Just over two months ago, Chrome sponsored the <a href="http://blog.chromium.org/2012/02/pwnium-rewards-for-exploits.html">Pwnium</a> browser hacking competition. We had <a href="http://chrome.blogspot.com/2012/03/pwnium-great-exploits-fast-patches.html">two fantastic submissions</a>, and successfully blocked both exploits within 24 hours of their unveiling. Today, we'd like to offer an inside look into the exploit submitted by <a href="http://arstechnica.com/business/2012/03/googles-chrome-browser-on-friday/">Pinkie Pie</a>.

Q: As strictly an online army of hackers, how powerful is Anonymous?<br />
A: Anonymous is kind of like the big buff kid in school who had really bad self-esteem then all of a sudden one day he punched someone in the face and went, “Holy s— I’m really strong!”

[A Norwegian prosecutor said:] "We know Soca was recently attacked, as well as Norwegian and American sites, and that is one of the things that we are looking into."</p><p>

Norway's National Criminal Investigation Service (NCIS) said the sites had been hit by a distributed denial of service (DDoS) attack, in which large amounts of data were sent to the owner's servers in an attempt to overwhelm them.</p><p>

It added that the 18- and 19-year-olds were charged at the end of last week following electronic attacks over a period lasting "several weeks". The offence carries a maximum sentence of six years in jail.

The Iranian government acknowledged today that authorities have found evidence of recent cyberattacks against several agencies, according to reports by state-sponsored media outlets.</p><p>

A week ago, the country's oil ministry confirmed that it and other facilities in the energy industry had been targeted by malware attacks.</p><p>

Today, the <a href="http://www.mehrnews.com/en/newsdetail.aspx?NewsID=1590815">Mehr News Agency</a> said that Esmaeil Ahmadi-Moqaddam, Iran's national police chief, had claimed that his office has "found clues about recent cyberattacks on a number of Iranian ministries and companies."

Nobody in technology, nor in business, for that matter, can get away from fighting Anonymous or other similar groups, whether the fight transpires in media or anywhere else, [hacker "Jericho"] said.</p><p>

So that's why they care, and why we must. Beyond our own, personal involvement, a broader concern is that much of what we lay at the Anonymous doorstep may be branded as such merely as a smokescreen.</p><p>

As Corman noted, this amorphous thing we call "Anonymous" has become the perfect scape goat. Anonymous members continually drop in and out of affiliation with, or actions taken on behalf of, the group.

The information was leaked through a website which, at the bottom, contained the image in question. By analysing the photo they were able to discover that it was taken on an iPhone and then using that, were able to find the GPS tag which is included with most images taken on smartphones today.</p><p>

Learning the location of the image was Austrailia they were then able to make the connection between the image and the fact that Ochoa had made several references to an Australian girlfriend.</p><p>

From there it was a simple matter of tracing his Facebook page through her own and then placing surveillance on him until they were satisfied to make the arrest.

any hacker who happens to know one Bangkok-based security researcher who goes by the handle “the Grugq”–or someone like him–has a third option: arrange a deal through the pseudonymous exploit broker to hand the exploit information over to a government agency, don’t ask too many questions, and get paid a quarter of a million dollars–minus the Grugq’s 15% commission.

Approximately 40% of federal government agencies are out of compliance with a regulation that requires them to deploy an extra layer of authentication on their Web sites to prevent hackers from hijacking Web traffic and redirecting it to bogus sites.

It's been more than two years since federal agencies were required to support DNS Security Extensions (DNSSEC) on their Web sites. However, two recent studies indicate that around 40% of federal Web sites have not yet deployed this Internet security standard.

Hackers are allergic to process not because they don’t understand the value; they’re allergic to it because it violates their core values. These values are well documented in Zuckerberg’s letter: “Done is better than perfect”, “Code wins arguments”, and that “Hacker culture is extremely open and meritocratic”. The folks who create process care about control, and they use politics to shape that control and to influence communications, and if there is ever a sentence that would cause a hacker to stand up and throw his or her keyboard at the screen, it’s the first half of this one.

The breach is a potential embarrassment for Luxembourg-based Manwin, which runs some of the world's best-known pornography websites.
A small sample of the hundreds of thousands of pieces of user data allegedly compromised were posted to the Internet earlier this week. E-mails, user names, and encrypted passwords were divulged, and in some cases it was possible to infer porn users' full names and country of origin.
The hacker claiming responsibility for the breach told the Associated Press that he carried out the attack to draw attention to the site's vulnerability.