Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Database Leaked
Breaking News Database Leaked

Hackers leaked more than 20,000 clear text passwords stolen from Billabong

What i said yesterday is true, it is another password-leak week. It started with social media network Formspring and continued with AndroidForums.com and Yahoo! Today it is Billabong.

Hackers group WikiBoat break into the website of the sportswear and casual clothing manufacturer Billabong as part of its WikiBoatWednesday operation.


The hackers published the email addresses, users IDs and clear text passwords of over 20,000 users.
 
Billabong has confirmed the breach and shut down its official website while the incident is being investigated.

“At this stage, we understand that the customer database contains personal information of certain customers of the website, but no financial data. We view this attack as an extremely serious matter and have taken urgent action to contain the incident and prevent further attacks occurring,” a company representative told SC Magazine.

“We are continuing to gather information about the incident and to establish the extent and nature of the data that may have been accessed. We will take further appropriate measures as new information comes to light.”
Read more »
Breaking News
Breaking News

Rap artist Charles Tony Williams arrested for Buying Thousands of Stolen Credit Card Numbers

A California-based rap artist was arrested Thursday morning for allegedly buying and using thousands of credit card numbers stolen from two Seattle businesses.

Charles Tony Williamson, who performs as Guerilla Black, was arrested at his Los Angeles home on a 22 count indictment, according to US Attorney Jenny Durkan.

Prosecutors say the 33-year-old musician bought the stolen card numbers from two co-conspirators, 22-year-old David Benjamin Schrooten of the Netherlands and 21-year-old Christopher A. Schroebel of Maryland.

Schrooten and Schroebel have already been indicted and arrested for hacking credit card information from a Magnolia restaurant and a restaurant supply company based in Shoreline.

Prosecutors say between January 2011 and February 2012, Williamson bought more than 27,000 stolen credit card numbers. He and his cohorts allegedly used the numbers in California and Nevada. Investigators haven't yet tallied up the complete loss figures, but they say Williamson charged close to $150,000 on 134 of the cards.

Using email to communicate with Schrooten and Schroebel, Williamson allegedly bought the cards in bulk lots of 100, 500 or more.

He's being charged with conspiracy to access protected computers to further fraud, to commit access device fraud and to commit bank fraud. He's also facing two counts of accessing a protected computer without authorization to further fraud, six counts of access device fraud, eight counts of bank fraud and five counts of aggravated identity theft.

Williamson is best known for his 2005 song, "You're the One," which spent 11 weeks on Billboard's "Hot 100."
Read more »
Spam Report
Spam Report

New trojan variant Served Via Fake USPS Postal Notification

MX Lab researchers have intercepted a new trojan distribution campaign by email regarding the delivery issues of a parcel forwarded by USPS.

The email is send from the spoofed address “USPS Mail Service <mail.service@birmingham.com>” and has the following body:

Postal notification,

We couldn’t deliver your parcel.

Reason Fee isn’t paid.
LOCATION:Worcester
STATUS OF YOUR PARCEL: not delivered
SERVICE: Express Shipping
ITEM NUMBER:U642955251 NU
INSURANCE: No

Postal label is enclosed to the letter.
Print your label and show it in the nearest post office of USPS

Information in brief:
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $16.41 for each day of keeping of it.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you.
USPS Customer Services.
The attached ZIP file has the name Label_Details_USPS_Tracking_ID36920.zip and contains the 61 kB large file USPS_Print_Label.exe.

The trojan is known as Suspicious file (Panda).

At the time of writing, only 1 of the 42 AV engines did detect the trojan at Virus Total.
Read more »
Security News
DarkComet RAT Security News

DarkCoderSc has pulled the DarkComet RAT and ended development

A popular Remote Administrator tool (RAT) that was used by many to controller there computers as well as malicious purposes. DarkCoderSc the coder of this tool, has been developing it for around 4 years now. Originally it was released on a popular programming forum Hackhound which has since been shutdown.

"I have devoted years with a nonprofit philosophy for you to enjoy without asking anything in return other than respect of the rules, unfortunately some of you couldn’t respect the terms so because of you (generally speaking) made the DarkComet RAT geo cruiser end."In DarkCoderSC’s message to the community which he announces this news.

The quote says that people where not respecting the rules, which leads many to believe he was forced to shutdown due to law enforcement. It seems as malware coders are now being targeted more then ever, last week the the Blackshades owner (Just realized the site is down now) was arrested for credit card fraud, the malware he was coding and distributing.

"source codes will remain private and not for sale. This was a very hard decision to take, probably the hardest i ever had because after so many years its more than just a project, its a piece of you."
Read more »
Featured
Database Leaked Featured

Hackers leaked 450,000 Usernames and Passwords from Yahoo! Voices

It is going to another password-leak week.  A Hacker group call itself 'D33Ds Company' has published a number of 453,492 email addresses and passwords that allegedly compromised from Yahoo! voices.  Even worse, all the passwords in plain text.

According to the security firm TrustedSec, a hacking group known as D33Ds picked up the passwords from Yahoo Voices, the Sunnyvale, Calif.-based company’s crowd-sourced publishing platform.

Yahoo Voices, formerly known as Associated Content, invites users to submit articles through the Yahoo Contributor Network.

According to hackers statement, The data has been compromised by exploiting the SQL Injection vulnerability . Besides the email addresses and passwords, the data dump also contains a list of MySQL variables and a list of database, table and column names.

Yahoo Inc. said it is investigating reports of a security breach.
Read more »
Website Hacked
Website Hacked

Thousands of Sites Possibly Hacked by Exploiting Plesk Zero-Day

Researchers says thousands of sites being hacked each day and some believe that the phenomenon may have something to do with a zero-day vulnerability that affects Parallels’ Plesk Panel.

According to Brian Krebs, the exploit, which works for sites running Plesk 10.4.4 and earlier versions, is sold on underground hacking forums for the price of $8,000 (6,300 EUR) by a member that’s known for providing reliable “products.”

The author, who even made available a point-and-click tool, claims that the exploit can be successfully utilized to obtain administrator password.

A few days ago, SC Magazin cited Sucuri Malware Lab experts who uncovered that around 50,000 websites had been breached. Since many of them were using Plesk, it’s possible that the attackers leveraged this flaw to hack them.

Furthermore, the recent attacks that involved pseudo-randomly generated domains, might have had something to do with the security hole in Plesk Panel, as Denis Sinegubko explains on the Unmask Parasites blog.

In the meantime, Parallels’ representatives have received a lot of complaints regarding a possible new vulnerability in Plesk 10.4 and earlier versions.

“We are currently investigating this new reported vulnerability on Plesk 10.4 and earlier. At this time the claims are unsubstantiated. We have not received any claims to confirm this vulnerability,” reads the security advisory published by the company.

On the other hand, their forums are full of users who state that their sites have been hacked even with all the patches applied.

“We had changed all the passwords as per the KB, and in less than 24 hours they were back in again with the new passwords. They hacked Plesk again using all the newly generated passwords,” one user wrote.

Until new information regarding this potential zero-day becomes available, Parallels’ recommends user to update their installations to Plesk Panel 11, which comes with numerous improvements in the security section.
Read more »
Security News
Security News

Microsoft patched XML Core Services Remote Code Execution Vulnerability

Microsoft patched a number of of vulnerabilities in the July 2012 security bulletins, but the most important of them is most likely the vulnerability in XML Core Services.

The critical severity flaw in XML Core Services 3.0, 4.0, and 6.0, which can be leveraged by an attacker to remotely execute malicious pieces of code, affects all supported versions of the Windows operating system.

Microsoft Office 2003 and 2007 customers who rely on XML Core Services 5.0 are also affected by this vulnerability. However, the testing process for the updates is not yet complete.

Until a permanent patch is released for XML Core Services 5.0, a Fix It solution has been made available.

“The attacks Microsoft has seen do not target XML Core Services 5.0. In the default configurations of Internet Explorer 7, 8 and 9, an attack against XML Core Services 5.0 would require the user to manually enable the control by clicking the Allow button on the Internet Explorer gold bar,” Cristian Craioveanu of MSRC Engineering said.

Another Fix It that has been released with the July 2012 security bulletins is designed to disable Windows Sidebar and Gadgets on supported editions of Vista and 7.

This should protect users from security holes that can be leveraged when the Windows Sidebar runs insecure Gadgets.

The company warns customers to be extra cautious when installing Gadgets from untrusted sources since they might contain vulnerabilities that allow an attacker to execute arbitrary code and even take complete control of a computer if the victim is logged in with administrative privileges.

Windows users are advised to deploy the latest security bulletins as soon as possible to protect themselves and their digital assets.
Read more »

HP Patches Code Execution Bugs That Affect "Operations Agent"

A number of remote code execution vulnerabilities in HP Operations Agent have been identified. As a result, the company has made available a series of patches for the impacted products.

HP Operations Agent is a server monitoring software that collects detailed information on a machine’s performance and fault metrics. It can not only automatically adjust values in case they breach a certain threshold, but it can also send out alerts and events to a central server.

The security hole exists in the 11.03.12 and prior variants designed to run on AIX, HP-UX, Windows, Linux and Solaris.

The company has credited Luigi Auriemma for finding the vulnerability and reporting it to HP’s TippingPoint Zero Day Initiative.

Customers of the aforementioned products are advised to download the patches and apply them as soon as possible.

The patches are available for download here.
Read more »

Hacked Road Sign Displays “Impeach Obama” Message

A perfect example of the fact that almost anything can be hacked was seen a few days ago in Anchorage, Alaska. Hackers tapped into the boxes of road construction signs and programmed them to display a message that read “Impeach Obama.”

The incident occurred on Wednesday night or in the early hours of Thursday, the issue being addressed a few hours later.

The signs put up by the Department of Transportation whenever work is being done to alert drivers of detours or road closures have never been hacked until now and that’s why no one bothered to lock the boxes that contain the message control panel, KTUU reports.

As a result of the incident, Alaska Department of Transportation representatives will lock the boxes from now on to prevent other pranksters from accessing them.

So there you have it. Almost anything can be hacked, and what can be hacked probably will be, at some point.

[source]
Read more »

NFC Can Be Used to Steal Files and Take Control of Phones

At the upcoming Black Hat security conference in Vegas, Charlie Miller plans to show off a few clever tricks that rely on near-field communication (NFC) technology.

This relatively new technology allows NFC-enabled devices to communicate with each other on short distances.

While NFC was mainly developed for making payments directly from mobile phones, Miller plans to demonstrate that it can be successfully utilized to do so much more.

The researcher claims that NFC can be used to make phones parse documents, images, videos and contacts without any user interaction.

And that’s not all. He will show that an attacker can steal images and contacts, make phone calls, and send SMS messages via NFC.
Read more »
Featured
Database Leaked Featured

Hackers compromised More than 400,000 passwords from Formspring


Hackers compromised more than 400,000 passwords from social Q&A website, Formspring. On July 6, The Hacker who compromised the database asked help in the InsidePro forum for cracking the SHA-256 Hashes.

The H's associates at heise Security had discovered the Formspring hashes at the end of last week but couldn't determine at the time the origin of the data. A short time later, a reader contacted The H with the crucial piece of information that hundreds of passwords contained the term formspring.

After being informed of this discovery, the operators of the platform soon managed to trace the leak to one of their development servers which had allowed an attacker to access a production server and said that they successfully closed it.

Formspring has also reset all user passwords. The company has taken this opportunity to switch its hashing method from SHA-256 (salted) to bcrypt, a method that can currently only be cracked with substantial computing power and, therefore, an attack would take a significant amount of time.

At the time of writing, hackers cracked half of the Hashes and posted in online.
Read more »
Subscribe to: Comments (Atom)