Hapy BDAY interwebz!@#$ Free Conf, SecureTwitter, and Blackberry eavesdropping fun++

The phone number i am about to post is from "freeconferencecallnetwork.com" we used to goto the site and setup a free conf, which in turn would give us a number and a PIN#. After using it a few times we realized that *every* PIN works *all* the time and they each lead to a different room. The 66666 is just the one we use. * after the pin gives you admin rights and # is normal.

7124321402 66666* <-- your halloween gift! dont wear it out.


ubuntu 9.10 was released a couple of days back and here is the link(ubuntu download page).

to all my anti-ubuntu homies, dont h8, flatulate!

I am skeptical of large anti-virus/malware companies, but Kaspersky and Finjan have released some nifty tools to fight malicious links on social networking sites.

"The company is scanning nearly 500,000 new unique URLs that appear in Twitter posts daily, he said. Of those, anywhere between 100 and 1,000 are malware attacks. Twitter has also been targeted by the Koobface virus which posts malicious links from infected users' accounts."

^ a respectable endeavor in my honest opinion, so check out the article at least.

and even better here is a link at CNET for the free finjan browser plugin dubbed SecureTwitter!

_____

I saw an article about a month ago about blackberrys being prone to attacks through freely available software that is laced with trojans/malware. Not a big suprise, but this is next bit of news is quite amusing.

BLACKBERRY USERS are being warned that a freely available spyware program will turn their crackberry into a listening device.

The application is called Phonesnoop and allows remote users to listen in on a Blackberry user's surroundings. The spyware app uses standard Blackberry APIs to intercept incoming calls. Once the software is installed, a call from a trigger phone number will activate the listening feature through the phone's built-in speakerphone feature to listen to everything that's going on around the phone."

link to article

and last but not least HAPPY BIRTHDAY INTERNETZ!@#$%

On Oct. 29, 1969, First Message Sent Between Two Locations

21,000 vuln embedded devices found in scan of internet

Primarily consisting of LinkSys routers(RLY?) a study posted today showed that over 21,000 embedded devices including webcams, VOiP products, and routers are vulnerable to remote attack. The main reason being that they have admin interfaces publicly facing the net. Not much to say here, other than i am not suprised. interesting article none-the-less. The image of vuln linksys routers made me giggle up my root beer.

http://www.megaplatinum.net/v5/html/ftopict-126009.html
http://www.wired.com/threatlevel/2009/10/vulnerable-devices/

Arduino over Web & My new twitter

http://ultimate-hacker.blogspot.com/2009/09/blinking-led-over-web-with-python.html

This article has the code and howto available on how to make an LED blink over the net with the arduino atmega board. Although this may seem to be useless, it is a great starting point on using the board for anything over the internet using Python, Apache, and PHP.

After years of twitter being the new "cool thing" I have finally made an account. it is located here.
though i doubt i will ever post much. In fact i make fun of tweets all the time. The main reason i want to get familiar with twitter is to use it in non-traditional ways. Our great friend c4thy from immoral.iniquity.net had an excellent idea that i will not post at the moment. It got me to brainstorming, and you guys will be seeing something come out of it in the near future.

frasunek is bitchmade.

"Hi! My name is Przemyslaw! I hope everyone enjoys my codez. I promise i tried to release them sooner but the FreeBSD security team ignored my frantic emails. I didn't want them to fall in the hands of some hacker before all my dumb admin buddies had a chance to patch"
More than a month after he posted videos of himself using the kqueue() related pipe (fbsd 6.4) and devfs(fbsd <7.2) the whitefag releases his exploits to the pub.

http://www.frasunek.com/pipe.txt

FreeBSD 6.4 and below are vulnerable to race condition between pipeclose() and
knlist_cleardel() resulting in NULL pointer dereference. The following code
exploits vulnerability to run code in kernel mode, giving root shell and
escaping from jail.

http://www.frasunek.com/devfs.txt

FreeBSD 7.2 and below (including 6.4) are vulnerable to race condition in VFS
and devfs code, resulting in NULL pointer dereference. In contrast to pipe race
condition, this vulnerability is actually much harder to exploit."

____


In other News:

Milw0rm.com seems to be dead, here is a mirror of the archives.

National CyberCrime Awareness Month - IBM AIX rpc.cmsd buffer overflow vuln

it is October, and you know what that means. hack or treat! It is the National Cybercrime Awareness month and someone already posted over 30,000 gmail, windows live, yahoo and other account usernames/passwords <--the list...(BBC article) (dailymail article) but how did this attacker aquire these?.. and why would they post them to the pub? . Most likely a phishing scam, but you never know, it could have something to do with a second party spacker(spammer/hacker) owning a large botnet. anyways check your crap and do not use 123456 or other retarded simple shit as your passwd. People are spooked and here is a crappy article about fighting phishers.

Today, google used a barcode as their daily image. after very little research i found that it is the 57th anniversary of the patent on the "barcode". here is a site that shows you how to make your own like google. with a lot of info on the concept.

IBM AIX stack buffer overflow vuln in rpc.cmsd (calender service) - security focus bid

Patch for AIX 6.1, Patch for AIX 5.3

You might remember a buffer overflow in this service back in 1999 that was widely exploited. ahhh memories!


and now for our COOL GUYS OF THE WEEK! the one on the left looks like Nicholas Cage!