Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Team Dig7tal
Database Leaked Team Dig7tal

University of New Brunswick site breached by Team Dig7tal hackers

Team Dig7tal hackers collective break into the University of New Brunswick by exploiting the SQL Injection vulnerability and compromised the database.

Hackers leaked the part of stolen data. The leaked information the hacker is referring to consists of 234 database names, 68 table names from the budget_management database, and 96 records from the employers table. From the user table, the hacker leaked 159 password hashes and usernames.

The dump also contains some sensitive information, including the administrator’s username and password (in clear text), and 202 employer entries comprising email addresses, IDs, names, passwords and websites.

Also,Hackers have send emails to the University's staff to notify them about the breach.

“I did not take nor did I leak any of the student’s sensitive information. However, your site is terribly vulnerabile and I suggest you patch it ADMIN. It’s your damn job! Information leaked is only to demonstrate how pathetic your security is,” Th1nkT0k3n said in the email he sent to the university.

“Also, I hope you have a great Monday Admin! Students and their parents give their hard earned money to this University and they should not have to worry about their sensitive information being leaked! Person in charge of your IT should be let go,” he added.

Read more »
Database Leaked
Database Leaked

Washington Military Department data leaked by UGNazi Hackers

UGNazi hackers collective break into the Washington Military Department website (mi.wa.gov) and compromised the database.

Hackers leaked the database in pastebin, the leak contains 16 user account details, consisting of usernames and password hashes, including the ones of the site’s administrator.

Also the leak contains name servers, MX records, and the names and IP addresses of the subdomains used by the state of Washington.

“This is just a continuation of our attack against wa.gov, but other than that, like we said we're not done with the government or anyone to be exact. We're going to come after every dirtbag we can get our hands on. Freedom is a right not a privilege but the US government makes it seems like it's a privilege that we have the ‘freedom’,” ThaCosmo told Softpedia.

“Well we're going to make our own freedom and we're just beginning. We are not here to make friends, but to make history. ‘All men are equal’ is the quote, our pitiful government comes by, but it seems like they believe they are above the average everyday human.”

UGNazi hackers became known after their involvement in the Dana White incident, when the UFC president revealed his support for the Stop Online Piracy Act (SOPA).

More recently, they kept themselves busy by taking down sites such as the ones of New York City, State of Columbia, NASDAQ, and many others.

After these operations, 4 of their members were arrested by authorities, but that didn’t discourage them from continuing their campaign. Right after their release, they launched an attack on the site of the US Department of Education (ed.gov) to show that they’re not giving up.
Read more »
Software Release
Forensic Analysis Tool Software Release

Orion Browser Dumper v1.0:DarkCoderSc released a new a Forensic tool



The developer of DarkComet RAT ,Jean-Pierre LESUEUR (DarkCoderSc), has released a new Forensic tool called 'Orion Browser Dumper' .

Orion Browser Dumper is an advanced local browser history extractor (dumper), in less than few seconds (like for Browser Forensic Tool) it will extract the whole history content of most famous web browser, Actually Internet Explorer, Mozilla FireFox, Google Chrome, COMODO Dragon, Rockmelt and Opera.

Download the Tool from here:
http://www.darkcomet-rat.com/misctools.dc


Read more »
Defaced Website
Defaced Website

25+ sites hacked by Nyro Nacker and Silent hacker From Indian CYber leets

Hackers Nyro Nacker and Silent hacker From Indian CYber leets, have compromised two hosting server and defaced more than 25 websites.

The sites hosted in the Iran hosting,Ideal host , has been defaced by the hackers.

Hacked sites:
http://www.alipourjeddi.com/
http://host4iran.com/
http://ajeddi.com/
http://hireacoder.com/
http://myiranweb.com/
http://mypersianhost.com/
http://shibastudios.com/
http://www.myiranhost.com/
http://cypruslibrary.com/index.html
http://idealhost.gr/
http://idealhost.org/
http://idealvps.info/
http://billing.idealhost.gr/

The full list can be found here:
http://pastebin.com/fRVUGKZa
Read more »
Vulnerability Scanner
Software Release Vulnerability Scanner

OpenVAS version 5 released, vulnerability scanning and management tool



One year after OpenVAS-4 , The OpenVAS project development team has released the fifth version of their vulnerability scanning and management tool.  The new version has several new features , also the number of freely available vulnerability checks has increased to over 25,000.


A very practical extension is the possibility to show the differences between two scan reports and the direct availability of current CPE and CVE information inside the OpenVAS database. This saves time for users who are finding out about changes and security recommendations. The new asset management adds a second view on scan results. It allows the user to review scan results for any selection of IP devices in the network.

All in all 20 new features were added, especially focusing on simplifying daily use. The systemtic improvements underline the position of OpenVAS as the most advanced Open Source solution for vulnerability management. The new version can be downloaded free and is available as Free Software under the GNU GPL license.

New features:
  • Delta reports to analyse differences between two scans.
  • Security Information Database: Integrated SCAP data (CPE, CVE) including update method via feed service.
  • Integrated Asset Management.
  • Configuration object 'Port Lists' for transparent TCP/UDP port ranges.
  • Prognostic scans based on asset data and current SCAP data.
  • Support for individual time zones for users.
  • Support for obeservers (granting read-only access)
  • Support for notes/overrides lifetimes.
  • Trashcan for collecting removed items before ultimate deletion.
  • Container tasks for importing reports.
  • SSH port for Local Security Checks configurable.
  • Product detections as reported by Scanner are handled to allow detailed cross-referenced detection information.
  • Support for sorting results by CVSS score.
  • Support for importing results sent through the XML escalator.
  • Support for escalating result to a Sourcefire Defense Center.
  • Support for using an SSH key pair for SSH authentication.
  • Individual user settings, starting with time zone.
  • Display single result details.
  • Icon indicators for detected operating systems.
  • LDAP per-user authentication method.

The full announcement can be found here.
Read more »
Malware Report
Exploits Malware Report

The Amnesty International UK site hacked, serves GH0st RAT


The Amnesty International UK website was compromised between May 8 and 9 and infect visitors with infamous Gh0st RAT, WebSense informs.

After analyzing the incident, WebSense researchers has found that the injection is similar to the one that affected INSS site last week , injected with malicious java code. The Java file try to exploit the famous Java vulnerability (CVE-2012-0507).

Injected malicious code

Once the exploit is successful, it downloads an executable file"sethc.exe", it creates a new binary file in the Windows system directory: C:\Program Files\... Interestingly, executable file has been signed by a "valid" certificate authority (CA).


According to the web sense researchers, this is not the first time when the site of Amnesty International UK is being infected with malware.
Read more »
Mobile Malwares
Android Malwares Featured Malware Report Mobile Malwares

Android Malware masquerade as Adobe Flash Player

Trend Micro researchers spotted an android malware that masquerade as Adobe Flash player app, hosted on Russian domains, similar to the fake Instagram and Angry Birds Space apps.

When users opt to download and install the said fake app, the site connects to another URL to download malicious .APK file, which Trend Micro detects as ANDROIDOS_BOXER.A.

ANDROIDOS_BOXER.A is a premium service abuser, which means it sends messages to premium numbers without the user’s permission, thus leading to unwanted charges.

Researchers also found that there are a number of malicious URLs hosted on the same IP. Based on the naming alone used in these URLs, it appears that Android is a favorite target for cybercriminals behind this scheme.


Read more »
TeaMp0isoN
Breaking News Cyber Crime Hackers Arrested TeaMp0isoN

17-year-old arrested on suspicion of being TeamPoison member 'MLT'

a 17-year-old boy, believed to be known online handle "MLT" and to have acted as a spokesman for TeaMp0isoN, was arrested on Wednesday evening by British Police and is being questioned locally on suspicion of offences under the Computer Misuse Act.

Police seized computing equipment, which is now being forensically examined.

The arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs.

The suspect is the third TeaMp0isoN hacker to be detained by UK police. Last month, The suspects, aged 16 and 17 were arrested after a denial-of-service attack on the MI6 hotline. One of the two is currently believed to be the group's leader, "Trick".

Team Poison is yet to release a statement on MLT's alleged arrest.
Read more »
Hackers Arrested
Cyber Crime Hackers Arrested

Two suspected Norway Hackers arrested for SOCA DDoS attack

Two teenagers from Norway have been arrested on suspicion of taking part in the distributed-denial-of-service(DDoS) attack against the UK Serious Organised Crime Agency (SOCA) website.

The unnamed youngsters,18 and 19 year-olds , have been arrested by Norway's National Criminal Investigation Service (NCIS) , according to The Inquirer report.

"We have arrested the two we think were most important in these attacks, but we still want to talk to more people," said Norwegian prosecutor Erik Moestue.


"We know SOCA was recently attacked, as well as Norwegian and American sites, and that is one of the things that we are looking into."

If found guilty of the offence under Norwegian law the two could face maximum six year jail sentences.

Read more »
Defaced Website
Chinese Hackers Defaced Website

Philippines News Agency site hacked by Chinese Hackers

The website of the Philippines News Agency(www.pna.gov.ph), the Philippine government's news wire service, was defaced by Chinese hackers.

The hackers defaced the site home page with an image of a Chinese flag and a message that the Panatag (Scarborough) Shoal belongs to China.

"Huangyan Island belongs to China,what power you have said is you?... Tolerance is not possible, no need to endure," the defacement message reads. Also ,hackers left their website URL and email address on the defaced page.
Read more »
Defaced Website
Chinese Hackers Defaced Website

Hackers claim the PAGASA site hack is just for fun

A Hacker call himself as "Net user! broke into a Philippine government website and claimed the breach was only for"fun."

The Philippine Atmospheric Geophysical and Astronomical Services Administration site was defaced with a text message "Hacked by Net user! Just fun a fun!".

Another line on the defaced page indicated the hacker's supposed email, 794399786@qq.com.

According to Solar News report, Initially, the index page had its default presentation defaced by elements with red colors with Chinese characters written on it.
Read more »
Subscribe to: Comments (Atom)