Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Pakistan Hackers
Breaking News Hackers News Pakistan Hackers

BJP Junagadh website hacked by Pakistani hackers

Local news organizations reports that BJP Junagadh unit's website (bjpjunagadh.org) was hacked and defaced by some unknown hackers.

The hackers who defaced the website posted comments against BJP and RSS. The defacement also contains several images of people burning and standing on the Indian tricolor.

We have referred some defacement-mirror websites, the hack appears to have taken place in February.  It is unclear whether these local reports referring this incident or the website got defaced again today.

According to the defacement-mirror record(hxxp://dark-h.org/deface/id/12604), this website was defaced by a Pakistani hacker going by handle "Sniper haxXx" who is responsible for many Indian websites' hacks.

"As soon as I reached office, our IT cell employees told me that someone has hacked our website http://www.bjpjunagadh.org and uploaded photographs and comments to malign reputation of BJP, RSS and Narendra Modi,"Indian Express quoted In-charge of BJP Junagadh office Raju Jivani as saying.

A complaint has reportedly been lodged against the unknown hacker, police are trying to find the hacker who is responsible for the breach.

Meanwhile, Gujarat Pradesh Congress Committee's President Arjun Modhwadia told reporters that "This is purely an attempt to get votes by playing the communal card ahead of the election"
Read more »
European Cyber army
Database hacked Database Leaked European Cyber army

European Cyber Army leaks 60k credentials compromised from Syrian sites


More than 60,000 accounts details have been leaked by a hacker from European cyber army(ECA) going by handle "Zer0Pwn".

The database dump is said to be compromised from two syrian websites : job.sy and realestate.sy.

Hacker posted a sample data in a paste(http://pastebin.com/7Y13ULux) entitled "ECA vs. Assad" along with a link to full database dump.  The dump contains names, email ids, passwords, phone number and other details.

While the passwords compromised from job.sy are encrypted, the passwords from realestate.sy are in plain text format.

Lee J from Cyber War News analyzed the full database dump and reported that database dumps from realestate.sy contain more than 4000 unique login credentials and database dumps from jobs.sy contains more than 50,000 login credentials.

Some other members from ECA has attacked syrianmonster.com and compromised admin's login credential.


Read more »
IT Security News
Breaking News Information Security News IT Security News

Wired website blocked by Google Chrome

Official website of popular American magazine Wired has been blocked by Google and Chrome.  Users who tries to access few urls of wired are getting a warning message saying "This site may harm your computer".

We tried to access wired.com from Google search result, there was no warning message for home page.  However, when i tried to access the 'wired.com/business/', i was presented with Malware warning page.

"Hey folks, we had a brief technical issue this morning, but it's fixed. Thanks to those of you who brought it to our attention." Wired tweeted regarding the issue.

It is unclear what they mean by 'technical issue' and how come Google has blocked the website.  At the time of the writing, visitors are still presented with the malware warning message.  Wired says it is waiting for Google chrome to remove the warning.
Read more »
Security Breach
Data Breach Data Theft Featured Security Breach

Germany's biggest data theft, 18 million emails and passwords stolen


18 Million email addresses and passwords have been stolen in what is being called the biggest data theft in Germany's history.

The compromised accounts are reportedly being misused for criminal purposes such as spreading spam emails.

The authorities have determined that at least three million of compromised accounts belong to German citizens(accounts ending with '.de').  The rest had international domain extensions such as '.com'.

It is still unknown exactly how many German and people from other countries have been affected by this massive data theft. 

A spokesperson for the states prosecutor's office in Verden, Lower Saxony, Germany, told The Local that they are currently in the process of determining how hackers accessed 18 million accounts.

It is second major data theft in Germany this year.  In January, German authorities announced that hackers accessed 16 million email addresses and passwords.
Read more »
Malware Report
Android Malware Breaking News Malware Report

Android malware steals money from QIWI Wallets

Cyber criminals are continually finding new ways to earn money using infected devices.  We aware of SMS Trojans that earn money by sending out premium-rated messages from the infected android devices.

Experts at Kaspersky have recently spotted a new Android Trojan that not only send SMSs to premium-rate numbers but also steals money from QIWI electronic wallet.

Visa QIWI Wallet is electronic payment service can be used to pay for goods and services around the world, receive payments, and transfer money.

Once installed on a device, the malware, dubbed as 'Waller', attempts to communicate with Command and control (C& C) server located at playerhome.info and awaits further commands.

Malware is capable of checking the balance of infected phone by sending SMS to mobile network operator and intercepts the reply, send SMS, open web pages, download and install other malware.  It is also capable of updating itself and send SMS to victim's contact list.

This trojan also checks the balance in the QIWI Wallet by sending an SMS to 7494.  The response messages is intercepted by the trojan and forwarded to the cyber criminals.  If there is money in the Wallet, the malware will send message to 7494 with attacker's wallet number and the amount to be transferred.

The Trojan is being distributed via SMS spam and cybercriminal's site disguising as various applications.
Read more »
surveillance
Information Security Security News surveillance

Yahoo revamps security to protect users' data from NSA


Yahoo says they have introduced few improvements in encrypting the users' data in an attempt to prevent cyber attacks and Government surveillance.

Alex Stamos, who recently joined Yahoo as Chief Information Security Officer, said that traffic moving from one Yahoo's data center to another is fully encrypted as of March 31.

The move came after whistleblower Edward Snowden leaked documents that alleged that traffic from Google and Yahoo data centers were being intercepted by NSA.

Yahoo has enabled encryption of mail between its servers and other mail providers.  Search requests made from Yahoo homepage are also now automatically being encrypted. 

Yahoo is promising to release a new, encrypted, version of Yahoo messenger within next few months.

"In addition to moving all of our properties to encryption by default, we will be implementing additional security measures such as HSTS, Perfect Forward Secrecy and Certificate Transparency over the coming months. This isn’t a project where we’ll ever check a box and be 'finished.' " Stamos wrote in the blog post.

"Our fight to protect our users and their data is an on-going and critical effort. We will continue to work hard to deploy the best possible technology to combat attacks and surveillance that violate our users’ privacy."he added.
Read more »
Security Breach
Data Breach Featured Security Breach

Spec's breach affects 550,000 customers

Texas liquor store Spec's says it experienced a cyber attack on its network  that exposed personal and financial information of more than a half million customers.

The company issued a statement saying the breach affects fewer than 5% of its total transactions.  Those who shopped at one of the 34 their affected stores were affected by this breach.

According to the statement, the attack began on October 31,2012 and may have continued through March 20 of this year.

The exposed information includes names, credit/debit card number, expiration date and card security code or check information including Bank account number, bank routing number, birth dates, driver's license number.

Spec's spokeswoman Jenifer Sarver told the Houston Chronicle that the breach affected "an estimated fewer than 550,000" customers and Spec's employees.

Spec's says it's working with United States Secret service in ongoing criminal investigation to arrest the attackers and taking steps to prevent future attacks.
Read more »
Security News
IT Security News Security News

Fake Google apps found in Windows Phone store


Both android iOS have official apps from Google,  but Windows phone users are not blessed with the Google Apps.  But, they have one official Google search app for windows phone.

Recently some of Google apps including Google Hangouts, Google voice, Google + , Google maps and Gmail were placed in the Windows phone store with the price tag of $1.99.

While the legitimate Google search app for Windows has been published with developer name as 'Google Inc', all of these apps were published by "Google, Inc".

The clear intention here is to fool the windows phone users into believe these are official apps from Google.  These fake apps were first spotted by WinBeta.

Microsoft has removed these apps from its store, after The Next Web contacted the Microsoft about the issue.

“We removed a series of apps for violating our policies concerning the use of misleading information,” a Microsoft spokesperson told TNW. "The apps attempted to misrepresent the identity of the publisher."
Read more »
Virtual Currency
Litecoin Malware Report Virtual Currency

Malware uses Your Phone to generate virtual currency for cybercriminals


Is your android mobile phone often overheating or the battery draining faster than normal? There are chances that your mobile phone is infected with a malware that will use your phone to generate money for cyber criminals.

Researchers at Lookout have spotted a new piece of malware targeting android devices on some spanish forums that distributes pirated software.

This malware, referred as 'CoinKrypt', is not designed to steal any information from the infected devices.  However, that doesn't mean that it is not harmful.  It will use the maximum computation power of your device to generate virtual currencies.

It will result in the infected device getting overheated and will affect the battery life.

The malware appears to be targeting only newer virtual currencies such as Litecoin, Dogecoin, Casinocoin.  Since, one will need high computing power to generate the popular and most valuable virtual currency 'Bitcoin', the cyber criminals didn't include the bitcoin mining process in this malware.

At this time, it is almost one million times easier to mine Litecoin than Bitcoin and over 3.5 million times easier to mine Dogecoin. Even though these newer coins are not as valuable as Bitcoins(1BTC is around $650, 1LTC is reaching $20), cyber criminals are probably hoping that one day they will reach high value like Bitcoins.
Read more »
zero Day vulnerability
Exploits Featured Vulnerability zero Day vulnerability

Opening an email containing RTF in Outlook hands your computer to hackers

How many of you are using Microsoft Outlook in your office? Previewing or opening an email containing .RTF file in Microsoft Outlook will open a backdoor for remote hackers to access your machine.

Microsoft warned today that attackers are exploiting a new zero-day vulnerability in Microsoft Word that allows them to run arbitrary code in the vulnerable system.

"The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word" Security advisory reads. "or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer."

The vulnerability affects Microsoft word 2003, 2007,2010,2013, word viewer and Microsoft Office for Mac 2011.  Advisory states that the exploits it has seen so far have targeted Microsoft word 2010 users.

Microsoft is in the process of creating patch for this security flaw.  In the meantime, they have released a temporary Fix it solution which prevents opening of RTF files in Microsoft word.

Other suggestion to prevent yourself from being victim are 'configuring the outlook to read email messages in plain text format', 'using Enhanced Mitigation Experience Toolkit(EMET)'.
Read more »
Syrian Electronic Army
Featured hacker news Syrian Electronic Army

Syrian Electronic Army gather evidence that Microsoft selling your information to FBI

A document recently leaked by Syrian Electronic Army shows that Microsoft is charging FBI secret division to legally view customer information.  The documents are said to have been taken from Microsoft.

Syrian Electronic Army(SEA) is known for hacking social media accounts and websites of top organizations including Microsoft, CNN, Daily dot and more. 

SEA allowed the Daily Dot to analyze the documents before they published in full.

The document is said to be containing emails and invoices between Microsoft's Global Criminal Compliance team and the FBI's Digital Intercept Technology Unit (DITU).

The documents shows that Microsoft charged FBI $145,100 in December 2012, broken down to $100 per request for information.  But in 2013, Microsoft allegedly doubled the amount, charged FBI $200 per request for a total of $352,200.  For the recent invoice(Nov 2013), they charged $281,000.

The information provided to FBI including Live email ID, PUID, name, address, country, IP address, Date of Registration and few other details.

Here is the screenshot of documents:





Read more »
Subscribe to: Comments (Atom)