Craig Wright is not Satoshi Nakamoto. He wasn’t Satoshi Nakamoto before or after Wired and Gizmodo suspected him to be last year, and he still isn’t Satoshi Nakamoto after trying to reveal himself to be on his own blog and to The BBC, The Economist, GQ, Jon Matonis and Gavin Andresen. There is a long […]
As part of Operation Onymous the FBI seized some 276 Tor hidden services, many of which were clone or scam websites. One of the websites the FBI seized that we located during our crawl was titled “Fund the Islamic Struggle Anonymously”. The website had a short message for visitors where it asked for donations towards […]
This post is the first in a series dealing with the takedown of Silk Road 2.0 and Operation Onymous. The data in this post was put together with @secruedmh and @imposter. A big thanks to Juha Nurmia and his Tor Hidden Service Index, and researchers who share their work or report on stories such as […]
As part of pre-trial hearings in the case of Ross Ulbricht, accused of operating online drug marketplace Silk Road, the FBI has filed an affidavit detailing how they uncovered the location of the Tor hidden service. In analyzing the filing we find that the technical experts at the FBI are not being completely transparent about how they uncovered the server.
An interesting aspect of information security is how periodically it collides with other industries and subcultures. With more information than ever being stored and shared online and on connected devices hacking stories are frequent and are mainstream news. This was the case yesterday as dozens of celebrities fell victim to hackers who leaked hundreds of […]
Vendor: Disqus for WordPress Affected versions: up to v2.7.5 Patched: v2.7.6 release Exploit: Manage.php CSRF+XSS admin exploit Disqus is an extremely popular third-party commenting system used on blogs and media sites. The disqus plugin for WordPress has been installed over a million times and is the 15th most popular overall WordPress plugin. I recently performed […]
Vendor: CS-Cart Affected versions: up to v4.2.0 Patched: v4.2.1 released CS-Cart is a semi-popular open source e-commerce shopping cart application. It contains a homebrew session management system that utilizes an insecure source of randomness to generate session tokens. The poor source of randomness combined with other bugs makes it possible to hijack an administrators session […]
Update: This story has been published by Fairfax on the Sydney Morning Herald website. The previous Australian government introduced a policy called Digital First, which is a mission to make the majority of Australian government services available online by 2017. The new government elected in 2013 adapted this policy and extended it further, requiring that […]