In association with heise online

15 March 2013, 17:46

Lost+Found: A get-out-of-jail-free card, a free book & Facebook hacking

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Lost+Found icon Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H's radar this week: a hacking legend's business card, Facebook signing up hackers, a free book on Xbox hacking, news from Black Hat Europe and an SMB sniffing Wireshark extension.

  • In a feature on espionage attacks, we wrote, "Ultimately, however, it is almost unavoidable that such attacks will eventually be successful, and potential victims should prepare themselves". It seems that Facebook's security team had already come to the same conclusion. Even before the January hack, hackers were crawling all over the company's internal network, though prior to January this was part of simulated emergency drills.

  • In memory of Aaron Swartz, Andrew "Bunnie" Huang has made his book Hacking the Xbox available online for free.

  • A Wireshark extension extracts files from SMB traffic. It will be incorporated into Wireshark proper shortly.

  • Nir Goldshlager never rests. He reports that he has found another vulnerability which can be exploited to access any Facebook account. He showed off the same trick in late February.

  • In his Black Hat presentation US hacker Deral Heiland demonstrated a means of attacking access points such as the Cisco/Linksys WAP200 or wireless controllers such as the WLC620 from Aruba Networks using unusual WLAN IDs, i.e. SSIDsPDF such as <img src=wlan.php?stop>. The devices were vulnerable to (persistent) cross-site scripting (XSS) and cross-site request forgery (CSRF). The manufacturers of the devices have since released firmware updates which fix the bugs.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit