Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Vulnerability
Breaking News Security flaw Vulnerability

Critical Bug in GnuTLS library affects Linux and hundreds of apps


A critical bug(CVE-2014-0092) in handling the errors in the GNU Security library GnuTLS affects hundreds of software packages including RedHat, Debian and Ubuntu distros.

According to RedHat security advisory, there is a coding error in GnuTLS which fails to handle certain errors that could occur during the verification of an X.509 certificate, results in reporting 'a successful verification'.

"An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker." the advisory reads.

The bug exists in returning the value in the verify.c file (https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b?diffmode=sidebyside).  It appears the uninitialized variable "result" is causing the problem.  There is also another coding error where it returns value of issuer_version when issuer_version is less than zero, instead of returning zero.  And, when result is less than zero, it goes to 'cleanup' location instead of 'fail'.

Nikos Mavrogiannopoulos from Red Hat Security Technologies Team discovered this security flaw, while doing an audit of GnuTLS for the RedHat.

Users are advised to upgrade to the latest GnuTLS version (3.2.12 or 3.1.22) or apply the patch for GnuTLS 2.12.x.
Read more »
Hacking News
Bitcoin hacked Breaking News Hacking News

Bitcoin Exchange Poloniex website got hacked

Here comes another hacking news related to Bitcoin.  Multi crypto currency exchange Poloniex has announced today that their website suffered a cyber attack, leading to Bitcoins being stolen from their company.

On BitcoinTalk forum, the company explained how hackers stole the Bitcoins; Placing multiple withdrawls requests at the same time will result in negative balance but still the request is being processed.

"Another design flaw is that withdrawals should be queued at every step of the way. This could not have happened if withdrawals requests were processed sequentially instead of simultaneously" the forum post explaining another bug reads.

One of the forum's member gave a link to the attacker's bitcoin address "https://blockchain.info/address/1Ktq7TE3J5vZ3c99M5weqKfFcNkHQdqPrq".  It appears the loss is around $50,000(76BTC).

The owner of Poloniex said he will take the full responsibility and will repay the debt of BTC.  However, due to shortage of 12.3% in funds, the company will temporarily deduct 12.3% balance from all accounts.

"If I had the money to cover the entire debt right now, I would cover it in a heartbeat. I simply don't, and I can't just pull it out of thin air." he said.
Read more »
Security Breach
Bitcoin hacked Breaking News Hacking News Security Breach

Bitcoin Bank Flexcoin website hacked, $600,000 worth Bitcoins stolen

Bitcoin Bank "FlexCoin" website has been closed after reportedly hackers attacked the site and stole 896 bitcoins worth $600,320.

The organization claims the attack happened on March 2nd, in which attackers transferred the bitcoins to two different addresses.

"As Flexcoin does not have the resources, assets, or otherwise to come back from this loss, we are closing our doors immediately." the company posted a statement on its main page.

The bitcoins stored in cold storage were not affected by this breach, as coins were held offline.  Those users who put their coins into cold storage will be contacted by Flexcoin and asked to verify their identity.

For others, the company pointed out a link to TOS, where it says "Flexcoin Inc is not responsible for insuring any bitcoins stored in the Flexcoin system. You are entering into this agreement with Flexcoin Inc. You agree to not hold Flexcoin Inc, or Flexcoin Inc's stakeholders, or Flexcoin Inc's shareholders liable for any lost bitcoins."

The company says they are working with law enforcement and trying to find the cause of the security breach.  
Read more »
Pharming attack
Featured Hacking News Pharming attack

Hackers compromise 300,000 SOHO routers and changed DNS to redirect to attacker site

A security researchers at Team Cymru have uncovered a Pharming attack campaign targeting Small office and Home office(SOHO) routers.  So far, more than 300k SOHO routers have been compromised.

The hackers altered DNS settings  to use IP addresses '5.45.75[.]11' and '5.45.75[.]36' on the compromised devices in an effort to redirect the victim to attacker's website.

Most of the compromised devices are from Vietnam.  India is also to be one of the top countries affected by this campaign.  Other affected countries are including Italy, Thailand, Indonesia, Ukraine, Turkey, Colombia.

The affected routers are from number of manufacturers including Micronet, Tenda, D-Link, TP-Link.  Researchers say that affected devices are vulnerable to multiple exploits including CSRF attack, vulnerability in ZyXEL firmware.

The vulnerability in ZyXEL's ZynOS was discovered by researcher back in January which allows attacker to directly download the routers configuration file http://[IP Address]/rom-0.

So far, the attackers didn't seem to have abused the compromised devices.  But, the attack is similar to the attack against a number of Poland's banks.  In which, the attacker changed the DNS configuration in order to steal Online Banking login credentials.
Read more »
Hackers Conference
Breaking News Defcon Kerala Hackers Conference

Defcon Kerala Information Security Meet 2014


DEFCON KERALA chapter is pleased to announce that the second edition of DEFCON Kerala 2014 will be held on March 8th at Hotel Travancore Court, Kochi. DEFCON Kerala (DC0497) is the first DEFCON Chapter in Kerala and is a DEFCON USA Registered group for promoting and demonstrating research and development in the field of Information Security. We are a group of Information Security Enthusiasts actively interested in promoting information security.

Whether you are an information security expert, researcher or newbie in the field of information security, we have the right events to satisfy your appetite. This year DEFCON Kerala bring you a host of events which include.

KEYNOTE SESSION
N. Vinayakumaran Nair, Assistant Commissioner, Hi-Tech Cell, Kerala Police

TECHNICAL TALKS
Be there with us to hear from the experts who are at the forefront of information security research. This year we have about 12 Technical Talks that demonstrate Information Security Research in various fields.

  • WI-Hawk - Anamika Singh, Product Specialist
  • Android Security and Mobile OS Security in General - Anto Joseph, Technical Consultant
  • Compromising a DB via the XSS Vulnerability. XSS + Metasploit + Social Engineering -Fadli B. Sidek&VikneshwaranVeeran, Security Consultants
  • Security through Obscurity No More Alive - Gaurav Raj Anand, Independent Researcher
  • XMLChor-XPATH Injection exploitation - HarshalJaiprakashJamdade, Security Researcher
  • Interactive Web Security Testing with IronWASP- Lavakumar, Founder IronWASP
  • Windows 8 Forensics - Nikhalesh Singh Bhadoria, Information Security Researcher
  • DrupSnipe: Vulnerability Scanner for live Drupal powered website - Ranjeet Singh Sengar and Sukesh Reddy, Security Researchers
  • Securing the Web-Native Bridge in Hybrid Mobile Apps - Sachinraj Shetty, Application Security Manager
  • Android Forensics and Security Analysis - Santhosh Kumar, Independent Security Researcher.
  • To be announced - Francis Alexander, Security Researcher, OpenSecurity
  • HackSpace Workshop - YashinMehaboobe, Security Researcher, OpenSecurity

HACKSPACE-Free Hardware hacking workshop


HackSpace is a free and interactive hands on workshop on hardware hacking. It'll cover everything from basic microcontroller programming to hardware based attacks. Workshop will start with basic programming fundamentals. This will serve as a base for the rest of the class. Attendees will be introduced to various boards such as the Raspberry Pi, various Arduino boards as well as boards such as the MSP430 Launchpad.

The course will include fundamentals of bus protocols such as UART,I2C and SPI and how they are used. This will all be covered from an HackSpace is a free and interactive hands on workshop on hardware hacking. It'll cover everything from basic microcontroller programming to hardware based attacks. Workshop will start with basic programming fundamentals. This will serve as a base for the rest of the class. Attendees will be introduced to various boards such as the Raspberry Pi, various Arduino boards as well as boards such as the MSP430 Launchpad. The course will include fundamentals of bus protocols such as UART,I2C and SPI and how they are used. This will all be covered from an InfoSec perspective. Attendees will learn how to utilize the boards for penetration testing and security research.

DEFKTHON CTF
DEFKTHON CTF is DEFCON Kerala's trademark CTF. This is a jeopardy style CTF with challenges categorized into Recon, Reversing, Web, Crypto and Miscellaneous. The CTF is open to all and will be online on March 3rd 9.00 IST and will run till March 4th 21.00 IST. Stay tuned to http://ctf.defconkerala.com/


BEST SPEAKER AWARD

Cyber Security and Privacy Foundation(CSPF) will award the best speaker a grant of Rs.10,000. The Speakers will be judged by a Committee including Team DEFCON Kerala and an honorable member form CSPF. Delegates can contribute 50% to this selection process.

Top 5 reasons to attend DEFCON KERALA 2014
Access to cutting edge Technical Talks.
Access to Hack Space, the Hardware Hacking workshop.
Certificate of Participation.
Slides, Tools or Materials provided by the Speaker.
A niche networking platform.


Entry Pass: Rs.1100
Student Pass: Rs.800 (with discount code)
DISCOUNT CODE: STUDENT_14
Complimentary food coupons for all attendees.

Visit: www.defconkerala.com
Register Here: http://defconkerala.com/registration.html
Read more »
Hacking News
Defaced Website Hacking News

Russian Today (RT) news website hacked

On Sunday, the famous Russian news website RT.com has bee hacked and defaced.

The hackers gained access to the admin panel of the RT website and managed to publish several articles containing "Nazi" word in the headline.

The security breach also has been confirmed by the Russian Today in its official twitter account saying "Hackers deface RT.com  website, crack admin access, place "Nazi" in every headline. Back to normal now.".

Some of the published articles are entitled "Russian Senators vote to use stabilizing Nazi forces on Ukrainian territory", "Nazi nationalist leader calls on 'most wanted' Nazi umarov' to act against Russia' ".

The website has been restored and back to normal.  But still, no hackers appear to have taken credit for the breach.
Read more »
Malware Report
Banking Trojans Malvertising Malware Report

YouTube ads serve Banking Trojan Caphaw


Number of Malvertising attacks are appeared to be increasing day by day, even top websites fall victim to such kind of attacks - YouTube is to be the latest popular organization affected by malicious ads.

Security experts from Bromium have discovered that the cyber criminals were distributing a malware via YouTube ads.

According to researchers,  malicious ads attempt to exploit vulnerabilities in outdated Java.  It loads different malicious jar file, to ensure the exploit is compatible with the installed java version.

The Exploit kit used in this attack "Styx Exploit Kit" which was the same one used by cybercriminals to infect users of toy maker Hasbro.com.

If the user's machine is having vulnerable plugins, it will exploit the vulnerability and drops a Banking Trojan known as "Caphaw".  Researchers say they are working with Google Security team. 
Read more »
Featured
Defaced Website Featured

EC Council official website hacked


A hacker who calls himself "Eugene Belford" (A character from the movie "Hackers" )has hacked the EC-Council website - an organization that offers Certified Ethical Hacker(CEH)

"Owned by certified unethical software security professional" The defacement message reads.

He has also put in the deface page documents proving that "Edward Snowden" attended the CEH classes in India.

A spokesman from CSPF (Cyber Security and Privacy Foundation) says, it appears to be hackers used DNS hijacking attack to deface the website and possible gain access to their email.

Another CEH certified professional says he was not satisfied with EC Coucil  Training. He says though the course material is good and certification is recognised worldwide, the trainers from francisees of EC Coucil do not know hacking and they are not competent to take CEH classes.


Update: Sometime after this news was posted the hacker edited the deface page with this extra text. 

"Defaced again? Yep, good job reusing your passwords morons jack67834#

owned by certified unethical software security professional
Obligatory link: http://attrition.org/errata/charlatan/ec-council/
-Eugene Belford

P.S It seems like lots of you are missing the point here, I'm sitting on thousands of passports belonging to LE (and .mil) officials "

It might be that the attacker has gotten access to the emails of EC Council and hence all the email correspondence of the Law Enforcements and Military officials might be compromised also.



Read more »
Security Breach
Data Breach hacker news Security Breach

Hackers compromised 300k personal records from University of Maryland

Hackers breached University of Maryland's computer and compromised data belong to more than 300,000 people affiliated with the school on its College Park and Shady Grove campuses.

Details of students, staffs have been compromised in this security breach.  The accessed information includes Social Security numbers, names, birth dates and university ids, reports TwinCities.com

On Tuesday, 4 a.m, an Intruder gained access to a database containing information dating to 1998.  Other than stealing the data, the hacker didn't do any damage for the server.

University President Wallace D. Loh. said school officials are investigating the security breach and trying their best to prevent such kind of attacks in future.

Loh said they are also working with Law enforcements authorities. Computer forensics experts are examining the logs to determine how intruders gained access.

University plans to offer one year free credit card monitoring service to those who affected by this breach. 
Read more »
Hackers Arrested
Cyber Crime Hackers Arrested

Two Students hacked Data InfoSys website to recharge mobile phones worth Rs.8 Lakh

Two Information Technology(IT) students have been arrested by Jaipur cyber crime police for hacking Data InfoSys e-processing system and fraudulently recharging BSNL mobile phones.

Kulshrestha Varma and Hardik Sud, both 19-years-old, students of APG University in Shimla, managed to recharge more than 500 mobile phones, causing loss of Rs.8 Lakh for the Data infosys.

According to Times of India, the students have used a public Internet cafe to breach the Data InfoSys' website.  These two kids might have thought that police can't catch them, if they use a cyber cafe.

The company became aware of fraudulent recharges at the end of last year and filed a complaint in cyber police station back in December 3rd.  Police took 75 days to crack the case.

Police has arrested and brought them to Jaipur on a transit remand.  The police suspect involvement of several other people in this cyber crime.   
Read more »
Security Breach
Breaking News Data Breach Hacking News Security Breach

KickStarter kicked by Hackers, username and password stolen

Online Crowdfunding website KickStarter is to be the latest high-profile website reporting security breach.  KickStarter became aware of the breach, after receiving a notification from Law enforcement.

Hackers breached their website( kickstarter.com) and gained access to the user's information including usernames, encrypted passwords, email IDs and phone numbers.  The company says there is No Credit card data compromised in this breach.  

Even though the password is encrypted one,  we aware the fact that attackers with enough computing power can easily crack those passwords.

The company informs that two accounts have been accessed by hackers so far.  All users are recommended to change their password immediately for the KickStarter website.

If you are using the same password in any other websites(most of us do), you are also advised to reset the password there also.

"We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting." the company apologizes in their blog post.
Read more »
Subscribe to: Comments (Atom)