HackingTheUniverse

You are browsing the archives of hackers.

Cyber attackers have a variety of motivations, but it is possible to categorize them and attempt to understand the different strategies they might use and how to defend against them. Here are some of the categories of motivations behind threats: Use data from your system Identity theft – mostly for financial fraud Business information – […]

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST SP 800-145 Advanced Persistent Threat APT or Advanced Persistent Threat describes cyber […]

Symantecs MessageLabs Intelligence 2009 Annual Security Report offers some very interesting information about the past year and assumptions about the near future of malware and other security threats. Here are a few teasers that should encourage you to read the entire report: 3.2.4. Command and Control: Mysterious Messages and Covert Channels In the 12-months since […]

How much does it cost cybercriminals to obtain access to a hacked computer? Why do it yourself when you can buy one for a nickel? Often, one group of cybercriminals specialize in the act of penetrating systems and installing backdoors. Then they sell access to the systems to other cybercriminals who want to use the […]

NIST expects that the intruders who recently stole information from monster.com will attempt to use that data in other attacks. Federal Employees At Risk Again From Monster.com Compromise – [nist.org] It’s happened once before, hackers breaking in to Monster.com and stealing job hunter’s data. The last time that it happened (August 1997) there was a […]

Once admin/root privileges have been established, an attacker will often create a new account with high privilege levels in order to allow future access without needing to take extraordinary action. The advantage to this is that the password is known and the account controlled by the attacker. The disadvantage is the risk of attracting attention […]