Passa ai contenuti principali

Post

Visualizzazione dei post da 2010

Security Incidents of This Week (weekly)

SQL Injection Blamed for New Breach The online breach, which led hackers to cardholder information for 110,000 credit cards, was facilitated via SQL injection -- one of the most frequent modes of attack hackers use to illegally acquire payment-card details. tags: SecurityIncident Banking Hackers deface Yayasan 1 Malaysia website tags: SecurityIncident Defacement The Econet broadband website has been hacked tags: SecurityIncident Defacement Posted from Diigo . The rest of my favorite links are here .

Security Incidents of This Week (weekly)

Romanian police cuff 40+ over €millions telecom blag tags: SecurityIncident Phones European banks see new ATM skimming attacks - Computerworld Banks in Europe are seeing innovative skimming attacks against ATMs, where fraudsters rig special devices to the cash machines to record payment card details. tags: SecurityIncident Banking Bancomat Ad networks owned by Google, Microsoft serve malware tags: SecurityIncident Malware World Record : 404907 websites hacked by Iskorpitx (Turkish Hacker) ! tags:

Security Incidents of This Week (weekly)

Wikileaks: hacker colpiscono Visa e MasterCard | tags: SecurityIncident Banking DoS Dutch police website attacked after arrest of suspected hacker tags: SecurityIncident DoS MasterCard, Visa, Paypal and 4chan – The furor of Wikileaks unleashed | Naked Security tags: SecurityIncident DoS Banking AP website hacked from Pak | Deccan Chronicle tags: SecurityIncident Defacement Over 200 Indian webs

Come usare un Google Account come OpenID (utile anche per Zotero)

Google è un OpenID provider. E' cioè in grado di autenticare utenti su richiesta di altri servizi. L'utente someuser@gmail.com può quindi autenticarsi su un servizio S fornendo le proprie credenziali a Google e non a S. Ovviamente S deve essere predisposto per delegare l'autenticazione a terzi con il protocollo OpenID. L'identificatore da fornire a S è questo: http://openid-provider.appspot.com/someuser Apparirà una schermata che dice "sono una demo application, non sono l'endpoint ufficiale di Google" (non c'è da preoccuparsi; è solo una applicazione che fa da bridge tra S e Google, in quanto Google offre---per quanto ne so---solo una interfaccia programmatica per OpenID). Questa applicazione invita ad autenticarsi su Google. Una volta che l'utente si è autenticato, è automaticamente rediretto su S. Piccola complicazione: adesso S deve capire quale dei propri account locali deve essere collegato all'utente  someuser@gmail.com . Per r

Security Incidents of This Week (weekly)

Hackers use malware to break into Lady Gaga’s computer tags: SecurityIncident Vulnerable Malware Hackers poison well of open-source FTP app Hackers breached the main server hosting ProFTPD and remained undetected for three days, causing anyone who downloaded the popular open-source file transfer application during that time to be infected with a backdoor that grants unauthorized access to their systems. tags: SecurityIncident Vulnerable Hacking Malware Cuffed Oz bank Trojan perp aiming to bleach his hat A South Australian hacker who admits using banking Trojan malware to infect more than 2,300 computers and steal personal information wants

Security Incidents of This Week (weekly)

BEDIA Website Defaced By Hacker The website of Botswana Export Development and Investment Authority (BEDIA) has been defaced by a hacker. The hacker changed the homepage and some sections of the website, removing information concerning upcoming events and latest news usually displayed for investors. tags : SecurityIncident Defacement Windows 0day allows malicious code execution Antimalware provider Prevx has sounded the alarm about a serious vulnerability in fully patched versions of Microsoft Windows. It allows attackers to execute malware, even in versions designed to withstand such exploits. tags : SecurityIncident Vulnerable Redirection of DNS traffic - Secunia Comment tags : SecurityIncident DNS

Barare sullo slow-start

Uno studente (o ex-studente ? non ricordo) mi ha segnalato un blog post MOLTO interessante sullo slow start. In breve, Google e Microsoft barano sullo slow-start in modo da permettere ai propri client di collegarsi più rapidamente ai rispettivi siti. http://blog.benstrong.com/2010/11/google-and-microsoft-cheat-on-slow.html

Security Incidents of This Week (weekly)

V for Vendetta Hacker Strikes at Washington State University An anonymous hacker wearing a Guy Fawkes mask took over classroom projection screens at Washington State University last Friday, the fifth of November, to broadcast a prerecorded message tags : SecurityIncident Hacking Hackers Hijack 1 Million China Cell Phones ses More than 1 million cell phone users in China has been infected with a virus that automatically sends text messages, and the attack is costing users a combined 2 million yuan ($300,000 U.S.) per day. tags : SecurityIncident Phones Malware Local Christian group's website hacked, defaced Visitors to the NarroWay Productions website on Saturday found an anti-Christian message. tags : SecurityIncident Defacement

Numeri troppo grandi

A Reti II parliamo da anni del problema del riutilizzo dei numeri di sequenza. I numeri di sequenza sono espressi su 32 bit, pertanto se su una connessione sono trasmessi più di 4GB, allora è necessario associare lo stesso numero a più byte diversi. La radice del problema sta nel fatto che l'aritmetica di un calcolatore è finita, nel senso che può rappresentare un insieme finito di valori V, mentre l'insieme di entità che occorre associare ad un identificatore unico può avere cardinalità superiore a quella di V. Evidentemente lo stesso problema si può verificare in moltissimi altri contesti diversi dall'implementazione di TCP. Questo è un esempio: A jail risk of 2^31 in Colorado

Infilarsi in sessioni HTTP....

Uno strumento gratuito per "infilarsi" in una sessione. Sembra incredibile, ma le cose funzionano veramente così... HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.  http://codebutler.com/firesheep (segnalazione di Maurizio Pozzobon) Vedi anche questo post . Update (Novembre 2010) Altri link molto interessanti sul tema: Online services security report card Even Forced SSL is broken for Facebook Google Twitter

Security Incidents of This Week (weekly)

Defacements Statistics 2008 - 2009 - 2010* tags : SecurityIncident Defacement Insecurity vendor's website gets hacked INSECURITY VENDOR Kaspersky Labs suffered a shocker over the weekend with the firm's US website getting hacked. Aside from the obvious irony that a firm that claims to peddle "Industry-leading Antivirus Software" had its shop front defaced and credibility tarnished, users were put at risk for over three hours by being redirected to another website containing malware. tags : SecurityIncident Defacement Movie Rental Portugal (snapshot) taken on monday 18-th oct. 2010, 13:35 Roma tags : SecurityIncident Defacement DNS Movie R

Stuxnet: un'analisi da leggere

Recentemente molti media, anche non specializzati, hanno parlato di un worm chiamato Stuxnet (vedi ad esempio il Financial Times ). Bruce Schneier ha fatto una eccellente (come sempre) analisi della situazione. Lettura ultra-consigliata sui temi di vulnerabilità, motivazioni degli attaccanti, risorse a disposizione etc.

Security Incidents of This Week (weekly)

Sunbelt Blog: Pirate Bay enthusiasts deface MPAA site tags : SecurityIncident Defacement DNS Anonymous plants pirate flag on MPAA website Someone managed to hijack the DNS registration for copyprotected.com such that it points to an IP with their own web server displaying their own page tags : SecurityIncident Defacement DNS Hackers claim to pwn Conservative Party website Hackers claim to have pwned the official website belonging to the UK Conservative Party. Details on the 4chan website, where they discussed the supposed attack, were sketchy, but they claimed the site was vulnerable to a SQL injection exploit. An email to The Reg claimed the site had been defaced, but at time of writing, there was no proof, and the site appeared to be working normally.

Security Incidents of This Week (weekly)

Hacking: Hackers deface 5th govt Web site, mock automated polls JERRIE ABELLA, GMANews.TV tags : SecurityIncident Defacement Politics US-CERT Technical Cyber Security Alert TA10-279A -- Adobe Reader and Acrobat Affected by Multiple Vulnerabilities tags : SecurityIncident Vulnerable Whistleblower site Cryptome hacked, defaced, all files deleted - Computerworld Blogs tags : SecurityIncident Defacement Anti-virus vendor trio plug website flaws • The Register White-hat hackers have uncovered vulnerabilities on the websites of anti-virus firms that created a phishing risk. Cross-site scripting (XSS) bugs of varying severity were found on the websites of Symantec (here), Eset (her

Seminario 13 Ottobre (Reti di calcolatori II)

La lezione di mercoledi 13 ottobre consisterà in un seminario tenuto da personale di Emaze . Emaze è un'azienda che si occupa (seriamente) di sicurezza informatica e con la quale collaboriamo da tempo, sia con tesi e tirocini sia con progetti di ricerca congiunti. Per inciso, persone che adesso occupano posizioni chiave in Emaze sono passate sotto le mie grinfie... I contenuti del seminario saranno parte del programma di esame, almeno per questo anno accademico. Titolo : Introduzione alla gestione delle vulnerabilità dei sistemi informatici Abstract : Lo scopo dell'incontro è quello di introdurre il concetto di vulnerabilità dei sistemi informatici e le relative implicazioni per la sicurezza. Una simulazione mostrerà come un attaccante può individuare e sfruttare delle vulnerabilità per violare un sistema. Successivamente discuteremo delle procedure difensive, nello specifico vedremo come determinati standard per la gestione delle vulnerabilità possono essere impiegati pe

Security Incidents of This Week (weekly)

5 botnet kingpins busted in $70m fraud ring Ukrainian police on Thursday arrested five people suspected of orchestrating an international fraud ring that siphoned more than $70m out of bank accounts by infecting computers with the Zeus trojan. tags : SecurityIncident Banking Malware You can no longer rely on encryption to protect a BlackBerry | Mobile device management - InfoWorld A Russian passcode-breaker firm exploits a weakness in RIM's encryption to crack open backups tags : SecurityIncident Vulnerable Crypto [LUG] Fwd: [AfrICANN-discuss] Google blames DNS insecurity for Web site tags : SecurityIncident Defacement DNS Dear Twitter: Stop screwing over your develop

Security Incidents of This Week (weekly)

VoIP hacker sentenced to 10 years A Venezuelan citizen on Friday was sentenced to 10 years in US federal prison for hacking into the networks of telecommunications companies and then routing millions of minutes of voice over IP calls over their systems. Edwin Andres Pena, 27, admitted in February that he pocketed more than $1m in the scam, in which he posed as a legitimate reseller of long-distance calling services. By scanning networks of AT&T and other companies, Pena was able to identify unprotected ports through which he could transmit more than 10 million minutes of unauthorized calls. tags : SecurityIncident Phones Un cannone orbitale contro i siti delle major è tuttora reperibile in rete il software LOIC (Low Orbit Ion Cannon) che permette facilmente di saturare di richieste i siti oggetto dell'attacco sino a renderli irraggiungibili. t