illmob

A massive vulnerability has been found in OpenSSL, the open-source software package broadly used to encrypt Web communications. The flaw allows attackers to steal the information that is normally protected by SSL/TLS encryption, which is used to protect Web applications, e-mail communications, instant messaging (IM) and some virtual private networks (VPNs).
Essentially, that means a lot of Internet users are affected. And potentially, passwords, private communications and even credit card information could be available to hackers courtesy of this newly-discovered bug.
A few people have been checking major websites to check if they’re vulnerable

One of my favorite tools, Offline NT Password & Registry Editor, finally got an update last month after a 4 yr hiatus. The new version includes support for Win8.1 and a working promote user to admin feature among other fixes. Download it from ::HERE::

Rapid 7 released the “exploit/android/browser/webview_addjavascriptinterface” module which allows attackers to remotely access on most Android devices prior to version 4.2.

More Info

For those wanting more secure SMS convos, TextSecure has been added to CyanogenMod :::More Info Here:::

So we linked our IRC with the guys who are starting a new Sub7 project. irc.illmob.org #subseven

The Dread Pirate Roberts has been caught UlbrichtCriminalComplaint.pdf

Ross William Ulbricht, a 29-year-old graduate of the University of Pennsylvania School of Materials Science and Engineering known by the online alias “Dread Pirate Roberts,” was arrested by the Federal Bureau of Investigation on Tuesday for his alleged involvement in the Silk Road online marketplace, according to court papers published this week.
Seems like DPR used his real name on some stackoverflow questions and used the same forum signature in two different spots

Derbycon ended on Sunday but the videos were being finished and uploaded almost the very same day by Irongeek.
Check ’em out.

It’s that time of year for Derbycon \0/ most of the illmob crew will be down there partying all weekend. See you there!

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of different vulnerability databases.

Looks like Webroot picked up my source code for an article ::HERE::. This is a screen shot of my Assembly code for Robin Hood

If it took them 2 years to ‘uncover’ source code for this, then I have no faith in their ability to protect against 0day threats.
posted: Saturday, June 18th, 2011 at 3:42 pm