Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

TeaMp0isoN
Breaking News TeaMp0isoN

TeaMp0isoN hacked MI6 by launching a phone-based DOS attack


The hacktivist group 'TeaMp0isoN' hacked UK's Secret Intelligence Service,MI6 by launching an automated 24-hour "phone bomb" attack.

According to Softpedia report, the hackers used a cleverly developed script to make calls to the agency’s offices for 24 hours non-stop, basically launching a phone-based denial-of-service (DOS) attack.

This attack prevents any legitimate calls from getting through.  Each time an MI6 official answered the phone, a robot voice said "Team Poison,".

Following the phone bombing, Team Poison leader "TriCk" called the secret intelligence service directly to taunt it. In a YouTube video uploaded Tuesday, TriCk, speaking with a British accent, tells the MI6 representative, "You're being phone-bombed right now, mate."



"The Counter Terrorist Command has always targeted by TeaMp0isoN purely because they help lock up innocent people who they themselves label as terrorists with no proof at all, - but the reason behind the recent phone denial of service (phone bomb) targeted at their office in London was because of the recent events where the counter terrorist command and the UK court system has extradited Babar Ahmad, Adel Abdel Bary & a few others to be trialled in the US, and we all know how the US treats innocent Muslims they label as terrorists, e.g. - Aafia Siddiqui" Softpedia quoted TriCk as saying the reason for the attack.
Read more »
Malware Report
Breaking News Malware Report

Android malware 'KongFu-L' Trojan poses as Angry Birds space game

Malware authors once again take advantage of the popular video game 'Angry Birds' to infect the smartphone users.  Sophos security researchers come across infected edition of Angry birds game which have been placed in unofficial Android app stores.

Sophos security solutions detect the Trojan horse as Andr/KongFu-L.  At first glance, the app appears to be legitimate game, but it uses the GingerBreak exploit to gain root access to the device and installs the malwares.


Once the malware infects the device, the Cyber criminals are able to send compromised Android devices instructions to download further code or push URLs to be displayed in the smartphone's browser. From there, your device will become the slave in the botnet. 


Security Tips:
Never download app from unofficial/unknown websites. 
Read more »
XSS Vulnerability
Fabián Cuchietti Vulnerability Web Application Vulnerability XSS Vulnerability

XSS Vulnerability in Amazon website ,found by Fabian Cuchietti

Security Researcher, Fabian Cuchietti discovered XSS vulnerability in the Amazon Web Services(aws.amazon.com).

POC:
https://aws.amazon.com/amis?ami_provider_id=4&architecture='%22--%3E%3C/style%3E%3C/script%3E%3Cscri
pt%3Ealert(0x015E00)%3C/script%3E&selection=ami_provider_id%2Barchitecture

It seems that the vulnerability has been fixed by vendor, the admin managed to filter html codes by converting to html special characters. Anyway we are able to retrieve the mirror of the vulnerability from XSSed.com. 

Mirror is available here:
http://www.xssed.com/mirror/77551/

Screenshot of the vulnerability
Read more »
XSS Vulnerability
Vulnerability Web Application Vulnerability XSS Vulnerability

TeamDigi7al found Vulnerability in NASA, vatican.va,weather.com


A Hacker group TeamHav0k reformed and made a new group called "TeamDigi7al".  The Hacker group become active now and exposed vulnerabilities in some high profile sites.

Hackers exposed the XSS vulnerabilities in NASA(careerlaunch.jpl.nasa.gov) , Vatican.va and weather.com. Hackers found SQL injection vulnerability in LoC(webarchive.loc.gov) and LFI vulnerability in Humboldt State University (humboldt.edu).

Hackers also hacked and dumped the Bolivian Ambassadors inbox. They upload a 62MB sized RAR file(Emails.rar) in uppit.com.
Read more »
Spam Report
Spam Report

Fake account verification email phishes for Google credentials.

Cybercriminals always strive to steal other people's credentials.these credentials protect the users accounts, hence are highly valuable.

Google ussers are being targeted with emails assumed to be comming from the Google team , confirming fake recorvery email update.



As usual, seeing  the threat of  a permanent account suspension the victim in panic will follow the instruction and link given in the mail.

So, when the user clicks the links given , the destination is a page made to look like Gmail's login page hosted on a compromised domain.

As the victim provides his account information .All this information gets stored into a database, accessed by the attackers.

After getting the victim's username and passwords, these attackers not only missuse the account for spreading this links but also sends emails to the contacts saved , for money.

Having the same username and password for a variety of Google services makes for an extremely user-friendly experience, but it also makes the impact of a compromise of these login credentials much greater.

Google has implemented new feature called 'Two step authentication system' and also a strong password recommended.

Users are advised never to follow links included in unnecessary emails and always access authenticated web pages.
Read more »
null
Hackers Conference null

Null Bangalore Meet Scheduled on 21st April 2012


Hi All,

We will have this month's null/OWASP/Garage4hackers/SecurityXploded Bangalore meetup on Saturday 21st April 2012 starting at 10.00 AM. No registrations, no fees, just come with an open mind :)

The Bangalore meet, as usual, is divided into 2 parts, the monthly talks and Training on Reverse Engineering. The Reverse Engineering training will start at 12:45 PM by the SecurityXploded/ Garage4Hackers team. The RE training for this month is completely hands-on and everyone is required to get their laptops fully charged for the exercises.

Also, we have a guest speaker from the US, Mr. Arshad Noor, who is also a speaker at the ongoing OWASP AppSec AsiaPac 2012, Sydney - Australia, who will be talking about RC3 - Regulatory Compliant Cloud Computing.

TALKS
1. Believe it or not SSL Attacks - Akash Mahajan
2. News Bytes - Satyendra
3. RC3 - Regulatory Compliant Cloud Computing - Arshad Noor

4. Practical Reversing & Unpacking Part 1 - Harsimran & Nagershwar


VENUE DETAILS
Kieon, 3rd Floor, 302 Prestige Sigma,
3 Vittal Mallya Road,
Bangalore 560001
Opposite Bishop Cottons Girls School, Above Emirates Airlines office.

Map Location: http://g.co/maps/dahhv

Parking is available in the building.

NB: As discussed in the last month's meet, we will have a basic 30 minute primer on Cross Site Request Forgery by Satish at 9:30 AM, before the main talks begin at 10:00 AM. All those who would be interested to learn, understand the basics of CSRF and to watch some cool demos are requested to be present at 9:30 AM.

Regards,
karniv0re
Read more »
Breaking News
18 Subdomain of Globo hacked by Havittaja Anonymous Hackers Breaking News

18 Subdomains of Globo hacked and taken down by Havittaja :#OpGlobo

The Hacker known as "Havittaja" continue his cyber attack against Globo Network.  Now he take down nearly 18 sub domains belong to Globo website under the operation called "#OpGlobo".

The list of Hacked sites:
  1. http://www.portalamazonia.com.br
  2. http://santos.globo.com
  3. http://opopular.globo.com/
  4. http://maisab.globo.com/
  5. http://www.tvasabranca.globo.com
  6. http://vocemultissintonizado.globo.com
  7. http://www2.oquerola.com.br
  8. http://www2.jornaldotocantins.com.br/
  9. http://hucklandia.globo.com/
  10. http://gazetaweb2.globo.com/
  11. http://maisab.globo.com
  12. http://jornaldotocantins.globo.com
  13. http://portaldaclube.globo.com
  14. http://bemstar.globo.com/
  15. http://angelica.globo.com
  16. http://copabrasildevolei.globo.com/
  17. http://cruzeiro.globo.com/
  18. http://downtown.globo.com/

At the time of writing, the above sites are seems to be down and can't accessible.Few days back, hacker DDOSed the few sub domains of Globo network. Now those subdomains are back to offline.



Read more »
Spam Report
Malware Report Spam Report

Malware infected emails sent in the name of FCI Exchange.

A large number of malicious emails are been spammed out all over the world as seized by Sophos Researchers.

The emails contained a many different patterns of message about selling out real estate that claimed to be sent by a firm called FCI Exchange.

This is a example of it :-



The main lines used in this spam message included :
We sell Real Estate notes
Performing Notes Wanted
RE notes wanted

The email also had an attachment in a zip format, in the name of 'FCI_Exchange_Report_[random number].zip'. This file contains a malicious file designed to infect windows computers.

Sophos Research Lab have updated their security products that are now able to detect this kind of malware file as Troj/Dorkbot-BL (the emails are already being intercepted as spam).

Do always check carefully these kind of emails and their attachment , it may be designed to infect your computer.
Read more »
Database Leaked
Breaking News Database Leaked

Hacker 'Hardcore Charlie' leaked another set of data belong to CEIEC

Recently,a Hacker calling himself 'Hardcore Charlie' claimed to obtained the Chinese Military contractor sensitive data and leaked the part of data. But CEIEC denied the hacker claim.

To refute CEIEC's statement, Hactivist responded again by leaking more sensitive data including US military data which he claims the firm has shared with Vietnam, Ukraine and Russia .

"When it comes to US screwed up CN will never admit to any leaks just like US admits no MIL exposure Expect more" Hacker said in twitter last Saturday.


"Frsh upd on us arm leak by cn to ukraine links to all our releases. Retweet and not let them Censor Us! http://pastebin.com/JGxdK6vw"  in one of tweet said.
Read more »
Hackers News
Anonymous Hackers Breaking News Hackers News

Anonymous hakers hacked Tunisian Prime Minister's emails


Anonymous Hackers group said it obtained over 2,700 emails belonging to the ruling party, including Tunisian Prime Minister in protest against attack on demonstrators.

"To the Tunisian government, we have kept a large part of your data secret. If you do not wish to see these published on the internet we ask you to work to the best of your ability to avoid internet censorship and to respect human rights and the freedom of expression in Tunisia," said in the video posted on a Facebook page belonging to Anonymous TN.

The mail allegedly contains sensitive data including phone numbers,election campaign invoices and bank transactions.

Government officials declined detailed comment on the security breach but said many of the emails appeared to be old.

"We are still trying to confirm if Jebali's hacked account was from before he became prime minister or after," Reuters quoted Jebali's spokesman, Rida Kezdaghli, as saying.
Read more »
Subscribe to: Comments (Atom)