Root in Under Five Article at HellBound Hackers
Hey everyone. This article is about hacking schools. Since any longer than five minutes, you risk getting caught, this is *hopefully* going to teach you how to get root in five minutes or less. So, lets get started. * Dedicated to H4xguy * To those of you that think by getting root, you own the school, sorry to disapoint you. Your first step is to try and get access to DOS. Code \"start>all programs>accessories>cmd\" or \"start>run> type in \'cmd\'\" If neither of those work, create a new text document. If that didn\'t work, instead of typing \"cmd\", type @echo off echo hello pause Open it, if you see \"hello\", create a new text document and name it \"anything.reg\", right click and edit. REGEDIT4 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp] \"Disabled\"=dword:0 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem] \"DisableRegistryTools\"=dword:0 This changes the registry value that blocks dos. Another way to get dos, is to create a prog.
Welcome! (VX heavens)
Newest Social Net Scam: Stranded Friend - PCWorld
The FBI and its Internet Crime Complaint Center (IC3) says they are seeing an uptick in the complaints about online scammers trying to steal your money posing as a good friend left stranded somewhere in need of quick cash. FBI details most difficult Internet scams The IC3 said it is getting reports of individuals' e-mail or social networking accounts such as Facebook being compromised and used in a social engineering scam to swindle consumers out of thousands of dollars. . The notice claims the victim is in immediate need of money due to being robbed of their credit cards, passport, money, and cell phone; leaving them stranded in London or some other location. Simply one can verify the situation by calling the friend or confirming the situation before sending any money. Online scams like the "stranded" con plague the Internet and continue to make scammers money.
Red alert: HTTPS has been hacked | Security
September 26, 2011 Follow @rogeragrimes Only a handful of exploits per decade reveal a vulnerability that is truly significant. Thai Duong and Juliano Rizzo's BEAST (Browser Exploit Against SSL/TLS) attack will rank among them because it compromises the SSL and TLS browser connections hundreds of millions of people rely on every day. BEAST cannot break the latest version of TLS -- the current standard based on SSL -- but most browsers and nearly all websites that support secure connections rely on earlier versions of the SSL and TLS protocols, which are vulnerable to BEAST attack. The BEAST tool, presented last Friday at the 2011 Ekoparty Security Conference in Argentina, made real a theoretical SSL/TLS vulnerability first documented 10 years ago. MitM attacks are fairly easy to do when the attacker and victim are located on the same local network (such as wireless networks, VPNs, or corporate LANs).
Researchers: Password Crack Could Affect Millions - CIO.com - Business Technology Leadership
IDG News Service — A well-known cryptographic attack could be used by hackers to log into Web applications used by millions of users, according to two security experts who plan to discuss the issue at an upcoming security conference. Researchers Nate Lawson and Taylor Nelson say they've discovered a basic security flaw that affects dozens of open-source software libraries -- including those used by software that implements the OAuth and OpenID standards -- that are used to check passwords and user names when people log into websites. OAuth and OpenID authentication are accepted by popular Web sites such as Twitter and Digg. They found that some versions of these login systems are vulnerable to what's known as a timing attack. Cryptographers have known about timing attacks for 25 years, but they are generally thought to be very hard to pull off over a network. The researchers aim to show that's not the case. Continue Reading
How Your Username May Betray You
By creating a distinctive username—and reusing it on multiple websites—you may be giving online marketers and scammers a simple way to track you. Four researchers from the French National Institute of Computer Science (INRIA) studied over 10 million usernames—collected from public Google profiles, eBay accounts, and several other sources. They found that about half of the usernames used on one site could be linked to another online profile, potentially allowing marketers and scammers to build a more complex picture of the users. “These results show that some users can be profiled just from their usernames,” says Claude Castelluccia, research director of the security and privacy research group at INRIA, and one of the authors of a paper on the work. “More specifically, a profiler could use usernames to identify all the site [profiles] that belong to the same user, and then use all the information contained in these sites to profile the victim.”
Identity Finder Releases Details On Threats Posed By Latest Anonymous Hack In Texas
FIDO Alliance technology will allow enterprises to replace passwords with plug-and-play multifactor authentication. By Phil Dunkelberger President & CEO, Nok Nok Labs, 3/26/2014 1 Comment | Read | Post a Comment News Hackers interrupt and deface sites of black-market forums selling credit card data stolen from Target and other retailers.By Mathew J. Schwartz , 3/18/2014 4 comments | Read | Post a Comment Breaches create outliers. 1 Comment | Read | Post a Comment Commentary Is "browser-ized" security a better defense against hackers than traditional methods? 2 comments | Read | Post a Comment Proponents say the new specifications will pave the way for the replacement of passwords, which are frequently lost, stolen, or hacked.By Tim Wilson Editor in Chief, Dark Reading, 2/18/2014 0 comments | Read | Post a Comment Report suggests malware-laced email attack on Target's HVAC subcontractor leaked access credentials for retailer's network.By Mathew J. 12 comments | Read | Post a Comment More Stories
