image: wikipediaChristmas & New year is here and its the time many people buy/exchange gifts. So if the next shiny gift in your hand is a smartphone, then remember following tips to be safe & secure your data.1. Don't loose track of your phone.This one goes non-technical. Don't loose the sight of your smartphone. Keep you eyes on it when you leave it anywhere, especially at the airport security checkin. The nature of data stored on phone makes it
On 5th October theregister reported more than 10,000 password were leaked mysteriously on pastebin.com. See this tweetAs a followup study "Acunetix Web Application Security Blog" did an analysis on the kind of password people use.Some interesting findings are as follows-Statistics: The list initially contained 10,028 entries.There are 8931 (90%) unique passwords in the list. The longest password was 30 chars long: lafaroleratropezoooooooooooooo.The shortes
Here is a bunch of CheatSheets which might be useful from time to time to use as a reference:# TCP/IP and tcpdump Cheat Sheet - SANS.org# Google Hacking and Defense Cheat Sheet - SANS.org# Intrusion Discovery Cheat Sheet Windows - SANS.org# Intrusion Discovery Cheat Sheet Linux - SANS.org# SQL Injection Cheat Sheet - ha.ckers.org# Cross Site Scripting Cheat Sheet - ha.ckers.org# Web application Cheat Sheet - secguru.com# Linux Security Quick Reference Guid...
Following HDMoore's twit I stumbled on this case of Man-in-the-middle attack with a valid SSL certificate from a shady reseller.Eddy Nigg was able to buy a certificate in the name of mozilla.com from a reseller of comodo named 'Certstar'.In response of this issue, comodo saysThat reseller's ability to sell Comodo certificates has been suspended while weinvestigate why they are apparently not fulfilling their contractual obligationsto us. We revoked your ce
One day to go for the India's second hackers' conventionDate: 6th & 7th December 2008Place: PuneVenue: International Convention Center, SB Road. AddressSchedule: ScheduleRegistration: Registration
On 10th November 2008, ClubHack with support of Cyber Crime Cell of Pune Police conducted a Wardriving in Pune, Maharashtra.This Wardriving aimed at analysis of wireless network security in Pune city at common places like ITparks, residential areas, market areas, hotels, airport etc.To our amaze, we found nearly 81% of Pune's wifi to be insecure ( I count WEP as insecure)Find the report and analysis @ http://wardrive.in/
Ever wondered what is this “Free Public WiFi” or “Free Internet Access” wireless network visible in most of the places?These are known as Viral SSID, don’t expect it to be a free access to internet :)Read more about Viral SSID on ClubHack blog
Google announced so called OpenID launch which scared me again about OpenIDI'm not totally against OpenID concept, I'm just paranoid about it at this stage.Here's my take onRisks With OpenID
In Fyodor’s talk at Blackhat he talked about the research he’s been doing, and the ways that research has helped him to improve Nmap with lot many enhancements. Let's have a look at the most interesting one.Abstract:One of Fyodor’s main focuses was improving Nmap’s speed through improvedefficiency. One of the best ways to do this is to allow for scans of fewerports, but this requires that you choose those ports carefully so as to miss aslittle as possible
On 24th July 2008, Google rolled out an option which you can use to force your communication with Gmail server over secure channel (read HTTPS).If you go to the Settings and select "always use https", Gmail will automatically redirect to the secure version. Until now, you had to manually type https://mail.google.com/ in the address bar or bookmark the address.As per Google"If you sign in to Gmail via a non-secure Internet connection, like a publicwireless
