The Edge of I-Hacked

from Freeset - Human Locator
The multiple award winning Tabu Ultra Lounge at the Las Vegas MGM Grand has been recently renovated with the addition of 5 interactive tables. Since its opening, Tabu has been the trend setter for the many lounges that have recently sprung up in Las Vegas.

You have to check the videos out.. Incredible

from IGN:

If You’re planning to see X-Men: The Last Stand this weekend, right? We expect most of you are. That being the case, apart from our regular reporting on the movie, IGN FilmForce now asks you to do one important thing. If you’re an X-Men fan, you’ll regret it if you don’t! At the theater this weekend, when the credits roll, when the audiences begins to filter out of the exits… keep your seat. And then, perhaps, share this little secret with a few of your friends: the movie isn’t over.

We don’t want to spoil anything for you, but we want you to know that the scene that follows isn’t your typical post-credits tack-on. It’s a coda for one of the main characters. The scene is maybe 30 seconds in length, but it’s enough. And it will surely be one of the more talked moments in the fan community.

Think you know what this scene is? Guess all you want, but chances are that you won’t see it coming.

Major mutant war happens this Friday! Wolverine yells, “Hold the line!” - that stand’s not easy. All you have to do is hold on through the end credits - that’s much easier. You don’t want miss the coda!

from eEye.com

May 22, 2006

Exploits Circulating for Zero Day Flaw in Microsoft Word

eEye Digital Security is advising customers to the existence of exploit code leveraging a previously unknown vulnerability in Microsoft Word. This exploit code has been targeting individuals through email messages with a malicious Microsoft Word attachment. The messages appear to come from someone within the individual’s own organization, and simply opening the Word file causes the system to be exploited.

Severity

High

Systems Affected

Windows 2000
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server 2003
Windows XP
Microsoft Word

Overview

Successful exploitation of this flaw would lead to the attacker gaining full rights in the context of the exploited user. As an example, if an exploited system was being run under Administrator privileges, then the attacker would gain Administrator privileges for that machine and be able to execute code, delete or edit files or change configuration settings.

It should be noted that these attacks are currently extremely targeted. Across various organizations only a small handful of systems have been attacked. These emails were at least somewhat hand-crafted for the people targeted for attack. Administrative privileges are required for the exploit code to operate properly, although administrative privileges are not required for the security vulnerability itself.

Attack Characteristics

Early forensic investigations show the attacks originating from within China.

To date, there have been two variants found in the wild, termed most popularly,
GinWui.A and GinWui.B.

Two email subject lines have been reported:
“Notice”
“RE Plan for final agreement”

Two email doc attachments have been reported:
“NO.060517.doc.doc”
“PLANNINGREPORT5-16-2006.doc”

Previous versions of this exploit have been reported to be successful on Chinese versions of Microsoft Word. This new variant has been confirmed to work on Microsoft Word 2000, Word 2002, and Word 2003 English versions. On Microsoft Word XP, the exploit crashes the machine; however, it is trivial to modify the exploit to allow for remote code execution, and we expect this to be a possibility in any future variants.

Prevention

eEye Digital Security’s Research Team has confirmed that eEye’s Blink® protects from the potential exploitation of this Microsoft Word zero day vulnerability without requiring invasive firewalling. The result is 100% protection, with zero downtime or impact to operations.

Users interested in protecting their systems with Blink can download an evaluation here:
http://www.eeye.com/html/products/blink/download/index.html

References

Microsoft Security Response Center’s Pages on GinWUI
http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx
http://blogs.technet.com/msrc/archive/2006/05/20/429612.aspx

US-CERT Technical Cyber Security Alert TA06-139A on GinWUI
http://www.us-cert.gov/cas/techalerts/TA06-139A.html

US-CERT Vulnerability Note VU#446012 on GinWui
http://www.kb.cert.org/vuls/id/446012

SANS Page on GinWui Targeted Attack
http://isc.sans.org/diary.php?storyid=1345

from profit42.com

A few hours ago I was searching for a way to share my music itunes library with some friends. After trying some different options I think I found the best one. Hamachi allows you to share your iTunes library with a few mouse clicks (and only with people you know so it won’t destroy your bandwidth).

The requirements:

- iTunes (http://www.apple.com/itunes/)
- Hamachi (http://www.hamachi.cc/)

Preperation:

1. Install and open Hamachi.

2. After following the brief on screen tutorial and create a new network by clicking on the bottom-middle button.

The guide:

1. Open iTunes and Click Edit>Preferences>Sharing.

2. Click the ‘Share my music’ checkbox.

3. Now give the name of your network along with the passowrd to someone you know, let him join your network and start iTunes. If he or she also follows the previous two steps (not the netwrk creation) you will also be able to listen to his/her music!

from interact10ways.com

It just keeps going, and going and going

Pligg Blog » Pligg Fundraiser
Pligg is currently holding a fundraiser to help keep development alive. If you currently use Pligg for a site (or would like to setup your own social based site similar to digg) please help donate to the cause. It doesn’t have to be much, every little bit helps. I am not affiliated with Pligg in anyway (other than I use & love it)

Please DIGG THIS STORY so it can get some traffic!

from Zone-H.org * News

Yesterday the Turkish cracker going by the handle “Iskorpitx”, succesfully hacked 21,549 websites in one shot (plus 17,000 as our last update) and defaced (on a secondary page) all of them with a message showing the Turkish flag (with AtaTurk face on it) and reporting:

“HACKED BY iSKORPiTX

(TURKISH HACKER)

FUCKED ARMANIAN-FUCKED FRANCE-FUCKED GREECE-FUCKED PKK TERROR

iscorpitx, marque du monde, présente ses salutations à tout le monde. ”

Iskorpitx controversial defacing activity started back in year 2003 being the first Turkish defacer ever. His defacing frenzy led him soon to reach the “incredible” number of more than 117,000 hacked websites some of them being even government websites of his own country. In this last incident, it is not clear at which level the intrusion was performed (root or webserver) as the fact that all the 21,549 websites got defaced on a secondary page (site.com/ssfm/isko.htm) it is not indicative given the particular Iskorpitx’s modus operandi that sees all of his hacks performed creating a subpage, regardless the authorization level achieved on the attacked servers.

In the recent months Iskorptix has been taken as a model to be imitated by a lot of young Turkish crackers, making Turkey the new defacers kingdom, totaling nowadays more than 50% of the notified defacements overall, surpassing the former defacers kingdom: Brazil.

Script Kiddies or Script Grannies? Iskorpitx is believed to be 45 years old, sometimes being helped for minor defacement activities by another Turkish “senior cracker” (42) going by the handle of Metlak .

Despite the fact that the majority of Turkish defacers are performing Islam-related hacks, this doesn’t seem to be the leading motivation for Iskorpitx.

from Linux.com

Need a way to resize NTFS partitions, mirror disk images, or otherwise muck about with disk partitions — and don’t want to use a proprietary package like Partition Magic? If so, the GNOME Partition Editor (GParted) is an excellent open source tool for the task. The GParted team released the GParted live CD version 0.2.4-2 this month, so I decided it was a good time to take GParted for a spin.

GParted handles Ext2, Ext3, FAT16, FAT32, JFS, ReiserFS, Reiser4, NTFS, XFS, and other filesystem formats. At a bare minimum, GParted can detect, read, copy, and create partitions using those file systems — and, in some cases, can shrink, expand, and move partitions. See the features page on the GParted site for the full rundown on GParted’s capabilities.

from torrentocracy - blog

Why not stream my own video to the phone? Better yet, why not just automate my MythTV to convert my recorded programs and automatically have them ready to be streamed whenever I care to watch them on the phone?

A bit of research later, I discovered SlingBox can stream your tv to your phone, but it needs to be a Windows mobile phone and then there’s the monthly service fees and the box to buy. I also found random mythtv devotees with similar ideas at least as far back as January 2005, but couldn’t otherwise find a concise guide or more information. Inspired by ZooVision, I knew it was possible for users to stream their own content to their phone, it was just a matter of putting the pieces all together. A couple hours of tinkering later, and I’ve got a working solution… my “tivo” on my cell phone wherever there’s sprint evdo access. So here are the steps:

from Gogglemarks.net

The hack is to assert control over the buttons of an alarm clock using a microcontroller. The microcontroller serves to interpret commands recieved from an IR reciever/demodulator, and metabolize those commands into useful sequences of alarm clock keystrokes, allowing you to set the alarm time, snooze, dimmer, etc… as if you were at the clock actually pushing the buttons. Since you’re using a microcontroller though, you needn’t simply tunnel buttons on your remote to the buttons on the clock. You can maintain the clock’s alarm state inside the microcontroller, and use it to set the time in a more intuitive way, say, by pushing number keys, instead of clicking HOUR or MIN a thousand times.

Yea two videos in a row!