Archive

The Hacker Underground is dead. Long live the Hacker Underground! In the most recent issue of Phrack Magazine, I read an article titled "The Underground Myth," that makes a number of astute points about the demise of the hacking scene of the last few decades. The author describes a technical landsca...

The Cult of the Dead Cow hacker group -- which claims to be the world's most attractive hacker group -- has released Goolag Scanner, an open source tool that uses Google's search engines to look for vulnerabilities in Web sites. Goolag Scanner is either a Web auditing tool that can be used by securi...

Mozilla released an update Thursday that corrects several vulnerabilities in the Firefox Web browser. Firefox 2.0.0.12 patches critical flaws that could result in Web browsing history and forward navigation stealing; privilege escalation that could allow cross-site scripting exploits; and crashes wi...

Canonical, the commercial sponsor of the Linux distribution Ubuntu, asserted there has to be some decisive Ubuntu community action to make sure it doesn't suffer another outage. Canonical had to shut down five of eight servers in order to avert potential hacker attacks earlier this month. "Either th...

Mozilla, maker of open source Web browser application Firefox, released a new version of the program that fixes a security issue stemming from an interaction between Microsoft's Internet Explorer and Firefox. Version 2.0.0.5 of Firefox was made available for download on Wednesday. The problem -- fir...

Consumers and network administrators often become complacent about security, trusting their anti-intrusion efforts to security product self-updates and older security technology. RSS reader software can heighten the potential for intrusion, warn some security experts. IT managers often fail to ensur...

Sun Microsystems, Secunia, the United States Computer Emergency Readiness Team and other security agencies have issued alerts for a somewhat oxymoronic telnet vulnerability in the Sun Solaris 10 operating system. The vulnerability is oxymoronic because, while it's possible for a hacker to gain poten...

Mozilla's open source software developers quickly jumped on a supposedly critical series of Javascript vulnerabilities in the Firefox browser, only to find that the hack, presented over the weekend at ToorCon in San Diego, was a big joke. "The main purpose of our talk was to be humorous," said Misch...

Much in the way that open source software projects are known to produce forks, or spinoffs, based on different objectives and personalities, Wikipedia co-founder Larry Sanger is creating an offshoot of his popular communal Internet encyclopedia. Citizendium is intended for named, expert contributor...

Hackers made Firefox the latest subject of attack last week, utilizing software that could capture extremely sensitive information, including credit card numbers and passwords. On July 25, Symantec Security Response detected Infostealer.Snifula, which downloads malicious Trojans onto a user's compu...

A company that makes a tool for finding bugs in software code disclosed this week that the Linux kernel is far less flawed than many programs people pay money for. According to San Francisco-based Coverity, its source-code auditing tool found the Linux 2.6 kernel had 985 bugs in its 5.7 million line...

I recently had the opportunity, as part of a review of what works in systems security, to look closely at a couple of massively multi-user online games including "EverQuest" and "Star Wars Galaxies." Several of these now support up to half a million registered users and go beyond simple player co-op...

During a break in a series of discussions on US HIPAA compliance for Canadian health care players, one of the attendees regaled the group with a long brag about how his company's techies had defeated a phishing attack. According to the story, the company's wizards had discovered a phishing attack ba...

Lots of people believe that the reason there are more attacks on Windows machines than on Unix machines is simply that Windows dominates desktop markets. According to their logic, 90 plus percent of the desktops should lead to 90 plus percent of the attacks. The question is whether they are right. L...

A man in Florida has been indicted on 144 charges of conspiracy, unauthorized access to a protected computer, device fraud, money laundering and obstruction of justice, after hacking into the database of a high profile marketing company. Scott Levine, 45, is accused of breaking into systems at Acxio...