United Arab Emirate's site for security news, latest security blog posts, security podcasts, hardware hacks and security related links.
Monday, December 31, 2007
CCCure CISSP Boot Camp in Dubai -- From the 11th to the 15th of February 2008
For more information or registration, contact the OISSG at:
OPEN INFORMATION SYSTEMS SECURITY GROUP (OISSG)
Level 41 Emirates Towers,
Sheik Zayed Road
Dubai, 31303 UAE
Telephone: +97143197776
Fax: +97143197775
Email: info@oissg.org
http://www.oissg.org/
Monday, December 24, 2007
Sniffing GSM Data, 007 Style!
Well I have been doing a bit of research on GSM sniffing tools and techniques that can allow penetrating GSM Networks. During this I came across a device that is basically used to intercept/record/jam GSM cellular communications. These devices are sold commercially, however can be only obtained by Low Enforcement and Govt. Agencies :). The price of these units is upwards to $500,000 USD. So they do exist, and in van styles ;).
More information about these devices can be found on:
Homeland Security Strategies
CryptoPhone
Also check out this Open Source GSM Scanner project, looks interesting:
The Hacker Choice (THC, GSM)
UPDATE:
see our new post:
GSM Hacking on the Cheap! which includes a Black Hat Presentation.
Also see a youtuve video demonstration of how it is done and how you can protect agains it with software:
Update October 2008:
See our youtube video post with full hacking details for building a gsm sniffer for under 1000 USD:
http://www.uaehackers.com/2008/10/layerone-2008-david-hulton-intercepting.html
Sunday, December 23, 2007
Inguma 0.0.6 Python-Based Free Pen Testing Framework
Inguma 0.0.6 Released for Download: "In this new version various things have been added like new modules for Oracle. The best way to evaluate it is to test it :)
Wednesday, December 12, 2007
Stop Arabic Chain Emails: The Mars Email
http://www.google.com.au/search?sourceid=navclient&ie=UTF-8&rls=GGLJ,GGLJ:2006-50,GGLJ:en&q=arago+focusonline+3%2d16
After following the links, you can clearly see two points:
- The news article on BBC states that Masterfoods plans the change in Mars products for the UK. The plans to use animal enzymes were stopped by Masterfoods as stated in this BBC Article: http://news.bbc.co.uk/2/hi/business/6954900.stm
- The other pictures are not even related! They belong to a Dutch website about an experiment with candy bars and liquid nitrogen!
Here is a Google translation of the article containing the pictures:
http://translate.google.com/translate?hl=en&sl=nl&u=http://www.arago.utwente.nl/focusonline/artikel.php%3Fid%3D339&sa=X&oi=translate&resnum=10&ct=result&prev=/search%3Fq%3Darago%2Bfocusonline%2Bcandybar%2Bstikstof%26hl%3Den%26rls%3DGGLJ,GGLJ:2006-50,GGLJ:en
Before passing along an email to your mates, make sure to take 5 minutes of your time to inspect the contents and be critical of it.
Monday, December 10, 2007
World first: 27Mhz based wireless security insecurities - "We know what you typed last summer"!
Wireless keyboards and mice are becoming an increasingly common sight on desks. However, wireless hardware carries large hidden risks. Dreamlab Technologies and remote-exploit.com has shown that it is possible to capture and decrypt keystrokes, meaning that user names, passwords, bank details or confidential correspondence can be very easily eavesdropped.
Great ha! Want more?! Check out the whitepaper and watch the video demonstration.
Thursday, December 6, 2007
The 20GB+ Eee PC mod - Engadget
Here is the Math:
4gb existing memory + 16gb flash drive + usb port plug from a USB hub + some wires = 20gb Eee pc
Add in a bluetooth dongle and you got yourself a serious mod!
http://www.engadget.com/2007/12/04/the-20gb-eee-pc-mod/
Sharjah Police plan new unit to fight cybercrime
For more information, visit:
Gulfnews: Sharjah Police plan new unit to fight cybercrime
Wednesday, December 5, 2007
SANS Top 20 Security Risks 2007
SANS Top-20 Security Risks 2007
Also, read Bruce Schneier and others' comments on it:
http://www.schneier.com/blog/archives/2007/12/sans_top_20.html
Schneier on Security: How to Secure Your Computer, Disks, and Portable Drives
Schneier on Security: How to Secure Your Computer, Disks, and Portable Drives
High-Tech Cheating using a Coke Bottle and Photoshop!
http://www.snotr.com/video/687
Saturday, December 1, 2007
Businessinfo web security applications & experiments
Businessinfo web security applications & experiments: This site is the personal web security playground of Gareth Heyes were he shows the latest tips or applications in the security field.
Pretty cool stuff :)
Thursday, November 29, 2007
Great CSRF Presentation and Links
http://www.databasement.net/csrf.html
Thanks for sharing Martin :)
Tuesday, November 27, 2007
Al Gore's "An Inconvenient Truth Website" Hacked
Saturday, November 24, 2007
aeCERT launches National Security Awareness Campaign in November
Read more about the campain at:
http://www.aecert.ae/securityawareness.html
Also, read the UAE Cyber Laws from aeCERT's website:
http://www.aecert.ae/preventionoftechcrimes.html
Wednesday, November 21, 2007
Tuesday, November 20, 2007
Arabic Version of Zone-h
Link:
http://arab.zone-h.org/
Monday, November 19, 2007
Mash RSS Feeds with Yahoo Pipes and more RSS Hacks video
http://blip.tv/file/478814
What's Next? Peer to Peer Botnets?
OWASP Live CD V 2.1 and How to Run .iso in VMWare
If you want to use it right away, I suggest this very basic XXS video if you haven't done this sort of stuff before.
Saturday, November 17, 2007
SlingBox Hunting Script :)
Monday, November 12, 2007
Volunteer Lecturers Wanted
The lectures will address needs of the UAE labor market when it comes to computer skills and will cover ways to upgrade the employee's performance to meet the needs.
Volunteer and participate with the Emirates Internet Group by allocating 2-3 hours of your time per month to provide a lecture or Seminar and make a difference.
For more information, please visit:
http://www.isoc.ae/pages.php?pages=1&id=38
Sunday, November 11, 2007
Cutting Edge Hacking and Defense Workshop and ISO 27001 Certification Workshop in Dubai
http://www.oissg.org/certification-training-new-/index.php
Download the official brochure for the Dubai workshops here:
- Cutting Edge Hacking and Defense: http://www.oissg.org/certification/penetration-testing-dubai-december-2007
- Achieving ISO 27001 Certification: http://www.oissg.org/fist-dubai/achieving-iso-27001-dubai-december-2007/download.html
These certification workshops fund the Open Information Systems Security Group (OISSG) research and development of the ISSAF.
You can also download ISSAF - The Open Source IT Security Framework for free! (9.59MB, 1264 pages):
http://www.oissg.org/component/option,com_docman/task,doc_download/gid,7/Itemid,134/
Friday, November 9, 2007
For Shame!....F3 Hacked!
http://regmedia.co.uk/2007/11/08/f3_defacement.jpg
At the time of this post, it just says: "Site is currently down. Sorry for inconvenience. Ted". FYI F3 is the site for the First Forensic Forum.
For more information on this, visit the Register:
http://www.theregister.co.uk/2007/11/08/forensic_forum_hack/
UAE's PRIDC Program wins 'Information Security Award'
The UAE has won the Information Security Award for the Population Registry and Identity Card Programme (PRIDC) which has been implemented and developed under the supervision of Emirates Identity Authority since 2005.
Darwish Al Zarouni, General Director of the Emirates Identity Authority, said the award should be the joy and pride of all UAE people and was a result of huge efforts made by the UAE to adopt state of the art information technology systems.
More news links on the award can be found here:
HITB Dubai 2008 - Call for Papers Now Open!
Talks should discuss new and never before seen attack methods. Summaries should not exceed 250 words in plain text format and should be sent to cfp -at- hackinthebox.org for review and possible inclusion in the programme.
Early bird registration for attendees closes 1st January 2008. For more information, please visit the official website at:
http://conference.hackinthebox.org/hitbsecconf2008dubai/
Saturday, November 3, 2007
Botmaster! The Video
Kids, don't let the Botmasters BotPlug your PCs! Fancy more on Botmasters? Check out Botmaster News on Google.
Thursday, November 1, 2007
Gulfnews: UAE tops Gulf states in internet security threats!
http://archive.gulfnews.com/technology/internet/10164185.html
Wednesday, October 31, 2007
Monday, October 29, 2007
[GUIDE] Installing Leopard on an Intel PC!
- Leopard (9a581 GM DVD image)
- A PC
- This patch: http://rapidshare.com/files/65339534/BrazilMac-9a581-Patch.zip.html
For detailed directions and to download the patch file, visit this link:
http://forum.osx86scene.com/viewtopic.php?f=16&t=2008&start=0&st=0&sk=t&sd=a
Who said you can't have your cake and eat it too ;)
Sunday, October 21, 2007
WELCOME TO THE UAE, HACKERS!
For more information visit link:
http://www.bi-me.com/main.php?id=13354&t=1&c=33&cg=4
SecurityStreet:
PandaLabs Blog
Webroot Threat Blog
Daily Infosec News
HITBSecNews
Naked Security - Sophos
Taddong
Zone-H.org News
CGISecurity
ArsTechnica:
HACK A DAY
Help Net Sec
The Spanner
Middle East Technology News
CRIME
Selil Blog
HACKING IN THE NEWS
Special Defacements
The Certified Geek
DoS Files ≈ Packet Storm
E Hacking News
Banned in UAE:
News ≈ Packet Storm
DARKNET
MySecured.com
All rights reserved.