Trendmicro wrote a very good report covering the deep and dark web found HERE. It is worth the read and includes many examples with screenshots of the types of goods and services sold as well as statistics of the types of users and systems seen over the last few years. Here is the intro from the report. Continue reading
SAN JOSE, Calif. – June 30, 2015 – Today, Cisco announced its intent to acquire OpenDNS, a privately held security company based in San Francisco. OpenDNS provides advanced threat protection for any device, anywhere, anytime. The acquisition will boost Cisco’s Security Everywhere approach by adding broad visibility and threat intelligence from the OpenDNS cloud delivered platform. Continue reading
Berislav Kucan from net-security.org posted a nice writeup on the book Aamir Lakahni and I wrote on penetration testing using a Raspberry Pi. The original write up can be found HERE.
Raspberry Pi is a small and portable single board computer that can be transformed into a penetration testing system. This book will show you how. Continue reading
Wow this is a first. A sports team caught hacking a rival team to get scouting reports, internal discussions and other goodies! In summary, the FBI is claiming that the Cardinal’s front desk hacked the Astro’s network. The original post can be found HERE. Here is the article from http://www.theatlantic.com/
WASHINGTON — The F.B.I. and Justice Department prosecutors are investigating whether front-office officials for the St. Louis Cardinals, one of the most successful teams in baseball over the past two decades, hacked into internal networks of a rival team to steal closely guarded information about player personnel. Continue reading
For those using LastPass, its time to change your master password. The warning note from LassPass is found below and HERE. According to LastPass, the authentication hashes should be sufficiently encrypted to prevent anyone from using them to access your account. However, the company is still prompting all users to update their master password that they use to log in to their LastPass account. Here is the post from LastPass. Continue reading
Thenextweb.com wrote a really cool post on a new breed of drones designed to save lives. The concept is these drones can deliver critical medical supplies such as a defibrillator, EpiPens and Poison antidotes much faster than an ambulance since they don’t have to deal with traffic patterns. They claim they can increase the chance of saving lives from .08% to 80% based on a much greater chance to deliver the necessary treatment much faster. The original post can be found HERE. Make sure to watch the video that includes a demo of the ambulance drone in action.
In December 2013, Amazon CEO Jeff Bezos caused quite a stir with the announcement of his company’s plans to offer 30-minute product deliveries via unmanned aerial vehicles (more commonly referred to as “drones”). Continue reading
My buddy Aamir Lakhani aka drchaos wrote a great post on breaking SSH, VNC and other services. The original post can be found HERE.
Hydra is a very fast and effective network login cracker. It will help you perform brute force attacks against SSH servers, VNC, and other services. When you launch Hydra it will launch the GUI in Kali, however in this tutorial we will use xHydra, which is the command line version of the tool. The command line version of the tool gives you much for flexibility in how to use the tool.
According to datalossdb.org, the U.S Department of the Interior, U.S. Office of Personnel Management lost 4 Million records from a massive data breach. Dataloss lists “At least 4 million names, dates and place of birth, Social Security numbers, benefit selections, job assignments, performance ratings and training information of current and former Federal employees compromised by hackers”. USNEWS.com wrote the following article about this breach found below (original post found HERE). Continue reading