Tag Archives: hack

SONY stored Passwords in Password Directory

And in unprotected documents.

Lots of passwords. Lots of documents. Lots of easy access.

Continue reading

2 Comments

Filed under Audit, Humor/Irony, Security

UnNeighborly Security

Hack me now!I recently ran into some unneighborly security. It happens all the time to those of us who know how to build, upgrade, secure, and troubleshoot hardware and software.

I’m over at my neighbor’s house and he says, “Hey, you work with computers, so can you take a look at mine?”

There goes the afternoon.

Continue reading

4 Comments

Filed under Security, Security Scout, Technology

Twitter Hacked Again, Change Password

Twitter hacked againTwitter said that it was hacked again on Friday, 2/1/13, and attackers gained access to 250,000 accounts and passwords.

Twitter says the passwords were encrypted, the intrusion was limited, and and everyone’s taxes are going down soon (okay, I was kidding about the last one). It’s always hard to sort out what is true and how much of the truth is told, so regardless of what Twitter says, change your password.

Continue reading

1 Comment

Filed under Security

Application Hacking Playground

handcuffsThe Taddong Security Blog has a great list of vulnerable web applications you can play with to learn and test your web hacking knowledge and pen-testing tools, handcuffs not included. In other words, you can enter and stay at the playground without going to jail.

Some of them you download and install on your own systems, some of them you run as virtual machines (VMs) or ISOs on your systems, and others are available on the web for your malfeasance pleasure.

Continue reading

2 Comments

Filed under Free, Security

NFL Sprinkler Interruption a Hack?

NFL sprinkler hack mask

NFL sprinkler hack?

When the sprinkler system caused an interruption of the Miami-Seattle NFL game on Sunday, November 25, no one called it a hack. Neither am I.

But if you heard about the event prior to reading this, did it cross your mind that it could have been a hack? What about other unusual events?

If not, and you’re an IT auditor or a security pro, you should at least consider such things, at least briefly. If not, you might want to check your professional skepticism sensor.

Continue reading

2 Comments

Filed under Security, Security Scout

Important update regarding your LinkedIn password = SPAM?

A friend of mine received the following email on Friday, 2 full days after the LinkedIn attack was made public, titled “Important update regarding your LinkedIn password”. Here’s the text she received, addressed to her by her first and last name:

[see UPDATE below]

Continue reading

6 Comments

Filed under Security

LinkedIn Hack: Don’t Just Change Password, Reconfigure

LinkedIn Hacked

We all know that LinkedIn was hacked and lost at least 6.5 million hashed passwords, or at least that’s how many were was posted. Besides changing passwords, is anyone thinking about their LinkedIn lock-down/security settings? What about other social media? See further below instructions for locking down LinkedIn, Facebook, Twitter, and Google+.

Continue reading

3 Comments

Filed under Free, Security