Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Security Breach
Security Breach

“The Consumerist” request users to change password after security breach

The Consumerist representatives notified their readers that the site outages experienced in the previous days were caused by a security breach.

They didn’t provide many details regarding the security issue, but as a precaution they turned off commenting on all articles and they plan to reset all user passwords.

“We first took the site down late Wednesday afternoon, when we were alerted to a security concern. The site was then cleaned and cleared by our security experts, and put back online within about two hours,” the Consumerist Security Team wrote.

“Last night, we detected a new problem and took the site down for another five hours in order to address that issue.”

"To limit security concerns, the Consumerist is now operating in a mode that does not permit commenting. We apologize for the inconvenience this may cause."

They advised users to change their password at any site where they use the same password as Consumerist. At this time, You cannot change your password at Consumerist due to the no-comment mode, but the Consumerist promised that they will alert users when that changes.
Read more »
Featured
Breaking News Featured

Hackers steal 800,000 users Data from Dutch Hosting Server


The databases of several major websites are stolen by Hackers,  after a Proserve internet server was hacked.

 According to Nu.nl report, the databases of Q-Music, Stedin, the Telegraaf newspaper café, and various online stores such as Square Shopping, Internet and Bikes Model Brekelmans were accessed and data of around 800,000 persons were stolen.

The vulnerability was discovered by the hacker Trixy Dutch Association of Housewives Hack Ende. They found that it lacked any access to security as an administrator to login.

"This is evil, because it is clear that someone already has broken things and broken in," she tells NU.nl. "I really want that now declaration is made to that person to stop."

Trixy also discovered that another server was accessible. That turned out to be a machine that is used by Proserve for automated design of computers. That machine was, according to the company are not allowed to go online.

Proserve Motiv security has now enabled and this company will investigate the hacking. Also Proserve has decided to grant the request of Trixy and report it to the police. Trixy and the Society of Hack Housewives Ende has indicated interest in granting assistance in tracking down the hacker.
Read more »
Spam Report
Scam Report Spam Report

fake Facebook photo tag notification leads to BlackHole Exploit page

Legitimate-looking emails that tell users they’ve been tagged in a picture on Facebook have been found to serve in a malicious campaign designed to spread a nasty Trojan. The email has been intercepted by Sophos Labs.

Apparently originating from notification@faceboook.com (with three “o”s), the notifications tell the recipients that a member of the social media site has added a photo of them, Sophos experts report.

Once user click the link provided in the email , he will be taken to a website that hosts BlackHole Exploit kit.

To avoid raising any suspicion, within four seconds your browser is taken via a META redirect to the Facebook page of a presumably entirely innocent individual.

In background, BlackHole Exploit kit take advantage of the vulnerabilities resides in the user system and drops a malware file onto the victim’s computer.
Read more »
Database Leaked
Breaking News Database Leaked

Netcom Hacked and database Leaked by NullCrew

Over the past few days, The Hacker group #Nullcrew has been busy in leaking the database compromised from popular sites - to show that nothing is secure. Net Communications or Netcom, appears to be the latest victim.

"My reason was simple. I reported it and they pretty much said 'f*** off' " Hackers wrote in the leak.

The leak contains database information, details of staff,clients and members. 
While the staff and the clients tables don’t hold any sensitive data, the member table contains information such as usernames, password hashes, addresses, email addresses and other identification details.

After Softpedia Reporter contacted the Netcom’s representatives, Simon Gurney, the Managing Director of Net Communications has responded by issuing the following the statement:

The expression " Cobbler's shoes" comes to mind!

News of PHP 4 being phased out reached us way back in 2007 with most of our clients being moved onto new servers running PHP 5 by 2008 when PHP 4 was announced end of life and no longer supported.

We kept an old PHP 4 server running with our website still on it while we were working to upgrade. However " Cobbler's shoes" our clients' work always comes first!

Net Communications has been an I.S.P. for 17 years which must make us one of the industry's older members (but never complacent). We are based amongst sheep and sugar beet in very rural North Norfolk and in TELEHOUSE Docklands.

“My reason was simple. I reported it and they pretty much said ‘f*** off’,” one of the hackers wrote. I'm not sure about this as we are a small office and that is not the sort of language used except perhaps when the sheep get out.

I'm wondering if they spoke to one of the many companies calling themselves Netcom and variations of Net Communications by mistake?

Read more »
NullCrew
Database Leaked NullCrew

Yale University website hacked by #NullCrew


The hacker group known as "NullCrew" has been very busy in the past few days.  After they breached the ASUS estore and South African ISP directory, now they hacked into the Yale University website.

"Hello. This release merely had a reason other than to prove that nothing is secure. In fact, the governmental and educational sites are the least secure in the experience we've had with .edu and .gov websites." The Hacker wrote.

Hacker  compromised and leaked the details of 1200 Yale students and Staff. The leak contains username, passwords, email address. The passwords are in plain text format.

Hacker calimed that they also compromised more sensitive information from Yale.edu including Social Security Numbers, names, address, phone numbers ,but because their purpose is merely to show that nothing is secure, they haven't release those details.

" You don't believe our reason hm? Well, we had access to the SSNs, Names, Addresses and Phone Numbers of 1200 Yale students and staff. We didn't dump those, because of our reason; to prove nothing is secure. Let's start the dump now. The format is Username, Password, Email. Enjoy."
Read more »
TeamGhostShell
Database Leaked TeamGhostShell

IT Wall Street Hacked by #TeamGhostShell


A Hacker called as Masakaki, from TeamGhostShell group, claims to have breached the systems of IT Wall Street – a website dedicated for those in search of an IT job in the financial services industry .

“GhostShell has been leaking left and right all kinds of targets, well we're here to bring some sort of order to it, which is why this district will function solely to provide leaks from an economical point of view, institutional and educational, but primary, it will focus on the financial aspect of things,” the hacker said in the post.

“With that being said, what better target to pick as a first release, than the place that puts all markets to shame in the world. Wall Street.”

Hacker claimed that around 50,000 account details  compromised from  IT Wall Street. The leak contains email address, username,hashed passwords and other details.

Furthermore, the hacker claims to have obtained more than 3,000 resumes that he plans to trade on the black market.
Read more »
Breaking News
Breaking News

Dropbox users targeted by spam, possible Security breach?!


A Number of Dropbox users have reported receiving spam mails to their e-mail address. Worse yet, even those users who created e-mail addresses to use exclusively for the file storage service are seeing spam.

Yesterday, a Dropbox user David.P, reported on the Dropbox forum that he received a spam message to an email account that he used exclusively for Dropbox and no other service.  Since then, various users in Germany, the Netherlands and United Kingdom reported receiving junk email touting online gambling sites.

As of right now, only users from Europe seem to be targeted by the spam attack.


Report says , the company’s service went down in a rare outage at around 3 p.m. ET, blocking users from logging into and accessing their files and displaying an error message on dropbox.com.

Dropbox responded by issuing the following statement:
"We‘re aware that some Dropbox users have been receiving spam to email addresses associated with their Dropbox accounts. Our top priority is investigating this issue thoroughly and updating you as soon as we can. We know it’s frustrating not to get an update with more details sooner, but please bear with us as our investigation continues.”

Without more information, it's impossible to conclude that Dropbox accounts or personal information have been compromised.
Read more »
Spam Report
Spam Report

Beware of HSBC Bank “Suspended Account” Emails

Financial institutions have implemented all sorts of mechanisms to prevent fraud. However, these systems can also represent a good topic for a scam.

Millersmiles warns of phony emails entitled “New Messages from HSBC Bank,” which notify recipients that someone has attempted to fraudulently access their accounts.

“We noticed invalid login attempts into you account online from an unknown IP address 64.200.141.24. Due to this, we have temporarily suspended your account. We need you to update your account information for your online banking to be re-activated please update your billing information today by clicking here,” reads the notification.

It’s clear that the email wasn’t actually written by HSBC. Furthermore, those who click on the links it bears will find themselves on all sorts of shady-looking pages that request sensitive details.

Be sure to avoid such emails to protect your bank account against fraudulent transactions.
Read more »
Breaking News
Breaking News

Security hole in Kindle Touch web browser gives attackers root


A security hole in Amazon's Kindle Touch web browser allows an attackers to run shell commands with the root privileges, if he can convince a user to navigate to a specially crafted webpage.

This vulnerability allows attackers to access the eBook reader's underlying Linux system at the highest privilege level and potentially steal the access credentials for the Amazon account linked to the Kindle, or purchase books with the Kindle user's account, The H-online reports.

The security hole was originally detailed on MobileRead forum in May but hasn't attracted much attention.

Researchers from Heise security have created a proof-of-concept video to demonstrate the existence of the security hole in eBook readers that with the 5.1.0 firmware variant. They’ve managed to get the Kindle to send the /etc/shadow file – which contains the root password hash – to an arbitrary server.

H-online points out that Amazon's Security department is working on a patch and also suggest that some new Kindle Touch devices are already being shipped with updated 5.1.1 firmware. The issue doesn't appear to affect any other Kindle models.
Read more »
Vulnerability
Breaking News Vulnerability

Buffer Overflow vulnerability found in German Credit card terminals


Security Researchers from Security Research Labs (SRLabs), have discovered Buffer Overflow vulnerability in the Germany’s Hypercom Artema Hybrid card terminal that allows hackers to steal take control of the device.

The vulnerability is critical because it doesn't require any physical tampering, the attackers can easily exploit the vulnerability via TCP/IP connection .

During an attack, criminals could make a customer believe that a payment transaction is taking place while they read the magnetic stripe data and log the PIN number entered by the customer.

The researchers demonstrated their discovery in a video and to show just how vulnerable the device is, they even installed a version of the popular PONG game on it. They also performed a demonstration on the German ARD TV channel.

The SRLabs researchers  informed manufacturer VeriFone of the problem, and demonstrated the attack, back in March. However, the patching process didn’t go as the researchers expected so they decided to make their findings public, hoping that it would accelerate things, The H-online reports.

Deutsche KreditwirtschaftGerman, the German banking industry association that handles such issues, emphasises that duplicate cards with copies of magnetic stripes don't work at German cash points because of an anti-counterfeiting measure known as “machine-readable modulated".

Deutsche KreditwirtschaftGerman said duplicate cards with magnetic stripes cannot be used at cash points around the country but stolen data can be used abroad to cash out bank accounts.
Deutsche Kreditwirtschaft representatives claim that VeriFone promised to roll out software updates for all the affected terminals.

In the meantime,The SRLabs researchers have discovered a further problem that can't be fixed in this way. The processor's JTAG debug interface is located in a place so exposed that attackers could contact it from outside without breaking the housing or seal.
Read more »
Spam Bots
Botnets Featured Security News Spam Bots

Dutch Authorities take down C&C servers used by Grum Botnet


Dutch Authorities did a great job by taking down two of the command and control(C&C) servers belong to  the world's largest spam botnet ,Grum. This is not complete victory, as there are still two other C&C servers at work, but researchers are optimistic that the volume of spam will drop as a result.

Last week, FireEye published the details on four C&C servers, actively controlling the Grum botnet.Two of the servers were in the Netherlands, one is in Russia and the other in Panama.

Now, Dutch authorities take down the two Secondary C&C servers located in the Netherlands.  The master CnC servers located in Panama and Russia are still alive.

"These two CnC servers were responsible for pumping spam instructions to their zombies. With these two servers offline, the spam template inside Grum's memory will soon time out and the zombies will try to fetch new instructions but will not able to find them," FireEye’s Atif Mushtaq wrote.

“Ideally this should stop these bots from sending more spam. I am sure the absence of the spam sent by the world's third largest spam botnet will have a significant impact on the global volume.”
Read more »
Subscribe to: Comments (Atom)