Lifehacker.com had an article the other day that pretty much held your hand on steps to crack a WEP password using BackTrack3. Check it out ::HERE::

Google just added an SMS option to its accounty recovery system, letting anyone who forgets their passwords, or finds it suspiciously locked, set up a mobile phone number to have a recovery password sent to. U.S.-only for now, but Google says it’s working to expand the option. Want to add your phone number to an existing account? Sign into account management, then head to Change Password Recovery Options.

via Google Operating System

DID you change your computer password?

This simple act can save money and protect your personal information, the Broadband Minister, Stephen Conroy, said yesterday as he launched the first “National Change Your Password Day”.

Senator Conroy, who revealed his own computer had this week been bombarded with more than 50 fake emails pretending to be from his bank, said people should change their passwords at least twice a year.

He recommended passwords always include letters and numbers and warned people to be vigilant. “Stop and think before you click on links or attachments,” he said.

“No one wants to lose their bank details to criminals or fall victim to an online scam and that’s why it’s important that people understand simple steps, such as getting a better, stronger password, can help them stay smart online and protect their personal information.”

He said this would build confidence in the digital economy, especially as more people increasingly use computers for personal, social networking and business purposes.

“Don’t just choose a password with your birthday or the name of your favourite football team. Get security software and update it regularly,” he said.

Meanwhile, the Auditor-General said he would have a full inquiry into the Government’s first failed broadband tender. The Opposition spokesman, Nick Minchin, has urged the audit into the process after Telstra was excluded on a technicality and the Government said none of the other bids was good enough.

The Government made the surprise announcement to instead set up its own $43 billion company to build the broadband network.

Via: smh.com.au

For those of you trying out the new beta version of Opera,the all new opera 10 BETA 2 does not detect previous versions of opera and does not offer upgrading from previous versions.If you want all your passwords copied just do this from a command prompt:

copy "%userprofile%\AppData\Roaming\Opera\Opera\profile\wand.dat" “%userprofile%\AppData\Roaming\Opera\Opera 10 Beta\wand.dat”

The biggest risk to your Mac is if it is lost, stolen or physically compromised. If you setup a secure password as discussed previously and the thief can’t login, they can still gain access to all your data using one of the special start-up modes built into all Macs.

These start-up modes include booting from an install DVD and resetting the password, using Target Disk Mode to use your Mac as an external hard disk, or booting into Unix-style Single User Mode.

There is a way to protect your computer by setting a firmware password. The password is written into the computer’s firmware chips on the motherboard and if anyone tries to use a special start-up mode, they will be prompted for that password.

Apple provides a utility for setting a firmware password called Firmware Password Utility.

For Mac OS X 10.5.x, start from the Leopard Install DVD and choose Firmware Password Utility from the Utilities menu.

1. Click to select the checkbox for “Require password to change Open Firmware settings”, as shown below.

2. Type your password in the Password and Verify fields.

3. Click OK

4. Click lock icon to prevent further changes

5. Choose Quit from the application menu

Now, if anyone attempts to use any of the special start-up modes, they will be prompted for the firmware password you set.

via: mac101.net

Three years after Symantec pulled the plug on L0phtcrack, the tool for auditing and cracking windows passwords is back. It was pulled from the market in late 2005 shortly after Symantec acquired @stake, @stake took control of the rights a year or so earlier when it merged with L0pht. With a price starting at $295, will it live up to it’s name when the market has many freeware options to choose from?

L0phtcrack team member Christien Rioux says the features such as scheduling and a dashboard that simplifies the process of disabling users with weak passwords makes the program stand out. “There are a number of enterprise administrative features that make the product worth it for organizations that are doing this on a regular basis,” he said. “It’s been a very long time that this has been out there. The benefit is that we’ve had the opportunity to interact and fix [customer] issues and take [in] their concerns.”

The $295 Professional versions includes:

• Password assessment
• Password recovery
• Dictionary support
• Hybrid support
• Brute force support
• International character support
• Wizard-based GUI
• Password quality scoring
• Remediation
• Windows & Unix support
• Executive reporting
• Remote system scans
• 500 User Accounts (Professional Version)

Chalk up another $300 for the admin version and it gives you support for

• Unlimited accounts
• Pre-computed hash (rainbow) table support
• Assessment scheduling

http://www.l0phtcrack.com

NSFW: Seems like the 2 singers’ cell phones were hacked in the past few days see the images here http://illmob.org/ NSFW

Vbootkit 2.0 has now been made open-source under GPL license.

Indian security researchers have released proof-of-concept code that can be used to take over a computer running Microsoft’s upcoming Windows 7 operating system, despite earlier promising not to make the code public for fear it could be misused.

VBootkit 2.0 was developed by researchers Vipin Kumar and Nitin Kumar and is now available for download under an open-source license.
Vbootkit 2.0 currently only works on Windows 7 ( x64 edition ).

Download Vbootkit 2.0 source code

Vbootkit 2.0 Attacking Windows 7 (x64) via Boot Sectors presentation

VIA: nvlabs.in