Archive for attack

You are browsing the archives of attack.

Th3J35t3r – Lonewolf Hacker

The Jester Dynamic: A Lesson in Asymmetric Unmanaged Cyber Warfare – [sans.org] 2. Background On December 30, 2010, a patriot hacker posted a message to an Internet Chat Relay (IRC) Server. Quoting Steve Jobs, the hacker typed: “A small team of A players can run circles round a giant team of B and C players” […]

Evil Mouse Penetration Tool

Netragard’s Hacker Interface Device (HID) – [snosoft.com] We (Netragard) recently completed an engagement for a client with a rather restricted scope. The scope included a single IP address bound to a firewall that offered no services what so ever. It also excluded the use of social attack vectors based on social networks, telephone, or email […]

Plugbot for Penetration Testing

All About Plugbot – [theplugbot.com] PlugBot is a hardware bot. It’s a covert penetration testing device designed for use during physical penetration tests. PlugBot is a tiny computer that looks like a power adapter; this small size allows it to go physically undetected all the while powerful enough to scan, collect and deliver test results […]

AV Bypass Attack

An attack that can bypass Anti-Virus defenses has been detailed in a research paper by matousec.com. Matousec developed an engine called KHOBE (Kernel HOok Bypassing Engine) that uses an “argument switch” strategy, or SSDT hooking, to convince the AV scanner that everything is okay. KHOBE – 8.0 earthquake for Windows desktop security software – [matousec.com] […]

Cyber Challenge

DOD, SANS, CSIS, several universities and other partner organizations are collaborating to find students with cyber abilities and train them to become future cyber warriors. Pentagon Seeks High School Hackers – [forbes.com] The so-called Cyber Challenge, which will be officially announced later this month, will create three new national competitions for high school and college […]

Zer0 Vee Attack

In what may be the first publicly recorded hack of a zero-day flaw in virtualization software, attackers have wiped out data from over 100,000 web sites hosted by VAServ in the UK. Webhost hack wipes out data for 100,000 sites – [theregister.co.uk] Technicians at UK-based Vaserv.com were still scrambling to recover data on Monday evening […]

NIST Expects Ripples from Hack of monster.com

NIST expects that the intruders who recently stole information from monster.com will attempt to use that data in other attacks. Federal Employees At Risk Again From Monster.com Compromise – [nist.org] It’s happened once before, hackers breaking in to Monster.com and stealing job hunter’s data. The last time that it happened (August 1997) there was a […]