Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

DDOS Attacks
Cyber Attacks Cyber Crime DDOS Attacks

AlQaedaSec takes down the New York City's website(nyc.gov)


The computer hacker group called ALQaeda Sec launched a Distributed Denial- Of -Service (DDOS) attack on the official site of New York city (nyc.gov).



The hackers tweeted :
#TANGODOWN http://nyc.gov you just got #911'D!
#Allah give us strength against the filthy sinners!
#AlQaedaSec #UGNazi #Cocksec #91FUN

The hacker group used botnets to keep the site down by continously sending large number of requests , As shared by s3rver.exe, one of the member of the attack.

An assumption is made by the picture that symbolize burned American flag posted by the hacker group , it seems a form of protest against the US Government but the s3ver.exe, a member of the group claimed that the attack was introduced just "for lulz".
 
The Hacktivits have been announced last week a lot of " Tango Downs"


The Anonymous hacker Havittaja with other members together  took down three websites of the Brazillian Federal Police then the site of Central Intelligence Agency (cia.gov) and also the US department of Justice (justice.gov) were down for several hours.

This hacker group ALQaeda Sec is also known as UGNazi, the hacker assembled together  was associated in the attacks that targeted the UFC, back when Dana White revealed his support for SOPA.


Read more »
Malware Report
Malware Report

Rogue version of Instagram app sends SMS to premium rate numbers


Cyber criminals have created a fake Instagram app to earn money by taking advantage of all the hype surrounding Facebook’s acquisition of Instagram.

The Instagram photo effects filter and sharing app has been all over the news since Facebook bought it for $1 billion last week. The app has been downloaded more than 5 million times less than a week after being released.

According to sophos security researcher,  the fake app looks like the legitimate one,but in the background it secretly sends SMS to a premium rate numbers.  This earns money for its creator.

Malware writer include a picture of a man inside the .APK file. Researcher believe the picture has been included multiple times for changing the fingerprint of the .APK.

"We have no idea who the man is or whether there is a reason why his picture has been chosen to include in the download."Researcher said.

"Could he be the malware author? A family friend? A celebrity? Someone who the malware author has a bone to pick with? "

Sophos security solutions detect the malware as Andr/Boxer-F.
Read more »
null
Hackers Meeting null

Null Mumbai Chapter meet on 26th April,2012

Null, Open Security Team scheduled mumbai chapter on 26th April,2012.

The agenda for the meet would be as follows:

1) Rootkit Internals by Omkar Pardeshi

-Types of malware - Introduction to types of malwares. Basics of virus worm and Trojans.

-Tools used to analyze malwares

-Introduction to Rootkit - Where Rootkit stands in current scenario.

-Working of Rootkit-Details of how Rootkit work.

-Protection against Rootkit-Ways of protection available for Rootkit Attack

-Effectiveness of current Av software-How Av software can prevent attack of Rootkits

Omkar has about 1.4 years of experience working as a Malware Analyst and Driver Developer. He also maintains the following security blogs:

http://hackerslabrotary.blogspot.com

http://indiancybercell.blogspot.com

http://vxanalyst.blogspot.com

2) Leveraging OSINT in Penetration Testing by Ashish Mistry

As a Penetration Tester or Security Auditor it is necessary to identify as much attack surface as possible. We can obtain this result by leveraging publicly exposed information.OSINT helps a penetration tester identify larger attack surfaces. We shall also look into ways to fix this.We shall see demonstrations information gathering which an attacker may use against real world targets.

Ashish is an individual information security researcher and trainer. He is the founder and owner of www.Hcon.in infosec resources and tools portal and author of HconSTF - a open source penetration testing framework

Max. session duration:

45 mins.

Venue:

M/s Institute of Information Security,

201, Ecospace Building, Off Old Nagardas Road,

Mogra-Pada,

Near Andheri Subway/Station,

Andheri (East)

(Google Map Link: http://g.co/maps/e4jzr)

Time:

6:30 PM onwards

Contact No:
+91-9819643034 (Wasim Halani)



Read more »
Spam Report
Spam Report

"Gerolamo Pizzeria" spam serves Phoenix Exploit Kit

GFI security researchers come across a spam mail that notifies users about a Pizza order. The spam mail claims users ordered pizza worth $86.06.

At the end of the mail, it display a message "If you haven’t made the order and it’s a fraud case, please follow the link and cancel the order."

"If you don’t do that shortly, the order will be confirmed and delivered to you." The spam mail reads.

If the the user clicked the 'cancel order' button, it will land them in a webpage that hosts Phoenix Exploit Kit, one of the popular do-it-yourself (DIY) kits used by cybercriminals.

Once the kit successfully exploits vulnerable software on the infected system, it then drops two binary files: a Pony downloader (15/42) and a Zbot variant (6/39).

GFI Software detects the downloader as Trojan.Win32.Generic.pak!cobra.

Read more »
Hackers Arrested
Anonymous Hackers Cyber Crime Hackers Arrested

FBI arrest hacker ItsKahuna accused of hacking into Police sites



The FBI has arrested an alleged hacker known as ItsKahuna last month. The hacker was affiliated with Anonymous group and accused of hacking into the Salt Lake City Police Department’s website.

John Anthony Borell III,21-year-old from Toledo, Ohio , has been charged with two counts of computer intrusion.  He is accused of hacking into the website of the Utah Chiefs of Police Association on Jan. 19, and the Salt Lake City Police Department’s website on Jan 31.

According to the Fox13 report, FBI agents wrote in an affidavit that they traced the IP addresses used in the hackings to Borell.The FBI affidavit also reveals that the FBI served a subpoena on Twitter and read a “direct message” interview between FOX 13 and ItsKahuna.

The complaint shows that each of the offenses has caused damages of more than $5,000 (3,750 EUR).  If he is found guilty on both counts, the suspect can spend the next 20 years in prison. The court can also force him to pay a fine of $250,000 (187,000 EUR).
Read more »
Security Breach
Featured Security Breach

[Security Breach] Hacker expose 3 million credit cards details in Iran



An Iranian hacker leaked the information of the 3 million credit cards in order to highlight security vulnerabilities in the banking system.

The hacker was identified as 'Khosrow Zare Farid', who was the manager of the Eniak company.


According to Kabirnews report, one year ago itself, he reported about the vulnerability to all the CEO of banks in Iran.  The source says none of them replied to him. So he decided to publish the information.

As the result of the security breach, 3 of Iranian banks including Saderat, Eghtesad Novin and Saman sent SMS for their clients to update the password of their debit cards. Also the Central Bank of Iran urged customers to change their password for the credit cards.
Read more »
DDOS Attacks
Anonymous Hackers Breaking News DDOS Attacks

FBI and NASA targeted and take down by Havittaja



Anonymous Hacker , Havittaja, continue the distributed-denial-of-service(DDOS) attack. This time he targeted the FBI and NASA websites. 

Yesterday, hacker announced the attack against the NASA website in Twitter. More than 20 sub-domains of NASA are take down with ddos attack.

The list of DDOSed NASA sites:
  • ao.hq.nasa.gov
  • artifacts.nasa.gov
  • eodm.hq.nasa.gov
  • exploration.nasa.gov
  • guest.hq.nasa.gov
  • history.nasa.gov
  • hqhr.hq.nasa.gov
  • hqoperations.hq.nasa.gov
  • ipp.nasa.gov
  • microgravity.hq.nasa.gov
  • msd.hq.nasa.gov
  • next.nasa.gov
  • oig.nasa.gov
  • oim.hq.nasa.gov
  • osbp.nasa.gov
  • quality.nasa.gov
  • spaceresearch.nasa.gov
  • www.aeronautics.nasa.gov
  • www.hq.nasa.gov
  • www.osbp.nasa.gov
  • www.policy.nasa.gov
Earlier today, he changed the target to FBI websites.  He take down four websites belong to FBI: www.fbijobs.gov,fbievents.com,todaysfbi.com ,explorefbi.com


At the time of  writing , The NASA websites are back to offline. The targeted FBI sites are seem to be down. Yesterday, Hacker take down CIA, Justice.gov, RIAA websites.
Read more »
XSS Vulnerability
Vulnerability Web Application Vulnerability XSS Vulnerability

XSS vulnerability found in Russian Biggest social Network odnoklassniki.ru

GreyHat Hackers Sony and Flexxpoint come with interesting xss found, discovered cross site scripting vulnerability in Odnoklassniki.  Odnoklassniki (Одноклассники in Russian, Classmates) is a social network service for classmates and old friends reunion popular in Russia and other former Soviet Republics. It was created by Albert Popkov on March 4, 2006.

He provided the vulnerable link and video to demonstrate the vulnerability:

http://www.odnoklassniki.ru/dk?st.cmd=appSearchResultList&st.isEmpty=off&st.query=%22%22%3E%3Cscript%3Ealert%28%22Odnoklassniki.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E%3Ciframe%20src=%22http://xssed.com%22%3E

Screenshot
In order to verify the vulnerability, we have to login because the page is available only for logged in users.

POC video:




Read more »
DDOS Attacks
Anonymous Hackers Breaking News DDOS Attacks

Anonymous Hacker 'Havittaja' takes down CIA, Justice.gov, RIAA website


Anonymous Hacker , Havittaja, has launched distributed-denial-of-service(DDOS) attack against CIA, US Department of Justice(Justice.gov) and RIAA website.

Earlier today, hacker take down the CIA website for more than 1 hour and 30 minutes with ddos attack. Following that attack, hacker launched ddos attack against justice.gov website.



Just now, they take down the website belong to Recording Industry Association of America(RIAA.org).  At the time of writing, the riaa.org is not accessible.  The other two websites are up.

Few days back, Havittaja ddosed more than 18 sub domains of Globo Network under the operation called "#opGlobo".


Read more »
Hackers News
Anonymous Hackers Cyber Crime Hackers News

Hacker 'James Jeffery' jailed for stealing 10,000 records from BPAS


Anonymous Hacker 'James Jeffery' has been sentenced to 32 months in jail for hacking into the British Pregnancy Advisory Service (BPAS) website and stealing the personal details of 10,000 women.

James Jeffery, 27-year-old,who claimed to be affiliated with the hacking group Anonymous, admitted he defaced the website and stole 10,000 records. His motivation was a disagreement with his sister’s choice to abort her pregnancy.

Jeffery pleaded guilty to two charges under the Computer Misuse Act. Defense lawyer Shaun Wallace said Jeffery regretted his actions.

Judge Michael Gledhill said there could have been “terrible consequences” if Jeffery had published the women’s details. “Many of them were vulnerable women, vulnerable simply because they had had a termination or because of their youth or because their family did not know about their situation,” the judge said in a statement according to CBS News.
Read more »
XSS Vulnerability
Vulnerability Web Application Vulnerability XSS Vulnerability

Cross Site Scripting vulnerability found in Radikal.ru

Grey Hat hacker "Sony" has discovered Cross site scripting(XSS) vulnerability in Radikal.ru.  Radikal.ru is one of Russia's largest image hosting service that allows you to quickly publish photos on the various chat rooms, message boards, blogs and online forums.

He found XSS vulnerability in multiple pages.

Here is one of the vulnerable link:

http://www.radikal.ru/GALLERY/PageGallery.aspx?pg=258&period=022008%22%22%3E%3Cscript%3Ealert%28%22Radikal.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E&id_gallery=-1

Screenshot

In order to see other vulnerability, you have to login into the website. The vulnerability resides in Edit pics,etc.
Read more »
Subscribe to: Comments (Atom)