250 thousands emails at risk? It is a feature!

10/07/2008 Written by minor

 “It is not a bug, it is a fea­ture. You invented the wheel.”

If you get this kind of answer from a web­site oper­a­tor in rela­tion to a secu­rity bug found in his appli­ca­tion, then you have only two choices: either you’re para­noid or the oper­a­tor doesn’t care much about secu­rity. What are talk­ing about? About leak­age of 250.000 email addresses.

One of the most vis­ited web­sites in Slo­va­kia, the com­mu­nity web­site Azet​.sk known thanks to his freemail and chat ser­vices has sev­eral sec­tions, among which is also a dat­ing sec­tion . The web­site is vis­ited by surfers of var­i­ous age that would like to find a part­ner for any­thing: chat­ing, meet­ing, sex etc. You just put an announce and every­body can respond you through a web form. But few days ago, on one of the most vis­ited secu­rity blogs in Slo­va­kia blog​.syn​opsi​.com appeared the detailed descrip­tion of how to get email addresses from the Azet dat­ing ser­vice with a PoC script.

Read more

The weakest link of the chain

09/07/2008 Written by Roberto Preatoni

flying_me_658_07-07Warn­ing: this arti­cle is not for the fainted of heart!

A chain is only as strong as its weak­est link”, this sen­tence applies to any process that will fail if some step in it goes wrong. The guys at Tech­ni­cal Park and ABB, the indus­trial colos­sus that built the new Fly­ing Fury amuse­ment park attrac­tion, should have taken it into consideration.

Here’s the story…

Read more

Darpa's "trust in IC": a smart article and our comments

07/07/2008 Written by SyS64738 (Roberto Preatoni)

microchip2 With­out any doubt, the best arti­cle pub­lished about the Darpa’s Turst in IC pro­gram has appeared on IEEE Spectrum’s web­site. We wel­come you to read that arti­cle, then to come back here as we posted our com­ments (oh boy, we have so much to say…)

Read more

ICANN and IANA domains hijacked by Turkish crackers

26/06/2008 Written by Marcelo Almeida (Vympel) & Kevin Fernandez (Siegfr

icann-flagsThe ICANN and IANA web­sites were defaced ear­lier today by a Turk­ish group called “Net­Dev­ilz”. ICANN is respon­si­ble for the global coor­di­na­tion of the Internet’s sys­tem of unique iden­ti­fiers. These include domain names, as well as the addresses used in a vari­ety of Inter­net pro­to­cols. The Inter­net Assigned Num­bers Author­ity (IANA) is respon­si­ble for the global coor­di­na­tion of the DNS Root, IP address­ing, and other Inter­net pro­to­col resources.
Their domains were redi­rect­ing to a host­ing space at “atspace​.com” where the defac­ers left the fol­low­ing mes­sage:

“You think that you con­trol the domains but you don’t! Every­body knows wrong. We con­trol the domains includ­ing ICANN! Don’t you believe us?”

CONTINUE

Read more

Systemic wars of the third millennium

26/06/2008 Written by Roberto Preatoni

droneTHE STORY

Just about a few days ago, an appeal­ing news appeared on the Inter­net. It regarded the deploy­ment of a new gen­er­a­tion of unmanned com­bat drones on a real bat­tle­field.
We are not talk­ing about aer­ial drones, here we are talk­ing about ground soldier-​drones, the real stuff we were all wait­ing for. Well, sort of.
The news is about the deci­sion of the US Mil­i­tary to deploy eigh­teen more of the same com­bat drones who were already deployed, exper­i­men­tally, on the Iraqi ter­ri­tory. Three units, to be pre­cise. Are those arti­fi­cial sol­diers any­thing new? Not really.

Read more

4 5 6 7 8 9 10 11 12 13
ZONE-H In Numbers
  • News: 4.738
  • Admins: 6
  • Registered Users: 96.787
  • Early Warning subscriptions: 10992
  • Digital Attacks: 9.578.736
  • Attacks On Hold: 128.631
  • Online Users: 302
Login




 Lost password ?

Events
  • M
  • T
  • W
  • T
  • F
  • S
  • S
  •  
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  •  
  •  
  •  
  •