Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Ubuntu
Linux Operating system Software Release Ubuntu

Ubuntu 11.10(Oneiric Ocelot) is Released ~ Upgrade Now


Recently, Ubuntu released Ubuntu 11.10.  If you interested to know how it will look like or how it works, you can take this tour. It is available in 38 language.  Ubuntu is free to use. if you haven't use ubuntu yet, then give a try now with Ubuntu
11.10.

You can download the full operating system from here:
http://www.ubuntu.com/download
or
if you have installed ubuntu 11.04 , you will be asked to upgrade to Ubuntu 11.10(that's how i come to know about it).
  
Ubuntu 11.10: Open for business
Make your IT budget go further with Ubuntu! The latest release of Ubuntu includes everything you need for your business desktop, server and cloud.

The user Interface looks good. I am curious to use it now itself but my net connection.

Few Screenshots:

Read more »
Dennis Ritchie
Dennis Ritchie

God Recruit the World Best Developer(inventor of C) , Dennis Ritchie Died

This post is dedicated to Dennis Ritchie. 

#include<world.h>
int main()
{
if(date=="08.10.2011")
{
printf("Dennis left the world ");
}
return sad;
}
  

Conversation between god and Dennis Ritchie:

Ritchie: Why did you recruit me?

God:
Men in this world breached the security of Earth(polutted). So it is going to end soon.
We planned to build better Matrix World than the earth.
We need best security so that it can't be breached.
You have invented the C and helped to develop the UNIX(Secure Operating system ever). 
We believe you are the NEO(one), you can help us to develop a Matrix world that can't be breached.

Ritchie: What about Steve Jobs?

God:  He started his work already. It is your turn Ritchie. 

Let us build Secure Matrix World.

---------------------------------
BreakThesec:
I(We) miss you so much Mr.Dennis Ritchie.  I am very big fan of your Language and the UNIX(The most secure Operating System).
I started my programming career with C(The Greatest language ever).
Read more »
Software Release
PenTesters PenTesting Tools Software Release

Browser Exploitation Framework (BeEF)~ Penetration Testing Tools

The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing.

BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. Each browser is likely to be within a different security context, and each context may provide a set of unique attack vectors. The framework allows the penetration tester to select specific modules (in real-time) to target each browser, and therefore each context.

The framework contains numerous command modules that employ BeEF's simple and powerful API. This API is at the heart of the framework’s effectiveness and efficiency. It abstracts complexity and facilitates quick development of custom modules.

Recently The Released BeEF 0.4.2.10-Alpha Version



Video Demonstration of BeEF's Metasploit Plugin
Read more »
Software Release
internet Security Security News Security Tools Software Release

Your Browser Matters ~Website to Rate the Browser Security , Microsoft


Microsoft launched a website named as Your Browser Matters for checking the security of your browser.  Whenever a visitor browse the site, It judge the browser security and return the score out of Four points.  The score is based on the protection over the Security risks such as phishing,malware and some other threats.

Looks like Microsoft launched this web application in order to create public awareness about the browser and Internet risks. 

Score Results in Different Browsers:
When i visit that site through my Firefox 6, it displayed 2 out of 4. For google chrome it shows 2.5 out of 4. I come to know that IE9 have 4 out of 4 score(i never used it).  For IE7 , it is 1 out of 4.  It refused to rate safari browser.

How the Grading System works? 

Your Browser Matters rate the browser based on the following factors:

#.Protection Against Malware/Virus Downloads(1 Point):
Internet browser must give protection against the Malware/Virus Downloads by restricting malware distributing websites. Microsoft developed IE9(Internet Explorer 9) with this protection.  IE9 scored 1 point here. But Mozilla and Chrome scored 0.

#.Blocking Phishing Sites(1 Point):
It should detect the Phishing sites and provide protection against them. IE9 scored 1, Firefox=1,Chrome=1

#. Protection Against Browser Attack(1 point):
Securing Extensions and an Effective Sandbox; also includes points for auto-updating, and a restriction for extensions and plugins. IE 9 = 1 point, Firefox = 0.5, Chrome = 1.

#. Protection Against Website Attack:
There are a lot of options here including blocking insecure content on webpages (which is kind of more annoying than what it’s worth, in my view), sanitizing HTML, and protecting against “Clickjacking.” IE 9 = 1 point, Firefox = 0.5, Chrome = 0.5.

So the total score for Firefox=2 ,Chrome=2.5 ,IE9=4.
Read more »
Server Compromise
Hackers News Server Compromise

Sony Playstation Hacked Again - 93,000 accounts compromised

Sony Security officer informed that they  detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against their network database.

These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against their network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from their Networks. They have taken steps to mitigate the activity.

Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked.

Full Update is here:Sony hacked

Read more »
Linux
Database Compromised Hackers News Linux

Linux Application WineHQ database Hacked

WineHQ database system is compromised. WinHQ is Linux Application that helps to run the .exe file inside the Linux. The hacker might get the access by compromising an admins credentials, or by
exploiting an unpatched vulnerability in phpmyadmin.

They had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

Now they removed all access to the PhpMyAdmin from outside.

Still now, there is no harm to Database.Unfortunately, the attackers were able to download the full login database for both the appdb and bugzilla. This means that they have all
of those emails, as well as the passwords. The passwords are stored
as Encrypted(Hash), but with enough effort and depending on the quality of the
password, they can be cracked .

He afraid about the users information. The attacker can use those information and get access to the Users Account. So he planned to reset the password and send to the email user.

Security Tips from BreakTheSec:
  •  Don't Use the same password everywhere.(especially use different and secure password for gmail account and other important accounts)
  • @WineHQ's users: If you use the same password anywhere else, Change it immediately.  


Read more »
Cyber Crime
Cyber Crime

111 Arrested for biggest identity theft and credit card fraud Case


A total of 111 people have been arrested in a Queens-based identity theft and counterfeit credit card operation that included bank tellers, restaurant workers and store employees, the Queens district attorney said.

The bust was the largest identity theft takedown in U.S. history, Queens DA Richard Brown said.

So far, police have arrested 86 individuals who were allegedly involved in the operation, while another 25 are being sought, the DA said.

“These weren’t holdups at gunpoint, but the impact on victims was the same,” city Police Commissioner Raymond Kelly said. “They were robbed.”

The operation was made up of five organized forged credit card and identity theft rings that were based in Queens, but had ties in Europe, Asia, Africa and the Middle East.

Members of the operation are accused of stealing the personal credit information of thousands of Americans and Europeans and costing them more than $13 million in losses over a period of 16 months, the DA said.

Nearly 25 of the defendants are charged in six indictments with participating in burglaries and robberies throughout Queens.

In one instance, four defendants have been charged with conspiring to rob a Flushing Savings Bank in Forest Hills, while another five have been charged with stealing more than $95,000 worth of cargo, which included power tool accessories and drill bits, from John F. Kennedy International Airport.

Seven defendants are accused of stealing $850,000 worth of computer equipment from Long Island City’s Citigroup Building, the DA said.

“This is by far the largest—and certainly among the most sophisticated – identity theft and credit card fraud cases that law enforcement has come across,” Brown said. “Credit card fraud and identity theft are two of the fastest growing crimes in the United States, afflicting millions of victims and costing billions of dollars in losses to consumers, businesses and financial institutions.”

A number of the defendants busted in the ring are alleged to have gone on nationwide shopping sprees, stayed at five-star hotels, rented luxury automobiles and private jets and purchased tens of thousands of dollars worth of electronics, handbags and jewelry with forged credit cards, Brown said.

It could take years for the identity theft victims to repair their credit ratings, he said.

More than 90 of the defendants have been indicted on charges of enterprise corruption under the state’s Organized Crime Control Act.

The crime ring operated between May 2010 and September 2011, defrauding thousands of customers and financial institutions, including American Express, Visa, MasterCard and Discover, the DA said.

The defendants are alleged to have fraudulently obtained credit card account numbers to manufacture forged credit and identification cards.

Once the cards were created, the defendants allegedly sent out teams of “shoppers” on purchasing expeditions in New York, Florida, Massachusetts, Los Angeles and other U.S. cities, according to the indictments.

Then, the operation would fence or resell the items on the Internet.

During one instance, members of the operation allegedly rented a private jet to take them from New York to Florida and, in another instance, members stayed at Miami’s The Royal Palm and Puerto Rico’s El Conquistor, a high-end private villa.

An investigation into the group began in October 2009 when officers assigned to the NYPD’s Identity Theft Squad looked into an operation being run out of South Ozone Park.

During that investigation, thousands of conversations in Russian, Mandarin and Arabic were intercepted, the DA said.

The recent indictments charge that Imran Khan, Ali Khweiss, Anthony Martin, Sanjay Deowsarran and Amar Singh were the “bosses” of the operation, Brown said.

Individuals working at bars or restaurants in Russia, Libya, Lebanon, China would use skimming devices to swipe a customer’s credit card information.

The stolen account numbers would be sent to a “manufacturer,” who recoded the information onto the magnetic strips of blank credit cards and then created new cards. They are also alleged to have created fake government documents, such as driver’s licenses to match the credit cards, the DA said.

The enterprise targeted specific malls to carry out their shopping sprees, including the Queens Center Mall, the Americana Mall, the Roosevelt Field Mall and several other centers.

According to the indictments, some store owners and employees aided the shoppers, while one defendant, attorney Susan Persaud, allegedly advised the enterprise on how to evade law enforcement.

One defendant, security firm owner Nelson Feliciano, allegedly allowed members of the group to create a counterfeit credit card using his business account information, which was then used to make $50,000 in purchases, the DA said. He is accused of claiming the charges were fraudulent and that he was an identity theft victim.

Additional charges brought against the defendants include identity theft, grand larceny, criminal possession of a forged instrument, petit larceny, criminal facilitation, conspiracy, criminal possession of stolen property and robbery.

source:
patch
Read more »
Software Release
Security Tools Software Release

Tweaking.com - Windows Repair (All in One) v1.4.0 Released

Windows Repair is an all-in-one repair tool to help fix a large
majority of known Windows problems including registry errors and file
permissions as well as issues with Internet Explorer, Windows Update, Windows
Firewall and more. Malware and installed programs can modify your default settings.
With Tweaking.com - Windows Repair you can restore Windows original settings.

Tweaking.com - Windows Repair (All in One) v1.4.0




v1.4.0
Removed the custom buttons from the program. It was causing the program to crash on some systems. Program is meant to repair, not look pretty, so ugly standard safe buttons it is :-)
Add new repair "Repair Windows Sidebar/Gadgets"
Changed the window size of the repair window, making it smaller and easier to fit on screen for smaller resolutions.
More code tweaks.
Read more »
Virus Attack
Backdoors Govt Hacked Hackers News Trojan Attacks Virus Attack

Backdoor R2D2 ~Government Trojan discovered by Chaos Computer Club

The Famous European hacker club, Chaos Computer Club(CCC) discovered the backdoor Trojan horse capable of spying on online activity and recording Skype internet calls which, it says, is used by the German police force.

For some years, German courts have allowed the police to deploy a Trojan known colloquially as "Bundestrojaner" ("State Trojan") to record Skype conversations, if they have legal permission for a wiretap.

But the CCC's claim is controversial, as the Trojan they have uncovered has more snooping capabilities than that. For instance, it includes functionality to download updates from the internet, to run code remotely and even to allow remote access to the computer - something specifically in violation of Germany's laws.

The malware has the following of functionality as per the Sophos's analysis:
* The Trojan can eavesdrop on several communication applications - including Skype, MSN Messenger and Yahoo Messenger.
* The Trojan can log keystrokes in Firefox, Opera, Internet Explorer and SeaMonkey.
* The Trojan can take JPEG screenshots of what appears on users' screens and record Skype audio calls.
* The Trojan attempts to communicate with a remote website.

A CCC spokesperson expressed the group's concern at the discovery:

"This refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown trojan is possible in practice – or even desired. Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system."

Was the Trojan horse really written by the German authorities?
We have no way of knowing if the Trojan was written by the German state - and so far, the German authorities aren't confirming any involvement.

The comments in the Trojan's binary code could just as easily be planted by someone mischievously wanting the Trojan to be misidentified as the infamous the Bundestrojaner.

What we can say is that the phrase "0zapftis" has raised some eyebrows amongst the German speakers at SophosLabs. It's a play on a Bavarian phrase "The barrel is open", said by the mayor of Munich when he opens the first barrel of beer at the Oktoberfest.

But there certainly have been claims of German state-sponsored cyber-spying in the past. For instance, in 2008, there were claims that the BND - Germany's foreign intelligence service - deployed spyware to monitor the Ministry of Commerce and Industry in Afghanistan.
Read more »
INTRA
Antisec Defaced Website Hackers News INTRA

UMH University(umons.ac.be) Hacked by TEAM iNTRA

Universiti de Mons-hainaut , Publications of Computer Science Institute hacked by Team INTRA.

Hacker's Message:
"I did not find the vulnerability on this site, gratz to .sfx who did though!

Just thought I'd put our name here again to increase the chances of you noticing this.

Exploited by Team Intra, via SQL Injection. Fix this, before someone more malicious comes along and decides to delete all your publications. 

Decrypted passwords:
.....
.....
.....(for security reasons we haven't publish the passwords here).
You are meant to be researchers of computer science, yet some of you can't even make a unique password? "

Hacked Website:
http://informatique.umons.ac.be/publications/index.php?page=paper_info&ID=303
Read more »
Subscribe to: Comments (Atom)