Defending Search Results

News: Chinese Hack of U.S. Employment Records Reveals the Weakness of Signature-Based Defense Systems

With each day that dawns, there is a new, major hack that makes the news headlines. If you are paying attention, there are usually numerous hacks each day and far more that never make the news or are kept private by the victims. Every so often, a hack is so important that I feel compelled to comment on it here to help us learn something about the nature of hacking and IT security. This is one of those cases. Last week, the U.S. Office of Personnel Management (OPM) revealed that they had been ...

Robot Basics: Using an H Bridge to Move Your Bot Backwards

I love robots. They have the potential to evolve into Asimovian destroyers of the human species, but have only just mastered the art of cleaning my rug. They have an ever increasing cool factor and a growing number of cheap and simple components that let the hobby roboticist reach for the burning miasmas of plasma. But to get to the stars, we need to start with the basics.

How To: Identify Web Application Firewalls with Wafw00f & Nmap

Web application firewalls are one of the strongest defenses a web app has, but they can be vulnerable if the firewall version used is known to an attacker. Understanding which firewall a target is using can be the first step to a hacker discovering how to get past it — and what defenses are in place on a target. And the tools Wafw00f and Nmap make fingerprinting firewalls easy.

How To: Exploit Recycled Credentials with H8mail to Break into User Accounts

Many online users worry about their accounts being breached by some master hacker, but the more likely scenario is falling victim to a bot written to use leaked passwords in data breaches from companies like LinkedIn, MySpace, and Tumblr. For instance, a tool called H8mail can search through over 1 billion leaked credentials to discover passwords that might still be in use today.

How To: Execute Code in a Microsoft Word Document Without Security Warnings

Code execution in Microsoft Word is easier than ever, thanks to recent research done by Etienne Stalmans and Saif El-Sherei. Executing code in MS Word can be complicated, in some cases requiring the use of Macros or memory corruption. Fortunately, Microsoft has a built in a feature that we can abuse to have the same effect. The best part, it does so without raising any User Account Control security warnings. Let's look at how it's done.

How to Hack Wi-Fi: Disabling Security Cameras on Any Wireless Network with Aireplay-Ng

Electronic warfare tactics work by jamming, disrupting, or disabling the technology a target uses to perform a critical function, and IoT devices are especially vulnerable to attacks. Wireless security cameras like the Nest Cam are frequently used to secure critical locations, but a hacker can surgically disable a webcam or other Wi-Fi connected device without disturbing the rest of the network.

Hacking macOS: How to Steal Signal Conversations from a MacBook with a USB Rubber Ducky

Developed by Open Whisper Systems, Signal is a free, open-source encrypted communications app for both mobile and desktop devices that allows users to make voice calls, send instant messages, and even make video calls securely. However, a vulnerability was recently discovered for the desktop version that can be turned into a USB Rubber Ducky payload to steal signal messages with a single click.

How To: Intercept Images from a Security Camera Using Wireshark

It's common for IoT devices like Wi-Fi security cameras to host a website for controlling or configuring the camera that uses HTTP instead of the more secure HTTPS. This means anyone with the network password can see traffic to and from the camera, allowing a hacker to intercept security camera footage if anyone is watching the camera's HTTP viewing page.

How To: Use Maltego to Target Company Email Addresses That May Be Vulnerable from Third-Party Breaches

The easiest way around a security policy is to find users who don't follow it. The Have I Been Pwned database identifies accounts with information breached by major third parties like Yahoo and LinkedIn. With Maltego, hackers can locate breached accounts created using company email addresses, potentially giving attackers access to a company account if the employee reuses a compromised password.

How To: Create Custom Wordlists for Password Cracking Using the Mentalist

Beginners learning brute-forcing attacks against WPA handshakes are often let down by the limitations of default wordlists like RockYou based on stolen passwords. The science of brute-forcing goes beyond using these default lists, allowing us to be more efficient by making customized wordlists. Using the Mentalist, we can generate millions of likely passwords based on details about the target.

How To: Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon

Design flaws in many routers can allow hackers to steal Wi-Fi credentials, even if WPA or WPA2 encryption is used with a strong password. While this tactic used to take up to 8 hours, the newer WPS Pixie-Dust attack can crack networks in seconds. To do this, a modern wireless attack framework called Airgeddon is used to find vulnerable networks, and then Bully is used to crack them.

Buyer's Guide: Top 20 Hacker Holiday Gifts of 2018

For the uninitiated, it can be difficult to buy that special hacker in your life a perfect holiday gift. That's why we've taken out the guesswork and curated a list of the top 20 most popular items our readers are buying. Whether you're buying a gift for a friend or have been dying to share this list with someone shopping for you, we've got you covered with our 2018 selection of hacker holiday gifts.

Locking Down Linux: Using Ubuntu as Your Primary OS, Part 2 (Network Attack Defense)

After installing Ubuntu as your primary OS, you should have protected against USB Rubber Ducky payloads, defended against hard drive forensics, and reduced the overall attack surface against physical strikes. When defending against network-based attacks, you'll want to minimize hardware disclosures, prevent packet sniffers, harden firewall rules, and much more.

How To: Focus on Kung Fu basics for kids

In this online video self-defense course you’ll learn the basic moves of Kung Fu for kids. Sifu Dan Schmidt demonstrates various stances, blocks, punches, kicks and jumps that will give children a means of defending themselves if they’re ever in a bad situation. These lessons are perfect for helping kids build strength, endurance, motivation, self-discipline and concentration, so watch these free video clips and start training today.

News: It Ain't the Ball, It's the Altitude. Duhhh....

I guess it takes the designer to explain, but it's the altitude that's affecting the unpredictable movement on the ball, not the ball itself. Defending himself, he says the ball's been around since December and no one's complained until now. I know it's a problem in Jo'Burg and Nelspruit (highest venue in WC history). But Cape Town's at sea level, does anyone know if the problem exists there?

News: Name your price for 5 games

Name your price for 5 indie games!http://www.wolfire.com/humble This event will run for a week and the money raised will go towards two charities. The Humble Indie bundle is a collection of five indie games where you can set your price! Want to buy the whole package (worth $80 retail) for $10, $5, $1, or even a penny? sure, go ahead, you can pay as much or as little as you want. Some have payed over a hundred for the bundle, but the average is around $7-$8 dollars.The games:

Important Astronomers: Galileo Galilei

I'm starting a series on the top astronomers, with probably about eleven astronomers that I will be covering overall. So, let's start out from the top, with the top most important astronomer. In my opinion, Galileo Galilei is the top astronomer.

News: South American teams doing great.

Hey now! Brazil, Paraguay, Chile, Argentina and Uruguay are doing very well in their respective groups. The are all expected to qualify to the final 16. In fact, they are doing better than any other continent. Europe's top flight teams are disappointing, as are the host African nations.