Elamb Cybersecurity

Blog

  • Become ungoogable

    Site to hide your text online; or chat or bypass company sniffers… pretty handy.  I think this make for a decent Anti-Google Hack.

    This site is pretty cool.  It hides text by turning it into a
    picture file.  Pretty creative!  You see, search engines can
    usually find what you type in forums, websites, blog and even some chat
    sessions.  But what if you didn't want your text to be found on
    the Internet.  There are some plugin tools you could use or you
    could encrypt the text but here is another way called Hiddentext.net.

    This site turns your text into a picture with a randomly generated name
    like LYe776e.jpg so that it isn't picked up by Google/Images.

    Hiddentext.net also loads it on there server –> http://www.hidetext.net/hide/1RCet5KbrQ.jpg

    Although I'm not sure how long, the site gives you the option of deleting the message permanently.

     This could be great for privacy if your trying
    to get an online message to a select group of people.  On the
    negative side, this would work really great for Al Qeda, but so would
    encryption.

    read more | digg story

  • Training on Security+

    I will be doing training on the Security+ for the ISSA-COS.  I'm
    traing the Communcation Security portion of the test.  This is one
    of my favorite sections. 

    I told the ISSA guys I'd do it as long as I didn't have to train on Crypto which is one of my weaker subjects. 

    I'm excited about the training because I feel like I will really be
    able to help people ace this test.  Most security professionals
    who have been IT for more than a couple of years won't have a problem
    studying for it and passing it. 

    It really is just basic technical information security
    stuff.   There is also a lot of support on the Internet for
    this test: practice tests, guidance on what to study, and
    encouragement. 

    Don't sweat this test.  Especially if you've studied.

  • First potential virus risk for Windows Vista found

    “Virus writers are targeting a new Microsoft tool that will be part
    of Windows and is set to ship as part of the next Exchange e-mail
    server release.” – C|Net

    F-Secure has already found a possible flaw in the Windows Vista
    (code named Longhorn) command Shell called Monad also know as MSH.

    Representatives of F-Secure stated that if Microsoft released Windows
    Vista with MSH enabled, it could cause and outbreak of scripting
    viruses.  Examples of Scripting viruses include Macrovirues, the
    ILOVEYou VB scripting virus and the Melissa virus.

    The exploit aiming at MSH is discussed here.

    Microsoft my chose to disable MSH by default or simply add it as a plugin. 

  • Some feeling on Windows

    Windows Vista is the next version of the Windows operatings system. 

    I must admit, Microsoft has evolved greatly from one operation system
    to the next from a security and functional perspective.  Many
    geeks complain about Windows and say that Linux is way better or that
    the HATE Microsoft and Bill Gates (the Anti Christ), but 98% of those
    geeks use Windows and many of those use it as their main box.

    I like Windows 2000 on up.  Sure there are issues but I can't use
    a Linux box to play Age of Empires (or at least I don't think you can).

    I love Linux but many times when I come home from work I just don't
    feel like messing around with a computer for anything except
    entertainment.  I use my *nix OSes for testing, trouble shooting,
    hacking and pentesting.  My biggest issue with Windows (besides
    Microsoft) is Internet Explorer… I really don't use it so I guess its
    not that big of an issue.  Hopefully, IE7 will be as good as
    Firefox. 

  • Kevin Mitnick's Forbidden Chapter

    A very interesting read on the overview of Kevin Mitnick's life as a hacker and his issues with New York Times reporter John Markoff. This chapter, originally slated to be Chapter 1 in Mitnick's 2002 book “The Art of Deception”, was removed by the publisher after initial printing.

    read more | digg story

  • Hotel Access Cards Contain Credit Card Information

    What's scary is how easy it is for even a novice to steal this information. He says he bought a $39 card reader at a local retail store and plugged it into his laptop's USB port. Now when he scans a card, the device inputs the data directly into an open Excel or Word document.

    read more | digg story

  • PayPal hit by payment problems

    PayPal has been hit by two separate technical problems that are causing transactions to appear more than once on some customers' accounts. Although the money is not actually being removed from accounts this can have the effect of freezing the account if spending limits appear to be breached.

    read more | digg story

  • Arrested for being a geek

    “The police decided that wearing a rain jacket, carrying a rucksack with a laptop inside, looking down at the steps while going into a tube station and checking your phone for messages just ticked too many boxes on their checklist and makes you a terrorist suspect.”

    read more | digg story

  • VMware for Security Training

    VMware or Virtual Machine Software is an excellent tool to use for penetration training. 

    I went to an ethical hacking course with New Horizons and that is what
    they used to train us.  Each student was able to operate three or
    more environments (windows 2000, Knoppix STD, and Window XP) and attack
    either our own virtual network or the Instructors firewall to
    demonstrate the use of Netcat for example.

    It was a very cool way to learn.  Years ago I was in a training
    course created by Global Knowlegde for basic networking, hardware,
    cisco routers and a Microsoft cert.  I recall them bringing a ton
    of equipment with them and having trouble getting on and off planes
    with it.   With a software solution like VMware they could
    have carried much less equipment.

    VMware allows you to operate multiple Operating Systems on one
    computer.  OS's such as Linux, OSX, and Windows 2003, for example
    can be placed on the same system.  VMware gives you the ability to
    switch from one system to another with ease.  My only complaint is
    that it seems to be incompatible with some software you might try to
    install on it.  But it works with the main stuff such as protocol
    suites just fine.

    Vmware is great check out their free trial.

  • Google Blog Search Launched!!!

    Google's latest service “Blog Search” has been launched!

    read more | digg story