Paris Hilton has been caught using a caller I.D. spoofing service to hack into someone else's voicemail, according to spoofing company SpoofCard.

OK, its official, Hacking, Phreaking, and related activities are now, officially, lame. This is no longer the domain of detached, nihilistic, techno-futurist intellectuals who are pushing the edge of the envelope while blasting KMFDM. This is the domain of daddy's money poplettes and myspace chix0rs who are all like OMFG while blasting Britney Spears. Its over. Fuck it. Find a new hobby.

27B Stroke 6: HPVA is the new pop?

While it's a nice idea, this extension, in it's current form, really doesn't do anything to protect people's privacy.

Acidus was talking about making something like this.

Boing Boing: TrackMeNot: Firefox extension randomizes your search history

"I met my wife on your captcha!!!" -- Steve, from New York

OK, this is funny... Hotornot captcha.

Captcha Mashup

This module exploits a stack overflow in the NetApi32 NetpIsRemote() function using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that other RPC calls could be used to exploit this service. This exploit will result in a denial of service on on Windows XP SP2 or Windows 2003 SP1. A failed exploit attempt will likely result in a complete reboot on Windows 2000 and the termination of all SMB-related services on Windows XP.

Don't be suprised if someone turns this into a worm. Patch early and often.

The Metasploit Project: MS06-040

Or: How Acidus [*] learned how to port scan company intranets using JavaScript!

Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours.

This scenario is no longer one of fiction.

You can visit the proof of concept page he created and test drive it now.

This is really, really, really scar^H^H^H^H cool!

Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript

Bugle is a collection of search queries which can help to identify software security bugs in source code available on the web.

rehpic

ISS X-Force has reported a vulnerability in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).

Provided and/or discovered by:
Tom Cross, ISS X-Force

woot

Secunia - Advisories - Asterisk IAX2 Call Request Flooding Denial of Service

I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way.

Top 100 Network Security Tools

On June 17 2006, a press release denouncing a big bribery scandal was sent out by Taiwan’s Defence Ministry Network. The announcement came from the official source of the Ministry, and the press soon reported the news while outraged comments raised among citizens. However, the statement was not real: Governmental Security Systems were hacked and the intruder managed in using official credits to spread out a fake press release...

What’s interesting in this case is that the operation seems to have been planned to work on a larger scale, over a long period of time in order to damage the public image of Taiwanese government.

www.zone-h.org - CHINA VS. TAIWAN: IT'S CYBER WAR

Ignoring the time and cost of labor, the system cost is ridiculously low. The most expensive item in the system is the TI module, which costs around $60. All the other components, the materials for the PCBs, and the items needed for building the loop antenna, together cost at most $40-$50, giving a total cost of $100-$110.

Cool Paper. The cost of time and labor, however, should not be underestimated.

How to Build a Low-Cost, Extended-Range RFID Skimmer