Remember the last OAuth Flaw in Facebook, that allow an attacker to hijack any account without victim’s interaction with any Facebook Application, was reported by white hat Hacker ‘Nir Goldshlager’. After that Facebook security team fixed that issue using some minor changes. <!– adsense –> Yesterday Goldshlager once again pwn Facebook OAuth mechanism by bypassing all those minor changes View [...]
Posts Tagged ‘Using’
Facebook hacking accounts using another OAuth vulnerability
March 13th, 2013 
Posted in Computer Hacking 
Tags: accounts, Another, facebook, hacking, oauth, Using, vulnerability 
Comments OffPhishers hijacking Facebook Pages using apps
March 8th, 2013 Another phishing campaign come in action recently targeting Facebook accounts and company pages with millions of followers. Phishers continue to devise new fake apps for the purpose of harvesting confidential information. Not a new method, but very creative phishing example in Facebook hacking scene, where hacker host a phishing page on Facebook app sub domain itself. Designed very [...]
Cybercriminals using digitally signed Java exploits to trick users
March 6th, 2013 Security researchers warn that cybercriminals have started using Java exploits signed with digital certificates to trick users into allowing the malicious code to run inside browsers. View full post on Techworld.com security High Tech Crime Solutions http://www.GregoryDEvans.com, http://computer-security-expert.com, http://www.hackerforhireusa.com, http://www.Locatepc.net
Posted in Computer Hacking Tags: Cybercriminals, Digitally, exploits, Java, Signed, Trick, users, Using Comments OffUsing new tactics, Asprox botnet goes unnoticed
March 6th, 2013 Known for distributing postal-themed spam, the Asprox botnet has remained effective, though less noticeable due to evasion techniques. View full post on Latest articles from SC Magazine News High Tech Crime Solutions
Case study on using COBIT 5 for strategy implementation
February 26th, 2013 Body: On a couple of previous occasions I have written about the fact that ISACA is using COBIT 5 and COBIT 5 Implementation to formalize and guide implementation of Strategy 2022 (S22). It has been enlightening to use COBIT’s business-oriented principles to govern and manage a non-IT project. Certainly, some adjustments have had to be [...]
Yahoo slammed for using outdated Java with SiteBuilder
February 13th, 2013 Yahoo has come under severe criticism by security experts decrying its practice of steering small businesses to a Web site-building tool that uses an insecure 2008 version of Java. View full post on Techworld.com security High Tech Crime Solutions http://www.Locatepc.net, AmIHackerProof.com, http://computer-security-expert.com, http://www.hackerforhireusa.com
Auditing Microsoft Office Configurations Using Nessus
February 8th, 2013 Microsoft® Office® is ubiquitous in today’s work environment. Although MS Office applications offer many security configuration options that can reduce the likelihood of exploitation, the default configuration settings typically don’t provide a strong security posture. The requirements and recommendations documented in common regulations and security guides are a great start to securing your Office installations. [...]
Posted in Hacking Tools Tags: Auditing, Configurations, microsoft, Nessus, office, Using Comments OffDomain Internet Groper: Using dig to access DNS zone data
February 7th, 2013 One of the hands-on activities I use when explaining how the DNS works shows how to access DNS zone data using the command line tools dig on Mac, BSD, or Linux operating systems. dig is a convenient way to illustrate how applications like the browser or mail client on your device queries the DNS for [...]
TSA not using detection dogs effectively, says GAO report
February 3rd, 2013 Mark Rockwell Top Priority Sector: airport_aviation_security Image Caption: TSA detection dog The TSA’s explosives detection and cargo screening dogs aren’t being used efficiently or effectively at the nation’s airports, according to a Government Accountability Office study released on Jan. 31. In the report, the GAO took the TSA to task on its training and deployment [...]
Posted in Government Security Watch Tags: detection, dogs, Effectively, report, says, Using Comments OffOn Using Fake Data to Generate Alerts
January 31st, 2013 Here’s a tip of Mikko’s from September:Tip: Insert unique fake users and customers into your production databases, then set up a Google Alert to notify you if they get leaked.— Mikko Hypponen (@mikko) September 19, 2012Insert unique fake … View full post on The Security Blog » Latest InfoSec Threat Research & News | TheSecurityBlog.com [...]
Browser-hijacking Trojan talks to attackers using SPF email validation protocol
January 29th, 2013 A new Trojan program that displays rogue advertisements during browsing sessions uses a DNS-based email validation protocol called the Sender Policy Framework (SPF) in order to receive instructions from attackers without being detected, according to security researchers from Symantec. View full post on Techworld.com security High Tech Crime Solutions http://computer-security-expert.com, http://www.computersecurityguru.com, AmIHackerProof.com, http://www.hackerforhireusa.com
Posted in Computer Hacking Tags: Attacker's, Browserhijacking, email, protocol, talks, trojan, Using, Validation Comments OffUsing Nessus to Audit Microsoft SharePoint 2010 Configurations
January 23rd, 2013 Trust, but Verify Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit Microsoft SharePoint server configurations. The audit policy uses both operating system and database information from a SharePoint server farm and compares it against the settings specified in the DISA STIG guide for Microsoft SharePoint 2010 servers. This blog entry [...]
Posted in Hacking Tools Tags: 2010, audit, Configurations, microsoft, Nessus, sharepoint, Using Comments OffTracking Wireless SSIDs Using Nessus
January 14th, 2013 Nessus has plugins that can pull out current (or previously used) wireless service set identifiers (WiFi SSIDs) that Windows and OS X systems have connected to in the past. The following plugins are used: Mac OS X Wireless Networks List (63340) – This new plugin reports a history of wireless networks used by the target [...]
Important SCADA systems secured using weak logins, researchers find
January 14th, 2013 Thousands of critical SCADA systems reachable from the Internet are secured by dangerously weak default passwords, a survey carried out with the help of the US Department of Homeland Security has found. View full post on Techworld.com securityhttp://ParentSecurityOnline.com, AmIHackerProof.com, http://www.Locatepc.net, http://stolencomputeralert.com Hi Tech Crime Solutions
Posted in Computer Hacking Tags: 'Weak', find, important, Logins, researchers, scada, secured, systems, Using Comments OffJohn McAfee spied on Belize Government using keyloggers
January 7th, 2013 John McAfee’s campaign against the Belize authorities has taken another strange turn with a claim on his blog that earlier this year he executed a huge software spying operation against them using a team of hackers and prostitutes and dozens of computers installed with keyloggers. View full post on Techworld.com securityAmIHackerProof.com, http://www.hackerforhireusa.com, http://HackerForHireinternational.com, http://computer-security-expert.com High [...]
Posted in Computer Hacking Tags: Belize, government, John, Keyloggers, McAfee, spied, Using Comments Off
