As I already announced in the morning an updated version of the FFPasswordRecovery tool is available tonight. So here it is. I reorganised the code a little and added the SQLite support that was integrated into FireFox lately. You can download both the binary version if you don’t want to compile it yourself or the [...]

read full post »

The new code that extracts the Firefox account data out of the SQLite database is more or less done. If everything goes well I’ll upload the new sourcecode tonight (Swiss time) in a new version of the FFPasswordRecovery tool. During spring I plan to conduct some tests with the SkypeTap plugin and other instant messengers. [...]

read full post »

Yesterday on www.lightbluetouchpaper.org. Online transactions with credit cards or debit cards are increasingly verified using the 3D Secure system, which is branded as “Verified by VISA” and “MasterCard SecureCode”. This is now the most widely-used single sign-on scheme ever, with over 200 million cardholders registered. It’s getting hard to shop online without being forced to [...]

read full post »

Researchers are reporting a new worm in the wild that overwrites master boot records (MBRs) of all available drives with its own data, making the data stored on a user’s computer inaccessible. Restoring the corrupted data is complicated, requiring specialized software or a third-party service provider, the researchers say. Win32/Zimuse A and Win32/Zimuse B has [...]

read full post »

At least three US oil companies were victims of highly targeted, email-borne attacks designed to siphon valuable data from their corporate networks and send it abroad, according to a published report citing unnamed people and government documents. The attacks against Marathon Oil, ExxonMobil, and ConocoPhillips began with emails sent to senior executives that included links [...]

read full post »