About two weeks ago we found out that a virus has been released out in the wild and that it’s attacking jailbroken iPhone 3G/3GS users who haven’t changed their root password. At the time the ingenious coder was only trying to alert people that their smartphones are not as secure as they thought and that simple safety measure would keep them away from trouble, however, some less well intended hacker has refined the iPhone worm to actually steal sensitive details.
Fast forward to our days because today we caught wind that the Australian who started everything, has been offered a job as an iPhone application developer by a company called mogeneration. Although 21-year-old, Ashley Towns has publicly acknowledged that he’s in charge with the Ikee worm that made unauthorised modifications to people’s handsets, he was never under investigation, hence why he took the opportunity.
Ashley Towns wrote Ikee, a self-propagating program that changed the phone’s wallpaper to a picture of 80s pop singer Rick Astley.
Mr Towns has now been employed as a iPhone application developer for Australian firm mogeneration.
Ikee was not malicious but paved the way for a more serious variant which targeted users of the online bank ING.
[click to continue…]
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
New Features:
- Added support for Windows 2008 Terminal server in APR-RDP sniffer filter.
- Added Abel64.exe and Abel64.dll to support hashes extraction on x64 operating systems.
- Added x64 operating systems support in NTLM hashes Dumper, MS-CACHE hashes Dumper, LSA Secrets Dumper, Wireless Password Decoder, Credential Manager Password Decoder, DialUp Password Decoder.
[click to continue…]
Windows 7 Loader eXtreme Edition 3.011 x86/x64 is a activator for Windows 7
This activator, brought together a whole set of elements of the equipment used in the processes associated with activation of Windows 7:
Windows Software Licensing Management Tool – operations to activate and display information about its status.
Everest / SLIC Dump TooKit – physical verification SLIC in the BIOS.
Product Key Checker – display information about the key.
The rest of the majority of development is based on China’s achievements, now adaptable for other Windows 7, but already well-known people who became to us:
OEM logo and accompanying information – Orbit30.
Loader SLIC WOW7 – Hazar.
Loader SLIC Bootmgr – stupid_user.
Loader SLIC Vistaloader 2.1.2 – used by almost everyone who is involved in the release of activators.
Choose for you the best of all varieties – the purpose of the activator, or give you the opportunity itself-choose – getting all the necessary information.
In conjunction with the original decisions of the author is allowed to expand the applicability of the activator on the whole line editions of Windows 7.
[click to continue…]
Ryan Boren the lead developer of WordPress Team has just announced the release of WordPress 2.8.6 Security update throughwordpress logo WordPress Update WordPress 2.8.6 Security Release WP blog. The release fixes two vulnerabilities relevant only for blogs having more than one authors like my another site Hacking Discussion as they can only be exploited by registered, logged in users with posting rights. In his blog post Ryan Boren suggests webmasters having untrusted authors to switch and update to WordPress 2.8.6.
The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.
[click to continue…]
