Archive for April, 2009

TROOPERS09 – are you with hackers or what?

Wednesday, April 22nd, 2009

If you added this blog to your news feeder, then you prefer getting skilled rather than getting owned – as in Troopers’ motto.

Troopers09 is an international IT-Security Conference held in Munich, Germany. This event is created for CISOs, ISOs, IT-Auditors, IT-Sec-Admins, IT-Sec Consultants and everyone who is involved with IT-Security on a professional basis. The goal is to share in-depth knowledge about the aspects of attacking and defending information technology infrastructure and applications. The featured presentations and demonstrations represent the latest discoveries and developments of the global hacking scene and will provide the audience with valuable practical know-how.

Andrey Belenko ( ElcomSoft’s Lead IT Security Analyst) will enjoy the conference and give a talk tomorrow (on 23rd April 2009) at 16:00 – 16:45, here is an abstract of his speech: http://troopers09.org/content/e3/e282/index_eng.html 

 

Adobe Reader [in]security

Wednesday, April 22nd, 2009

From F-Secure advises against using Adobe Reader article:

Of the targeted attacks on managers, politicians and other high-ranking individuals registered this year, almost 50 per cent have exploited six security vulnerabilities in Adobe’s PDF products. In 2008 it was Microsoft Word which proved the most popular target – with 35 per cent – for such attacks, although the number of vulnerabilities in Adobe Reader (19) was already exceeding the number in Word (15) by four. Hypponen notes that while the number of infected PDF files observed between January and April 2008 was just 128, over the same period this year it rose to more than 2300.

So, you have been warned ;) . And just to remind you (though you’re probably aware of that):

Wireless Security Survey

Wednesday, April 22nd, 2009

The key findings of the survey of the 35860 wireless networks (in 12 Indian cities) are:

  • 37% appeared to be unprotected.
  • 49% were using WEP encryption.
  • Balance 14% were using the more secure WPA/WPA2.

The authors say that this makes around 86% of the observed wireless networks vulnerable, but we’d add that remaining 14% are not totally secure. Why? Check our Wireless Security Auditor :)

Six-Core Opterons (Istanbul)

Wednesday, April 22nd, 2009

According to Tweak Down, AMD will start shipping them next month. We’ll see how do they compare with Intel Gulftown.

Military Strike Fighter F-35 Materials Hacked

Tuesday, April 21st, 2009

As posted by Rosalie Marshall in her today’s article, secret F-35 military plane design materials have been stolen presumably by Chinese hackers (?):

The hackers copied data relating to the aircraft system design by exploiting network vulnerabilities in computer infrastructure belonging to contractors helping to build the new planes.

They gave no more detail on network vulnerabilities revealed by intruders except for the fact that only online computers could be attacked and so more important information (stored on offline machines) remained intact. 

Tesla supercomputer

Tuesday, April 21st, 2009

Can you imagine 10,080 processing cores? And how about 40 TFlops? Thanks to NVIDIA Tesla — this is 42 C1060 cards only.

And btw, don’t miss NVidia Promotion: 50% off MSRP on Tesla C1060.

ATI Radeon HD 4770 expected next month

Tuesday, April 21st, 2009

The 40nm-wonder ATI Radeon HD 4770 is expected in May at price $99, according to engaget. It seems it’s going to outperform Nvidia 9800GT in terms of speed and price.  As for speed, VR-Zone claims that HD 4770 is not a step behind HD 4850, do you believe it? Look at the benchmarks based on computer games.   

 

Password cracking with Apple Mac Pro

Tuesday, April 21st, 2009

Nvidia has announced that it will now offer Nvidia Quadro FX 4800 for Apple Mac Pro systems. Good idea! More on CNET.

Intel Gulftown

Tuesday, April 21st, 2009

New member of Core i7 family: six cores, hyper-threading, and some new instructions — including ones for AES encryption. Unfortunately, useless for our password-cracking purposes: most password-checking routines are based on SHA-1. But anyway, an ability to run 12 threads at a time will definitely increase the performance. We’ll see (in Q1’2010). More info at Tom’s Hardware.

NVIDIA GT300

Monday, April 20th, 2009

According to The Inquirer, Nvidia GT300 promised in October. Should be a good video card for GPU-accelerated password cracking :) .