Showing posts with label Hacking. Show all posts
Showing posts with label Hacking. Show all posts

Monday, November 3, 2014

VIDEO: Elevator Hacking: From the Pit to the Penthouse by DeviantOllam

From the video’s description:
Throughout the history of hacker culture, elevators have played a key role. From the mystique of students at MIT taking late-night rides upon car tops (don’t do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it’s easier than you think!) these devices are often misunderstood and their full range of features and abilities go unexplored. This talk will be an in-depth explanation of how elevators work… allowing for greater understanding, system optimizing, and the subversion of security in many facilities. Those who attend will learn why an elevator is virtually no different than an unlocked staircase as far as building security is concerned!
While paying the bills as a security auditor and penetration testing consultant with his company, The CORE Group, Deviant Ollam is also member of the Board of Directors of the US division of TOOOL, The Open Organisation Of Lockpickers. Deviant runs the Lockpicking Village with TOOOL at HOPE, DEFCON, ShmooCon, etc, and he has conducted physical security training sessions for Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, ekoparty, AusCERT, GovCERT, CONFidence, the United States Military Academy at West Point, and the United States Naval Academy at Annapolis. His favorite Amendments to the US Constitution are, in no particular order, the 1st, 2nd, 9th, & 10th.
Howard Payne is an elevator consultant from New York specializing in code compliance and accident investigations. He has logged over 9,000 hours examining car-tops, motor rooms, and hoistways in cases ranging from minor injuries to highly-publicized fatalities, and has contributed to forensic investigations that have been recognized by local, State, and Federal courts. Howard has appeared on national broadcast television making elevators do things they never should. When he’s not riding up and down high-rise hoistways, he moonlights as a drum and bass DJ and semi-professional gambler. His favorite direction is Up and his favorite elevator feature is riot mode.

Saturday, March 16, 2013

VIDEO: Security Threats by the Numbers - Cisco 2013 Annual Security Report

The kind folks at Cisco published their Annual Security Report. What I like about what they did is they chose to publish in a video infographic format. As you can tell, I'm a HUGE fan of infographics. However, if you're a stickler for PDF reports, I'll have a link below the video of the entire report.

Some interesting facts:
  • Global cloud traffic will increase sixfold over the next five years, growing at a rate of 44 percent from 2011 to 2016.
  • Only one in five respondents say their employers do track their online activities on company-owned devices, while 46 percent say their employers do not track activity.
  • 90 percent of IT professionals surveyed say they do indeed have policies that prohibit company-issued devices being used for personal online activity—although 38 percent acknowledge that employees break policy and use devices for personal activities in addition to doing work.
  • Cisco’s research shows significant change in the global landscape for web malware encounters by country in 2012. China, which was second on the list in 2011 for web malware encounters, fell dramatically to sixth position in 2012. Denmark and Sweden now hold the third and fourth spots, respectively. The United States retains the top ranking in 2012, as it did in 2011, with 33 percent of all web malware encounters occurring via websites hosted in the United States.
To read more of the report, click here.

Monday, December 31, 2012

Hire Anonymous! - Cyber Threat Summit 2012 by paulcdwyer

Paul C Dwyer President of the ICTTF International Cyber Threat Task Force discusses the concept of identifying talented individuals (hackers) before they seduced into a world of cybercrime. He discussed traits and characteristics in such vulnerable minors such as Aspergers Syndrome and references the case of Gary McKinnon.

Monday, December 17, 2012

HACKED: Anonymous Keeps Its Word and Pwns Westboro Baptist Church

As I reported yesterday, the hacker consortium known as Anonymous has targeted the members of Westboro Baptist Church.  The church announced, after the tragic events of 12/14/2012, it would be picketing the funerals of the victims.  Anonymous, along with the rest of the world, took this a bit personal and announced it would be lashing back.  It began with a release of personal information on Westboro Baptist Church members and leaders.  Most recently they decided to hack the church's spokesperson's Twitter account and the resulting Tweets have provided an insight into how the "hacktivist" organization may have found some redemption.

Check out the "tweets" from @DearShirley - the account hacked by Anonymous.

They've even called on the White House to declare Westboro Baptist Church a "hate group":

Even politicians got in the mix:
I'll be checking out the feed some more over the next few things.  It's bound to get even more interesting.

Monday, December 10, 2012

Cybersecurity | Senator Lieberman speaks before Senate about the need for cybersecurity legislation by JoeLieberman

The U.S. Senate Wednesday rejected a second chance to move forward with critical cybersecurity legislation supported by top-ranking members of the nation's intelligence, national, and homeland security communities. By a vote of 51-47, the Senate failed to approve a procedural motion to end debate on the bill, S. 3414, and move to a final vote. Read the full text of the Senator's statement here:

Senator Feinstein on Cybersecurity by SenatorFeinstein

Senator Dianne Feinstein spoke on the Senate floor on Nov. 12, 2012, about cybersecurity and the need to protect the United States from devastating cyber attacks.

Monday, October 3, 2011

My, how times have changed....Haven't they????....

Saw this gem on Twitter......Can't remember from whom (sorry)......Makes you wonder how far we've come with our perceptions of hackers and the threat they pose......

Tuesday, September 20, 2011

100th Blog Post and Book Review: Ghost in the Wires

For our first book review, we'll be looking at Ghost in the Wires: My Adventures as the World's Most Wanted Hacker .  This is the first autobiographical work of a hacker-turned-security consultant I've ever read.  I could hardly put it down.  The book takes us from Mitnick's journey from being a ham operator to some of his most famous and infamous hacks.  What was startling to learn was the absurd nature of the comments levied against him.  One law enforcement official declared he could "launch ICBM's (inter-continental ballistic missiles) by whistling into the phone".  Seriously?

Mitnick was candid about his first marriage and how he naively trusted his hacking partners not to "rat" him out when in fact they did.  He also made no qualms about letting the reader know he has since established relationships with some of pursuers.  Most interesting was how much information he had gathered in his own defense.

There revelations of what they perceived he was capable of and what he actually did were often very different.  I found it illuminating that Mitnick would mention hacking had become an "addiction", as he never sought profit or fame for his hacks.  I recall seeing the "Free Kevin" bumper stickers once he was captured and wondering in astonishment how people could be demanding the release of such a dangerous person.  I regarded Mitnick as person who sought to damage information systems or steal data outright.  What I didn't know was Mitnick did neither.  Hacking was a puzzle with dangerous consequences he became addicted to.  I realize not all hackers are like Mitnick and are in it for nefarious reasons and should be treated as a threat by any security entity.  

Perhaps, the most telling part of his book is learning he was great at phone system hacking otherwise known as "phreaking" but his specialty lies in "social engineering".  "Social engineering" is the use of pretexts and verbal manipulation to gain access to systems through human interaction.  Basically, he "conned" people into believing he was someone he wasn't to get access to all sorts of information which aided his hacking pursuits.

Overall, if you're looking for a real "page-turner" with interesting characters and an honest portrayal of Mr. Mitnick and his journey, I HIGHLY recommend this book.  In celebrating this book review and our 100th post, I'm offering a $25.00 gift certificate to the person who can solve this message:

Lfd ran cqn ydtxl jveena ofa 6bc sffx anivnj ofa Pqfbc ve cqn Jvan.   

To claim your prize, email [email protected] your answer.

About Us