Hacking and network security articles and hacking prevention resources for the government and general public. Covering all aspects of Computer Hacking, including tutorials and exploit downloads.

Google
Web GovernmentSecurity.org
Sponsored Links:
 
 
  Featured Articles
Computer Forensics - Criminal vs Civil: What's the Difference?
A Simple Look at Control Subversion
How and When to Outsource IT
How To: Security Permissions Chmod
Pay Now or Pay Later - Our Option In Protecting Data
Computer Security: Has the Hype Died?
 

New Place to Hide Rootkits

Fri, 09 May 2008 14:40:09 -0700

Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products.

Called a System Management Mode (SMM) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system, but which can give attackers a picture of what's happening in a computer's memory.

The SMM rootkit comes with keylogging and communications software and could be used to steal sensitive information from a victim's computer. It was built by Shawn Embleton and Sherri Sparks, who run an Oviedo, Florida, security ...



Spam Is Migrating to the Cellphone

Fri, 09 May 2008 14:38:26 -0700

If you thought spam on your computer was a bother, brace yourself for round two: spammers want to find you on your cellphone.

Cellphones have become consumers’ most personal technological devices. That is why some industry executives, along with consumer groups and security experts, are concerned that unwanted messages will be an even greater headache on phones.

Cellphone spam is particularly annoying to its recipients because it is more invasive — announcing itself with a beep — and can be costly.

Taber Lightfoot, an assistant director for new media at the Yale School of Management, is among those who have already paid for the privilege of receiving ...



Asperger's and IT: Dark secret or open secret?

Fri, 09 May 2008 08:34:26 -0700

"Ryno" is a 50-something ex-sysadmin, by his own account "burned out and living on disability" in rural Australia.

He loved the tech parts of being a system administrator, and he was good at them. But the interpersonal interactions that went along with the position -- the hearty backslaps from random users, the impromptu meetings -- were literally unbearable for Ryno. "I can make your systems efficient and lower your downtime," he says. "I cannot make your users happy."

Bob, a database applications programmer who's been working in high tech for 26 years, has an aptitude for math and logic. And he has what he calls his "strange memory." If he can't recall the answer ...



Beginner: Resetting the Root Password

Fri, 09 May 2008 08:16:24 -0700

This tutorial is made to help you to restore your root password if you forgot it.

So use it only for your own system, or if you have a written permission to do so.

I don't take any responsibility of any possible damage this tutorial may cause.

-1 Breaking in...

.a

First and easiest way is to enter to Bash as root, simply using installed kernel image with parameter:

init=/bin/bash

.b

In many cases you can send parameter 'single' while loading kernel to automatically login as root.

.c

If Lilo or Grub are protected with password we can't boot to the installed image and we need to use ...



Mifare - Cryptanalysis of Crypto-1

Fri, 09 May 2008 07:54:08 -0700

The secret cipher that secures Mifare Classic RFID tags used in access control systems, subway tickets, and various other security-related applications has recently been disclosed [1]. Since the security of the Mifare cards partly relies on the secrecy of this algorithm, we concluded that the cards are too weak for all security-related applications since the algorithm can be found with modest effort. A report for the Dutch government that assesses the impact of our findings on a nationwide ticketing system in the Netherlands was released on February 29

The report confirms our findings, but asserts that systems will likely be secure for another two years since the attack is still ...



Opinion: The computer security paradox

Fri, 09 May 2008 07:50:27 -0700

One of the most prized rights of any American is the right to privacy and security. It's something people in some countries would kill for. Yet now there appears to be a very frightening trend growing. Your privacy and security are being thrown out the window wholesale in favor of easier access by law enforcement. A recent example of this can be seen with the announcement that Microsoft has been providing a tool to investigators that can effectively rip your Windows security to shreds in seconds, exposing all your private data to whoever wants to look at it.

And if that wasn't bad enough, just days later, word came down the pipe that the TSA and Homeland Security are free to ...



SoBe: I Was A Teenage Bot Master

Fri, 09 May 2008 07:25:43 -0700

One day in May 2005, a 16-year-old hacker named SoBe opened his front door to find a swarm of FBI agents descending on his family's three-story house in Boca Raton, Florida. With an arm and leg in casts from a recent motorcycle accident, one agent grabbed his good arm while others seized thousands of dollars worth of computers, video game consoles and other electronics. His parents looked on.

At that moment, some 2,700 miles away, in the Los Angeles suburb of Downey, California, the FBI was serving a separate search warrant on Jeanson James Ancheta, SoBe's 20-year-old employer and hacking mentor. It was the second time in six months Ancheta had been raided by the FBI - a clear ...


 

  Security Forum & Discussion Topics
 
How to fail on the CISSP
privilege higher than "system"
ICMP problems
Hi
New Place to Hide Rootkits
Spam Is Migrating to the Cellphone
C++ or C#?
Asperger's and IT: Dark secret or open secret?
Beginner: Resetting the Root Password
Mifare - Cryptanalysis of Crypto-1
 
  Latest Security Vulnerabilities
 
Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
WatchFire Appscan 7.0 ActiveX Multiple Insecure Methods Exploit
VLC 0.8.6d httpd_FileCallBack Remote Format String Exploit
HP Software Update (Hpufunction.dll 4.0.0.1) Insecure Method PoC
GroupWise 7.0 (mailto: scheme) Buffer Overflow PoC
Hp Openview Nnm V7.5.1 Ovalarmsrv.exe Remote Overflow Exploit
Intel Centrino Ipw2200bg Wireless Driver Remote Bof Exploit (meta)
Bigant Server 2.2 Preauth Remote Seh Overflow Exploit (0day)
Microsoft Works 7 Wkimgsrv.dll Activex Denial Of Service Poc
Xine-lib <= 1.1.12 Nsf Demuxer Stack Overflow Vulnerability Poc
 
  Affiliates
Quantum Hosting
  Eclipticx IRC Network
  Infexion Security
  Blackhat Security

  Promote Through GSO
Submit Articles
  Submit Press Releases
  Advertise on GSO


  Free Security Magazines
Computer Magazines
  Government Magazines
  Security Magazines