Archive for the 'hacking' Category

Kernel.org hacked ! // From: J.H. <[email protected]> Subject: [kernel.org users] [KORG] Master back-end break-in

Monday, September 12th, 2011

Kernel.org machines were hacked into, possibly via stolen credentials. Investigation is underway.

Thanks to GIT crypt-signing each commit, there is no danger to linux kernel code.

Kernel.org hacked ! // From: J.H. <[email protected]> Subject: [kernel.org users] [KORG] Master back-end break-in

Monday, September 12th, 2011

respawn_redux [presistent cookies based on If-Modified or Etag headers]

Saturday, August 20th, 2011

An article that describes a method to create a permanent cookie based on If-Modified and Etag HTTP headers. Currently this is used in “the wild” by several banner and add networks. The method is possible because of the simplified implementation of …

respawn_redux [presistent cookies based on If-Modified or Etag headers]

Saturday, August 20th, 2011

Help: I Got Hacked. Now What Do I Do? [by Jesper M. Johansson, Security Program Manager Microsoft Corporation]

Wednesday, May 11th, 2011

Help: I Got Hacked. Now What Do I Do? [by Jesper M. Johansson, Security Program Manager Microsoft Corporation]

Wednesday, May 11th, 2011

LastPass : The last password you’ll have to remember: LastPass Security Notification

Thursday, May 5th, 2011

Online password keeping service LastPass.com reports that it is possible that they were 0wned. (how nice!) In the same time, PastPass seems to be doing the right things: they had a monitoring in place, so they have detected an anomaly in traffic. As …

Security Incident — Blog — WordPress.com [ wordpress.com got 0wned]

Wednesday, April 13th, 2011

this is just great … at least they notified their users in a timely manner. Change your passwd if you have wordpress.com account.

A message from Comodo Hacker – Pastebin.com

Monday, April 4th, 2011

[also see LWN's write-up https://lwn.net/Articles/435214/ .] Curios message [allegedly] from a person who hacked into Comodo CA. Makes you wonder … Basically the whole SSL trust is just a piece of crap and cannot be trusted at all — major CA …

Anonymous speaks: the inside story of the HBGary hack

Wednesday, February 23rd, 2011

awesome story about how security firm HBGary was hacked, or what happens if you do not follow simple security best practices.