Secret-Spilling Sources at Risk Following Cryptome Breach

Ruxpin-Vanity-Page-660x244

Secret-spilling site Cryptome was hacked over the weekend, possibly exposing the identities of whistleblowers and other confidential sources, according to a hacker who contacted Wired.com and claimed responsibility for the breach.

The hacker said two intruders from the group Kryogeniks breached the long-running site, where they gained access to a repository of secret files and correspondence. Among them, the hacker claimed, were the records of self-proclaimed WikiLeaks insiders who have been the source of several unconfirmed tips supposedly detailing internal WikiLeaks matters.

(more…)

Read More

Old AOL Phishing Phrases

Hi, I’m with AOL’s Online Security. We have found hackers trying to get into your MailBox. Please verify your password immediately to avoid account termination. Thank you. AOL Staff

Hello. I am with AOL’s billing department. Due to some invalid information, we need you to verify your log-on password to avoid account cancellation. Thank you, and continue to enjoy America Online.

Good Evening. I am with AOL’s Virus Protection Group. Due to some evidence of virus uploading, I must validate your sign-on password. Please STOP what you’re doing and Tell me your password. — AOL VPG

These have been pulled from an old module (.bas) file.

(more…)

Read More

Digital5k.com

aol progz… a digital throw back to AOL, 1995.

one of the main reasons that i decided to recreate my digital5k.com website was the constant memories of the AOL progz days.  i won’t lie, there are redundant reminders of my AOL/visual basic (vb)/C++ childhood.  it was a great time in life and the internet, if you ask me.  let’s start off by how it all caught my attention and obsession… ascii art – which doomed my future and solidified my career in computers, programming, development and marketing.

2014-10-25 10_14_23-aol progz… a digital throw back to AOL, 1995. (more…)

Read More

farm9

farm9 README.txt for cryptcat
09-22-2000

Thanks for downloading cryptcat

This is a simple modification to netcat to add twofish encryption.
netcat was origianally written by the l0pht (hobbit and weld pond).

The portion of the code written by farm9 is being released as Open Source.

See the file ‘farm9 Public License Agreement.txt’ for info on Open Source licensing.

(more…)

Read More

PC Client Cloning

Date 1997 it could be done using AOL 3.0 32-bit and later using 4.0 and 2.5
Founded Various
Submitted By Tau
Source AOL-Files.com/FDO-Files.com Archive

Cloning, as it has come to be called, is the process of signing onto more than one screen name simultaneously on the same computer. There are however two restrictions that you should be aware about before beginning. First, you have to use whatever America Online version you are currently using (4.0, 5.0, or 6.0) and America Online version 2.5. Second, the two screen names you want to use must be on different accounts. So, if both of the names you want to use are on your Sign On list, you cannot use them. If you do not have a problem using AOL 2.5 and you have access to two accounts, then continue reading.

Before you begin, you need to have America Online v2.5 (http://www.aol-files.com/downloads/aolclients/25america.exe) installed on your computer.

Step 1: Opening more than one AOL

If an attempt is made to open a second AOL while a first AOL is already running, then the first AOL pops up and the second stops loading. It is crucial to understand what happened while loading AOL that causes this to happen. Every window has a name, just like every person has a name. Every AOL version has the name “AOL Frame25″. While AOL 2.5 is loading, it checks to see if any other window has the same name. If it finds another window, which would be AOL 4.0, 5.0, or 6.0, with the same name then it stops loading. However, if AOL 2.5 cannot find another window with the name of “AOL Frame25″, then it continues loading.

It is possible to bypass this if the name AOL 2.5 searches for is altered. For the sake of simplicity we will change the name to “AOL Frame26″. So, after the alteration to the name is made this is the process by which two AOLs can load. To epitomize what was just said, I will take you through the process that will happen after the following alteration is made. First, you will load AOL 4.0,5.0, or 6.0. This AOL has the name “AOL Frame25″. Then, when AOL 2.5 is loading, it checks to see whether any window has the name “AOL Frame26″. Since no windows do, it loads.

To accomplish this modification you need to download the modified version of waol.exe available at http://www.aol-files.com/downloads/waol.exe and replace the already existing one in the AOL25 folder with it. Step 2: Setting AOL to Sign On more than one name

If you have not done so already, load AOL 4.0, 5.0, or 6.0 (what ever you normally use) then load AOL 2.5. There are two methods which most people use to get online with AOL. The most common is with the phone line and the other is via TCP/IP. The TCP/IP method allows you to connect to AOL via an already an already established connection to the internet with another ISP. That is how AOL Instant Messenger works; it connects via an already established connection. In this step we are going to set AOL 2.5 to allow you to sign on via TCP/IP through the connection made with AOL 4.0, 5.0, or 6.0. If you already sign on AOL 4.0, 5.0, or 6.0 via TCP/IP then this will still work.

To change the sign on settings for AOL 2.5:

1. In AOL 2.5 click “Setup” 2. Click “Add location” 3. From the combo box with various methods of signing on, choose “TCP/IP”. 4. Click “OK” 5. In the list box on the left side of the setup window choose the last item (the one you just added) 6. Click “OK”

Step 3: Putting it all together

Now everything is set. To begin cloning:

Load AOL 4.0, 5.0, or 6.0 and sign on. Load AOL 2.5 and sign on. (Note: If this is the your first time using AOL 2.5 you will need to select “Existing Member” then sign on. This will allow you to set all the names in the sign on list to the screen names on your other account.

Exploring Historical & Emerging Phishing Techniques

International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.4, July 2013
DOI : 10.5121/ijnsa.2013.5402 23

Marc A. Rader1 and Syed (Shawon) M. Rahman2, *
1CapellaUniversity, Minneapolis, MN, USA and Associate Faculty, Cochise CollegeAZ, USA
[email protected]
Associate Professor of Computer Science at the University of Hawaii-Hilo, Hawaii,
USA and Part-time Faculty at Capella University, Minneapolis, USA
[email protected]
ABSTRACT
Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure.
These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most
organizations rely on training to mitigate and reduce risk of non-technical attacks such as social
engineering. Organizations lump IA training into small modules that personnel typically rush through
because the training programs lack enough depth and creativity to keep a trainee engaged. The key to
retaining knowledge is making the information memorable. This paper describes common and emerging
attack vectors and how to lower and mitigate the associated risks.
KEY WORDS
Security Risks, Phishing, Social Engineering, Cross Site Scripting, Emerging Attack Vectors, DNS poising.
1. INTRODUCTION
Phishing is a social engineering technique that is used to bypass technical controls implemented
to mitigate security risks in information systems. People are the weakest link in any security
program. Phishing capitalizes on this weakness and exploits human nature in order to gain access
to a system or to defraud a person of their assets.

(more…)

Read More