Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Vulnerability
Security flaw Vulnerability

Hackers can use Google Chrome to spy on your conversations


A Security bug in Google Chrome allows hackers to use computer microphone to surreptitiously listen to your private conversations.

Normally, a website that uses speech recognition technology gets permission from user to access mic.  There will be indication of the speech recognition in chrome.  Once the user leaves the website, chrome will stop listening to Mic.

Israeli developer Tal Ater found a security flaw in this system, while working on Speech Recognition library.

The problem is that once you grant a HTTPS-enabled website permission to use your mic, chrome will remember the choice and start listening in the future without asking permission again.

In a demo video, he showed how an attacker could leverage this functionality by launching a small hidden pop-up window that will start the speech recognition system.

Ater reported the bug to Google's Security team on Sep. 2013.  He has been nominated for the chromium's reward panel.



Read more »
Litecoin
Data Breach Give Me coins Hacking News Litecoin

"Give me Coins" website hacked, 10K Litecoins worth $230k stolen

One of the largest Litecoin mining pools "Give Me Coins" website (give-me-coins.com) has been hacked.  10,000 Litecoins worth $230,000 have reportedly been stolen.

After became aware of fraudulent transactions, the organization immediately disabled the transfer of coins outside of the website.

Trustwave's SpiderLabs says this quick response prevent the attackers from obtaining an additional 20,000 Litecoins from the website.

The vulnerability that leads to security breach remains unknown.  The site admin says it might be SQL Injection vulnerability.

The organization has promised "All coins sent to the LLh address will be recredited shortly"
Read more »
Malware Report
Government websites hacked Malware Report

Brazil Government website hacked, redirected to malicious website

malicious javascript

Security Researcher at F-Secure has spotted a piece of malicious code injected in the official website of the City of Franca in São Paulo, Brazil(franca.sp.gov.br).

Hackers managed to place a malicious javascript code in one of the javascript file which loads malicious flash object.  The flash object redirects visitors to a malicious domain.

Researcher didn't specify what exactly served in the malicious domain.

The website using outdated joomla version(1.5), Cybercriminals might have exploited any known vulnerabilities.  According to researchers, this is not the only Brazil government website using outdated CMS.

F-Secure has contacted the Brazil's  Computer Security and Incident Response Team - CTIR Gov and informed about the incident.
Read more »
Reginaldo Silva
Bug Bounty Hunter Bug Bounty Programs Facebook Bug bounty Featured Reginaldo Silva

Researcher gets $33,500 for Remote Code Execution Vulnerability in Facebook


Here comes a critical bug discovered in Facebook and biggest bounty ever paid by Facebook for reporting vulnerability in their website.

Reginaldo Silva, A Brazilian Hacker, has discovered a highly critical Remote Code Execution(RCE) vulnerability in the Facebook which could allowed attackers to read any files from the server.  It could also allowed attackers to run malicious code in the server.

In September 2012, he first discovered XML External Entity Expansion bug in the Drupal that handled OpenID.  OpenID is an open technology that allows users to authenticate to websites without having to create a new password.

He found similar bug affecting the Google's App Engine and Blogger.  However, it is not critical as he wasn't able to access the arbitrary file or open network connections, he received $500 reward from Google.

He found out plenty of other websites implementing OpenID are vulnerable to RCE. 

Recently, Silva learned that "facebook forgot password" page is also using OpenID provider to verify the identity of the user.  He managed to discover the XXE bug in Facebook that allowed him to read the "etc/passwd" file from the server.

"Since I didn't want to cause the wrong impressions, I decided I would report the bug right away, ask for permission to try to escalate it to a RCE and then work on it while it was being fixed." Silva wrote in his blog.

He thought it will take time to fix the bug.  However, the facebook security team responded quickly and fixed issue within 3.5 hours.

"I decided to tell the security team what I'd do to escalate my access and trust them to be honest when they tested to see if the attack I had in my mind worked or not. I'm glad I did that. After a few back and forth emails, the security team confirmed that my attack was sound and that I had indeed found a RCE affecting their servers." silva said.

He has been rewarded with a bounty of $33,500.
Read more »
hacker news
Breaking News Hacker Guccifer hacker news

Guccifer, the hacker responsible for several high-profile hacks arrested in Romania


Marcel Lazăr Lehel, 40-year-old, from Romania suspected of being the notorious hacker Guccifer has been arrested by Romanian Authorities, at his home in Arad county.

"Guccifer", is the hacker who responsible for a number of high-profile account hacks.  In Feb. 2013, he hacked into 6 separate email accounts including AOL email account of Dorothy Bush Koch, daughter of former president George H.W. Bush and exposed emails, photos & personal information.

Other persons targeted by "Guccifer" includes George Maior(The head of the Romanian Intelligence Service (SRI)), Colin Powell, U.S. Senator Lisa Murkowski, comedian Steve Martin, actress Mariel Hemingway, editor Tina Brown and many others.

This is not the first time Lazăr Lehel has been arrested for hacking.  In Feb. 2012, he received a three year suspended sentence.
Read more »
Malware Report
Android Malware Hacking News Malware Report

Android Malware HeHe steals messages and Intercepts phone calls


Security Researchers from FireEye Labs have discovered six variants of a new Android malware dubbed as "Android.HeHe" which is capable of stealing SMS and intercepting phone calls.

The malware is being distributed as a security update for the Android OS. Once it infects a device, it communicates with the command and control(C&C) server and monitoring incoming SMS.

Phone details including IMEI, IMSI(International mobile Subscriber Identity), phone number, OS version, model of the phone are being transfered to the C&C server.

It also checks whether the IMSI code is null so that it can determine whether it is being executed in Emulator or in real device(Emulators don't have IMSI code).

The C&C server responds to the device with a list of phone numbers. If the infected device receives SMS or phone call from one of these numbers, the threat intercepts the message or call.

Text messages from one of these numbers are captured and stored in the attacker's server. Any phone calls from these numbers are silenced and rejected.
Read more »
Hackers Arrested
BlackPOS Malware Breaking News Cyber Crime Hackers Arrested

Russian Hacker Rinat Shabayev admits to be creator of BlackPOS Malware



Last week, cyber security firm IntelCrawler named the 17-year-old Russian "Sergey Taraspov" as creator of the BlackPOS Malware which was used in the Target data breach.

After further investigation, the company update its report saying that 23-year-old Russian hacker named "Rinat Shibaev" is the original author of this malware and Sergey is member of technical support team.

In an interview with Russian news channel LifeNews, Shibaev has admitted that he had developed the BlackPOS(also referred as Kaptoxa) malware.

The hacker says he just took readily available program and developed it with additional features.

He allegedly got help in developing the malware from an unknown person whom he had met online.  However, he said that he doesn't even know in which country the person lives.

The hacker also said that he created it for selling it to others, not to use the application by himself.
Read more »
Syrian Electronic Army
Defaced Website Featured Hacking News Syrian Electronic Army

Microsoft Office Blog hacked by Syrian Electronic Army


As i said earlier, this year starts with bad luck for Microsoft.  As promised earlier in their tweet that they didn't finish their attack on Microsoft, they have attacked another website belong to Microsoft. This time, it is official 'Microsoft Office' blog.

"We didn't finish our attack on @Microsoft yet, stay tuned for more! #SEA" Hackers posted in one of their earlier tweets.

Hackers posted a screen shot that shows they managed to post articles entitled "Hacked by Syrian Electronic Army" in the blogs.office.com.


They also mentioned in their tweet that Microsoft can expect more attack from SEA team.

Hackers also posted couple of screen shots that shows they have gained access to the control panel of Office blog.



"Dear @Microsoft, Changing the CMS will not help you if your employees are hacked and they don't know about that. #SEA" latest tweet from SEA reads.

The latest attack is part of the series attack against Microsoft, started with  Skype blog and twitter account hijack.  This was followed by hijack of Xbox twitter account, Twitter account of Microsoft News and Microsoft official blog.
Read more »
Malware Report
BlackPOS Malware Breaking News Cyber Crime Data Breach Malware Report

17 year old suspected to be creator of BlackPOS malware used in Target data breach


Security firm IntelCrawler has been analyzing the recent massive data breaches of Target and Neiman Marcus.  The company said that it has identified the creator of the malware used in these attacks.

According its report, Sergey Taraspov, a 17-year-old boy from Russia, with Online handle 'ree[4]', allegedly first created the sample of the BlackPos malware in March 2013.

Initially the malware is referred as "Kaptoxa"("potatoe" - in russian slang) which was later referred as "Dump memory grabber" in underground forums by the creator.  "BlackPOS" name came from the title used in C&C communications.

BlackPOS is a RAM scrapping malware totally written on VBScript which is designed to be installed on POS devices and steals all data from cards swiped through the infected system.

Based on its own sources, the organization determined that the first victim of the malware is Point of Sale(PoS) systems in Canada, US and Australia.

He has sold more than 40 builds of his creation to cyber criminals from Eastern Europe and other countries, for $2,000.

The hacker has created several hacking tools including a brute force attack and other malicious tools.  He has also made some money with the training for DDOS attacks and Social network accounts hacking.

However,  the organization said that the real cybercriminals behind the Target data breach were just customers of him.

Update: 
After further investigation, IntelCrawler determined that the original BlackPOS malware is Rinat Shibaev.  Sergey Taraspov is actually one of the technical support members.
Read more »
Security News
Hacking News IT Security News Privacy Breach Security News

Southwest General notifies patients of privacy breach

Southwest General Health Center is notifying over 480 patients who were part of an obstetrics study that a binder containing their private information is missing, according to local news report.

The binder which has been missing since December 5 contains information gathered between April and October 2013.

It includes patient names, date of birth, medical record numbers and clinical information.  Southwest General said no Social Security numbers and financial information were involved in this privacy breach.

The hospital tried to find the missing binder.  However, they are not able to locate it.

They also apologized to its patients and said they have implemented some procedures to prevent this type of incident from reoccurring in future.
Read more »
IT Security News
Cyber Crime Hackers Arrested Hacking News IT Security News

Former Natwest Bank clerk jailed for helping fraudsters


A former NatWest Bank clerk has been sentenced to four years in jail for helping fraudsters to gain access to the Bank computers in an attempt to steal over £1 million.

Hans Patterson-Mensah, 24 year old, allowed fraudsters to enter into customer interview room at one of Natwest Branches in Sep. 2012.

The fraudsters managed to install KVM("keyboard, video and mouse) switch into a computer.  The device gave the criminal access to the bank's internal system.

The criminals managed to change some records to make it look like the target person has deposited £1m in their account.  The crooks then withdraw money from that account.

However, Bank staff spotted that something was amiss when they conducted an end-of-day audit.  They managed to recover most of the money(£6,000).
Read more »
Subscribe to: Comments (Atom)