascais/Portugal! Information Security has been one of the most increasing concerns worldwide. Everyday new attacks and counter attacks emerge, making it impossible for professionals to keep themselves up to date.  The J4M third edition intends to convene busy IT and Information Security Professionals with very little time to learn [...]]]> http://hakin9.org/just4meeting-3-0/feed/ 0 http://hakin9.org/mac-os-x-10-7-3-update-causing-lion-problems/ http://hakin9.org/mac-os-x-10-7-3-update-causing-lion-problems/#comments Fri, 03 Feb 2012 12:24:32 +0000 IDTP http://hakin9.org/?p=3183
Mac OS X 10.7.3 was released yesterday with fixes to 51 vulnerabilities. Of the 51 total flaws, 40 were tagged by Apple with its usual 'arbitrary code execution' phrase, the company's way of saying that the bugs were critical and could be used by attackers to hijack a Mac with a working exploit. There are also [...]]]> http://hakin9.org/mac-os-x-10-7-3-update-causing-lion-problems/feed/ 0 http://hakin9.org/chrome-17-beta-do-not-track-dnt-extension/ http://hakin9.org/chrome-17-beta-do-not-track-dnt-extension/#comments Fri, 03 Feb 2012 12:09:04 +0000 IDTP http://hakin9.org/?p=3182
A privacy advocate has developed a Chrome version of the Firefox Do Not Track extension (by adding the Do Not Track header “DNT: 1″ to all requests) technology that comes as standard on Mozilla Firefox and Internet Explorer browsers. This extension (referred to as an ‘add-on’ in Firefox) lets you inform websites that you do not want your [...]]]> http://hakin9.org/chrome-17-beta-do-not-track-dnt-extension/feed/ 0 http://hakin9.org/the-facebook-likejacking-browser-vulnerability/ http://hakin9.org/the-facebook-likejacking-browser-vulnerability/#comments Fri, 03 Feb 2012 12:06:12 +0000 IDTP http://hakin9.org/?p=3181
Facebook JavaScript attacks using a known scripting vulnerability in browsers doesn’t appear to be going away very soon (as the HTML specification actually make allowances for cross-site scripting). Facebook isn’t alone in attempting to address the malicious script redirects as malware writers know only too well that all browsers suffer from this scripting flaw. You [...]]]> http://hakin9.org/the-facebook-likejacking-browser-vulnerability/feed/ 0 http://hakin9.org/how-you-might-circumvent-a-mobile-network/ http://hakin9.org/how-you-might-circumvent-a-mobile-network/#comments Fri, 03 Feb 2012 12:00:16 +0000 IDTP http://hakin9.org/?p=3179
Mobile technology is evolving and as smartphone memory (including increased flash storage space), battery life and network performance improves, so will the opportunities to circumvent the existing mobile networks. Nothing is impossible with the advances being made with smartphones right now. The events in Egypt, Libya and Syria, got me thinking about how mobiles could [...]]]> http://hakin9.org/how-you-might-circumvent-a-mobile-network/feed/ 0 http://hakin9.org/android-architecture-continues-to-expose-concerns/ http://hakin9.org/android-architecture-continues-to-expose-concerns/#comments Fri, 03 Feb 2012 11:57:19 +0000 IDTP http://hakin9.org/?p=3178
The days of losing a phone and only losing your mobile contacts are long gone. Nowadays your smartphone is your 'ilife' and it (and the network) collects (logs) data not only from text messages, emails and calls, but your Facebook and Twitter profiles as well and much much more. I’d go as far as to say [...]]]> http://hakin9.org/android-architecture-continues-to-expose-concerns/feed/ 0 http://hakin9.org/interview-with-richard-johnson/ http://hakin9.org/interview-with-richard-johnson/#comments Thu, 02 Feb 2012 08:47:40 +0000 Marta http://hakin9.org/?p=3176
Richard Johnson is a computer security specialist who spends his time playing in the realm of software vulnerability analysis. Richard currently fills the role of principal research engineer on Sourcefire’s Vulnerability Research Team, offering 10 years of expertise in the software security industry. Current responsibilities include research on exploitation technologies and automation of the vulnerability [...]]]> http://hakin9.org/interview-with-richard-johnson/feed/ 0 http://hakin9.org/022012-hakin9-magazine-50th-issue/ http://hakin9.org/022012-hakin9-magazine-50th-issue/#comments Tue, 31 Jan 2012 13:14:29 +0000 Marta http://hakin9.org/?p=3173
IN BRIEF By Armando Romeo, eLearnSecurity and ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. When I'm x64: Bootkit Threat Evolution in 2011 By Aleksandr Matrosov, Eugene Rodionov It’s traditional in security (almost considered [...]]]> http://hakin9.org/022012-hakin9-magazine-50th-issue/feed/ 0 http://hakin9.org/lead-cyber-threat-analyst/ http://hakin9.org/lead-cyber-threat-analyst/#comments Mon, 30 Jan 2012 20:45:17 +0000 Grzegorz http://hakin9.org/?p=3167
Serving those who serve USAA provides insurance, banking, investments, retirement solutions and advice to more than 8 million active duty military members, veterans who have honorably served, and their families. Join us at our scenic, 286-acre San Antonio Headquarters campus in the Texas Hill Country. Here you'll find nature jogging trails, soccer fields, tennis and [...]]]> http://hakin9.org/lead-cyber-threat-analyst/feed/ 0 http://hakin9.org/amphion-forum/ http://hakin9.org/amphion-forum/#comments Mon, 30 Jan 2012 09:04:02 +0000 Grzegorz http://hakin9.org/?p=3165
What happens when hackers hit the Internet of Things? Find out at The Amphion Forum. It’s the only event focused on the security of the billions of devices that already outnumber PC’s on the network by 5 to 1. Learn about security for mobiles and tablets, yes – but also security for smart grid, medical [...]]]> http://hakin9.org/amphion-forum/feed/ 0 http://hakin9.org/cyber-defence-summit/ http://hakin9.org/cyber-defence-summit/#comments Mon, 30 Jan 2012 08:57:23 +0000 Grzegorz http://hakin9.org/?p=3163
Cyber Defence Summit April 2nd – 3rd 2012 Grand Hyatt Hotel, Muscat, Oman. The Cyber Defence Summit is gathering key regional stake holders in Muscat, Oman to discuss the heightened importance of cyber security throughout the entire Middle East. The initiative is endorsed by ITU-IMPACT, and will be officially hosted by Information Technology Authority Oman [...]]]> http://hakin9.org/cyber-defence-summit/feed/ 0 http://hakin9.org/how-to-securely-delete-mac-os-x-files-in-trash-basket/ http://hakin9.org/how-to-securely-delete-mac-os-x-files-in-trash-basket/#comments Thu, 26 Jan 2012 18:42:36 +0000 IDTP http://hakin9.org/?p=3155
Ever wondered whether your deleted files in the Mac OS X Trash basket are actually deleted forever? Well, let me tell you, that any files you have deleted in Trash could still be accessed. Deleting files on your Mac is of course very easy. All you do is drag the file(s) into the Trash basket or [...]]]> http://hakin9.org/how-to-securely-delete-mac-os-x-files-in-trash-basket/feed/ 0 http://hakin9.org/the-mac-os-x-quick-look-suspicious-package-plug-in/ http://hakin9.org/the-mac-os-x-quick-look-suspicious-package-plug-in/#comments Thu, 26 Jan 2012 18:38:43 +0000 IDTP http://hakin9.org/?p=3151
One feature I really like about Mac OS X has to be the easily forgotten 'Quick Look'. It's a really useful tool (and also has lots of plug-in capabilities) to have and can save you lots of time. Select an item in 'Finder' and press the and you will see a brief preview of any [...]]]> http://hakin9.org/the-mac-os-x-quick-look-suspicious-package-plug-in/feed/ 0