Monthly Archives: September 2014

Efren Ray

Posted on September 28, 2014 by Carmelo

My old friend and Marine brother was visiting Phoenix and came to hang out with my family and I. We haven’t seen each other in 22 years or so. He and I were Ordnance ‘twins’. Photos are 22 years apart.

Posted in life | Comments Off on Efren Ray

8 Year Old Gets Shell Access

Posted on September 28, 2014 by Carmelo

The bar has been raised and set. Zero cool from the movie “Hackers” was 11. This 8 year old got shell access during a live demo. Dear Con speakers this 8yr old just got shell during his live demo no … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on 8 Year Old Gets Shell Access

XSS Games

Posted on September 28, 2014 by Carmelo

Test your h4cking skillz with the XSS Game at https://xss-game.appspot.com/. Hint the first answer is: <script>alert(“XSS”);</script>

Posted in Security Blog | Tagged , , , , , , , , | Comments Off on XSS Games

BERserk Vulnerability

Posted on September 27, 2014 by Carmelo

If you use FireFox or Chrome as a web browser, it is time to update them. The Mozilla Network Security Services (NSS) crypto library, a collection of cryptographic algorithms used for a variety of Internet standards currently allows for attackers … Continue reading

Posted in Security Blog | Tagged , , , , , | Comments Off on BERserk Vulnerability

Black Hat. Hacking. Explosions. Thor?

Posted on September 26, 2014 by Carmelo

In a world of global cybercrime, Legendary’s Blackhat follows a furloughed convict and his American and Chinese partners as they hunt a high-level cybercrime network from Chicago to Los Angeles to Hong Kong to Jakarta.

Posted in Security Blog | Tagged , | Comments Off on Black Hat. Hacking. Explosions. Thor?

WOPBOT BotNet

Posted on September 26, 2014 by Carmelo

A botnet runs on Linux and Linux variant servers, named wopbot that uses the Bash Shellshock bug to auto-infect others. The wopbot botnet is active and scanning the internet for vulnerable systems, including network ranges at the United States Department … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , , | Comments Off on WOPBOT BotNet

Many IoT devices run embedded Linux distributions with Bash

Posted on September 25, 2014 by Carmelo

I’m not trying to perform a Chicken Little, but outside of corporate data centers, where the average home owner with some cool computerized toys who doesn’t perform regular updates, is very vulnerable and prone to privacy loss. Some devices are … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on Many IoT devices run embedded Linux distributions with Bash

Old Android Browser, iOS8, & Home Depot

Posted on September 25, 2014 by Carmelo

I love these 60 second updates by Sophos.

Posted in Security Blog | Tagged , , , , , , | Comments Off on Old Android Browser, iOS8, & Home Depot

Palo Verde Nuclear Generating Station Evacuated

Posted on September 25, 2014 by Carmelo

MCSO: Palo Verde building evacuated after bomb threat A building at the Palo Verde Nuclear Generating Station was evacuated Wednesday after a bomb threat, authorities said. Check out this story on azcentral.com: http://azc.cc/1pdN5ES It was just a threat.

Posted in Security Blog | Tagged , , | Comments Off on Palo Verde Nuclear Generating Station Evacuated

BASH (Bourne-Again SHell) ShellShock Bug

Posted on September 24, 2014 by Carmelo

Stephane Chazelas, IT Manager at SeeByte, discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. For those unknowing, Bash is a command processor, typically run … Continue reading

Posted in Security Blog | Tagged , , , , , , , | Comments Off on BASH (Bourne-Again SHell) ShellShock Bug