CCleaner 2.08 Released

May 30, 2008 – 1:49 PM

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. But the best part is that it’s fast (normally taking less than a second to run) and contains NO Spyware or Adware!

Download now

Homepage

sqlninja 0.2.3 released – Advanced Automated SQL Injection Tool for MS-SQL

May 30, 2008 – 6:13 AM

We’ve been folowing the development of sqlninja since the early days, it’s growing into a well matured and more polished tool with advanced features.

Sqlninja is a tool written in PERL to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

Read the rest of this story…

Third-party advertisers tracking users in Google ad network

May 30, 2008 – 6:09 AM

Google is apparently allowing third-party advertisers to track consumers using the company’s ad network, a practice that raised concerns from one privacy advocate.

Some of the third-party ad servers and ad agencies that Google has approved to deliver ads through its network engage in behavioral advertising practices that require tracking consumers, said Jeffrey Chester, a privacy advocate and frequent critic of Google’s privacy practices.

“Google is the most important digital media company,” Chester, the executive director of the Center for Digital Democracy (CDD), wrote in an e-mail. “Its activities should be as transparent as possible to consumers (let alone regulators).”

Google announced this month that it has begun to allow third parties to deliver ads on the Google content network. Several of the third parties listed by Google in its announcement engage in behavioral advertising, Chester said.

Read the rest of the story…

PstPassword Recovers Lost Outlook Passwords

May 30, 2008 – 5:58 AM

pstpassword

Windows only: When you dig up that old Outlook PST (Personal Folders) file from years ago you cleverly secured with a hard-to-guess password—and now you can’t guess it—you want PstPassword. Turns out that Outlook passwords aren’t that difficult to figure out, because this handy utility detects the PST’s on your system (or you can open one up specifically) and reveals several possible passwords that can open the file. The developer writes:

The password encryption in the PST file is very weak, and for each password-protected PST file, there are many passwords that can open it. PstPassword provides 3 different passwords for each password-protected PST file. It’s possible that one of them will be the original password that you typed, and it’s also possible that none of these passwords will be identical to the original one. However, all 3 passwords provided by PstPassword will open the PST file without problems.

Outlook isn’t even required to run PstPassword, just the PST file itself. PstPassword works with Outlook 97 through 2007 PST files. PstPassword is a free download for Windows only. What other password recovery programs have saved your bacon? Tell us about them in the comments, and I’ll round up all the useful ones in a future post.

PstPassword

Via Lifehacker

Comcast Hijackers Say They Warned the Company First

May 30, 2008 – 5:53 AM

The computer attackers who took down Comcast’s homepage and webmail service for over five hours Thursday say they didn’t know what they were getting themselves into.

In an hour-long telephone conference call with Threat Level, the hackers known as “Defiant” and “EBK” expressed astonishment over the attention their DNS hijacking has garnered. In the call, the pair bounded freely between jubilant excitement over the impact of their attack, and fatalism that they would soon be arrested for it.

“The situation has kind of blown up here, a lot bigger than I thought it would,” says Defiant, a 19-year-old man whose first name is James. “I wish I was a minor right now because this is going to be really bad.”

The two hackers are members of the underground group Kryogeniks. The interview was arranged by Mike “Virus” Neives, an 18-year-old New Yorker who pleaded guilty as a minor last year to hacking AOL. Neives, who was on the call, is also a member of  Kryogeniks, though he and his compatriots say he’s stopped hacking.

Neives vouched for the identities of the hackers. Threat Level also confirmed Defiant’s identity over AOL instant messenger, on a handle that’s known to belong to Defiant.

Neither hacker would identify their full names or locations. Defiant’s MySpace profile lists him in Cashville, Tennessee, but he says that’s incorrect. His girlfriend lists herself in New York. Threat Level expects both hackers’ names and locations will emerge shortly.

The hackers say the attack began Tuesday, when the pair used a combination of social engineering and a technical hack to get into Comcast’s domain management console at Network Solutions. They declined to detail their technique, but said it relied on a flaw at the Virginia-based domain registrar.

Read the rest of the story…