New Scientist reports on a open-source software package called Offline Windows Analysis and Data Extraction (OWADE). It was launched at the Black Hat 2011 security conference, and can unlock files that show where PCs running the Windows operating system have been.

Read the rest of this post on the original site »

Fun for the whole family — especially if your family is the Russian mafia …

Ugly stuff peddled by ugly people — people whom Pricewert went to great efforts to protect. According to the FTC, the ISP advertises its services in the “darkest corners of the Internet” and “actively shields its criminal clientele by either ignoring take-down requests issued by the online security community or shifting its criminal clients to other internet protocol addresses controlled by Pricewert so that they may evade detection.”

Good thing then that a Federal Judge in San Jose, California has ordered the company’s upstream internet providers and data centers to pull the plug on it. “Anything bad on the Internet, they were involved in it,” FTC Chairman Jonathan Leibowitz told Security Fix. “We’re very proud, because in one fell swoop we’ve gone after a big facilitator of some of the utterly worst conduct.”

And he knows of what he speaks. Earlier in the day, Graham hijacked a Gmail session in front of a packed audience at the Black Hat security convention in Las Vegas. Using a pair of programs called Hamster and Ferret, which sniff the data transferred between a wireless router and a computer, Graham grabbed an unencrypted cookie used in a recent Black Hat Wi-Fi session and used it to hijack an attendee’s Gmail account. “I see 10 people’s cookies on my screen, I just need to click on the guy’s IP address and I’m in,” Graham said. “Once you get someone’s Google account, you’d be surprised at the stuff you’d find. … If I sniff your Gmail connection and get all your cookies and attach them to my Gmail, I now become you, I clone you. Web 2.0 is now fundamentally broken.”

And he knows of what he speaks. Earlier in the day, Graham hijacked a Gmail session in front of a packed audience at the Black Hat security convention in Las Vegas. Using a pair of programs called Hamster and Ferret, which sniff the data transferred between a wireless router and a computer, Graham grabbed an unencrypted cookie used in a recent Black Hat Wi-Fi session and used it to hijack an attendee’s Gmail account. “I see 10 people’s cookies on my screen, I just need to click on the guy’s IP address and I’m in,” Graham said. “Once you get someone’s Google account, you’d be surprised at the stuff you’d find. … If I sniff your Gmail connection and get all your cookies and attach them to my Gmail, I now become you, I clone you. Web 2.0 is now fundamentally broken.”