The mission of the Open Organisation Of Lockpickers is to advance the general public knowledge about locks and lockpicking. By examining locks, safes, and other such hardware and by publicly discussing our findings we hope to strip away the mystery with which so many of these products are imbued.
This week, two different security researchers discovered two serious security flaws with the payment system. The first weakness pertains to the Google Wallet PIN protection system that allows access to the owner’s digital wallet in a matter of seconds using a brute force method to crack the PIN. The results of the attack will enable the attacker the ability to access key information on rooted smartphone that includes credit card numbers and transaction history.
Most wireless devices including laptops, tablets and smartphones have network software that automatically connects to access points they remember. This convenient feature is what gets you online without effort when you turn on your computer at home, the office, coffee shops or airports you frequent. Simply put, when your computer turns on, the wireless radio […]
Pwnie Express delivers the bleeding-edge cyber security platforms and solutions required to meet this challenge.
Our initial hardware offering, the Pwn Plug, is the first-to-market commercial penetration testing drop box platform. This low-cost plug-and-play device is designed for remote security testing of corporate facilities, including branch offices and retail locations. A security professional or service provider can ship this device to a corporate facility and conduct a security test over the Internet without travel expenses. The Pwn Plug includes a full security auditing software suite and provides covert remote access over Ethernet, wireless, and 3G/GSM cell networks. In the mobile space, Pwnie Express has also developed the most comprehensive commercial security suite for the Nokia N900 mobile platform.
We had the opportunity to interview Johnny Long of HackersforCharity.org on the final day of ShmooCon 2012.
Hackers for Charity is a non-profit organization that leverages the skills of technologists. They solve technology challenges for various non-profits and provide food, equipment, job training and computer education to the world’s poorest citizens.
White House Presses For New Cybersecurity Laws The White House is urging Congress to pass President Obama’s cybersecurity legislation in 2012 to give officials the authority they need to combat “growing and increasingly sophisticated cyberthreats,” according to the leading U.S. cybersecurity official. White House Cybersecurity Coordinator Howard Schmidt called for legislators to “modernize” outdated laws […]
ShmooCon officially kicks off today Friday January 27, 2012, but yesterday was LobbyCon at the Hilton Hotel at 1919 Connecticut Ave, NW in Washington, DC.
The Lobby became a mini conference where conversations, newly forged relationships and ideas were shared in every corner of the hallways by attendees of ShmooCon and those who simply show up to be part of the action without paying to participate and fellowship.
Someone stated, LobbyCons are were we come up with ideas, the deals are made, the projects are talked about and the real learning is done. After an hour LobbyConning, I would have to agree.
The Counter Terror Expo US , being held May 16-17, 2012 at the Walter E. Washington Convention Center , has formed an advisory board of industry experts from leading organizations to help guide and shape the educational programming and conference content. The advisory board includes individuals from government, academia, law enforcement, media, and the private sector with knowledge ranging from cyber security to border and critical infrastructure protection.
The FBI has issued a warning about the latest identify theft/bank swindling malware, called “Gameover”. The “Gameover” scam is initiated through a phishing scheme that sends fictitious e-mails to a bunch of users from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC). After opening the email and selecting the hyperlink, the user is forwarded to a phony website that automatically installs the Trojan without their knowledge or assistance, then eventual access to the victim’s bank account becomes accessible to the scammer.
US-Cert has just distributed a notification about the release of Chrome 16.0.912.77 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities.
The vulnerabilities may allow an attacker to execute arbitrary code or
cause a denial-of-service condition.
