Secuobs.com : 2013-04-16 16:38:52 - adafruit industries blog - Magnetic Putty Magic Extended Cut Shanks FX PBS Digital Studios from Joey Shanks on Vimeo In this episode of SHANKS FX we have some fun with the wonderful weirdness of Magnetic Putty We used this Putty to create a lot of the Black Hole sequences in our film SCI-FLY We now take a
↧
Magnetic Putty Magic
↧
flycolony Tweeting Houseflies Computer Sphere
Secuobs.com : 2013-04-16 16:38:52 - adafruit industries blog - fly tweet from david bowen on Vimeo This device sends twitter messages based on the activities of a collection of houseflies The flies live inside an acrylic sphere along with a computer keyboard As the flies move and interact inside their home, they fly over the keys on the keyboard These movements are collected in
↧
↧
Building a Tardis-Light
Secuobs.com : 2013-04-16 16:38:52 - adafruit industries blog - Building an Arduino powered Tardis-Light Background A friend of mine, Alex, is building his own Tardis, and needed a hand with the light on top I cobbled this together in a couple of hours and thought I d share it Source code and more here Featured Adafruit Products Digital RGB LED Weatherproof Strip 32 LED
↧
WordPress Hackers Exploit Username 'Admin'
Secuobs.com : 2013-04-16 16:41:40 - Dark Reading All Stories - Attention, WordPress users If you have a WordPress username set to admin, change it immediately That warning was issued Friday by WordPress founder Matt Mullenweg, in the wake of reports that thousands of WordPress sites with an administrator username set to admin or Admin had been compromised via large-scale brute force attacks Service provider HostGator, notably, reported Thursday that this attack is well organized and very, very distributed we have seen over 90,000 IP addresses involved in this attack According to survey website W3Techs, approximately 18pourcents of all websites -- by some estimates, about 64 million sites -- run WordPress
↧
A story of win32k cCapString, or unicode strings gone bad
Secuobs.com : 2013-04-16 16:53:25 - j00ru vx tech blog - In the most recent blog post Fun facts Windows kernel and guard pages , we have learned how the code coverage of kernel routines referencing user-mode memory can be determined by taking advantage of the fact that kernel-mode code triggers guard page exceptions in the same way as user-mode does Today, I will present how the
↧
↧
Betwixt and Between - Service Gateway for Enterprise Mobile Applications
Secuobs.com : 2013-04-16 16:57:34 - 1 Raindrop - Over the next several posts, I will explore some of the core patterns for Service Gateways that provide access to Enterprise Mobile Applications that need to leverage enterprise apps and data Before I go there - a word about risk Mobile security is a hot topic Is Android less secure than iOS What about rooted devices How should enterprise deal with BYOD How do mobile dev teams write secure code for mobile platforms And the list goes on and on,
↧
Pirate Bay Founder Charged With Hacking Companies and a Bank
Secuobs.com : 2013-04-16 17:02:36 - TorrentFreak - A Swedish prosecutor has announced new hacking related charges against Pirate Bay co-founder Gottfrid Svartholm Together with three others he is suspected of hacking several companies including a bank, from where the defendants allegedly attempted to transfer money The new changes will most likely mean that Svartholm will remain in prison when his Pirate Bay sentence concludes next month Source Pirate Bay Founder Charged With Hacking Companies and a Bank
↧
Initial Thoughts on the Boston Bombings
Secuobs.com : 2013-04-16 17:04:23 - Schneier on Security - I rewrote my refuse to be terrorized essay for the Atlantic David Rothkoph author of the great book Power, Inc wrote something similar, and so did John Cole It's interesting to see how much more resonance this idea has today than it did a dozen years ago If other people have written similar essays, please post links in the comments
↧
Report SMBs Being Battered By Targeted Threats
Secuobs.com : 2013-04-16 17:04:34 - Security Bloggers Network - Symantec s newly released Internet Security Threat Report found that there was a 42 percent rise during 2012 in targeted attacks in comparison to the previous year SMBs companies with fewer than 250 employees were particularly impacted by this spike in cybercrime, finding themselves on the receiving end of 31 percent of all targeted attacks, a threefold increase from Read more IMAGE
↧
↧
Linux UNIX Patch Auditing Using Nessus
Secuobs.com : 2013-04-16 17:04:34 - Security Bloggers Network - Nessus can check that your Linux and UNIX systems are up-to-date with the latest patches Tenable has released more than 1,000 plugins this year that check for local Linux and UNIX operating system's missing patches This includes kernel patches and se
↧
Linode Hacked Through ColdFusion Zero Day
Secuobs.com : 2013-04-16 17:27:12 - threatpost The First Stop for Security News - The attackers who compromised Web hosting provider Linode used a zero day vulnerability in Adobe ColdFusion and were able to access the company's database, source code and customers' credit card numbers and passwords The company said that the customer credit card numbers were encrypted, as were the passwords, but it forced a system-wide password reset after the attack was discovered read more
↧
Your Data Is Gone, Have A Nice Day
Secuobs.com : 2013-04-16 17:30:18 - Dark Reading All Stories - Complete data loss and theft remain all too common
↧
It s Hard Out Here For a CISO, and It s Not Getting Any Easier
Secuobs.com : 2013-04-16 17:40:17 - Veracode Security Blog Application security research security trends and opinions - 13200565_sLast week, during a SoSS report pre-briefing, Chris Eng was discussing our prediction around CISO tenure and said Who wants to be a CISO these days, not me Even with SoSS Vol5 predicting CISO tenure would shrink, it was shocking to hear our research VP make such a statement
↧
↧
The WordPress Brute Force Attack Timeline
Secuobs.com : 2013-04-16 17:44:36 - Sucuri Blog - Authored by Daniel Cid, Tony Perez We have been blogging about the massive brute force attacks against WordPress websites over the past few days, today we want to provide better context of the scale by sharing some more data on what we saw and continue to see In our previous report, we said that the Read More
↧
Attentats de Boston Google met en place Person Finder et une page YouTube
Secuobs.com : 2013-04-16 17:46:44 - Tout sur la cybersécurité la cyberdéfense ... - Google a mis en place une page dédiée aux victimes des attentats meurtriers d hier sur la ligne d arrivée du marathon de Boston Une page YouTube regroupe toutes les vidéos d anonymes ou des médias de cet évènement tragique Comme bien souvent, lors de catastrophes de cette ampleur, Internet se mobilise pour mettre au service des victimes
↧
Confessions hacker ma première fois sur Internet
Secuobs.com : 2013-04-16 17:46:44 - Tout sur la cybersécurité la cyberdéfense ... - Voilà un beau projet que tous les geek, hackers, nostalgiques et autres amoureux de la toile apprécieront Une contre-histoire des internets est un webdoc collaboratif, en ligne et ouvert à tous, qui revient sur le tout début d Internet, avec ses anecdotes croustillantes et ses souvenirs de vieux sages numériques En voyage,
↧
Using CSharpRepl to batch change TeamMentor s users email and settings
Secuobs.com : 2013-04-16 17:51:53 - Dinis Cruz Blog - While deploying the 33 version of TeamMentor into the multiple servers we maintain, there are a number of edge cases that are usually a pain to deal with, but now that TM has the ability to run C scripts directly on a server, I can codify the transformations required The two problems I m going to deal here are Batch setting the email based on the username Batch setting the Account expiry date based on a search Note that on both cases I m going to first do the changes into a locally hosted version of TM that is consuming the respective UserData GitHub repo and if anything goes wrong, I m a git stash or git reset away from a clean start Batch setting the email based on the username This problem happened because in one of the 32 TM sites that we hosted, 61 user accounts were created with no email value in the previous version the email was not required Luckily they used the email as the username, so this is just a case of assigning an user s email value to its username Let s start by opening up a CSharpRepl script environment image And this is how to get a reference to the current user s object image There are also extension methods that allow the easy programmatic access to a particular user image And its email image As a first example, let s change this user s email which is dinis si image to dcruz securityinnovationcom image Note that although this change shows in the User s list image A git status will show that there was no file changes ie the change was all done in memory image but if we save the user image the git status will now show a changed file image note that when running TM on localhost, the auto git commits are disabled namely to prevent conflicts with the admin account This means that the script to set all users email to its username is simply image the admin and dinis accounts were the only ones that the username didn't contain an email After running the script there were 61 changes, committed as one image and pushed into the main Site_clientName repository After the push, I went into the live server and did a User Data Sync in order to do trigger the pull image And now the user s changes have been propagated to the live server image Let s now handle the 2nd issue Batch setting the Account expiry date based on a search After the import from 32 to 33, we have 427 users in the current TM instance image In the CSharpRepl we start again by getting the TMUsers object part of the UserData class image Here is how to get the current users that have an SI account image or if you prefer to use LINQ image Here is how to get a user s account ExpirationDate image which at the moment is 5th April 2013 image Here is how to make the expiry date to be in 16 days from today s date image And to disable completely the Expiration date, we just set it to default DateTime image And here is how to remove the expiration date check from all SI users image Using TM4TM to document these scripts Based on the scripts created on this blog post, I created the User Management using REPL Scripts page, written in WikiText image and whose HTML and code formatting looks like this image IMAGE
↧
↧
Russia launches smart card based on NXP's SmartMX2 with banking, transport and eGov functionality
Secuobs.com : 2013-04-16 17:53:39 - ContactlessNews Contactless Smart Cards RFID Payment Transit and Security - NXP announced with ALIOTH, a Russian government and payment cards solutions provider, the launch of a multi-application contactless smart card solution product called SCOne based on NXP s SmartMX2 microcontroller with banking, transport ticketing and eGovernment functionality The availability of this new SmartMX2-based card follows the announcement that the Moscow Department of Transport has selected MIFARE Plus for the new TROIKA smart card project Additionally, the city of St Petersburg is also using MIFARE Plus technology for its public transport system Read the full article at ContactlessNews
↧
Targeted attacks hitting small business have increased threefold
Secuobs.com : 2013-04-16 17:54:36 - Help Net Security News - Based on data from the company's own Global Intelligence Network, Symantec analysts have shared in annual Internet Security Threat Report that there was a 42 percent surge during 2012 in targeted atta
↧
Linode hackers say they will release stolen customer data
Secuobs.com : 2013-04-16 17:54:36 - Help Net Security News - Linode, the web hosting provider that among others provides a home for Internet security resource sites InsecureOrg, NmapOrg, SecListsOrg, and SecToolsOrg, has announced on Friday that they suff
↧