It seems that hacking activity is on continuous rise. It appears that the guys in the wild do not take any break or rather there is no specific season for hacking; its 24×7 on all 365 days….. Amongst others, following are some of the recent hacking activities: Harvard University website hacked by Syria protesters 75 [...]

This spreadsheet has been making its rounds online and contains details of DEFCON & Black Hat presentations along with authors, youtube links, links to presentations etc. Many Thanks to Javier Bassi

“Certain information being extracted from RSA’s systems”. Thats what RSA’s executive chairman Art Coviello admitted. There is a possiblity that encryption seed details related to RSA SecureID might have been compromised which would leave only the PIN as the confedential detail in case of commonly used 2 factor authentication tokens. Details – http://www.channelweb.co.uk/crn-uk/news/2035401/rsa-security-breach-sparks-reseller-concern

Windows users warned of a new unpatched vulnerability that attackers could exploit to steal information and dupe people into installing malware. Microsoft acknowledged that a bug in Windows’ MHTML (MIME HTML) protocol handler can be used by attackers to run malicious scripts within Internet Explorer (IE). “The best way to think of this is to [...]

With the rise of non signature based Malware detection tools, HBGary’s announced the release of their new product Razor. Razor appliance uses a “virtual-machine system” that takes all files and copies them to inspect for malware by “detonating” the file copies in a sandbox to examine whether any document contains malicious content. It also watches [...]

Shim is a term used to describe an application compatibility workaround. Microsoft’s workaround used the Application Compatibility Toolkit to modify the core library of IE — a DLL, or Dynamic-Link library, named “Mshtml.dll,” that contains the rendering engine — in memory each time IE runs. The modification prevents recursive loading of a CSS, which effectively [...]

With Cloud Computing picking up pace and super computing services available for few $’s, it will soon be possible to carry out sophisticated attacks which were not practically possible or otherwise. In a classic example a German Security Researcher has created a tool to bruteforce Wi-Fi pass-phrases with the help of Amazon’s EC2 Super Computing [...]

Microsoft has recently confirmed critical bugs in all its IE versions. The vulnerability is in the IE’s HTML engine which can be exploited by directing the users to the malicious websites. More Details – http://www.itnews.com/browsers/26654/microsoft-confirms-critical-ie-bug-works-fix

As per the article in Times of India, the threat of hacking into airplane’s computer systems thus leading to virtual hijacking cannot be neglected. This mean could be used by terrorists & anti social elements to conduct virtual hijacking instead of classical physical attacks.

A Russian organization specializing in security tools claims to have broken the 256 bit AES Encryption used in Blackberry’s Backup Programs. Details: http://www.cio.com/article/621466/BlackBerry_Backup_Encryption_Broken_By_Russians?source=ClubHack