General Security

Corkscrew - Tunneling SSH through HTTP proxies

2011-08-19T02:22:00.000-07:00

Corkscrew has been compiled on :

AIX
HPUX
Solaris
FreeBSD
OpenBSD
NetBSD
Linux
Win32 (Cygwin)
Mac OS X

Corkscrew has been tested with the following HTTP proxies :

Gauntlet
CacheFlow
JunkBuster
Squid
Apache's mod_proxy

You can Email the Author if you get it to work with another proxy. Installation is simple, check out the README.

Malware Spreading shifts from e-mails to web downloads

2008-04-26T12:18:00.000-07:00

Don't patch the Source code to change version number of a software just apply the patches and keep it upto-date

2008-04-24T07:34:00.000-07:00

This thread , especially this one explains why you should not do it.

Keep your operating System softwares updated to the latest patch!!!

Personal Charm - The Deadliest Weapon

2007-03-25T05:55:00.000-07:00

From the Website:

"

A thief has evaded one of the world's most expensive hi-tech security systems, and made off with €21m (£14.5m) worth of diamonds - thanks to a secret weapon rarely used on bank staff: personal charm.

In what may be the biggest robbery committed by one person, the conman burgled safety deposit boxes at an ABN Amro bank in Antwerp's diamond quarter, stealing gems weighing 120,000 carats. Posing as a successful businessman, the thief visited the bank frequently, befriending staff and gradually winning their confidence. He even brought them chocolates, according to one diamond industry official."

Control and Track yours/others Car from the Internet

2007-03-25T05:45:00.000-07:00

Courtesy

Stealing and Reselling Phone Minutes

2007-03-25T05:39:00.000-07:00

Courtesy

CSR Report for Congress on Polygraphs by Department of Energy

2007-03-25T05:19:00.000-07:00

PDF

Vital National Infrastructure open to Terrorist Attack

2007-03-25T04:34:00.000-07:00

From the Website:

"Researchers on March 21 announced that the systems which control dams, oil refineries, railroads and nuclear power plants have a vulnerability that could be used to cause a denial of service or a system takeover. The flaw, reported by Neutralbit , is the first remotely exploitable SCADA security vulnerability, according to the security services provider. SCADA (supervisory control and data acquisition) is a large-scale, distributed measurement and control system used to monitor or control chemical or transport processes in municipal water supply systems, to control electric power generation, transmission and distribution, gas and oil pipelines and other distributed processes. Wikipedia has a schematic of SCADA here.

Neutralbit identified the vulnerability in NETxAutomation NETxEIB OPC (OLE for Process Control) Server. OPC is a Microsoft Windows standard for easily writing GUI applications for SCADA. It's used for interconnecting process control applications running on Microsoft platforms. OPC servers are often used in control systems to consolidate field and network device information.

Neutralbit reports that the flaw is caused by improper validation of server handles, which could be exploited by an attacker with physical or remote access to the OPC interface to crash an affected application or potentially compromise a vulnerable server. Neutralbit has also recently published five vulnerabilities having to do with OPC."