Feeds
13620 items (0 unread) in 75 feeds
-
Watchfire Application Security Insider
-
BlogSecurity
-
sirdarckcat
-
Google Online Security Blog
-
CGISecurity.com: Your Web Site and Application Security Resource
-
Switch/Twitch
-
mybeNi websecurity
-
cat slave diary
-
SecuriTeam Blogs
-
Curiouser and Curiouser
-
Alex's Corner
-
Billy (BK) Rios
-
Chris Shiflett
-
christian's weblog
-
funkatron.com
-
GNUCITIZEN
-
The Spanner
-
hackademix.net
-
Ruby on Rails Security Project
-
It's a shampoo world anyway
-
Web Security Blog
-
ha.ckers.org web application security lab
-
Yet Another Infosec Blog
-
PHP Security Blog
-
Security Thoughts
-
Sunnet Beskerming Security Advisories
-
Disenchant's Blog
-
Sylvan von Stuppe
-
Larholm.com
-
The Turkey Curse
-
Jeremiah Grossman
-
Anurag Agarwal - Application Security Evangelist
-
Ivan Ristic
-
deep inside | security & tools
-
omg.wtf.bbq.
-
BlueHat Security Briefings
-
Tactical Web Application Security
-
.:Computer Defense:.
-
tssci security
-
Plynt Penetration Testing Blog
-
Michael Howard's Web Log
-
Security Retentive
-
BindShell.Net
-
Dominic White's .tHE pRODUCT
-
SecurityFocus News
-
Justice League
-
Schneier on Security
-
Rational Survivability
-
terminal23
-
1 Raindrop
-
hiredhacker.com
-
Matasano Chargen
-
-
Michael on Security - Musings on Information Security
-
Fortify blog
-
The Art of Software Security Assessment
-
GDS Security Blog
-
Vodun.org
-
Robert Penz Blog
-
Mark Curphey - SecurityBuddha.com
-
Liminal states
-
Security Ripcord
-
ModSecurity Blog
-
IBM Internet Security Systems Frequency X Blog
-
Suspekt...
-
extern blog SensePost;
-
Zero in a bit
49 items tagged "Funny"
CGISecurity.com: Your Web Site and Application Security Resource
-
Oracle website vulnerable to SQL Injection
Posted: July 5th, 2011, 5:21pm CDT by Robert A.
Tags: Funny [edit]
Someone has published a SQL Injection in labs.oracle.com at http://www.thehackernews.com/2011/07/oracle-website-vulnerable-to-sql.html . That is all. -
Most common password for Gawker users is 123456
Posted: December 14th, 2010, 12:51pm CST by Robert A.
Tags: Funny [edit]
Gawker was recently compromised and had its source code and user passwords leaked onto the web. The Wall Street Journal has published a list of the top 50 passwords with the #1 password being '123456'. The full list can be found at http://blogs.wsj.com/digits/2010/12/13/the-top-50-gawker-media-passwords/ -
XSS, SQL Injection and Fuzzing Barcode Cheat Sheet
Posted: February 24th, 2010, 11:26am CST by Robert A.
Tags: Funny [edit]
Someone has published an amusing cheat sheet that will allow you to fuzz barcode scanning systems for common input validation issues such as XSS and SQL Injection. They even provide an online barcode generator which allows you to create your own payloads. Not much else to say really :) Link: http://www.irongeek.com/xss-sql-injection-fuzzing-barcode-generator.php -
Facebook security pretty much what you'd expect?
Posted: January 22nd, 2010, 4:46pm CST by Robert A.
Tags: Funny [edit]
An interview claiming to be with a facebook employee discusses a few things that you probably were hoping didn't happen. Here are some choice quotes from the article " Rumpus: Have you ever logged in to anyone’s account? Employee: I have. For engineering reasons. Rumpus: Have you ever done it outside of... -
Hacker Messes With Student's Schedule
Posted: January 12th, 2010, 11:42am CST by Robert A.
Tags: Funny [edit]
I don't usually post much about hacking incidents but this one was particularly funny. "A college student has been dropped from her classes twice, apparently the victim of someone who hacked into her schedule.Michelle McCoy-Lloyd was going to take two culinary classes at San Joaquin Delta College starting next week.Last month, someone... -
Symantec SQL Injected, Seeks Counseling
Posted: November 23rd, 2009, 5:16pm CST by Robert A.
Tags: Funny [edit]
"The Romanian hacker who successfully broke into a web site owned by security vendor Kaspersky Lab has struck again, this time exposing shortcomings in a Symantec web server. The hacker, known only as Unu, said in a blog post today that he was able to access a server belonging to the security... -
One character mistake knocks .se TLD offline
Posted: October 13th, 2009, 12:37pm CDT by Robert A.
Tags: Funny [edit]
"What was essentially a typo last night resulted in the temporary disappearance from the Internet of almost a million Web sites in Sweden -- every address with a .se top-level down name. According to Web monitoring company Pingdom, which happens to be based in Sweden, the disablement of an entire top-level domain... -
Yahoo Best Jobs in America ranks infosec professional #8
Posted: October 9th, 2009, 11:38am CDT by Robert A.
Tags: Funny [edit]
After checking out my favorite stocks this morning at finance.yahoo.com I saw an article titled 'best jobs in America' so figured I'd check it out. To my surprise Computer/Network Security Consultant was ranked as the 8th best job in the US. Very cool! Link: http://finance.yahoo.com/career-work/article/107932/best-jobs-in-america.html -
Reddit XSS worm spreads
Posted: September 28th, 2009, 11:07am CDT by Robert A.
Tags: Funny [edit]
UPDATE: Reddit has posted a blog entry at http://blog.reddit.com/2009/09/we-had-some-bugs-and-it-hurt-us.html addressing this. "Popular social news website Reddit has stopped the spread of a cross-site scripting (XSS) worm that hit the site on Monday. The XSS worm spread via comments on the site, originally from the account of a user called xssfinder. Reddit failed... -
SVN Flaw Reveals Source Code to 3,300 Popular Websites
Posted: September 24th, 2009, 6:11pm CDT by Robert A.
Tags: Funny [edit]
"A Russian security group has posted a detailed blog post about how they managed to extract the source code to over 3,300 websites. The group found that some of the largest and best known domains on the web, such as apache.org and php.net, amongst others, are vulnerable to an elementary information leak... -
Wordpress Admin Password Reset Vulnerability
Posted: August 12th, 2009, 11:46am CDT by Robert A.
Tags: Funny [edit]
"Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset... -
Gary McKinnon loses appeal
Posted: August 2nd, 2009, 5:50pm CDT by Robert A.
Tags: Funny [edit]
"Gary McKinnon has lost a judicial review against his extradition to the United States on hacking charges. Lawyers for the Briton hoped his recent diagnosis with Asperger's Syndrome would be enough to persuade judges to overturn previous rulings and allow McKinnon to be tried in the UK." - The Register Long... -
Why you never use ATMs in the hotel defcon is hosted in, or near
Posted: August 2nd, 2009, 5:45pm CDT by Robert A.
Tags: Funny [edit]
Just got back from vegas and finally started catching up. Looks like a fake ATM was placed at defcon (no surprise). "As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn't quite look... -
Antisec hackers replace all imageshack images!
Posted: July 10th, 2009, 9:59pm CDT by Robert A.
Tags: Funny [edit]
The hacking group/movement antisec has replaced every image on imageshack with a hacked image and has posted the following to the full disclosure mailing list. " __ .__ _____ _____/ |_|__| ______ ____ ____ __ / __ | ______ / ___// __ _/ ___ / __ | | ... -
New OpenSSH Flaw Likely a Hoax?
Posted: July 9th, 2009, 12:06pm CDT by Robert A.
Tags: Funny [edit]
"A claim of a software vulnerability in a program used to connect securely to servers across the Internet is likely a hoax, according to an analyst with the SANS Internet Storm Center. The program, called OpenSSH (Secure Shell), is installed on tens of millions of servers made by vendors such as... -
Social Security Numbers Can Be Extrapolated From Public Data
Posted: July 6th, 2009, 4:20pm CDT by Robert A.
Tags: Funny [edit]
"For years, government officials have urged consumers to protect their social security numbers by giving out the nine-digit codes only when absolutely necessary. Now it turns out that all the caution in the world may not be enough: New research shows that social security numbers can be predicted from publicly available... -
Iran accuses CNN of training hackers to launch DDOS attacks
Posted: June 23rd, 2009, 12:12pm CDT by Robert A.
Tags: Funny [edit]
"Iran's foreign ministry spokesman accused the cable network CNN of "officially" training people to "hack government and foreign ministry" websites on Monday, citing a CNN.com article that explained how hackers were launching distributed denial-of-service (DDOS) attacks on Iranian government sites. "They officially trained the people to come and hack Iran's government... -
Hacker cracks TinyURL rival, redirects millions of Twitter users
Posted: June 16th, 2009, 1:13pm CDT by Robert A.
Tags: Funny [edit]
"A URL-shortening service that condenses long Web addresses for use on micro-blogging sites like Twitter was hacked over the weekend, sending millions of users to an unintended destination, a security researcher said today. After Cligs, a rival to the better known TinyURL and bit.ly shortening services, was attacked Sunday, more than... -
When XSS can cost you $10,000
Posted: June 5th, 2009, 4:00pm CDT by Robert A.
Tags: Funny [edit]
"Did you hear the one about the hacker-free e-mail service that was so confident about its enhanced security measure that it offered up $10,000 to anyone who could hack into it? It got hacked. Here’s the part that’s really crazy, though. There was initially some question as to whether or not... -
Astalavista.com hacked
Posted: June 5th, 2009, 3:58pm CDT by Robert A.
Tags: Funny [edit]
"For those who don't know of Astalavista, it was a popular website for "hackers" with relatively low-quality content. It started in 1994, and was one of the first search engines for computer security information. It hosted software exploits, and quickly degenerated into a forum for sharing software cracks, spyware, and virii.... -
Avsim Flight simulation site deleted by hacker, no backups....
Posted: May 15th, 2009, 1:35pm CDT by Robert A.
Tags: Funny [edit]
"The site, which launched in 1996, covered all aspects of flight simulation, although its main focus was on Microsoft's Flight Simulator. The attack took down the site's two servers and the owners had not established an external backup system. The site's founder, Tom Allensworth, said that the site would be down... -
Thousands of Vulnerabilities Detected In FAA's Air Traffic Control Apps
Posted: May 11th, 2009, 12:24pm CDT by Robert A.
Tags: Funny [edit]
"A government audit (PDF) has pinpointed more than 3,800 vulnerabilities -- 763 of which are high-risk -- in the Federal Aviation Administration's Web-based air traffic control system applications, including some that could potentially put air travel at risk. The U.S. Department of Transportation report, with the help of auditors from KPMG,... -
McAfee site vulnerable to xss
Posted: May 5th, 2009, 11:32am CDT by Robert A.
Tags: Funny [edit]
"McAfee, widely recognized as one of the leading providers of online security software for both home and business, appears to be struggling to secure its own Web sites, which at the time of writing this post, allow anyone with enough tech savvy to covertly do whatever they want on, and with,... -
Twitter hacked again....
Posted: May 1st, 2009, 11:37am CDT by Robert A.
Tags: Funny [edit]
Twitter has been hacked again and had it's administrative panel (which shouldn't be web accessible) breached. "This week, unauthorized access to Twitter was gained by an outside party. Our initial security reviews and investigations indicate that no account information was altered or removed in any way. However, we discovered that 10... -
Two XSS Worms Slam Twitter
Posted: April 12th, 2009, 11:41am CDT by Robert A.
Tags: Funny [edit]
UPDATE: F-Secure has posted more detailed information. "Some 24 hours after a worm spread advertising on Twitter, the popular social networking website, a second worm emerged on Sunday. Both worms appear to be created by Mikeyy Mooney, a 17-year-old from Brooklyn, New York. The first worm emerged on Saturday when Twitter... -
Netcraft confirms lynx growing in popularity due to browser security flaws
Posted: April 1st, 2009, 12:37pm CDT by Robert A.
Tags: Funny [edit]
Netcraft firms that Lynx is gaining popularity due to the increase in browser security bugs. "Netcraft has observed a surge in popularity of the Lynx browser, particularly since the recent Pwn2Own competition, which was held at the CanSecWest conference in Vancouver last month. During the course of the competition, security researchers... -
Metasploit shut down by FBI and DHS
Posted: April 1st, 2009, 12:26pm CDT by Robert A.
Tags: Funny [edit]
After viewing the metasploit site this morning it appears the FBI and DHS has shut it down. According to sources HD Moore is on the run somewhere in Mexico. -
New cert program for Application Security Specialists
Posted: April 1st, 2009, 9:39am CDT by Robert A.
Tags: Funny [edit]
A new certification program has just been launched, and is brought to you by the same people who brought us ScanLessPCI "The Institute is the industry's leading authority for Certified ASS's. Our curriculum complies with the highest industry standards while still reflecting the operational realities of securing applications in the modern... -
BBC cybercrime probe backfires
Posted: March 13th, 2009, 11:03am CDT by Robert A.
Tags: Funny [edit]
"The BBC hacked into 22,000 computers as part of an investigation into cybercrime but the move quickly backfired, with legal experts claiming the broadcaster broke the law and security gurus saying the experiment went too far. The technology show Click acquired a network of 22,000 hijacked computers - known as a... -
FRHack threatens to sue person using screenshots to criticize them
Posted: March 4th, 2009, 3:30pm CST by Robert A.
Tags: Funny [edit]
I found the following post fairly amusing and had to link it here. "A few days ago I complained about the incredibly awkward IT Security Girl of the Year award that will be dished out later this year at the French IT security conference FRHACK. Apparently the FRHACK organizers did not... -
FRHack threatens to sue person using screenshots to criticize them?
Posted: March 4th, 2009, 3:30pm CST by Robert A.
Tags: Funny [edit]
I found the following post fairly amusing and had to link it here. "A few days ago I complained about the incredibly awkward IT Security Girl of the Year award that will be dished out later this year at the French IT security conference FRHACK. Apparently the FRHACK organizers did not... -
Wikileaks Accidentially Leaks Its Donor List
Posted: February 19th, 2009, 11:33am CST by Robert A.
Tags: Funny [edit]
"What's Wikileaks, the net's foremost document leaking site, supposed to do when a whistle-blower submits a list of email addresses belonging to the site's confidential donors as a leaked document? That's exactly the conundrum Wikileaks faced this week after someone from the controversial whistle-blowing site sent an emergency fund-raising appeal on... -
Top-10 Vulnerability Discoverers of All Time (as well as 2008)
Posted: February 17th, 2009, 9:14pm CST by Robert A.
Tags: Funny [edit]
"Who discovers the most security vulnerabilities? That’s one of the more frequent questions I’ve encountered over the past few years. Funnily enough there’s usually a high correlation between the timing of my being asked and the latest marketing blitzkrieg customers may have encountered (not from IBM of course). It seems that... -
Defacement archive Zone-h gets defaced
Posted: February 13th, 2009, 11:54pm CST by Robert A.
Tags: Funny [edit]
"Defacement archive Zone-h.org has itself been defaced. The hack - claimed in the names of Cyber-Terrorist, HeLL cYbEr, and Jurm - involved posting a link to a YouTube video and dancing babies on the site's altered home page. The Arab language video, featuring an ad promoting nappies, replaced the site's usual... -
F-Secure Hacked Via XSS, SQL injection
Posted: February 12th, 2009, 12:08pm CST by Robert A.
Tags: Funny [edit]
"A Romanian hacker site said on Wednesday it was able to breach the website of Helsinki-based security firm F-Secure just as it had gained access to the sites of two other security companies earlier in the week. F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the... -
Security Vendor Kasperky Hacked Via SQL Injection
Posted: February 8th, 2009, 1:02pm CST by Robert A.
Tags: Funny [edit]
A security lapse at Kaspersky has exposed a wealth of proprietary information about the anti-virus provider's products and customers, according to a blogger, who posted screen shots and other details that appeared to substantiate the claims. In a posting made Saturday, the hacker claimed a simple SQL injection gave access to... -
Attacker flaunts details of phpBB hack
Posted: February 5th, 2009, 10:58am CST by Robert A.
Tags: Funny [edit]
"In a post on Blogger on Saturday, a person who claims to have breached the Web site of open-source online community software phpBB gave a detailed account of how he did it. Using a vulnerability in PHPlist publicly disclosed on January 14, the attacker gained access to the password and configuration... -
Hacking 4 Zombies
Posted: January 29th, 2009, 9:47am CST by Robert A.
Tags: Funny [edit]
"Transportation officials in Texas are scrambling to prevent hackers from changing messages on digital road signs after one sign in Austin was altered to read, "Zombies Ahead." Chris Lippincott, director of media relations for the Texas Department of Transportation, confirmed that a portable traffic sign at Lamar Boulevard and West 15th... -
Wired.com Image Viewer Hacked to Create Phony Steve Jobs Health Story
Posted: January 22nd, 2009, 5:46pm CST by Robert A.
Tags: Funny [edit]
"A widely-circulated URL which points to a image that purports to be a Wired.com story about Steve Jobs health is a hack job. We won't provide the URL here, but the Twitterverse quickly surmised that the item was not correct. As have Mashable and Gizmodo. I've written a number of stories... -
How to Suck at Information Security
Posted: January 9th, 2009, 11:11am CST by Robert
Tags: Funny [edit]
Lenny Zeltser from dshield has posted an amusing list of ways to suck at information security broken upin the following categories.- Security Policy and Compliance- Security Tools- Risk Management- Security Practices- Password ManagementHere's a snippet"Security Tools Deploy a security product out of the box without tuning it. Tune the IDS to... -
Hackers Post Faked Report of Steve Jobs's Death
Posted: January 6th, 2009, 1:18pm CST by Robert
Tags: Funny [edit]
"MacRumors, one of the many sites which cover Apple's annual Macworld product launches, has had its live coverage infiltrated, with someone adding the false news of Steve Jobs's death to the blow-by-blow reports."Here's the very amusing screenshot of the incident.http://cache.gawker.com/assets/images/gawker/2009/01/macrumorshacked.jpgRead more: http://valleywag.gawker.com/5124580/hackers-post-faked-report-of-steve-jobss-death -
Twitter Security Collapses; Obama, Fox and Britney Accounts Hacked
Posted: January 5th, 2009, 12:04pm CST by Robert
Tags: Funny [edit]
From Twitter's blog"The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their... -
2009 Security Predictions Collection
Posted: December 31st, 2008, 12:52pm CST by Robert
Tags: Funny [edit]
I've been collecting a list of security predictions for 2009 that people on this list may find 'interesting'.Here they areOpinion: Security predictions for 2009http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9124621&source=rss_news2009 Security Predictionshttp://www.sans.edu/resources/securitylab/2009_predictions.phpSecurity predictions for 2009http://www.itworld.com/security/59948/security-predictions-200910 Security Predictions For 2009http://www.crn.com/security/212201985The 2009 Security Prediction Prediction Listhttp://blogs.gartner.com/greg_young/2008/12/19/the-2009-security-prediction-prediction-list/2009 security predictions: Deja vu all over againhttp://www.infoworld.com/article/08/12/31/2009_security_predictions_Deja_vu_all_over_again_1.html2009 - my security predictionshttp://www.itpro.co.uk/blogs/danj/2008/12/10/2009-my-security-predictions/Tech: What will... -
College students rig Victoria Secret online contest
Posted: December 1st, 2008, 3:36pm CST by Robert
Tags: Funny [edit]
"At Drexel University and a handful of other colleges, students created computer scripts to sway the contest—an online vote to nominate a university to receive its own clothing line—in their campuses’ favor. Tim Plunkett, a junior at Drexel, created a script that could cast 1,500 votes per second, according to The... -
Google Android Phone passes typed content into rootshell!
Posted: November 10th, 2008, 11:50am CST by Robert
Tags: Funny [edit]
"With the news that Google's Android shipped with an embarrassing security hole being followed by a simple two-step method to 'jailbreak' the OS, you'd think that the company had ironed out most of the remaining bugs – but you'd be wrong. According to ZDnet's Ed Burnette, the open-source Linux-based smartphone platform... -
NASA hacker releases myspace song
Posted: November 5th, 2008, 2:38pm CST by Robert
Tags: Funny [edit]
"Pentagon hacker Gary McKinnon has stormed into the Myspace charts with a music video about his empathy for a girl with the world on her shoulders. Called Only a fool, and owing something to soulful house boys Cabaret Voltaire, the song reached number five in the myspace video chart within 48... -
Kevin Mitnick Detained in Atlanta for having computer equipment on flight
Posted: October 1st, 2008, 11:35am CDT by Robert
Tags: Funny [edit]
If you know me you know I don't like Atlanta and have many reasons (which I won't go into here). I have another one to add to this list after reading a story about Kevin Mitnick being detained for having lots of computer equipment with him. "In his luggage, they found... -
Humor: Worldwide SQL Protocol Advisory
Posted: September 25th, 2008, 4:15pm CDT by Robert
Tags: Funny [edit]
The full disclosure mailing list is usually 95% junk but every once in awhile an amusing/informative post gets through. Today an amusing post came through regarding a 'Worldwide SQL Protocol Advisory'. That's not to say this post isn't junk, but I found it amusing :) Here's a peek "II. Problem descriptionThe...
SecuriTeam Blogs
-
Plan B
Posted: May 2nd, 2008, 8:16pm CDT by Aviram
Tags: Funny [edit]
The Daily WTF has a good story that may sound a little too familiar to some:
How the aptly-named Super Hacker had managed to shut down the system remotely and provide a fix so quickly intrigued Kiefer. After poking around the network, he finally found the Python file that contained the Super Hacker’s fix:
#!usr/bin/python
# Paying someone $10 to pull a power cord for $3500
print “(C) [Name Removed] 2008.”The moral of the story: when all else fails, use social engineering.