ZMap is out!!!

ZMap is a security tool able to scan the entire internet in matter of second. Contrary to Nmap that looks for multiple port on an range of IP address, ZMap on the inverse searches for the entire IPV4 address on a single port.

For those Interested, the tool is here













How much is your Gmail Account Worth?

Many emails account are hijacked everyday. Cybercrooks are selling those compromised accounts in the black market. If you are using Gmail , then there is an auditing method of  knowing its retail price on the underground.

The university of Illinois at Chicago has created a Gmail account audit tool called Cloudsweeper.


As seen in the picture above  My account is worth $5. It has also helped me finding plain text passwords which were sent to my email. The tool rocks and is worth trying.

Plain text passwords found by Cloudsweeper
Plain text passwords found by Cloudsweeper


CITADEL malware campaign disrupted

Weeks ago Microsoft announced it has successfully disrupted the citadel malware. This malware has been designed to steal banking credentials by capturing keystrokes , video  or snapshots(Interesting). It contains the full source code of Zeus Trojan. Instructions of how to remove this crimekit with Microsoft Safety Scanner are explained in the HKCERT .

Computer Time and Digital certificate

After restarting my computer today, It reset the time automatically to an outdated one. Eager I was to check my Gmail and Facebook account, while entering the URL in the browser I got the following errors : The certificate will not be valid until 5/18/12 3:00 AM. The current time is 1/1/01 8:44 PM.
(Error code: sec_error_expired_issuer_certificate).
My machine had the 1/1/01 set as date meaning that many  webservers could not authenticate to my web browser because of an outdated time leading to an expired certificates. The only way to fix it was to adjust the time accordingly and there I enjoyed my Facebook again and again.