Hack-a-thon Finds 220 Bugs in Facebook, Google, Etsy: What do you get when you put some hackers in a room and give them a list of target Websites? They go bug-hunting! That was what happened at Bug Bash 2013, an “internet-wide hack-a-thon” run by Bugcrowd at the AppSec USA conference in New York earlier this […]

Decrypting More Dropbox Files: config.dbx: Back in March of this year we released a free tool to decrypt the Dropbox filecache.dbx file which stores information about the files in a user’s Dropbox repository (for more details read the blog post, and the Part 2 post). Paul Henry (Website: http://www.vnetsecurity.com, twitter: @phenrycissp) is a SANS instructor […]

Decoding radio: In the previous post I told about the 16 kbps data stream on FM broadcast frequencies, and my suspicion that its being used by the bus and tram stop display system here in Helsinki. Now its time to find out the truth.I had the opportunity to observe a display stuck in the middle […]

Las Vegas street lights can record your conversations: The wireless, LED lighting, computer-operated lights are not only capable of illuminating streets, they can also play music, interact with pedestrians and are equipped with video screens, which can display police alerts, weather alerts and traffic information. The high tech lights can also stream live video of […]

Get round internet censors using a friend’s connection: FOR people living under repressive regimes censorship is an everyday reality, and browsing the internet freely is impossible without some serious technical know-how. This week Google threw its weight behind an idea that lets people circumvent censorship by using the internet connection of a friend in a […]

No Apologies Offered for Spying as Obama Weighs Limits: U.S. intelligence officials offered no apologies for spying on foreign leaders without specifying who they targeted, defending the practice as the same thing other nations do to the American government. The national intelligence director and head of the National Security Agency drew a line only at […]

Shared password across accounts results in MongoHQ breach: “It appears MongoHQ had an admin application used by employees to manage accounts and that was available over public internet,” Campbell said. “It’s not the best practice, but it’s common.” Campbell added, “The attackers were able to connect the dots. They were able to find the MongoHQ […]

CryptoLocker Is The Nastiest Malware Ever: Ransomware is an especially odious type of malware. The way it works is simple. Your computer will be infected with some malicious software. That software then renders your computer entirely unusable, sometimes purporting to be from local law enforcement and accusing you of committing a computer crime or viewing […]

Google Play In-App Billing Library Hacked: I successfully exploited two bugs in Google Play In-App Billing Library, which allow to impersonate the Google Play billing service and circumvent the signature verification. I was able to retrieve unlimited amounts of in-app items in games like Temple Run 2, which uses this library. This blog post was […]

Windows XP PCs are very susceptible to malware, Microsoft says: The latest Microsoft Security Intelligence Report gives a pretty good idea of how vulnerable users are to malware attacks and infections based on what operating system they use. Those running the 32-bit version of Windows XP, according to the graph below, were found to be […]