First let me tell you if you are a beginner who is an ethical hacker....
An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing, and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.
One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.
In a similar but distinct category, a hacktivist is more of a vigilante: detecting, sometimes reporting (and sometimes exploiting) security vulnerabilities as a form of social activism.
You all have heard a lot about hacking. There are mainly two types of hacking when we put it into a categorical class. They are Illegal hacking and Legal ethical hacking. Out of this the illegal hackers are named Black hat hackers and the others as White hat hackers. The main function of the Ethical hackers present in the world is to protect the whole cyber security. They indeed play a major role in that. But the emerging and the prominent white hat hackers do impede their actions. So can you challenge those illegal networking geeks.
According to the latest hacking listings the first five black hat hackers are here.
- Jonathan James (Great illegal hacker!)
- Adrian Lamo (Only 20 years old)
- Kevin Mitnick (Even managed to get FBI secret info)
- Kevin Poulsen
- Morroro
MySpace users! Beware of illegal hackers in to your profile...
HACKERS are targeting users of social networking website MySpace using techniques popular with phishing scams. Mass emails sent to MySpace members would contain invitations to add the sender as a friend. When a link in the email is accessed, what seems to be an official MySpace page appears. The user is then asked to download and install the latest version of Adobe’s Flash Player software, which is required to run many of the applications on MySpace. However, the whole exercise is actually a scam, security experts say. Once the program is installed it would allow hackers to remotely take control of the computer, and use to victims PC to distribute more spam.
The attack was first detected by security software company Marshall Software on Wednesday morning in its New Zealand test lab.
Marshall Software vice president (Product) Bradley Anstis said this could be the precursor to more advanced and malicious attacks.
“Once you’ve got the client installed on someone’s machine, because it’s (malware), they have the ability to remotely control that application.
Firefox spoofing flaw reported...
Mozilla’s Firefox web browser is vulnerable to spoofing attacks, according to an Israeli security researcher. Aviv Raff reported on his blog on Wednesday that Mozilla Firefox v2.0.0.11 allows information presented in a basic authentication dialogue box to be spoofed, opening up the possibility of users being redirected to a malicious website. Earlier versions of the browser may also be affected.
According to Raff, when a web server returns a 401 status code, it causes Firefox to display an authentication dialogue box. The 401 status code is returned by the web server when it recognises that the HTTP data stream sent by a browser or bot is correct, but access to the URL requires further user authentication.
The authentication dialogue box displays the server URL in what is called the WWW-Authenticate header field. This URL is in part defined by the realm value and, according to Raff, it is possible for an attacker to create a specially crafted realm value that will look as if the authentication dialogue came from a trusted website. This is due to Firefox failing to sanitise single quotes and spaces in the WWW-Authenticate header field, after a legitimate realm value enclosed in double quotes has been given.
Firefox influenced by Kelly injections...A best method to hack Gmail account passwords were culled out by some crafty hackers. it was using a Kelly code injection when a user is online in a network and there by using the Cooke Editor plugin by Mozilla Firefox it will tap the whole thing out!
It was published in Go4Expert.com
I too think that this will prove beneficial to all the other hackers to hack in to gmail.
Password provision spams...
Nowadays, a number of spams are there and i just checked out one. A lot of hacking spams are availale in Scribd.com which steals your password.
It was something like this to send a mail with subject as Password Retrive. I say that these are for sure spams and do not enable you to hack anything. So don't ever try it out!
0 comments:
Post a Comment