Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Web Application Vulnerability
File Upload vulnerability hacker news Malware Report Web Application Vulnerability

Thousands of websites infected via Vulnerability in WordPress OptimizePress Theme


A file upload vulnerability in the OptimizePress theme allowed attackers to infect thousands of Wordpress websites, reports Sucuri.

The vulnerability in question is at "lib/admin/media-upload.php" location that allows anyone to upload any kind of files to the "wp-content/uploads/optpress/images_comingsoon" folder.

Sucuri Team has detected that more than 2,000 websites using the Optimizepress theme have been compromised.  All of the compromised sites have been injected with iFrame to same malicious domain.

Almost 75% infected websites have already been blacklisted in Google Safe browsing.

If you are using the above theme, you are urged to immediately upgrade to the latest version.  Otherwise, you will soon find yourself victim to malware infection. 
Read more »
Malware Report
Hacking News Malware Report

Visitors to Cracked website hit with Malware attack


Cracked.com, a website serves funny videos, pictures and articles, now serves malware to visitors, warns Barracuda Labs.

According Barracuda Labs report, the attack doesn't involve any ad network.  It means attackers managed to compromise the main website itself.

The visitors to website are redirected to a page hosting exploit pack that take advantage of vulnerability in the visitors' system to serve malicious software.

The threat is only detected by 8 out of 48 Antivirus engine in Virustotal, most of top Internet security solutions fail to detect it.

It is unknown whether the problem is fixed or not.  So, users are advised to avoid visiting the cracked website until the issue is addressed.

Read more »
IT Security News
IT Security News

Starbucks iOS app stores username, password in clear text

Starbucks app, which let users to pay for food and drinks using their smartphone, could be putting user's personal information including usernames, passwords at risk.

A Security researcher has discovered the lack of security in the iOS app.  He found that the app is storing the username, email address and password in unencrypted format.

It means an attacker who got access to a phone(let's say a stolen phone) is able to extract the data from the phone.  The extracted data can be used for logging into the Startbucks.

"To prevent sensitive user data (credentials) from being recovered by a malicious user, output sanitization should be  conducted to prevent these data elements from being stored in the crashlytics log files in clear-text, if at all." researcher said.
Read more »
Syrian Electronic Army
Hacking News Phishing Attack Social Engineering Attack Syrian Electronic Army

Microsoft confirms phishing attack compromised the employee's email account

Social Engineering attacks is one of the most successful attack method- Even the system which is claimed to be 100% secure can be hacked, if an attacker is able to manipulate one employee.

We recently covered a news about the recent Microsoft's twitter account hack in which Syrian hackers compromised the email accounts of Microsoft's employees through a phishing attack.

Microsoft has finally admitted that the Syrian Electronic Army has hacked into several Microsoft employee email accounts via phishing attack. 

"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted." Microsoft spokesperson said in an email sent to Geekwire.

Microsoft said that the compromised accounts have been recovered.  They also claimed that no customer info stolen in the attak. 

"We continue to take a number of actions to protect our employees and accounts against this industry-wide issue."
Read more »
Web Application Vulnerability
Hacking News Vulnerability Web Application Vulnerability

Vulnerability in Drupal allows hackers to compromise admin accounts


A Highly critical vulnerability has been identified in the OpenID module used by Drupal affecting 6.x and 7.x versions.

The vulnerability allows hacker to compromise any accounts including Admin account.

There is another security vulnerability "Access bypass " estimated as moderately critical can be exploited by an attacker to access unpublished content.

These vulnerabilities have been patched in the latest version of Drupal 6.30 and 7.26.  The latest versions don't have any new features but users are advised to upgrade.

"[The first] vulnerability is mitigated by the fact that the malicious user must have an account on the site (or be able to create one), and the victim must have an account with one or more associated OpenID identities." security advisory reads. 
Read more »
Security News
DNS Hijacking Hacking News IT Security News Security News

New service will protect Hong Domains(.hk) from DNS Hijacking


We have recently seen several DNS Hijacking attacks. Hackers had defaced several high profile domains including Google, facebook.

Hackers normally attempt to obtain login details for the Domain admin panel through various method including Social Engineering attack.  If he succeeds, he will change the DNS records fort the websites.

By modifying DNS records, hacker can deface the website or redirect to any other malicious websites.

To make an end to such kind of attacks, a new " registry-lock" service has been launched by Hong Kong domain registrar.

"We are putting back the human factor in the verification process," South China Morning Post quoted the Internet Registration Corporation head Jonathan Shea Tat-on as saying.

The new service will require telephone call verification in order to make any changes to the existing DNS records.  Only up to three persons can be authorized to modify the records.  In addition, the server will be unlocked for just 15 minutes each time.  These options are believed to be security measures that will remove the existing loopholes in automation. 
Read more »
Security News
Cyber Security Hacking News Security News

Google acquires a cybersecurity startup Impermium

Google has added one more startup to its acquisitions list, this time it is a cyber security startup "Impermium".

Impermium, founded three years ago, had raised $9 million in funding.  The company offers advanced risk-evaluation platform for detecting fraudulent registrations and risky transactions. 

"By joining Google, our team will merge with some of the best abuse fighters in the world. With our combined talents we’ll be able to further our mission and help make the Internet a safer place." Mark Risher, CEO and Co-founder of Impermium said in the official statement.

The company thanked its valuable investors in its statement including Accel Partners, AOL Ventures, Charles River Ventures, Data Collective.

According to Techcrunch, the company is notifying its customers that it will stop the services to third-party sites.  But, the team will be working on the same core problems and technology over at Google.  Google hasn't disclosed the value of acquisition. 
Read more »
Virus Code
Android Malware Android Virus hacker news Malware Report Virus Code

Fake Minecraft Android App sold at cheap price contains virus code


A fake version of Android app "Minecraft - Pocket Edition" is found to be hosted on third-party marketplaces which contains a malware code.

These kind of fake and malicious version of apps are usually available for free.  However, cyber criminals made some exception for this app which is being sold for half of the actual price of the original app.

PC Magazine reports that F-Secure researchers have discovered a trojanized version of the Minecraft PE asking users to pay 2.50 Euros- the original app costs5.49 Euros.

The cyber criminals didn't stop by just scamming with fake version, they also added malicious code.  It will send SMS to premium rated phone numbers and sign up victims to expensive services.

Researchers have noticed that this malicious app is using a hacking tool called "Smalihook" to bypass "an authentication routine that causes it to fail to run if it does a certificate verification check and doesn't find the correct certificate". 

 The good news is that it is only hosted in some third-party app stores but not in the official Google Play store.  This is one more example why you should never trust third party app stores, always download apps from Google Play.
Read more »
Syrian Electronic Army
Breaking News hacker news Syrian Electronic Army

The Official Microsoft Blog also hacked and defaced by Syrian Electronic Army

It appears new year starts with bad luck for the Microsoft.  Microsoft has found itself under the radar of Syrian Electronic Army, one of the popular syrian hacker group known for high profile website hacks.

Few hours after we yesterday reported that Microsoft official twitter account hijacked,  their blog also got hacked by the Syrian Electronic Army(SEA).

The group managed to create an articled entitled "Hacked by Syrian Electronic Army" in the Microsoft official Technet blog(" blogs.technet.com/b/microsoft_blog/‎").


It appears the group still have access to the email accounts of Microsoft.  They also published emails sent from one employee to another employee regarding the security breach.

Now, the Technet blog is back up and functioning normally. The attack just came after the hijack of Microsoft Xbox twitter account and official twitter account of Skype.  The group also defaced the Skype's blog.

Stay Tuned at +E Hacking News to get more Exclusive information about the hack.
Read more »
Syrian Electronic Army
Featured hacker news Syrian Electronic Army

Verified Microsoft News twitter account hacked by Syrian Electronic Army



Syrian Electronic Army has hijacked the official verified twitter account of Microsoft which is used for news updates.

The hack just came after the earlier today hijack of the Microsoft xbox twitter and instagram account.

"Don't use Microsoft emails(hotmail,outlook).  They are monitoring your accounts and selling the data to the governments.  #SEA" Hackers tweeted from the @MSFTnews account.

In another tweet, hackers trolled the Internet explorer saying " Leak: The top two visited links from @IE: google.com/chrome and Mozilla.org/firefox #SEA"

*Update:
 Hackers has released an email sent from Steve Clayton, Microsoft Creative Director to other employees in Microsoft regarding the twitter account hijack.

 

Read more »
RedHack
hacker news RedHack

Turkish State Railways and Contractors Association websites hacked by RedHack


Turkish State Railways(TCDD) has been targeted by one of the world famous Turkish hacker group "REdHack".
 
The group breached the TCDD website and managed to compromise information and documents.  The group has leaked a zip file(20MB) which is allegedly containing data stolen from the organization.

The hackers also attacked Turkish Contractors Association website(tmb.org.tr) and leaked the compromised data.

"They know how to do construction , but do not know how to make the site secure .. Ten million of their money back if any of the people in the imperialist haydur RedHack there! People Redhack for hacking since 97 .." Hackers posted(translated) next to the username and password data leak.

In a separate tweet, the group also said they have infiltrate the email systems of AKP İzmir headquarters and leaked emails which are allegedly represents act of corruption.

The group also identified a HTML injection vulnerability in the tbmm.gov.tr and injected their message. 
Read more »
Subscribe to: Comments (Atom)