Tag Archives: 2015

Ghost to the Shell

Posted on January 27, 2015 by Carmelo

During a code audit, researchers at Qualys discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc which can get access to the shell. The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on Ghost to the Shell

Game of Hacks

Posted on January 27, 2015 by Carmelo

Test your application hacking skills! You will be presented with vulnerable pieces of code and you must find which vulnerability exists in that code as quickly as possible. You can also submit questions.

Posted in Security Blog | Tagged , , , , , | Comments Off on Game of Hacks

HealthCare.gov Includes Health Data in its own URLs

Posted on January 23, 2015 by Carmelo

The website, Healthcare.gov leaks data via referer (mispelled accidentally, but stuck) headers. When you visit a website in general, the referer codes tells the new loading site, where you came from. Since healthcare.gov stores information in the referer headers, It’s … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on HealthCare.gov Includes Health Data in its own URLs

Attackers Can Easily Disable 5,300 Gas Stations in the US

Posted on January 23, 2015 by Carmelo

The industry’s most famous white hat hacker, HD Moore, reports that automated tank gauges at 5,300 gas stations, can be connected to on port 10,001 without authentication and vulnerable to remote attacks or shut down. There is also publicly hosted … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Attackers Can Easily Disable 5,300 Gas Stations in the US

Is that a Mouse in your Pocket or?

Posted on January 22, 2015 by Carmelo

You ready to bring unauthorized hardware on my ‘secure’ network? Mouse-box, the computer in a mouse, is still in prototype. All we know right now is that it is running ChromeOS or Linux. Maybe a variant of Kali will work too. … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Is that a Mouse in your Pocket or?

4.5 Malware Variants a Second

Posted on January 22, 2015 by Carmelo

According to German Independent IT Security company AV-TEST, there are 12,000,000 variants of malware a month. That’s about 4.5 every second! Malware, a combination of the words Malicious and Software, can be downloaded or sent to users to click on … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on 4.5 Malware Variants a Second

Want Someone’s Password? Just Ask!

Posted on January 21, 2015 by Carmelo
Posted in Security Blog | Tagged , , | Comments Off on Want Someone’s Password? Just Ask!

XKCD Comic on Password Strength and Random Words

Posted on January 20, 2015 by Carmelo

Use the Four Random English Word Generator!

Posted in Security Blog | Tagged , , , , | Comments Off on XKCD Comic on Password Strength and Random Words

Worst Passwords of 2014

Posted on January 20, 2015 by Carmelo

An analysis of the most leaked passwords that were posted online throughout 2014, out of the 3.3 million passwords leaked online, the most common, Top 15 were: 123456 password 12345 12345678 qwerty 1234567890 1234 baseball dragon football 1234567 monkey letmein … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Worst Passwords of 2014

Progressive Insurance’s Snapshot Can be Used to Control Vehicles

Posted on January 19, 2015 by Carmelo

2,000,000 vehicles already have the Progressive Snapshot plugged into them via the OnBoardDiagnostic(OBD)-II Port. Digital Bond Labs described at a security conference last week how the Snapshot could be used to hack into some vehicles’ onboard networks. Testing was limited … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on Progressive Insurance’s Snapshot Can be Used to Control Vehicles