from Threat Level from Wired.com
The computer attackers who took down Comcast’s homepage and webmail service for more than five hours Thursday say they didn’t know what they were getting themselves into.
In an hour-long telephone conference call with Threat Level, the hackers known as “Defiant” and “EBK” expressed astonishment over the attention their DNS hijacking has garnered. In the call, the pair bounded freely between jubilant excitement over the impact of their attack, and fatalism that they would soon be arrested for it.
from Spread Firefox
Help make a Guinness World Record By Downloading Firefox 3 within 24hrs of its release!
from Irongeek.com
Finding Promiscuous Sniffers and ARP Poisoners on your Network with Ettercap
Most of you are familiar with using Ettercap for attacking systems, but what
about using it to find attackers? This tutorial will cover using Ettercap to
find people sniffing on your network. The plug-ins we will be using are
search_promisc, arp_cop and scan_poisoner. Have fun detecting network
sniffers.
If the embedded video below does not show RIGHT click here to save the file to your hard drive.
from Errata Security
Errata is looking for Beta testers for the next release of the Ferret iPhone package. You will need an unlocked iPhone and the capability to install a binary on it.
Please contact me at marisa@erratasec.com if you are interested.
O.
MG
from PS3HaX Network - PS3 Hacks
After a long time it finally seems that there might be a break through for the PS3 hacking scene. XVISTAMAN2005, has found a way to partially install a debug PS3 firmware on a retail PS3. Partially meaning that he has found a way to get a retail PS3 into debug mode, but currently the options are non functional.
Additional changes when the PS3 goes into this mode is that the Blu-ray drive no longer plays blu-ray movies.
However luckily, you can get out of debug mode easily by simply updating to a higher retail PS3 firmware, restoring Blu-ray movie playback functionality, and any other PS3 functions that were disabled in debug mode. The media server feature goes away but to restore it again, insert the original PS3 HDD to PS3 and reformat - read the tutorial below so this makes more sense.
So what is amazing about this? This gives PS3 hackers a huge new area to work with that was not previously available before, plus not to mention that devs already had a working ISO loader running on a full debug console this method currently gives us a partial-debug console.
Note: For this to work your system must be below or at 1.80 for the 1.80 debug update and below or on 2.01 for the 2.15 debug update. Just use the next version up from your current firmware version for the retail update.
Stay tuned we will keep you updated, view the tutorial on how to install the debug firmware below as well as download links to debug firmware.
[[TUTORIAL] How to install debug firmware on retail PS3 partially-HDD swap method]
UPDATE 1:
For those who are seeking to do this method with 2 diffrent hard drive sizes, a method has been found:
Originally Posted by ggparallel
Now for everyone with hdd problems , you can do a copy of the whole hdd and make it working.
I used the following procedures i have two hdd 60GB and 40GB :
I made a full format of the 40GB hdd and then i used the dd_rescue utility to recover the 40GB image on the 60GB hdd now i have a perfect copy , and it works of course.
This is great news for PS3 Hackers! Thanks for the heads up R7i1c3K.
from :: Hack In The Box :: Keeping Knowledge Free
The video recordings of the keynote presentations from HITBSecConf2008 - Dubai are ready for download:
Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen
On a related note, the Call for Papers (CFP) for HITBSecConf2008 - Malaysia (October 27th - 30th) is open. If you’ve got something new you’d like to present to the world; do submit. Some of the speakers who have already confirmed their participation include Dino Dai Zovi, Pedram Amini, TiAMO and brokep from The Pirate Bay, Ilfak Gulfanov and Alexander Tereshkin just to name a few. With 3 tracks of deep knowledge kung-f00 and an expected audience turn out of over a 1000, this will be one of the MUST ATTEND events of the year! 
from Phone Losers of America - PLA Radio Episode #17
OMG, it’s a new episode of PLA Radio In this episode I make a mockery of Bell Canada’s new voice authentication system. Boy, won’t they be pissed There’s also a few voicemails and miscellaneous updates thrown in and best of all…DEBBIE GIBSON MUSIC
00:00 Gilligan’s Island
01:12 Intro by Trevelyn
02:08 April Fools
03:35 Richard Cardo
04:30 Website issues
04:55 Voice Authentication
07:33 Call to Leslie
11:50 The Test
13:29 Voicemails - 505 796-4020 or phonelosers.org on Skype
Very cool hack starting @ 4:55 — give it a listen
from Slashdot
Debian package maintainers tend to very often modify the source code of the package they are maintaining so that it better fits into the distribution itself. However, most of the time, their changes are not sent back to upstream for validation, which might cause some tension between upstream developers and Debian packagers. Today, a critical security advisory has been released: a Debian packager modified the source code of OpenSSL back in 2006 so as to remove the seeding of OpenSSL random number generator, which in turns makes cryptographic key material generated on a Debian system guessable. The solution? Upgrade OpenSSL and re-generate all your SSH and SSL keys. This problem not only affects Debian, but also all its derivatives, such as Ubuntu.”
Very scary stuff if you are using anything Debian based — see this page for more info:
http://metasploit.com/users/hdm/tools/debian-openssl/
Sploit: http://packetstormsecurity.org/0805-exploits/debian-sploit.txt
from OCNN.com
MUSKOGEE, Oklahoma AP — A 19-year-old freshman at the University of Oklahoma was elected mayor Tuesday of Muskogee, a city of 38,000 in the northeastern part of the state.
art.hammons.file.jpg
John Tyler Hammons will be sworn in next week as mayor of Muskogee, Oklahoma.
With all precincts reporting, John Tyler Hammons won with 70 percent of the vote over former Mayor Hershel Ray McBride, said Muskogee County Election Board Secretary Bill Bull.
The public placing their trust in me is the greatest, humbling and most awesome experience I ve ever had in my life, said Hammons, who is from Muskogee but attends the university in Norman.
The two candidates squared off in a runoff election for the nonpartisan post after neither secured 50 percent of the vote in a six-person election April 1.
Hammons, who will be sworn in next week, said he plans to continue his college education but expects to transfer to a school closer to Muskogee.
Being elected does not change my desire to continue my education, he said. We will schedule our time in an appropriate fashion so that I can be mayor and stay in school.
Hammons replaces Wren Stratton, who decided not to seek re-election after one term.
The mayor leads the nine-member city council and serves as a voting member. Hammons said a key to his platform that resonated with voters was openness of government and keeping citizens better informed of city operations.
I think that s been a detriment to the trust of the citizens of Muskogee, he said. Once we have that trust, we can solve any other problem.
Not tech related — but still kind of “hacker-ish” =)
from The Register
Yesterday, the search giant cut off all ads served to Enturbulation, a fledgling site dedicated to promoting activism against the Church of Scientology and all its related organizations. This could have something do with the nature of the ads Google was serving. Many of the Google-driven ads funding the anti-Scientology site were paid for by the Church of Scientology.
“While going through our records recently, we found that your AdSense account has posed a significant risk to our AdWords advertisers,” read Google’s letter to Enturbulation, a kind of home base for the now famous Anonymous movement. “Since keeping your account in our publisher network may financially damage our advertisers in the future, we’ve decided to disable your account.”
Of course, it’s not Enturbulation’s fault that Google was serving the site pro-Scientology ads. AdSense automatically chooses ads based on a site’s content. And like any AdSense advertiser, the Church of Scientology has the power to ban its ads from individual domains.
