Sunday, August 30, 2009

Wachovia Banking Wizard - XSS - PoC

Full Disclosure

Friday, August 28, 2009

United Breaks Guitars

Song 1

Song 2

Tuesday, August 25, 2009


For the past five months, a website for investment services giant Ameriprise Financial contained bugs that allowed even low-level criminals to inject malicious content into official company webpages and steal user's cookies, according to Russ McRee of who first identified the bugs.

Register story here.

Saturday, August 15, 2009

Amex cardholders' data stolen by employee

American Express Co. spokeswoman Susan Korchak said a "relatively small portion" of card members was involved, but declined to be more specific.

The small portion included me! I got the letter early this week. No new card, just told to keep an eye on things...

The former employee has been arrested and the company is investigating how the data was obtained, she said.

AP story here.

Sunday, August 09, 2009

Hack? What Hack?

Ex-worker accused of hacking into Mt. Airy computers using co-workers’ IDs to access computer from his residence.

A lot of things are wrong here, but not much hacking...

Leo Harry Hornbaker III, 37, of Bodle Road, a former employee at the Monroe County casino, is accused of using other employees’ user names and passwords to access the casino’s computer from his residence, according to arrest records filed by the state police Bureau of Criminal Investigations Unit.

Story here.

Wednesday, August 05, 2009

Top 10 most notable Black Hat/Defcon stories

Nice list... I would put Cloud Computing high on the list as folks seem to be jumping before they look.

Saturday, August 01, 2009

Malicious Insiders with Ties to the Internet Underground Community

From March, this report (.pdf) is the second in the quarterly series, Spotlight On, published by the Insider Threat Center at CERT and funded by CyLab.

Credit Hackers - from DefCon w/Love

Christopher Soghoian is a fellow at Harvard’s Berkman Center. His paper highlights several approaches perfected by credit hackers.
Copyright 2018 e2e Security. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan