Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Security News
Security News

Bitdefender Safego gives Protection against Spam and Scams on Twitter



Bitdefender developed an application to gives protection against Spammers on Twitter.  Last year ,they released facebook application to catch the malicious scam on facebook.

Bitdefender Safego protects your social network account from all sorts of e-trouble: scams, spam, private data exposure. It also filtes users' Timelines for tweets contain Malicious links to phishing or malware pages. But, most importantly, Safego keeps your online friends safe and …close.


“As a dynamic source of information, and a major platform for using shortened URLs, attackers find Twitter an extremely attractive arena for launching targeted attacks,” said George Petre, Bitdefender’s Senior Social Media Security Researcher.

“Social threats will remain a hot security issue for quite some time, and a security layer for social media security is essential in providing total security,” he added.


Install Safego on Twitter:
http://safego.bitdefender.com/twitter

Install Safego on Facebook:
http://apps.facebook.com/bd-safego/
Read more »
Malware Report
Malware Report

CrySyS released Duqu Detector Toolkit v1.01 ~ Anti-Duqu Tools


CrySys Lab(Laboratory of Cryptography and System Security ) released anew Anti-Duqu Tool that can detects Duqu malware infection on a computer or in a whole network. The toolkit contains
signature and heuristics based methods and it is able to find traces of infections where components of the malware are already removed from the system.

The intention behind the tools is to find different types of anomalies
(e.g., suspicious files) and known indicators of the presence of Duqu on
the analyzed computer. As other anomaly detection tools, it is possible
that it generates false positives. Therefore, professional personnel is
needed to elaborate the resulting log files of the tool and decide about
further steps.

This toolkit contains very simple, easy-to-analyze program source code,
thus it may also be used in special environments, e.g. in critical
infrastructures, after inspection of the source code (to check that
there is no backdoor or malicious code inside) and recompiling.

The toolkit may also detect new, modified versions of the Duqu threat.
Duqu deactivates after a time limit and removes itself from the
computer, but some temporary files could still indicate that the
computer was affected by a former Duqu infection, our toolkit might
identify these cases, too.

Here is the Manual for using this tool.

Download the files from here:
http://www.crysys.hu/duqudetector-files/files/duqudetector-v1_01.zip


Reference:
Duqu exploits zero-day Vulnerability in Windows.
Duqu alias Stars.
Ant-Duqu from NSS Labs.
Microsoft Temporary Fix.

Read more »
Cyber Crime
Cyber Crime

FBI arrest 6 for infecting 4 million with DNS changer malware & earned $14 million


FBI arrest six Estonian nationals for running a sophisticated Internet fraud ring that infected 4 millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry.

The Case started on 2007,The cyber criminals infect 4 millions computer in more than 100 countries with a malware named as "DNS Changer" .There were about 500,000 infections in the U.S., including computers belonging to individuals, businesses, and government agencies such as NASA.

According to FBI report, they earned at least $14million through the Internet advertising.

Feds named the operation as "Operation Ghost Click".  The Malware "DNS Changer' change the DNS settings of user.  This results in redirecting clicks intended for site A to site B instead or or fraudulently convert adverts for service C into ads for service D.

For Example:
You enter "www.ehackingnews.com" in your browser.
But it will show the  "www.breakthesecurity.com" page instead

"The six cyber criminals were taken into custody yesterday in Estonia by local authorities, and the U.S. will seek to extradite them.In conjunction with the arrests, U.S. authorities seized computers and rogue DNS servers at various locations. As part of a federal court order, the rogue DNS servers have been replaced with legitimate servers in the hopes that users who were infected will not have their Internet access disrupted."FBI report.

To know about DNS and DNS changer malware:
Download this pdf
Read more »
Spam Report
Spam Report

Fake Kaspersky Antivirus is spreading via email- Spam Report

Kaspersky users getting spam email titled with "Antivirus & Security Complete Antivirus Protection Solution".  They spoof the email sender as "sale@Kasperksy.com" .

"The cybercriminals had done a good job: the email not only looked like an official email from Kaspersky Lab but the “From” field was a good imitation as well."Maria, Kaspersky Lab Expert.

The email has fake download link.  If the user click the link, it will redirect to a website with an offer to buy a program called Best Antivirus Online.

It has to be said that the image of the “product box” on the web page was not unlike that of Symantec’s signature design – black font against a predominantly yellow background. To buy the program, the user had to enter their credit card details and email address so they could receive further instructions.

Security researchers at Kaspersky  followed these step as part of their investigations, but received no more instructions at the email address we specified. It is quite possible that users could have received more instructions on how to download the fake antivirus at the time the spam was active.

This is not the first time CyberCriminals fake Kaspersky antivirus programs. In future ,they may send spam mail with any other Anti virus. If you like to buy the product, directly go to the official site.

Read more »
Spam Report
Spam Report

Facebook Hoax: Little boy needs 100 shares to Get Free heart transplant

Spam Report from EHN
A new spam is spreading over the Facebook  , sharing a picture will get free heart transplant for a sick child. 

The sick boy picture with following message:
If this little boy gets a 100 shares then he can get his heart transplant for free

Do you really believe "100 share will get free heart transplant ".  This is little trick of spammers.

Another version of the hoax reads as follows:

I NEED AT LEAST 10000 SHARES.

Plz share..... Heart surgery free of cost for children (0-10 Yrs) Ph : 080-28411500 It might save some1's life...! Sharing takes a second... in bangalore INDIA

More than likes, sharing can help !

"The telephone number is authentic and belongs to the Sri Sathya Sai Institute of Higher Medical Sciences, Whitefield in Bangalore, India, where all medical services are indeed offered free of charge. Said medical services are not contingent on Facebook shares, however.


Nor is the child depicted in the photo an actual patient at the Institute. As noted on Hoax-Slayer.com, the image is dated September 2008 and was lifted from the Chernobyl Children's Project International website" According to the Urban Legends blog on About.com.

I have seen some more spam message ,"Share this and get Money". Peoples always fall of these type of spam message. Sharing the message or forwarding mails never bring any money for you. It is trick used by spammers.

Mobile Spam:
Today i got message , it says"Your mobile number has won $850,000,000 USD In India FICCI Sports Awards held in uk , to claim UR Awards, Send UR Name:&PHONE, via email ficci****@live.com

Some peoples fall in these type of spam message(especially my friend did this mistake). Wait, did you count how much zeros there? Ha ha, this funny message ever i got in my mobile.



Read more »
Security Leechers
Defaced Website Hackers News Pakistan Hackers Security Leechers

98 Indian Websites Hacked by Team Security Leechers and Cyber Leets


A Hackers Team named as "Security Leechers" hacked 98 Indian websites.  They defaced the website by uploading leechers.htm file .

Few Hacked sites:
http://www.dabanggthefilm.com/Guestbook/leechers.htm
http://alhasnaintraders.com/Guestbook/leechers.htm
http://briskelectro.in/Guestbook/leechers.htm
http://www.cmtindia.com/Guestbook/leechers.htm
http://e-indianart.com/Guestbook/leechers.htm
http://www.powerinfratech.com/Guestbook/leechers.htm

You can find full list of hacked sites here:
http://pastebin.com/1pqWrDZm

Hackers Message:
Message to indians : don't play with fire kids !!

Read more »
Web Application Vulnerability
Security Leechers Vulnerability Web Application Vulnerability

Vulnerability found in Nasa ,adobe and other governmental sites

An Ethical Hacker shubham raj discovered the vulnerability in Nasa ,adobe and other government sites. He found the vulnerability in FCKeditor filemanage. It allows attacker to upload files. Using this vulnerability an attacker can deface the website.

Websites vulnerable:
https://geohazards.usgs.gov
https://inventory.uteach.utexas.edu
http://landslides.usgs.gov/
http://science.gsfc.nasa.gov/
https://dtas-online.pmddtc.state.gov

As he request not to publish the vulnerable link, we just publish the vulnerable sites. (because if it goes in wrong hands, they can use it for malicious act)

Also Hackers team named as "Security Leechers" discovered the same vulnerability in Nasa website.

Author:
All founded by Shubham Raj ( Ethical Hacker India) , who is a student of class-10 , 15 years old.
Read more »
Malware Report
Cyber Crime Malware Report

Japanese Hacker arrested for infecting server with "Browser crash" virus


Tochigi Prefectural Police of Japan arrested A man for transmitting "browser crasher" virus on to a web server of another individual,on November 1, 2011.


Takashi Tomiyama, 44 years old, sentenced for allegedly transmitting the virus to a website server run by a 38-year-old man from Fujioka ,on August 26, 2011. The virus caused a large number of web pages to open simultaneously on the visitor's screen and rendered the site's chat function unusable.

"I built the virus on my home computer to attack the chat room," Tomiyama was quoted as telling police.

"Tomiyama is the first person to be arrested in Japan after recent revisions to the country's cyber crime laws." The Mainichi Daily News report .


Read more »
Vulnerability
Application Vulnerability SCADA Hacking Vulnerability

Hackers can exploit Vulnerability in ICS and open the Prison door


Computerized  U.S prisons has critical vulnerability, a hacker can successfully break the system and remotely open cell doors.

Also hacker can shutdown all internal communication system through the prison intercom system and crash the facility’s closed-circuit television system, blanking out all the monitors.

"You could open every cell door, and the system would be telling the control room they are all closed,” said John J. Strauchs, a former CIA operations officer who helped develop a cyber-attack on a simulated prison computer system and described it at a hackers’ convention in Miami recently.

The security systems in most American prisons are run by special computer equipment called industrial control systems, or ICS. They are also used to control power plants, water treatment facilities and other critical national infrastructure. ICS has increasingly been targeted by hackers because an attack on one such system successfully sabotaged Iran’s nuclear program in 2009.

A hacker could exploit this vulnerability by overloading the electrical system that controls the prison doors, locking them permanently open.

We validated the researchers’ initial assertion … that they could remotely reprogram and manipulate” the special software controllers that run the systems,Sean P McGurk, a former Department of Homeland Security cybersecurity director, told Washingtontimes.

Teague Newman, another member of their team, said ICS systems are not supposed to be connected to the Internet.

“But in our experience, there were often connections” to other networks or devices, which were in turn connected to the Internet, making them potentially accessible to hackers, he said.

They turn on the Internet for remote maintenance of the kit could be carried out without the need for contractors to visit the jail. In some cases ,networks used to enable prison staff to access the net were poorly segmented from SCADA control systems.

Using the USB drive,An attacker can infect the system with Malware such as Stuxnet,Duqu . A targeted malware-infected email might also be used to introduce a SCADA worm into a prison environment.
Read more »
Security News
Security News

Adobe Patched Critical Vulnerability in Shockwave Player



Adobe patched a critical vulnerability in Adobe Shockwave Player.  Critical vulnerabilities have been identified in Adobe Shockwave Player 11.6.1.629 and earlier versions on the Windows and Macintosh operating systems.

Critical Vulnerabilities:
  • Memory corruption vulnerability in the DIRapi library that could lead to code execution (CVE-2011-2446).
  • Memory corruption vulnerability that could lead to code execution (CVE-2011-2447).
  • Memory corruption vulnerability in the DIRApi library that could lead to code execution (CVE-2011-2448).

This update resolves multiple potential memory corruption vulnerabilities in the TextXtra module that could lead to code execution (CVE-2011-2449).


An attacker can exploits these vulnerabilities and run his malicious code on the affected machine. Adobe fixed this vulnerability and updated the shockwave.

Update your Adobe Shockwave Player 11.6.1.629 and earlier versions upgrade to the newest version 11.6.3.633 available here.


Read more »
Hackers News
Anonymous Hackers Database Leaked Hackers News

Anonymous hacked neo-Nazi website & leaked personal info of 1600 users


Anonymous hacked neo-Nazi website and leaked the database of its 16000 membership application database containing personal datas of some applicants from all around the country.

"We have no tolerance for any group based on racial, sexual and religion discrimination as well as for all the people belonging to them and sharing their ideologies, which is the reason why we decided to carry out last Monday's attack" Anonymous Said.

According to the Helsingin Sanomat, the published information seems stolen from several sources: the Work Efficiency Institute, Student Alliance Osku, WinNova Länsirannikon koulutus Ltd, and Aducate - Centre for Training and Development at the University of Eastern Finland.

Mikko Hypponen, chief research officer of the Finnish internet security firm F-Secure, dubbed the attack 'irresponsible'.Israel recently rubbished claims that Anonymous had caused the failure of several governmental websites, putting the outage down to a server failure.

Database is dumped as 4 separate parts in Pastebin:
http://pastebin.com/kpGWv9qD
http://pastebin.com/WG7Ffh5t
http://pastebin.com/jWA4RkCG
http://pastebin.com/9tcqrFBX
Read more »
Subscribe to: Comments (Atom)