Ran across a site where if one changes the email address associated with the account, it sends the confirmation email to the new address. Say, I am a Blackhat and used a phishing attack to get the password for the account. Having legitimately logged in, I then change the email address associated with it from victim@outlook.com…
Apparently there are security flaws in the current version of Java allowing the installation of malicious software through web browsers unknown to the user. The known attacks using this flaw work on Windows, OSX, and Linux. According to Reuters: Java was responsible for 50 percent of all cyber attacks last year in which hackers broke…
At around 16-17 years old I did not have a car. So I rode my bike or walked anywhere I wanted to go. Store managers sometimes searched my backpack or my person only to find I had not in fact shoplifted anything. Loss control or security guards would follow me around the store. Neighborhood watch…
This morning there was a flurry of effort to locate an article called “Hacking WebCT.” My coworker was able to locate it. We were disappointed. The main points of the article were: Lazy administrators make compromising user accounts easy. Lazy instructors make getting questions for assessments easy. These apply to any LMS. So, here is some…
William borrowed my camera to go on his honeymoon. He also lost the photos with a poorly timed crash & drive reformat. So he wants to borrow the card and recover the data. Thankfully I have not used the camera since he returned it despite thinking I should. Luckily I ran across A Computer Repair…
Normally when presenting the opportunity to change a password, a user is required to provide the current password in addition to the new. It ensures the one changing the password already knows the password. According to Olaf Ritman, Blackboard Academic Suite 6, 7, 8 and Learn 9 ignore asking for the current password. Can anyone with…