Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Malware Report
Fake Antivirus Malvertising Malware Report

Malvertising on Aftonbladet news site targets IE users with Fake Antivirus

A largest Sweden Newspaper website Aftonbladet is found to be serving malicious ads that redirect users to a malicious website serving Fake Antivirus.

Security researcher at Kaspersky said the website was spreading malware not because they got hacked, but because cybercriminals compromised a third-party ads running on the site.

The malicious script used in the malvertising attack checks whether the user is using Internet Explorer browser or not.  Only IE users are being redirected to malware website.

The malware page is not exploiting any vulnerabilities but displays a fake virus alert message from Microsoft Security essential that it has detected potential threats in the user's computer and recommends to clean the malware.

Once user click on the picture, it will not clean any viruses, it will download a malicious obfuscated Visual Basic Executable file. 

"Large websites often include content from other websites, and if the bad guys compromise any of those websites they can also manipulate the content which is getting included by the large website." researcher said.
Read more »
IT Security News
Data Breach Hacking News IT Security News

Target's network hacked using stolen credentials from a HVAC company

Stolen Credentials from Fazio Mechanical Services, a Pennsylvania based provider of heating, ventilation and air-conditioning(HVAC) systems, allowed attackers to breach the Target's network which resulted in massive breach involving more than 40 million credit card data.

Cyber security blogger Brain Krebs has learned that US secret services visited the companies offices, but Faizo Vice president has refused to provide further details about the visit.

You may ask why Target gave a ventilation contractor access to its network?  A CyberSecurity expert told Krebs that a HVAC service providers usually get access to retailers' computer systems in order to remotely monitor energy consumption and temperatures in stores.

CyberCriminals first tested their card-stealing malware, by infecting only a small number of cash registers within Target stores.  They conducted the test between November 15 and Nov. 28.

By the end of the November, hackers distributed their malware to a majority of Target's POS Systems.

It appears the stolen financial data stored not only in Russian server but it has also been uploaded to servers located in various countries including Miami and Brazil.

In an official statement, Faizo Mechanical Services said "Fazio Mechanical does not perform remote monitoring of or control of heating, cooling and refrigeration systems for Target"

"Our data connection with Target was exclusively for electronic billing, contract submission and project management, and Target is the only customer for whom we manage these processes on a remote basis."
Read more »
National Security
Breaking News Chinese Hackers Cyber War IT Security News National Security

Chinese Huawei allegedly hacked into Indian state-owned Telecoms company BSNL

Parliament of India was informed on Wednesday that the State-owned Telecoms Company Bharat Sanchar Nigam Limited(BSNL)'s network was allegedly hacked by a Chinese Telecom equipment maker Huawei.

"The government has constituted an inter-ministerial team to investigate the matter."Killi Kruparani, Minister of State for Communications and IT, told the Lok Sabha.

According to reports,  the engineers of Huawei allegedly hacked a BSNL's mobile tower in Coastal area of Andhra Pradesh in October 2013.

India has launched an investigation, the investigation team is comprise of top officials from National Security council Secretariat, Intelligence Bureau, Union home ministry and BSNL.

It is worth to note that BSNL has offered a major part of its network expansion tender to another Chinese company ZTE in 2012.  The goverment suspects it might be the "inter-corporate rivalry" between these two chinese companies.

Huawei India denies allegations of hacking BSNL's network, said it will continue to work with Indian customers and Government and ready to help in addressing any network security issues.
Read more »
Syrian Electronic Army
Featured hacker news MarkMonitor hacked Syrian Electronic Army

Facebook almost got hacked by Syrian Electronic Army, MarkMonitor website Hacked

Earlier today the Syrian Electronic Army posted a tweet with screenshots which suggested they had hijacked the Facebook's domain and changed the Registrant details and name server.

"Happy Birthday Mark! http://Facebook.com  owned by #SEA http://whois.domaintools.com/facebook.com" Hackers said in a tweet.

How hackers take control of Facebook Domain?
The next tweet confirmed that the hacker group took control of the MarkMonitor website - a website that manages Top Level domains including Facebook, Google, Yahoo and more.

The group managed to gain the admin panel of the Mark Monitor website that allowed them to access records of all domains hosted.


After learning about the breach, the Markmonitor immediately took down the Management portal.

It seems like facebook is lucky this time.  Even though the group changed the nameserver of the domain, it didn't reflect.  It's failed attempt to compromise domain's DNS records.  If they had managed to change the records successfully, it could have affected millions of facebook users.

Few other screenshots provided by Syrian Electronic Army shows that the group had access to Google, Yahoo and Amazon domains.




Read more »
Pakistan Haxors CREW
Defaced Website defacement Hacking News Pakistan Hacker Pakistan Haxors CREW

Two more Indian Government websites hacked by Pakistani Hackers


In last few days, several Pakistani hacker groups have defaced plenty of Indian government websites.  Pakistan Haxors CREW is one of the group targeting the Indian websites.

The group today hacked into two Indian government websites: West Bengal State Coastal Zone Management Authority and Damodar Valley Corporation .

At the time of writing, 'wbsczma.gov.in' still showing the defacement while the 'portal.dvc.gov.in' went offline.  The group also claimed to have dumped the database. 

Today, another group named as "Team MaXiMiZerS" have defaced two India's Kerala state government websites along with hundreds of other websites.

Last night, Voice Of Black Hat Hackers group from Pakistan hacked two India's Rajasthan state government websites.
Read more »
Team MaXiMiZerS
Defaced Website Hackers News Pakistan Hackers Team MaXiMiZerS

Pakistani hacker group 'Team MaXiMiZerS' hacks India's Kerala state Government websites

Hundreds of Indian websites including two Kerala state Government websites have been breached by a Pakisani hacker group identifying itself as "'Team MaXiMiZerS"

The affected websites are Cooperative Institute of Management and Technology (cimat.kerala.gov.in) and Kerala Cultural Welfare Development(cwb.kerala.gov.in), Kerala's Kannur University (kannuruniversity.ac.in). 

Other affected sites have been listed here: http://pastebin.com/p0zPbQDC

The defaced websites displayed the message  "What we Ask From India All the time is the only Kashmir , Most of the times we dnt act like that but this is the only way left . Why indian army is killing innocent's in kashmir ?  We Just Ask you these simple Question's and the indian gov got no answer's..... why ?"

"This is the only way left to protest for us. For what you are scared of ? India will loose the beauty of kashmir ? how many muslim brother's being killed on daily basis did u ever thought ? a 16 year's girl raped and killed a boy shot in the head for what ? because they are protesters ?All we ask is just the Answer of these Questions Nothing Personal ...you will pay for these sins one day"
Read more »
Voice Of Black Hat Hackers
Defaced Website Hacking News Voice Of Black Hat Hackers

Two Rajasthan Government websites hacked by Voice Of Black Hat Hackers

Pakistani hackers keep targeting Indian Government websites and breached several servers.

Today, a hacker named "ArYaNZ KhaN " from a pakistan hacker group called as "Voice Of Black Hat Hackers" hacked into the two India's Rajasthan government websites.

One of the website is appeared to be a testing website(webmis.rajasthan.gov.in/ArYaNZ.html).  The other one belong to the "Information and Public Relations Department of Rajasthan(dipr.rajasthan.gov.in/ArYaNZ.html).

"HEY INDIA!; Think again! Salute oh martyr from the land of Kashmir, your last wish to recite verses of holy Quran was not fulfilled. But the dream you lived with, will surely be fulfilled. India will taste defeat. " the defacement message reads.

"India celebrates this day while not realising what is coming for it now, this wont end the Intifada from Kashmir, you will see more and intesne reveolution." Hacker said in the defacement.
Read more »
The RedHack
Data Breach Database Leaked hacker news The RedHack

RedHack claimed to have hacked ISP TTNET, Vodafone and Turkcell


The Turkish hacktivist collective RedHack claims to have breached systems of Turkish ISP TTNet(www.ttnet.com.tr), vodafone and leading Turkish mobile operator TurckCell(turkcell.com.tr).

"Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems. +"  Hackers announced the hack earlier today.

Hackers claimed to have compromised millions of records from the servers.

"If we are able to reach these info on their systems with our limited resources imagine what can foreign intelligence agency do. These companies have 90% of the population's data on their systems and they can't protect them." Hackers said.

The have dumped(http://justpaste.it/eaml) some of data compromised from TTNet.  The dump only contains the membership details of Ministries, National Intelligence Agency(MIT),and Security Directorate.  Hackers didn't publish the data belong to general public, "as a matter of principle".

The leak contains information such as names, phone numbers, addresses, email IDs and other information.

Hackers said the reason for these breaches is to prove the fact that no one and no system is 100% secure.

"In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease." The group said that they will continue the operation.
Read more »
Pakistan Haxors CREW
Cyber War hacker news HaXor Hasnain Pakistan Hackers Pakistan Haxors CREW

Indian Public Health Engineering Department website hacked by Pakistan Hackers


West Bengal Branch of Indian Public Health Engineering Department website(www.wbphed.gov.in) has been breached by a hacker from Pakistan.

A hacker with handle H4$N4!N H4XOR from Pakistan Haxors CREW has has uploaded a defacement page in the "Uploads" directory of the site (http://www.wbphed.gov.in/applications/GO/uploads/index.html).

When we asked about the vulnerability responsible for the breach, the hacker said that the website is vulnerable to SQL Injection vulnerability.

"Security Breach!Free Kashmir. Free Syria. Stop Spying On US. Stop Killing Muslims. We Have All Your Data. Don't Try To Catch Us" The defacement message reads.

The hackers said the defacement is revenge for hacking Pakistan websites.  He also claimed to have compromised the database from the server.

In the last two days, the group hacked into Indian Railways website and Official website of Assam Rifles.
Read more »
IT Security News
Breaking News Data Breach Database breached Hackers News IT Security News

Orange.fr hacked, details of 800,000 customers stolen

Unknown Hackers have breached the website of Telecoms giant Orange and have compromised details of 800k customers from the www.orange.fr.

According to PCINpact, My accounts page of website has been targeted by hackers on January 16.  Hacker have gained access to personal data including names, email IDs, phone numbers, mail addresses and other details.

Orange states claims only personal information have been accessed by hackers, passwords have not been compromised in the Data Breach.  Customers' bank account numbers are stored in separate server which is not impacted by this breach.

Few hours after became aware of the intrusion, the ISP immediately closed the "My Accounts" page to prevent further attack.  The security hole responsible for the breach is said to have been closed.

The company said only 3% of its customers impacted by the breach.  In an email sent to affected customers,  the company warned them that the stolen data can be used by cyber criminals to launch phishing attacks.

The company has filed a complaint about the breach and working with Police.
Read more »
SQL Injection
Data Breach Database Leaked Hacking News NullCrew SQL Injection

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada
Read more »
Subscribe to: Comments (Atom)