The end of Internet Explorer is finally here. Series of events: Google Hacking, removal of support for Google apps, several other vulnerabilities are forcing users to move to alternates. Recently, at Black Hat DC conference, a security consultant (Jorge Luis Alvarez Medina) demoed how it’s possible to exploit a flaw in Internet Explorer browser that turns your personal computer into a public file server. In other words, attacker can Read further »

There exists an encryption that has been left UnBroken since 1942 approximately time around the World war 2.  This is called security – when encryption algorithm lasts long, really long. Unfortunately, Microsoft has a different story. After 17 years of windows, Read further »

Chinese hackers changed the face of Internet forever by taking the wrong step — trying to hack the search giant and several other giants. Apparently, we know that hackers exploited a Vulnerability in Internet Explorer, but little was known about it untill the code that hacked Google became public. So what does this code do ? In Easy Words: Basically, the script creates a blank element on the page. This element has an “address” like a house. Then Read further »

Internet faced World Wide Panic as Twitter.com was defaced to run out of service. Soon after the attack Users were able to see a page that claimed work of “Iranian Cyber Hackers”. In simple words, it was nothing but a DNS hijacking attack in which Twitter’s DNS records were altered. That means surfers trying to reach the website directly via name resolution services were redirected to a fake domain, while the Twitter servers were running. As a result,  applications that depended upon Twitter’s API - such as TweetDeck or mobile phone Read further »

HTML 5 comes with alot of promise for the web.  It has lot of new features that could make Web Browsers and Apps much more powerful than they ever were. Let’s go by an example. Try accessing Gmail on iPhone or Android phone,  you will have notice some differences from what it used to be a month ago. The new thing worth noticing is the introduction of the offline access. Gmail Read further »

Sometimes its ridiculous how the most common (and important) technology in our daily-life is vulnerable to kinds of attacks that could bring nightmares. Still, no one is aware, no one is doing anything. Such is the Case of Today’s GSM — The most popular Cellphone Technology. Every year, some hacker comes out and breaks something crucial to us, which makes us and authorities learn it the HARD WAY, “We are not safe”. The best work is done by BlackHat and DEFCON, which are open forums for Hackers, especially DEFCON, which has open hacking challenges. If you ever went to the DEFCONs, you know what I’m Read further »

Sometimes, we overlook a critical aspect which could mean that our efforts of decade can be blasted within seconds. Such is a bug found in Linux 2.4 Kernel. According to security researchers, a bug in the Linux kernel has just been uncovered that makes just about every distribution utilizing kernel 2.4 and 2.6 on just about all architectures since May of 2001 vulnerable to a certain kind of attack. You can imagine. Out of Today’s Linux systems, 95% use >2.4 <=2.6, so almst every Linux kernel is Vulnerable to this attack. The bug allows an attacker to escalate local privileges and completely compromise the entire system. Julien Tinnes, a Read further »

4byte ASN (autonomous system numbers) was incorporated into most BGP routers recently. Since we are running out of ASN no. given to service providers, authority have stopped using previous Internet 2byte BGP ASN routing Updates. The newly found vulnerabilities affect only devices running Cisco IOS and Cisco IOS XE Software (here after both referred to as simply Cisco IOS) with support for RFC4893 and that have been configured for BGP routing. This feature has a critical vulnerability on all recent IOS that support it. Cisco last week issued — and today updated — a security advisory for its IOS software. Cisco IOS supporting RFC 4893 for four octet AS Read further »

Apple had been silent on the Critical Vulnerability found by BlackHat’s security expert presenter, till Google went ahead with the similar fix for the Android platform. I haven’t heard the official news coming directly Apple, but Carriers are doing it. First one to do is O2 UK, which announced that Apple will be releasing fix by weekend. There’s no news from AT&T yet, but they are not far from. It’s an admirably quick fix to a comically terrible problem. Probably, it will come as 3.0.1 or something similar. But at least Apple’s got an update Read further »

BlackHat is a yearly security conference where Industry’s most Dark side secrets are revealed. Few years back, Sir Lenin identified a Cisco security flaw that could bring down EVERY SINGLE CISCO ROUTER in the world. Lenin was from ISS (Internet Security Systems), he was fired & tortured, and what not. Cisco, at no cost, wanted their secrets to be revealed. Well, that was years back. since that year, we have more darker sides of the IT world. This year, Security researchers have identified several SMS vulnerabilities that can be used to deny service to mobile phones. They’re presenting Today but their findings have been published. Detail A serious security flaw that could allow a remote attacker to take control of the Read further »