Irregular Expressions


May 26, 2012  11:31 PM

Military Singles Hack

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I had no idea this site even existed until this attack was announced. Anyway here is the article.

http://www.imperva.com/docs/HII_Dissecting_a_Hacktivist_Attack.pdf

Much of what was used you will find on many of the war game sites I have previously posted.

May 25, 2012  11:32 PM

Even bad guys take the weekend off

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

http://blog.fireeye.com/research/2012/05/1q2012-email-attack-trends.html

As for system penetration from personal experience I find that there is more activities on the weekend and even more so along holiday’s.  Such as long weekends and Christmas, most places shut down or go to skeleton crews.  Perfect time to do a smash and grab.


May 25, 2012  11:27 PM

Explanation of battle.net login processes

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I would try to provide something constructive but the last battle.net game I got was Diablo 2, its a little dated and he covers it already.

http://www.skullsecurity.org/blog/2012/battle-net-authentication-misconceptions

Well done.


May 23, 2012  9:53 PM

Deadly Cell Phones

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I had no idea there was so many deaths on these towers. In my ignorance I assumed that there was little to none.
Sad.

http://www.pbs.org/wgbh/pages/frontline/cell-tower-deaths/


May 22, 2012  11:13 PM

Anon releases information from the United States Bureau of Justice

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Title has it all,

http://anonnews.org/press/item/1521/

I am not going to be downloading that, but many are reporting that it’s stuck and has not fished. Others are having problems opening the completed file. Also many are reporting that this information is already publicly available.


May 21, 2012  10:58 PM

Social-Engineer Toolkit release

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

https://www.secmaniac.com/blog/2012/05/19/the-social-engineer-toolkit-set-v3-3-codename-derbycon-2-0-edition/

Yay for toys.

Direct to download instructions and you will need svn installed ( Subversion ).

As a side note I am having a terrible time downloading anything from them even over http.

Might just be me, but if you are having an issue that might be it.


May 21, 2012  10:47 PM

Facebook IPO

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

As a hobby I track the stock markets, I really have no idea what I am doing but I still like to follow things and try to guess if its a good investment or not.

Really I did not think Facebook’s IPO was going to hold for the first few days, I still think it may come back up in a week or so.  But I am not buying any of it :)

http://www.cbc.ca/news/business/story/2012/05/21/facebook-stock-down.html

I still find Facebook as a business model fascinating, and they were making money before the IPO and I think it’s safe to say that they will continue to post IPO.


May 17, 2012  8:29 PM

Firewall Firestorm

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Something like this is a good way to get a reaction out of people.

Why you don’t need a firewall.

http://www.infoworld.com/d/security/why-you-dont-need-firewall-193153

This idea does not float.

I don’t want to rehash the whole argument but I will leave a handful of points.

1) Not filtering traffic at the perimeter is bad.  It’s bad for information gathering, ( yay me, I can scan the whole network ). It’s also bad for security, why rush patching systems when it’s already stopped at the gateway.  Your set of users you need to worry about immediate patching get a whole lot smaller.

2) Think how bad something like conflicker would have been if most of the world was not filtering.  It’s not that these don’t exists, it’s that they cannot spread like they could now that we are filtering services more effectively.

He also has a reply, http://www.infoworld.com/d/security/the-firestorm-over-firewalls-193409

I still don’t think it floats.


April 29, 2012  12:23 AM

The Web Application Hackers Handbook 2nd Ed

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

http://mdsec.net/wahh/

Good one to read and put on the shelf.

http://www.amazon.com/gp/product/1118026470?ie=UTF8&tag=portswinet-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=1118026470

I think I will go Kindle edition this time around.


April 29, 2012  12:19 AM

VMWare Code Leakage

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412

This is an interesting trail, from what I am reading VMWare was not necessarily the intended target.  It all started with a dump of accounts from http://www.sina.com/, from these a group broke the hashes and started sifting through the accounts looking for items of interest.

That got them in to CEIEC ( see post http://www.ceiec.com/news/554 ).  Interesting paper trail to cover in the story.  I do find the posting interesting and I am not sure how to read it, the attack did not happen but they reserve the right to go after anyone who did it?


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: