Lost+Found: Password klutzes, cat payloads and a lulzy-PoC
Too tiny for news, though too good to lose, Lost+Found is a gathering of a other stories that have been been on The H‘s radar this week. In this edition: a descent uses of plain text, explanation of concepts for a lulz, 29C3 videos, cargo enabled cats and Inception opens adult Windows 8.
- On Plain Text Offenders, tales are told on web services that store user passwords in transparent text. Over 1000 services have already been placed in a online pillory. Pages that mail users their entrance information in plain content have also been busted.
- The vicious 0day vulnerabilities in Java are now accessible in a Metasploit module. The vicious MoinMoin hole had a Proof of Concept on Pastebin that seems to have been combined for a lulz. Meanwhile, Charles Somerville explains in fact how a Rails vicious vulnerability works.
- The videos for 29C3 are now online – there are mirrors too. For those who wish their infosecurity perspectives most shorter, try Infosec Reactions where they usually overwhelmed it.
- Cats have payloads too. At slightest this cat did when it was delivered by a hacker who is being wanted by military for his use of a pathogen dubbed iesys.exe. The cat was found on an island nearby Tokyo with a memory label strapped to a collar containing sum of a pathogen that usually a creator would know.
- Inception stairs up. The Firewire hacking apparatus Inception claims that given 0.2.2 it is means to clear Windows 8 or make a transcribe of memory. Anyone who has indeed finished that and is means to endorse that should dump a line to The H Security.