Cybercrime Will Eclipse Terrorism

Cybercriminals are becoming a threat that rivals terrorist groups like al Qaeda, according to the nation's top law enforcement official.

"Terrorism does remain the FBI's top priority, but in the not too-distant-future we anticipate that the cyberthreat will pose the greatest threat to our country," FBI Director Robert Mueller told a gathering of security professionals on Thursday at RSA's annual conference in San Francisco.

"Today, terrorists have not used the Internet to launch a full-scale cyberattack, but we cannot underestimate their intent," he said.

In the wake of the Sept. 11 attacks, the FBI invested heavily to develop new skill sets and formed more than 100 joint anti-terrorism task forces with other government agencies, military branches and local law enforcement organizations.

Read more...

Google.Com Now 'Censors' Explicit Content From Image Searches

Search giant Google has modified its "SafeSearch" feature, which has removed most pornographic, not-safe-for-work (NSFW) or explicit content from its image search results.

First reported on news-sharing site Reddit, hundreds of users have reacted angrily to the move. The new options only appear to affectGoogle.com for now, whereas other regional sites -- such asGoogle.co.uk -- have not yet changed. (My search history is not looking good right now.)

Google search users now have to be a little more specific before receiving goods of an explicit nature. For example, if one were to type in a particular sexual act, Google.com will no longer dish up what one was expecting. If users are more specific in what they are after, then it will return what one expected in the first place.

Read more...

Five Arrested In High-Profile Cyberattacks

NEW YORK (CNN) -- Top members of the computer hacker group"Anonymous" and its offshoots were arrested and charged Tuesday after a wide-ranging investigation used the help of a group leader who was working as a secret government informant.

Five of the suspects, considered by investigators among the "most sophisticated hackers in the world," were arrested in the United States and Europe and charged in a Manhattan federal court over their alleged role in high-profile cyberattacks against government agencies and large companies, according to an indictment.

A sixth man, Hector Xavier Monsegur, a notorious hacker known as "Sabu," pleaded guilty in August to computer hacking and other crimes.

Read more...

Google Hacking With GGGoogleScan

GGGoogleScan
GGGoogleScan is a Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. Datamining Google’s search index is useful for many applications. Despite this, Google makes it difficult for researchers to perform automatic search queries. The aim of is to make automated searches possible by avoiding the search activity that is detected as bot behaviour [1]. Basically we can enumerate hostnames and URLs with the GGGoogleScan tool, which can prove a valuable resource for later.

This tool has a number of ways to avoid being detected as a bot; one of them is horizontal searching, where we’re searching for multiple search words in parallel without requesting the contents of, for example, 1-50 results found by that search query. Rather than that, we’re making a large number of search queries, saving the results and only requesting a small number of web pages that were found as a result of scanning.

Read more...

Hexed – Working Effectively In The Hex Editor

I love my hex editor! I mean I really do. As reverse engineers and binary explorers, the hex editor is arguably the most used tool for human binary reconnaissance. From format exploration to file rebuilding, it’s the best utility in our toolkit with a great legacy of its own. From the diverse range of editors to the ken of features provided, it might seem a little daunting to first timers and redundant to advanced types. It’s my goal in this article to highlight the various features of this mighty tool that might just make your day. Let’s get to it.
What should you expect from your editor?

Locating your bytes:

The main display is always a hex byte representation of the binary file arranged in a tabular fashion.

Read more...

Google's Android Malware Detection Falls Short

Android appears to be on a trajectory to become the Windows of mobile operating systems, but there's a downside to ubiquity. Rising market share means increasing attention from malware authors.

Sophos, a computer security company, asserts that there is a growing malware problem for Android devices and that Android devices are less safe than iOS or Windows Phone devices. The FBI has noticed too, issuing a warning in October about risks facing Android users.

Read more...

Hactivist Group Team Ghostshell Takes Credit For Extensive Breach

The hacktivist group Team Ghostshell took credit Monday for the release of 1.6 million accounts and records stolen from government and private organizations covering aerospace, law enforcement, the military, the defense industry and banking.

Among the organizations the group claimed to have stolen information included NASA's Center For Advanced Engineering, the Department of Homeland Security (DHS) Information Network, the FBI's Washington division in Seattle, the Federal Reserve and Interpol.

Read more...

China Mafia-Style Hack Attack Drives California Firm to Brink

During his civil lawsuit against the People’s Republic of China, Brian Milburn says he never once saw one of the country’s lawyers. He read no court documents from China’s attorneys because they filed none. The voluminous case record at the U.S. District courthouse in Santa Ana contains a single communication from China: a curt letter to the U.S. State Department, urging that the suit be dismissed. 

That doesn’t mean Milburn’s adversary had no contact with him.

Read more...

E-Reader Privacy Chart, 2012 Edition

Who's Reading What Your Reading?

E-readers are great toys but if you concerned with who is tracking you don not get one.

Read more...

Scanning Web Servers With Nikto

Nikto is a tool that it has been written in Perl and it can perform tests against web servers in order to identify potential vulnerabilities. Nikto can be used in web application penetration tests and in some cases can produce juicy results.Specifically if a system administrator has not configured very well his web server and the web server is out of date or there is a misconfiguration Nikto is capable to find them.

For the needs of the article we will use Nikto in order to scan the web server where the DVWA (Damn Vulnerable Web Application) is hosted.Before we start the scan it is always a good practice to perform an update for obtaining the latest plugins.This can be achieved with the -update parameter.

Read more...