Hijacking Websites for Hacktivism (part 2)

In the first post of this series I outlined my plan for the upcoming U.S. election. I’ll find unvarnished information about the candidates from sources like public records, create a website to display that information, and then re-route web traffic from the candidates’ own URL’s to my website. So far we’ve covered setting up the servers and collecting public information.

> Read More

Whitehat Lessons from $300M Cyber Crime Spree

By now you’ve read about the new indictment of five hackers from Russia and Ukraine in what is being called the “largest data breach scheme in the US.” You can read the DOJ press release here and/or a redacted copy of the indictment here [PDF]. In what is really a continuation of the Albert Gonzalez saga,

> Read More

SQL Injection Attack: Pot of Gold at the End of the Rainbow?

SQL injection attacks have been in the news lately given two recent highly publicized attacks against security vendors.  According to a recent IBM report, SQL injection attacks increased 30X between this past summer and the end of 2008 and resulted in a 50 percent increase in the number of malicious URLs hosting exploits.

> Read More