Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

DDOS Attacks
Anonymous Hackers Anonymous Russia Breaking News Cyber Crime DDOS Attacks

Russian Anonymous take down Kremlin and FSB websites

Russian Anonymous take down the website of the Kremlin and the one of the Russian Federal Security Service (FSB) with distributed denial-of-service (DDOS) attack

According to RT report, the sites kremlin.ru and президент.рф have been unavailable for almost an hour on Wednesday. Also the website of the Russian Federal Security Service, fsb.ru, has also had performance problems throughout the day. The websites gov.ru and government.ru also faced hacker attacks on the same day, but did not go down.

Anonymous tweeted “Kremlin.ru – TANGO DOWN” on their Twitter account, co-opting the military-derived code word to report their successful attack. They also provided screenshots, demonstrating that the site was unavailable in different countries around the world.

“We received threats from Anonymous several days ago but we can’t confirm it’s exactly this group that attacked the Kremlin.ru website. At the moment we can’t establish who’s behind the attack. Unfortunately we live at a time when technology security threats have mounted, but we have the means to resist them.”The Kremlin press-service has confirmed its websites were attacked by hackers.

Russian Anonymous had warned they would attack Russian governmental sites on Monday to show solidarity with the opposition demos.
Read more »
Rwandan Hackers
Database Leaked Rwandan Hackers

Nigerian Army hacked by Rwandan Hackers :#OPNIGERIA

Rwadan Hackers Rwadan Hackers have hacked into Nigerian Army E-Application Portal(www.nigerianarmyms.org) and Nigerian Army Command Secondary Schools(www.commandsecondaryschools.net)

Hackers leaked the database details in pastebin, include admin username, password(plain_text) and email address.


Hackers MESSAGE :
The Democratic Socialist Movement, I condemn the violence of Boko Haram. This organisation has absolutely nothing to offer the workers and poor of Nigeria other than deeper religious and ethnic violence. Violence and extortion by state forces and between rival corrupt politicians is also common.

For Socialists, the answer to communal, ethnic, religious division and violence lies in mass movements which can unify the working class and poor in a struggle against their common enemies, in this case the corrupt elite and the big business which literally steal the vast wealth that exists in Nigeria: just 1% of the population taking 95% of the oil wealth, while over 80% of the population lives in poverty.

January’s general strike, the biggest ever in Nigeria, was not just against the fuel price hike but increasingly called for regime change. That is exactly what is needed in Nigeria, a struggle for a government of working people and poor that can use the tremendous resources that exist in the interests of the majority and point the way forward beyond division."

Rwandan Hacker support nigerian Hacktivsit
Read more »
Rwandan Hackers
Breaking News Database Leaked Rwandan Hackers

Rwandan Hackers hacked Access Kenya site to show vulnerability


Few days after Access Kenya group announced deployment of a new email authentication system aimed at securing client emails as well as enabling them (clients) use the service while abroad (roaming), Rwandan Hackers group hacked into their website(accesskenya.com) to show the vulnerability .


"The system, Soft Mail Transfer Protocol Authentication (SMTP AUTH), is touted as the most secure authentication system and the company says it’s a necessary deployment in the wake of increased internet security concerns worldwide."Hacker said in their blog

"Access Kenya Systems Engineer Sam Oduor said the SMTP AUTH system guarantees email security thence enabling clients to safeguard their information on through the AccessKenya network."

“Communication on this authentication system comes through a secure socket layer. This improves customer privacy since conversations cannot be intercepted,” Hackers quoted as Oduor saying.

Hackers leaked database details including database username, admin username and password.
Read more »
Vulnerability Scanner
Software Release Vulnerability Scanner

Updated Acunetix Web Vulnerability Scanner includes PHP-CGI security Check

Acunetix released update for the Web Vulnerability Scanner 8 (WVS 8) ,includes a number of new scheduler features, a new security check for PHP-CGI, as well as a series of bug fixes.

Acunetix WVS 8 checks if your PHP-CGI installation is vulnerable to remote code execution.

New Features

  • Ability to edit scheduled scans. No need for scheduling new scans every time you wish to change a scan setting.
  • Amend multiple scheduled scans simultaneously by selecting them and applying the required global changes.
  • Save all your scanned results and access them at any time from your scheduler’s scan history. You can also delete your scanned results from the web-based scheduler.
  • A new setting has been introduced to configure the maximum number of pages during a crawl.

Improvements

  • Improved Cross-Site Scripting (XSS) tests.
  • The web-based scheduler has been improved to run better in the latest version of Internet Explorer.
  • Enhanced SQL injection tests to reduce the false positives reporting even more.

Bug Fixes

  • The scheduled scans can be correctly imported after upgrading to a more recent build of Acunetix WVS 8.
  • The false positives settings node can now support changes from multiple instances at the same time.
  • Web Service Definition Language (WSDL) Scanner URL edit box is now able to save history.

How to Upgrade to Build 20120508

On starting Acunetix WVS 8, a pop-up window will automatically notify you that a more recent build is available for download. Navigate to the General > Program Updates node in the Tools explorer, click on Download and Install the new build.
 
Read more »
Silent Hacker
Silent Hacker

15+ sites Hacked by Nyro Hacker and Silent hacker



Around 15 sites hacked by Nyro Hacker and Silent hacker.

List of sites:
http://blacktin.info/
http://coffeecloud.me/
http://cunnington.org.uk/
http://dcolman.com/
http://fonexchangeiow.com/
http://fresh-edge.co.uk/
http://icesk8.net/
http://itclarified.com/
http://www.justaccountancyjobs.net/
http://kjwltd.co.uk/
http://lakecleaning.co.uk/
http://lee-c-g.co.uk/
http://www.marmenorspain.co.uk/index.html
http://prioryschool.org.uk/
http://revelco.co.uk/
http://smelectrical.co.uk/
http://southforkiow.co.uk/

mirrors
http://arab-zone.net/mirror/87926/southforkiow.co.uk/
http://arab-zone.net/mirror/87925/smelectrical.co.uk/
http://arab-zone.net/mirror/87924/revelco.co.uk/
http://arab-zone.net/mirror/87923/prioryschool.org.uk/
http://arab-zone.net/mirror/87922/marmenorspain.co.uk/index.html
http://arab-zone.net/mirror/87921/lee-c-g.co.uk/
http://arab-zone.net/mirror/87920/lakecleaning.co.uk/
http://arab-zone.net/mirror/87919/kjwltd.co.uk/
http://arab-zone.net/mirror/87918/justaccountancyjobs.net/
http://arab-zone.net/mirror/87917/itclarified.com/
http://arab-zone.net/mirror/87916/icesk8.net/
http://arab-zone.net/mirror/87915/fresh-edge.co.uk/
http://arab-zone.net/mirror/87914/fonexchangeiow.com/
arab-zone.net/mirror/87913/dcolman.com/
http://arab-zone.net/mirror/87912/cunnington.org.uk/
Read more »
Mass Injection
Malware Report Mass Injection

skdjui.com : a New domain for the Nikjju SQL Injection attack

I have been tracking the Nikjju SQL Injection attack, an ongoing mass SQL injection attack, today i found another malicious domain that has been used in this attack.  The domain 'skdjui.com' is registered yesterday only(May 8,2012).

There is nothing surprise about Registrant details. Yes, it has same registrant details ,registered with same mail id 'jamesnorthone[at]hotmailbox.com'.

Exploiting the vulnerability in websites and injecting malicious scripts is not new one. Last year hackers inject malicious iFrame in lot of sites , researchers dubbed the attack as 'Lizamoon'.

The list of Malicious domains:
  1. Nikjju.com
  2. hgbyju.com
  3. hnjhkm.com
  4. njukol.com
  5. Uhjiku.com
  6. Uhijku.com
  7. skdjui.com
As i said before, All domains are hosted at 31.210.100.242 and has same registrant details.All domains uses the same file called 'r.php' for injection.


Uhjiku domain created on May 5 and skdjui created on May 8, hackers took only 3 days for creating another domain.

If you visit the compromised sites , the site will redirect you to malware distributing domain. 
Read more »
Defaced Website
3xp1r3 Cyber Army Defaced Website

Danish Famous Forum 'Pokemon.dk' hacked by 3xp1r3 Cyber Army


A Bangladeshi Hacker 'rEd X', from 3xp1r3 Cyber Army hacked into the Danish popular Pokemon forum ,PokeTeam.dk.

According to Softpedia report, the hacker claims he only wanted to warn the website’s administrators of the vulnerabilities that exposed their assets to malicious operations.

Hackers defaced a number of subdomains, including webmail, mail, rss, and dm2010.


The details of defacement can be found here:
http://pastebin.com/Vw1YGyXC
Read more »
Featured
Anonymous Hackers Featured

Anonymous & lulzsec join forces for surprise attack today :Virgin Media is down


Anonymous and Lulzsec hackers once again reform the team for surprise attack. The Virgin Media,a company which provides fixed and mobile telephone, television and broadband internet services to businesses and consumers in the UK, become first victim of the attack, hackers take down the website by Distributed-denial-of-service(DDoS) attack.

Virgin was the first ISP to block access after the court order was passed at the end of April, in a move that caused outcry among digital activists claiming the order represented the next stage of internet censorship.


"Today we can announce former members of LulzSec and Anonymous have come together to reform the line under Anonymous Team." Hackers wrote.

"Be warned this time the line will not break, this time the line will hold firm when you try to divide us. This time we will fight you not only on the internet but in the street and in."

"This time we will fight you not only on the internet but in the media, the courts and on the streets" Hackers said.

Virgin Media confirmed that their site has been hit by cyber attack. "Our website has been the subject of denial of service attacks so we've taken the site offline for a short period of time," a spokesperson said.
Read more »
Security Breach
Breaking News Database Leaked Security Breach

Hackers leaked 150,000 accounts data from Hangzhou Dianzi University of China


After cyber attack against the European Forex Traders, TeamGhostShell hacker collective hacked into the online education website of China's Hangzhou Dianzi University.

Hackers compromised the website database and leaked around 150k user data includes username, encrypted password and email address. Hackers published the details in 11 online paste pages.

"Programming University hacked by #TeamGhostShell because of the hilarious irony" Hacker mentioned as reason.

Read more »
Security News
Security News

Adobe released update to fix critical vulnerability in Flash Player

Adobe today issued security update for flash player for Windows, Macintosh and Linux that addresses an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.

The vulnerability has been exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only.

Adobe recommends user to update their software installations. The security advisory can be found here.
Read more »
Software Release
Security Tools Software Release

MJP Security Plugin for WordPress Released

MJP Security Tools is a plugin designed to fix a lot of WordPress security issues, as well as providing extra support.

Features:

* Scan the database for possible XSS issues.
* Limit login attempts to one per ten seconds per user.
* Check all file permissions.
* Check for presence of index.html files in all directories.
* Check if WordPress is up-to-date.
* Remove the version number from HTML source.
* Log all POST requests.
* Log all failed login attempts.
* Change the admin username.
* Randomize the database table prefix.
* Require stronger passwords.
* Detect SSH.

You can get it from here:
http://wordpress.org/extend/plugins/mjp-security-plugin/
Read more »
Subscribe to: Comments (Atom)