|
features post news
(SMS/Articles)
Recent News
IE share slips under 70%; Firefox surges past 20%
@ Dec 02 2008, 00:23 (UTC+0) | From: gr00ve :
The market share of Microsoft Corp.'s Internet Explorer dropped under the 70% mark last month for the first time since Web metrics vendor Net Applications Inc. started keeping tabs on browsers, the company said today. IE slipped to a 69.8% share, down from October's 71.3% and off 7.6 percentage points in the past year.
Continued... |
|
Linux on iPhone
@ Dec 02 2008, 00:20 (UTC+0) | From: gr00ve :
Linux 2.6 kernel has been ported to Apple's iPhone platform, with support for the first and second generation iPhones as well as the first generation iPod touch.
Continued... |
|
Still relying on Google to snoop on your friends?
@ Dec 01 2008, 12:54 (UTC+0) | From: gr00ve :
If you are still relying on Google to snoop on your friends, you are behind the curve. Armed with new and established Web sites, people are uncovering surprising details about colleagues, lovers and strangers that often don't turn up in a simple Internet search. Though none of these sites can reveal anything that isn't already available publicly, they can make it much easier to find. And most of them are free.
Continued... |
|
Nightmare Before Christmas: Researchers Warn Of Holiday Shopping Threats
@ Nov 28 2008, 18:05 (UTC+0) | From: gr00ve :
Move over, Ebenezer -- there's a whole new class of holiday gloom in town. During the past several weeks, security vendors and researchers have been predicting a wide range of attacks and threats for the holiday shopping season that begins Friday. This year's warnings include malware, phishing, insider threats, lost laptops.
Continued... |
|
Symantec: Underground cybercrime economy booming
@ Nov 28 2008, 15:22 (UTC+0) | From: gr00ve :
The underground cybercrime economy is a self-sustaining market that is thriving despite the current economic downturn, according to security company Symantec. The company published an extensive 99-page whitepaper on its findings yesterday; it discusses activity on underground economy servers between July of 2007 and the end of June 2008. Symantec estimates that the total value of advertised goods in this economy added up to $276 million over the 12-month period.
Continued... |
|
Estonian ISP cuts off control servers for Srizbi botnet
@ Nov 28 2008, 15:18 (UTC+0) | From: gr00ve :
An Estonian ISP that temporarily hosted the command-and-control servers for the Srizbi botnet, responsible for a large portion of the world's spam, has cut off those servers, according to computer security analysts. Starline Web Services, based in Estonia's capital Tallinn, had hosted four domain names identified as the control points for Srizbi, according to researchers from computer security firm FireEye.
Continued... |
|
|
(IN)SECURE MAG Issue 19, Dec 2008
@ Articles -> Link
Dec 02 2008, 00:11 (UTC+0) | (IN)SECURE MAG Issue 19 Dec 2008
is available!
* The future of AV: looking for the good while stopping the bad
* Eight holes in Windows login controls
* Extended validation and online security: EV SSL gets the green light
* Interview with Giles Hogben, an expert on identity and authentication technologies working at ENISA
* Web filtering in a Web 2.0 world
* RSA Conference Europe 2008
* The role of password management in compliance with the data protection act
* Securing data beyond PCI in a SOA environment: best practices for advanced data protection
* Three undocumented layers of the OSI model and their impact on security
* Interview with Rich Mogull, founder of Securosis
Continued... |
|
Shoulder Surfing a Malicious PDF Author
@ Articles -> Link
Nov 30 2008, 00:01 (UTC+0) | Ever since I read about the incremental updates feature of the PDF file format, I’ve been patiently waiting for a malicious PDF document with incremental updates to come my way. Thanks to Bojan, that day has finally arrived.
The 2 malicious PDF documents I received (data.pdf and info.pdf) both exploit the same Acrobat JavaScript util.printf vulnerability.
data.pdf is very interesting to me: it’s one PDF file containing 5 incremental updates, essentially bringing us an archeological record of the malware author’s trial-and-error session. So let’s start uncovering what the malware writer has been up to.
Continued... |
|
Designing A Fully Functional Keylogger In VB (Part II)
@ Articles -> Programming
Nov 29 2008, 00:32 (UTC+0) | lone_REBEL writes: Now that we have made a basic keylogger, its time to improve it. Today, we shall learn about key repitition and the implementation of the ASCII scheme.
If you recall, we used the GetAsyncKeyState() (we shall refer to it as GAKS) function to know if a key is being pressed or not. Now, the basic structure of our program was like this: We used a Timer control to repeat our function and we logged the information we received. At this point, our logging was limited to alpabetic characters and we were only able to log in uppercase. Now first of all, we shall devise a method to log all the keys.
continued... |
|
.NET Framework Rootkits
@ Articles -> Link
Nov 27 2008, 17:04 (UTC+0) | An interesting read about hiding rootkits in .NET or rather setting up .NET as a rootkit is here folks.
The whitepaper .NET Framework rootkits - backdoors inside your framework covers various ways to develop rootkits for the .NET framework, so that every EXE/DLL that runs on a modified Framework will behave differently than what it's supposed to do. Code reviews will not detect backdoors installed inside the Framework since the payload is not in the code itself, but rather it is inside the Framework implementation. Writing Framework rootkits will enable the attacker to install a reverse shell inside the framework, to steal valuable information, to fixate encryption keys, disable security checks and to perform other nasty things as described in this paper. A Presentation on this topic is also available. This paper also introduces .NET-Sploit 1.0 beta - a new tool for building MSIL rootkits that will enable the user to inject preloaded/custom payload to the Framework core DLL.
Continued... |
|
the older posts:
Neworder File and Link Archive Anonymity - How to stay hidden.
Archive Sites - Archives full of a broad range of information.
Books and Guides - The literature. Books, Guides, Papers, Tutorials and Ezines.
CGI/Web Security - Web based attacks.
Coding - Sorted by language.
Cracking - Literature about cracking and the programs you need.
Cryptography - Resources on encryption and decryption.
Culture - Literature about hackers and what they like to do.
E-Commerce and Internet Banking - Information related to E-Commerce and Internet banking.
E-Mail Security & Utilities - Literature and software.
Emulation - Various emulators for your games and applications.
Exploits and Vulnerabilities - For various operating systems.
Freedom of Speech and Rights - Sites that deal with sharing knowledge in speaking form.
General Computing - General information about computers.
Hacking Challenges - Educational hacking/sites specially made for hacking.
Hardware - Processors, motherboards, video cards... It's all in here.
Information Security Presentations - Links to Information Security Presentations. From gatherings such as BlackHat, Defcon, and others.
IRC - Internet Relay Chat texts, scripts, and clients.
Law - Links covering topics such as computer crime law and free speech.
Members' Sites - The web presence of fellow neworder boxters.
Miscellaneous - All other topics.
Networking - Links and information related to networking.
Open Source Operating systems. - Linux/BSD/Others.
Phreaking - Telephony hacking.
Security - Security in general, portals, news sites, directories, commercial.
Security Certification - Links to security certifications, and study help.
Shell Accounts - Shell accounts for learning Unix commands, etc.
Teams and Advisories - The scene, groups, own tools production, security research, etc.
Unix/Linux/BSD - Unix/Linux/BSD related information, articles, exploits, and tools.
Utilities - Tools and miscellaneous programs.
Virii - Sites dedicated to inform about viruses and trojans, and antiviral software.
suggest a link Top of page
|
random article
featured download
Event log monitoring and management
of Windows event logs, W3C,
Syslog and SNMP Traps. Download
a free 30-day trial!
featured article Pod slurping:
an easy technique of stealing data
read here
poll
What is the first protocol you used to administer a remote system?
|
linking & backends Information about how to link to NewOrder.
New Order news rss feed,
a sms rss feed or a complete list. |
