Top
Browse > Home / Archive by category 'vulnerabilities'

17-year-old accused of hacking into school computers

January 24, 2007

JEFFERSON COUNTY – A 17-year-old student at Golden High School has been arrested after police say he hacked into the school’s computer system and changed grades.

Police say charges could include forgery, computer crime and use of forged academic records.

Police believe the student hacked into the campus portal system, which is meant to give parents access to grades, schedules and attendance records.”

Everytime I hear about a kid trying to hack the school records I am reminded of Ferris Bueller’s Day off. 

read more | digg story

Popularity: 3% [?]

Written by elamb · Filed Under I got hacked, Main Digg, Security Awareness, vulnerabilities 

Google’s antiphishing plugin leaked passwords

January 24, 2007

A recent press release from web security provider Finjan Inc. has exposed a security flaw with Google’s antiphishing browser extension for the Firefox web browser. Apparently, the extension accidentally gathered some users’ e-mail addresses and passwords.

read more | digg story

Popularity: 5% [?]

Written by elamb · Filed Under Google Hacks, I got hacked/Phishing, Main Digg, vulnerabilities 

Former Pentester of FBI, hacks the FBI

July 6, 2006

This case is not the same as the Department of Veteran Affairs loss of records or the Department of Agricultures security failures.  In this case, a contracting consultant conducted a penetration test with out getting formal approval.  He expoited the FBI's vulnerabilities to gain elevated privledges.

Joseph Thomas Colon, 28, is a former employee of BAE Systems.  His pentest allowed him to obtain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.  According to Colon, the FBI field office in Springfield, Ill., he was attached to gave him approval.

However, every professional pentester and/or ethical hackers knows that you have to get formal approval from an authority. 

Colon's lawyer said in a court filing that his client was hired to work on the FBI's “Trilogy” computer system but became frustrated over “bureaucratic” obstacles, such as obtaining written authorization from the FBI's Washington headquarters for “routine” matters such as adding a printer or moving a new computer onto the system. 

As a result, Mr. Colon will likely serve about 18 months in prison. :(…

Pentesting and ethical hacking tools and techniques must be dealt with responsibly.  The bureacracies that might allow pentesting must be respected at all costs.  The first thing in Pentesting and ethical hacking that is taught is to ALWAYs, ALWAYS, ALWAYS get writen consent to procede from the owners of the system.

 

Popularity: 5% [?]

Written by elamb.security · Filed Under CEH, Computer Security, Passwords, hackers, security, security testing, vulnerabilities 

eEye Flags More iTunes, QuickTime Flaws

March 15, 2006

“Researchers at eEye Digital Security have pinpointed two high-risk vulnerabilities in iTunes and QuickTime that could put millions of Windows and Mac users at risk of code execution attacks.”

eEye points out some overflows on the Apple applications. 

read more | digg story

Popularity: 1% [?]

Written by elamb.security · Filed Under security, vulnerabilities 

Bottom