Surveillance Company Says It Sent Fake iTunes, Flash Updates... | |
Anonymous Coward User ID: 1382265 United States 11/23/2011 12:07 PM Report Abusive Post Report Copyright Violation | |
Vision Thing User ID: 4223170 United States 11/23/2011 12:18 PM Report Abusive Post Report Copyright Violation | |
Vision Thing User ID: 4223170 United States 11/23/2011 12:22 PM Report Abusive Post Report Copyright Violation | |
Pink Cat with a Telephone Hat User ID: 5845677 United States 11/23/2011 01:33 PM Report Abusive Post Report Copyright Violation | |
Nope Nada User ID: 1164524 United States 11/23/2011 02:15 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 5701680 United States 11/23/2011 02:32 PM Report Abusive Post Report Copyright Violation | As a Penetration Tester, I got to see all sorts of 'hacks'. Quoting: wisc_natureboy One of my favorites was a company that hired us for a security audit and penetration testing. There was a financial incentive to 'break' into their network if we could do it. No problem. We bought a dozen thumb drives and put a folder called vacation pix on them. Within the .jpeg files we embedded some code that would query Active Directory and SMTP that data back to us. The thumb drives were scattered around the parking lot at 5 AM. By 9 AM we had every account and password on their network. Most isp's block port 25 except for their traffic, we routinely use higher ports to bypass this. Your embedded code would have been seen as a virus with most a/v. Do these people not use A/v? I hope you don't do IT for people. It takes almost zero effort to make a program that AV will miss. |
Anonymous Coward User ID: 1370297 United States 11/23/2011 02:38 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 1370297 United States 11/23/2011 02:45 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 1538919 United States 11/23/2011 03:19 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 5913937 Spain 11/23/2011 03:41 PM Report Abusive Post Report Copyright Violation | As a Penetration Tester, I got to see all sorts of 'hacks'. Quoting: wisc_natureboy One of my favorites was a company that hired us for a security audit and penetration testing. There was a financial incentive to 'break' into their network if we could do it. No problem. We bought a dozen thumb drives and put a folder called vacation pix on them. Within the .jpeg files we embedded some code that would query Active Directory and SMTP that data back to us. The thumb drives were scattered around the parking lot at 5 AM. By 9 AM we had every account and password on their network. Must have been a lousy Group Policy in place there. You can restrict the use of executables very detailed in a windows domain. As for software updates, in the future they all will be signed by the vendor. This opens the gate for the vendors to even restrict what is going to run on your system at all, like its done on the iphone. |
Anonymous Coward User ID: 5913937 Spain 11/23/2011 03:43 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 1450246 United States 11/23/2011 04:18 PM Report Abusive Post Report Copyright Violation | As a Penetration Tester, I got to see all sorts of 'hacks'. Quoting: wisc_natureboy One of my favorites was a company that hired us for a security audit and penetration testing. There was a financial incentive to 'break' into their network if we could do it. No problem. We bought a dozen thumb drives and put a folder called vacation pix on them. Within the .jpeg files we embedded some code that would query Active Directory and SMTP that data back to us. The thumb drives were scattered around the parking lot at 5 AM. By 9 AM we had every account and password on their network. A port block on 25 at the firewall and authentication of relays would have stopped your hack pretty quick. We went in over 143,139 and 25. Plus if they authenticated relays we had some e-mails with embedded dsquery code. We were not going to be denied. haha. NetBIOS to the rescue! What we have here, are two avid, devout readers of 2600 and Blacklisted 411. Heh. |
Anonymous Coward User ID: 1339466 Netherlands 11/23/2011 04:47 PM Report Abusive Post Report Copyright Violation | [link to www.icdc.com] [link to www.picassodreams.com] [link to www.oilempire.us] [link to www.boilingfrogspost.com] |
Anonymous Coward User ID: 1418745 United States 11/23/2011 05:31 PM Report Abusive Post Report Copyright Violation | Didn't he put it best: "There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized." |
Anonymous Coward User ID: 1370297 United States 11/23/2011 05:47 PM Report Abusive Post Report Copyright Violation | |
GeekOfTheWeek User ID: 1383040 United States 11/23/2011 05:49 PM Report Abusive Post Report Copyright Violation | Yeah they don't like it when you are hiding anything. Backdoors have been in place for most software available on the net, Linux, windows etc... I love physics. It bonds us eternally, it's what makes our computers work, it's what's in my morning cup of coffee, it's the thing that keeps the universe from vanishing due to lack of belief... |