Tag Archives: hacking

Reuben Paul, an 8-year-old Cyber Professional and CEO

An extension from this old post, the 8 year old, identified as Reuben Paul, has grown in fame. He demonstrates in this video, some of his mastery of hacking tools and his thought processes. Here is an article/interview from Tripwire.

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on Reuben Paul, an 8-year-old Cyber Professional and CEO

Emailed PowerPoint and other Microsoft Office Attachments

A vulnerability, designated as CVE-2014-6352, is triggered when a user is forced to open a PowerPoint files containing a malicious Object Linking and Embedding (OLE) object. All Office file types can also be used to carry out same attack. The … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on Emailed PowerPoint and other Microsoft Office Attachments

How Tyupkin, the ATM Malware, Works

The hack, known as Tyupkin, requires criminals to enter a unique code into a machine that has already been compromised by the malware. A second Pin code – a random sequence of numbers generated at another location – is also … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , | Comments Off on How Tyupkin, the ATM Malware, Works

SandWorm

On Tuesday, October 14, 2014, iSIGHT Partners – in close collaboration with Microsoft – announced the discovery of a zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012. Microsoft has patched this vulnerability in … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on SandWorm

Embed HTML Web App for Social Engineering Attack

In this video, Armitage shows how to create a tiny web application that can be hosted that will allow a user to install a beacon. Once the beacon is installed, numerous bad things can happen as you can see in … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Embed HTML Web App for Social Engineering Attack

Mac.BackDoor.iWorm

When a Mac is infected with Mac.BackDoor.iWorm, the program tries to make a connection to a command server. Hackers are using the iWorm to control 17,000 Apple computers. The iWorm reportedly uses Reddit’s search function to find comments left by … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Mac.BackDoor.iWorm

XSS Games

Test your h4cking skillz with the XSS Game at https://xss-game.appspot.com/. Hint the first answer is: <script>alert(“XSS”);</script>

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on XSS Games

WOPBOT BotNet

A botnet runs on Linux and Linux variant servers, named wopbot that uses the Bash Shellshock bug to auto-infect others. The wopbot botnet is active and scanning the internet for vulnerable systems, including network ranges at the United States Department … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , | Comments Off on WOPBOT BotNet

Cyber Risk & Internet of Things

I made this video for work, but modified it a bit so it’s not directly work related, but I didn’t edit the audio… Don’t hate! It’s my first one. The intended audience is for those who don’t think with a … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , , , , , | Comments Off on Cyber Risk & Internet of Things

868,000 Payment Cards, 330 Stores

Goodwill’s investigation revealed that malware had been installed on a third-party vendor system used by 10% of its franchised stores to process credit cards. Twenty of Goodwill’s 158 regional headquarters in the United States were impacted by the breach, because … Continue reading

Posted in Security Blog | Tagged , , , , , , | Comments Off on 868,000 Payment Cards, 330 Stores