Ringleader claimed to be an IT contractor, got access to bank computers.
Using social engineering to install a remote-controlled keyboard-video-mouse (KVM) switch on bank PCs, the gang managed to transfer millions to outside accounts in two separate jobs in April
and July of 2013. They were caught attempting to rob a third bank in September.
Last time I had to do this there was a service named dynamicdns.org which seems to still exist but no longer appears to be free. Instead I used dnsdynamic.org which is free and has a web API
as well as links to and instructions for setting up native tools to dynamically update my IP address.
According to the links within this article, although the root URI of the router requires authentication, the /password.cgi URI doesn’t and the resulting returned HTML contains (but does not
display) the plaintext of the password, as well as an HTML FORM to modify the password that is exploitable by CSRF.
The attack… infected more than 4.5 million DSL modems… The CSRF (cross-site request forgery) vulnerability allowed attackers to use a simple script to steal passwords required to remotely log
in to and control the devices. The attackers then configured the modems to use malicious domain name system servers that caused users trying to visit popular websites to instead connect to
booby-trapped imposter sites.
2011 Jul 18, 2:38Neat idea: "When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal
site that the user regularly visits... The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called
public-key steganography... As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that
some of these ISPs would deploy equipment we call Telex stations."internetsecuritytoolscensorshiptechnical
2011 Apr 8, 2:07"On average their method gets to within 690 metres of the target and can be as close as 100 metres – good enough to identify the target computer's location to within a few streets.", "When a landmark
machine and the target computer have shared a router, the researchers can compare how long a packet takes to reach each machine from the router; converted into an estimate of distance, this time
difference narrows the search down further."technicalinternetprivacygeogeolocationsecurity
The weekend before the previous, Sarah and I moved our belongings into the
new house and spent a lot of time packing and unpacking, and now we're officially living there (interested Facebook friends can find my
new address or just ask me). The Saturday of the previous weekend Sarah's family came over for a half house warming and half Sarah's birthday celebration which was fun and served to force us to do
more unpacking and forced me to take trips to Home Depot, Bed Bath and Beyond, etc. On Sunday, Sarah and I went out to her favorite restaurant and she opened her gifts that I had to hide to keep
her from opening before her birthday. Happy Birthday Sarah!
While at Home Depot I had trouble finding what I was actually looking for, but I did find everything I needed to terminate the Cat5e cables that are wired in the house. Each room has a wall plate
with two RJ45 sockets, both sockets wired to Cat5e cable. One of the cables per plate was already hooked up to a standard phone service punchdown board and the other cables per plate were all
hanging unterminated next to the punchdown board. So now I've terminated them all with RJ45 connectors and hooked them up to my hub, wireless router, cable modem, etc. I had the same sort of fun
setting all that up as I did playing with model train sets as a child. Hopefully no therapy will be required to figure out why that is.
2009 Apr 1, 10:42Lol at actual Facebook app that does IPv6 over Facebook. "...most network users are not aware of what IPv6 is or are even afraid by IPv6 because it is unknown. On the other hand, Social Networks
(like Facebook, LinkedIn, etc.) are well-known by users and the usage of those networks is huge... With IPv6 over Social Network (IPoSN): * Every user is a router with at least one loopback
interface; * Every friend or connection between users will be used as a point-to-point link... A working prototype has been developed by the author and is freely available: IPv6 over Facebook Social
Network [IPv6overFacebook]."humorsocialnetworkipv6ipiposnfacebookietfrfc
2008 Jan 28, 10:39Name your computer an HTML string to inject that HTML into the target wireless router's HTML configuration page.via:swannmansecurityxssinjectiondhcp
2007 Feb 16, 11:23This paper describes an attack on home networks using a page with javascript and java applets that takes over your router. Foiled by using the non default password.securityhackrouterbrowserjavascriptjavaarticle
Considering replacing my very aged home WAPs & router. Recommendations? This looks
enticing: http://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/ …
The weekend before the previous, Sarah and I moved our belongings into the
new house and spent a lot of time packing and unpacking, and now we're officially living there (interested Facebook friends can find my
new address or just ask me). The Saturday of the previous weekend Sarah's family came over for a half house warming and half Sarah's birthday celebration which was fun and served to force us to do
more unpacking and forced me to take trips to Home Depot, Bed Bath and Beyond, etc. On Sunday, Sarah and I went out to her favorite restaurant and she opened her gifts that I had to hide to keep
her from opening before her birthday. Happy Birthday Sarah!
Some rights reserved