I challenged hackers to investigate me and what they found out is <shrill> chilling</shrill> | Penenberg, Pando Daily

; I challenged hackers to investigate me and what they found out is chilling; In Pando Daily; 2013-10-26.



  • Long article ~5300 words
    • Much background color from the 1999 piece.
    • Lots of travel log & background color.
    • Reminds that no laws were broken.
    • The elaborate pretexting process doesn’t achieve much
  • The Reveal
    • They “hack” into the OSX laptop
    • Financial documents, passwords and cookies are recovered
    • Charlotte Penenberg (his wife) is convinced to install a RAT
    • Which was delivered by email from gmail, she or he clicked on zip, jar and pdf.
  • Nicholas Percoco
    • Age 38
    • SpiderLabs
      • staff
      • end 2013-10
    • KMPG
      • Director, Information Protection Practice
      • start 2013-10.

Via: backfill


ZB Block blocks Softlayer/ThePlanet/Everyone/Reach (ASN-SLTP-054) and Hurricane Electric (ASN-HE1-029)

Seems like someone has added to the ZB Block list. Pesky. Sloppy.

See the file signatures_install.inc from ZB Block 0.4.10a3 2013-04-28 “Tomcat” update 72.
To wit:

$ax += cidrblock($address,"","Softlayer/ThePlanet/Everyone/Reach. (ASN-SLTP-054). "); //71
$ax += cidrblock($address,"","Hurricane Electric (ASN-HE1-029). "); //73b


ZB Block of Spambot Security
ZB Block is a freeware php driven website/forum/blog/CMS anti spam and hacking script.

“ZB” seems to be the adoption of Douglas Adams’ character Zaphod Beeblebrox as the preferred nick name of the main autho.


Note that the actualities below are tagged ZB Block 0.4.10a4 / 74d, so that’s prerelease code.

Related, Sympathetic, Clones & Copies




Intro to ZB Block; On YouTube; 2009-19; 8:20.
tl;dr => content free


  • Bad hosts
  • Bad IPs ( block single IP’s and IP ranges )
  • Bad query input ( $_GET )
  • Bad POST input ( $_POST )
  • Remote file inclusion
  • MySQL injections
  • http injections
  • Bad browser useragents.

Source: some other site



     403 FORBIDDEN!     

Either the address you are accessing this site from has been banned for previous malicious behavior or the action you attempted is considered to be hostile to the proper functioning of this system.

The detected reason(s) you were blocked are:
Softlayer/ThePlanet/Everyone/Reach. (ASN-SLTP-054). Hurricane Electric (ASN-HE1-029).

Your IP, Domain Name (if resolvable), the referring page (if any), QUERY, POST, User Agent, time of access, and date have been logged and flagged for admin review. Please either 1. Stop the bad behavior, or 2. Cease accessing this system.

The webmaster of this site has decided to provide you with an e-mail link to start a trouble ticket about this block.
Please do not change the beginning of the subject line, nor the preamble of the body text.

Click HERE to start a trouble ticket.

Your connection details:
Record #: 284220
Time: 2013-07-15, Mon – 11:41:51 -06:00
Running: 0.4.10a4 / 74d
Host: *
Stripped Query:
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101 Firefox/19.0
Reconstructed URL: http:// www.spambotsecurity.com /

Generated by ZB Block 0.4.10a4 / 74d

Who can hack a plug? | Ofer Shezaf

Ofer Shezaf; Who can hack a plug?; In Output of the HITBSEC Conference; 2013.
Teaser: The InfoSec risks of charging electric cars


  • Of the “there could be problems” genre
  • Doesn’t actually state that he can do this or that anyone can do this, just that it could be done.
  • For the page views and the free conference food.
  • Learned a few factoids about EVSE charging.