Hot Null Byte News Stories
News: Have an NFC-Enable Phone? This Hack Could Hijack It
Some of us use our smartphones for almost everything. Manufacturers know this, so they try to make their devices as convenient as possible to use, but sometimes that convenience comes with a cost to security. The very same technology that allows you to easily share music with friends and make purchases can also put you at risk. Photo by sam_churchill
News: Intel Core 2 Duo Remote Exec Exploit in JavaScript
Looks like someone created a remote exploit using javascript. Pretty scary stuff o.o. Intel Core2Duo cpu cache controller bug PoC | Inj3ct0r - exploit database : vulnerability : 0day : shellcode.
News: Interesting Read
Hey guys just found an Interesting article, thought I'd share it. See yourself as the next Assange? Good luck - CNN.com.
News: Basic Math Operations
It was brought up a while back in a Community Call to Arms that *math* is handy for encryption (and let's face it, everything) so let us go over things you just have to know. "In its simplest meaning in mathematics and logic, an operation is an action or procedure which produces a new value from one or more input values."[source]
Windows Security: Software Level
As many of you know Windows is not the most secure Operating System in the world, but then again no OS is really secure if the user doesn't know how to protect themselves. Later I will show you how to lower the risk even more on your (the user's) end.
Null Byte: Never Let Us Die
If there ever was a time for Null Byte to need people to contribute, it's now. Let's make Null Byte a place where anyone, from novice to master computer user, come and learn. It has been sometime since the last "Call to Arms" for Null Byte, and even longer since the last "Weekend Homework". We all know that this time of year is busy for everyone, but that didn't stop occupytheweb otw from creating a great article in his continuing "Hack Like a Pro" series.
News: Piratebay - To be blocked in the UK
To those who may not know about this, the UK high court has ruled that all UK based ISP's are to begin blocking Piratebay. This comes in retaliation to Piratebay's action to take down all torrents and provide only magnet links to the pirated content - a move which releases TPB from liability should they be once more accused of hosting the actual content.
News: VMware source code leaked by Anonymous under the banner of The Pirate Bay
@AnonymousIRC released the source code for VMware, mentioning the Pirate Bay.
A Null Byte Call to Arms: Join the Fight Against Ignorance
Another week has passed on the online battlefield as the CISPA legislation continues to grind away at our freedom. Here at Null Byte, we try to keep our community informed and knowledgeable at the same time—and that means creating content for them to learn from.
Learn Java: Part One
So you want to learn the basics of the fantastic language Java, but you don't want to search the Inter-webs looking for a great tutorial. Well you came to the right place, now may I present to you JAVA.
News: Packet Capture + Cloud Technology == Awesome
We talk about packet captures often here on Null Byte, but check out this gem. The future of this? what do you all think?
The Null Byte Call to Arms: A Special Message to the Community
The community here on Null Byte has always been great and helpful in sharing their know-how, even before I took up admin duties in this World. I jumped at the chance of leading Null Byte because I enjoy teaching and informing people on all of the important need-to-know things out there, but more so than that—there is a deeper reason.
News: Want a Career in IT Security? Our IT Recruiter Shares the Top Qualifications in Demand Right Now
People sometimes ask me about the IT industry here in the states. These folks are usually either trying to get into a certain field, or looking to switch or move into another one. Right now, you may currently be a Computer Science major that will be graduating shortly and are interested in the current state of IT security.
News: Network Admin? You Might Become a Criminal Soon
It seems like the EU is currently in the works of making "the production or sale of devices such as computer programs designed for cyber-attacks" illegal. So, if you're a network admin that uses WireShark or Metasploit, you better watch out!
News: Anonymous Hackers Replace Police Supplier Website With ‘Tribute to Jeremy Hamm
Anonymous hacktivists announced via Twitter that they had successfully hacked the website of New York Iron Works, a police-equipment supplier, and replaced the homepage with a tribute of love to arrested hacker and Chicagoan Jeremy Hammond.
News: Stop CISPA NOW!!!
The US government is trying to push another anti-piracy bill through without anyone knowing so please click the link and sign it to tell Congress that they can't get away with this.
News: Gathering Data for Fun and Profit
Oh Data, You so Awesome! We are going to use Node.JS to gather us some data. Given nodes plethora of well abstracted network abilities and it's deep evened nature, it will make quick work of plugging into various data sources and gathering / making good use of said data.
News: Half a Million Macs Affected by Flashback Trojan! Eradicate It Before It's Too Late
Watch out Macs. Flashback is back. Variations of the trojan have reportedly infected 600,000 Mac computers around the globe, with about 57 percent in the U.S. and another 20 percent in Canada.
News: 1.5 Million Credit Cards Hacked in the Global Payments Breach: Was Yours One of Them?
As hard as you try to protect your valuable information with strong passwords and anti-doxing measures, there's nothing you can really do when someone else gives up your goods. And that is the case with the recent Global Payments breach.
News: Secure Your Wireless Network from Pillage and Plunder in 8 Easy Steps
Wireless networks. Nowadays, everyone uses 'em, but most don't secure 'em. On average, I can drive up and down any block in my city and find at least one or two open or semi-open networks on any given day. With some changed MAC addresses for good measure, an attacker can use your network as a spring board for who knows what. When the police come a few days after, they are coming to your door—and not to talk about how nice your lawn is. Don't be that guy.
Hack Logs and Linux Commands: What's Going On Here?
This morning, I received a message from a friend who was reading a hack log, and she had some questions about the commands used. This got me thinking, as Linux has a ton of commands and some can be archaic, yet useful. We are going to go over everything you need to know to read a hack log and hopefully implant the steps in your head for future use.
IPsec Tools of the Trade: Don't Bring a Knife to a Gunfight
Pull up outside any construction site and you'll see tools scattered about—hammers, jigsaws, nail guns, hydraulic pipe benders—these are the tools of the trade. You would be hard-pressed to build a home or office building with just your hands! On that same page, security professionals also have their own go-to tools that they use on the job site, only their job site is your server.
News: Backtrack 5 R2, 3.2.6 Linux Kernal
Backtrack 5 R2 was recently released and added over 40 new tools and updates to their old tools. Along with a new Linux 3.2.6 Kernel and better networking support.
Lock Down Your Web Server: 10 Easy Steps to Stop Hackers from Attacking
You want to put out a live web server, but you don't want to be owned in the process. An expert eye for security is not needed if you take a few basic steps in locking down the hatches. Most successful attacks today are not the complex, time-consuming tasks you might think, but simple lapses in policy that a hacker can take advantage of to compromise your server.
News: The Federal Laws Every Hacker Needs to Know to Stay Out of Prison
If you're a frequenter of Null Byte, I bet you have at least some interest in information security. Furthermore, you have a hobby that if applied in certain ways, will get you arrested. I've received quite a few messages from the community here about federal cybercrime law and how it applies to them, so I decided to get together with my lawyer to come up with some answers.
News: Finding Hidden Metadata in Images (Oh, the Possibilities)
Did you know there is hidden data in your digital pictures? Well, there is, and that data might be a security risk to you. Think back at all of those pictures you're in and are connected with. I'm sure some of those you'd like to distance yourself from. And surely you wouldn't mind checking out the metadata in a few of those images. In this article, we'll be going over how to do just that.
News: Massive Leak! Wikileaks publishes Stratfor emails.
Monday 27 February, WikiLeaks began publishing The Global Intelligence Files – more than five million emails from the Texas-headquartered "global intelligence" company Stratfor. The emails date from between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agenc...
News: New Variant of Zeus Trojan Loses Reliance On C&C Server
This week, researchers from Symantec shared information on the recent discovery of a new variant of the Zeus Trojan. This new variant of the popular and ever-changing banking Trojan makes use of P2P communication exclusively, making the botnet have no single point of failure and ensuring it can be kept alive and gathering data that the cybercriminal can profit from. In other words, this new variant requires no central Command-and-Control server to control the bots.
News: Learn to Code in Python, Part One: Variables, Input and Output
In this article, I'll be exploring the basics of Python, i.e. variables, input and output. You'll need Python (2.7+), a computer, and some free time.
News: Anonymity, Darknets and Staying Out of Federal Custody, Part Three: Hidden Services
For a moment, picture a situation where you want to host some files or images, but you do not want it traced back to you. Perhaps you're working on a project with others and need secure data storage. Anonymity is the new shield of the 21st century—and you best protect yourself. As always here at Null Byte, we are trying to make that happen. Before someone can learn how to root a box, they need to learn how not to be found. I can not stress that point enough.
News: Bugzilla Cross Site Request Forgery
Summary =======
News: Anonymity, Darknets and Staying Out of Federal Custody, Part Two: Onions and Daggers
In the first part of this series, we learned about darknets, as well as how they came about. But these patches of forgotten Internet are not the oasis of free information you might think. Despite being hidden—or just harder to come across—these networks are no more safe then anywhere else on the 'clear' Internet. The nature of networking and routing means your location is always known in server logs. It only takes one phone call to your ISP with your IP address to obtain both your physical ad...
News: Anonymity, Darknets and Staying Out of Federal Custody, Part One: Deep Web
You've probably seen those deep-web images floating around on the Internet. Usually, it goes something like this: There is a towering iceberg and the deeper the underwater portion extends, the more “hidden” and “exotic” the content is described to be. Sometimes these images are accurate to a point, but most are just making things up.
News: The Right Linux Distro
As many of you Null Byters may know, I was planning on writing this article a week or two ago. Better late than never! So, let's get right to it then—choosing the right Linux distro for your needs.
Uncrackable File Sharing: Securely Transfer Your Secrets with 4096-Bit Encryption
Do you need to email your wife your Social Security number? Send confidential business plans to your partner in Thailand? Send your hacker buddies the recovered hashes from last night's breach? Try using GPG, a valuable and easy to use open-source encryption program.
Uncrackable: Secure Your Secrets with 4096-Bit Encryption
As you progress in the world of information security, you'll find yourself in situations where data protection is paramount. No doubt you will have files to hide and secrets to share, so I'm going to show you how to use the GNU Privacy Guard (GnuPG or GPG for short) to encrypt and decrypt as you need. GPG is a great open-source version of Pretty Good Privacy (PGP), a similar application used for encryption, but licensing and patent problems led to the development of GPG in its wake.
Farewell Byte: Goodbye Alex, Welcome Allen
Hello, fellow Null Byters. Today, with mixed feelings, I want to let you know that this is my last official post as the admin of Null Byte. I've come to the decision that I need to spend more time focusing on my studies. Over the past 5 months, I have enjoyed building this community and teaching people unorthodox methods of doing things, creating things, and hacking them. But I'm also excited to be delving deeper into the studies that brought me here in the first place.
News: Art Meets Information Liberation with the Transparency Grenade
Julian Oliver created the Transparency Grenade in January 2012 for the Studio Weise7 exhibition at Labor 8. It's a transparent device with a "payload" built from an ARM Chip, an Arduino Nano, a mic, and a strong Wi-Fi antenna. It taps into wireless networks and logs emails, webpages, images, and voice to a publicly available online map showing its "detonation" location. Apparently, development for an Android version (sans the pretty plastic shell) is under way thanks to interested donors. See...
News: FBI holds teleconference regarding Anonymous - but they were listening!
The FBI decided to have a large internal teleconference on ideas and plans to wrangle in Anonymous 'members' - need less to say this ended in a rather unexpected way...