Latest: Digital For Tech News Click Here


Monday, 21 April 2014

Romanian Arrested for Attempting to Hack Presidency Site and for Stealing Credit Cards

0 comments



Today 37 year old Romanian arrested for attempting to hack into presidency site in an effort for gaining access to a restricted information and for stealing 62,000 credit cards.

City News ( Report in Romanian ) reported that after the investigation they got to know that the person behind these attacks was Teodor Bors located in city of Cluj Napoca.


The Directorate for Investigating Organized Crime and Terrorism says that the hacker obtained the data for 62,000 payment cards which were from 2010 to March 2014.


The hacking operations were routed through servers in China and New Zealand. The involvement of the Russians in concerned , Romanian is believed to have only given access to bank accounts with large amount of money in it.



Bors is also said that he have sold the credit cards information about 3,500 to other individuals. The criminal have transferred the money through Western Union and Money Gram as blamed that he might have been transferred to his girlfriends bank account. The criminal might have converted the money into BitCoins.



After the investigation at suspect's home they found €153,000 and $41,000  , Bors was detained or 24-Hours and they kept on asking him questions.



Today the court will decide what they should do next.
Continue reading →

Before MORE Website's Heart start bleeding it’s Better to Encrypt the entire Internet

0 comments


The Heartbleed bug crushed everyone’s faith in the secure web, but a world without the encryption software that Heartbleed exploited would be even worse. In fact, it’s time for the web to take a good hard look at a new idea: encryption everywhere.

Most major websites use either the SSL or TLS protocol to protect your password or credit card information as it travels between your browser and their servers. Whenever you see that a site is using HTTPS, as opposed to HTTP, you know that SSL/TLS is being used. But only a few sites — like Facebook and Gmail — actually use HTTPS to protect all of their traffic as opposed to just passwords and payment details.

Many security experts — including Google’s in-house search guru, Matt Cutts — think it’s time to bring this style of encryption to the entire web. That means secure connections to everything from your bank site to Wired.com to the online menu at your local pizza parlor.

Cutts runs Google’s web spam team. He helps the company tweak its search engine algorithms to prioritize certain sites over others. For example, the search engine prioritizes sites that load quickly, and penalizes sites that copy — or “scrape” — text from others.

If Cutts had his way, Google would prioritize sites that use HTTPS over those that don’t, he told blogger Barry Schwartz at a conference earlier this year. The change, if it were ever implemented, would likely spur an HTTPS stampede as web sites competed for better search rankings.
A Google spokesperson would only tell us that the company has nothing to announce at this time. So this change won’t happen overnight.


The Dispute Against Total SSL

But if HTTPS is so great, then why don’t all websites use it already? There are several disadvantages to using HTTPS everywhere, the World Wide Web Consortium’s HTTPS expert Yves Lafon told us in 2011.

The first is the increased cost. You have to purchase TLS certificates from one of several certificate authorities, which can cost anything from $10 dollars per year to about $1,000 dollars a year, depending on the type of certificate you purchase and the level of identity verification it provides. Another issue is that HTTPS increases server resource consumption and can slow sites down. But Marlinspike and Butler say the costs and resource overhead are actually greatly overestimated.

An issue for smaller sites is that it’s historically been hard to set up unique certificates on sites that use cheap shared hosting. Also, sites that used content delivery networks — or CDNs — to speed up their responsiveness also frequently faced challenges when implementing SSL. Both of these issues have been largely resolved today, though the costs, performance and complexity varies from host to host.

But even if the entire web isn’t ready to switch completely to HTTPS, there are plenty of reasons that more sites should start using HTTPS by default — especially sites that provide public information and software. And given how far we’ve already come since the days of FireSheep, we can expect HTTPS to continue to continue to spread, even if Google doesn’t start prioritizing sites that use it.
Continue reading →

Heartbleed snatched CloudFlare Crypto Keys!

0 comments


Private crypto keys are accessible to Heartbleed hackers, new data shows. Cloudflare published preliminary findings that seemed to indicate that it would be difficult, if not impossible, to use Heartbleed to get the vital key that essentially unlocks the secure sockets layer padlock in millions of browsers. To be extra-sure, Cloudflare launched “The Heartbleed Challenge” to see how other people exploiting Heartbleed might fare. The company set up an nginx server running a Heartbleed-vulnerable version of OpenSSL and invited the Internet at large to steal its private key.
Four people have been able to see server keys and certificates in a test.


The results are a strong indication that merely updating servers to a version of OpenSSL that's not vulnerable to Heartbleed isn't enough. Because Heartbleed exploits don't by default show up in server logs, there's no way for sites that were vulnerable to rule out the possibility the private certificate key was plucked out of memory by hackers. Anyone possessing the private key can use it to host an impostor site that is virtually impossible for most end users to detect. Anyone visiting the bogus site would see the same https prefix and padlock icon accompanying the site's authentic server.

The demonstration that it's possible to extract private SSL certificates means that out of an abundance of caution, administrators of sites that used vulnerable versions of OpenSSL should revoke and replace old certificates with new ones as soon as possible. Given the huge number of sites affected, the revelation could create problems.

"The bad news is that discovery changes our recommendation from: reissue and revoke as a medium priority to reissue and revoke as a high priority," Matt Prince, CEO of CloudFlare wrote in an e-mail to Ars. "We've accelerated our own reissuance and revocation process."

Cloudflare had originally reasoned that, at least on the Linux-based platform it uses, a server's certificate and private keys are usually stored in the server's memory early on after booting up, and because servers are not booted up frequently, it would be difficult to find a situation in which the block of memory that Heartbleed can be used to access (which can be up to 64Kb of information) would contain a server's private keys.

The process of revoking and reissuing certificates is unwieldy and slow even without half of the Internet trying to do the same process at the same time. “If every site revoked its certificates, it would impose a significant burden and performance penalty on the Internet,” wrote CloudFlare in a Friday blog post. “At CloudFlare-scale the reissuance and revocation process could break the Certificate Authority infrastructure.”

The company said that for its customers running on CloudFlare infrastructure, it has already begun the process of reissuing and revoking SSL certificates in stages, and expects to be done with the process sometime next week.
Continue reading →

FireEye Report Analyzes Zero-day Attacks of 2013

0 comments
 http://www2.fireeye.com/rs/fireye/images/FireEye_logo_RGB_tagline.png
FireEye, a network and security analyst agency, has published a report in which it analyzes the 2013 0days exploits along with context around the threat these vulnerabilities pose to the corporate enterprise.The report also suggests preventive and remedial measures against 0day attacks. 
The report writes that 0day exploits today are causing incredible loss to corporate industry. These exploit facilitates advanced attack against relatively out-dated security measures and cyber defense put up by organisations. 
Last year's Council on Foreign Relations and the U.S. Department of Labor were attacked exploiting 0days , FireEye said. FireEye further says that Looking beyond just blocking these vulnerabilities, FireEye forensics experts found that watering-hole attacks targeting specific audiences and industries are a rapidly rising trend in the attack space. 
 FireEyes said that during the first half of 2013, Java was common target for 0day attacks. However, in second half of the year, IE sustained increased 0day attacks. In 2013, FireEye analyzed 767,318 unique Command and Control (CnC) communications, or more than one per minute; and 22,509,176 total CnC communications, or more than one every 1.5 seconds on average. 
FireEye's latest report provides advice on how networks, incident response, and application management should be approached to deal with today's advanced, unknown threats, and recommends that enterprises take the certain actions.

Continue reading →

Connecticut under cyber attack , Hackers shutdown power grid station

0 comments


Security challenges are constantly evolving and "becoming more sophisticated and nefarious" and the ability of utilities to detect and stop penetration must constantly improve, the Public Utilities Regulatory Authority said in its report to Gov. Dannel P. Malloy, report about the hack of Connecticut.

Electric, natural gas and major water companies and regional distribution systems in Connecticut have been penetrated by hackers and other cyber attackers, but defenses have prevented interruption.
The report, required as part of legislation enacted last year, said the region's Massachusetts-based grid operator, ISO-New England, has "more sophisticated" cyber defenses than utilities do.

"ISO-NE is constantly being probed, as are all of New England's utilities, many of which have been compromised or penetrated in the past," the report said. "ISO-NE's strength, therefore, depends on both its own cyber defense capabilities and those of each of the utilities with which it works."
The report did not identify the utilities that were compromised or say how. ISO said in a statement that it wouldn't elaborate publicly on security details.

Weaker utilities in the region need to be monitored because failure in one utility could affect the resilience of the region's system, the report said.

Referring to what utilities and water companies can do to protect against threats from workers inside their companies, the report said personnel security requires a balance "between prudence and overkill.".

Regulators said a traditional reliance on employees with no criminal background is inadequate. "Terrorists, hackers and spies rarely have damaging, discoverable police records," the report said.
The report warned that compromise could come from employees with ideological or other personal identifications that "motivate disruptive behavior." And it said it's virtually impossible to thoroughly vet all employees with potential contact to operations, including maintenance, food services and other vendors.

Regulators compared the two destructive storms of 2011 and Superstorm Sandy in 2012, both of which knocked out power to much of Connecticut, with cyber-attacks that threaten utilities' reliability and resilience.

Regulators hinted at higher costs to beef up security. The possibility of cyber-attacks raises the issue of "appropriateness of cost for cyber defense," the report said.

Continue reading →

Researchers got Rewarded by $10,000 for Reporting XXE Vulnerability in Google

0 comments


A critical bug XXE vulnerability has been found by researchers which let researchers access the internal files of Google's production servers. Sounds surprising but it has been really found by hackers which let hackers read any internal files.





As shown, the vulnerability was in Google Toolbar Button Gallery. Team of Researchers found a bug when they noticed that google allows users to customize their toolbars with adding new buttons. For developers its easy to make their own new buttons by uploading XML files containing Meta Data for styling.



This vulnerability can be called as "XML External Entity(XXE)" or "XML Injection". The researchers crafted there own buttons, by uploading it they gained access to internal files of Google Production server like they managed to read "/etc/passwd" and "/etc/hosts".

The team of researchers reported the vulnerability to Google  as we all know , Google is having a famous bug bounty program, When they reported XXE vulnerability to Google so they rewarded the researchers which $10,000 for identifying bug in search engine's feature.
Continue reading →

Mozilla Named Chris Beard as Its Interim CEO

0 comments


Mozilla announced Chris Beard as its new interim former chief marketing officer replacing Brendan Eich as he resigned last April. Bread has also taken the place of Eich on Mozilla corporation board.

Brendan Eich , The former CEO and creator of JavaScript , He was forced to leave the job after 11 days of his job as it was revealed that he donated to a campaign to ban same-sex marriage.

"We began exploring the idea of Chris joining the board of directors some months ago,"  says the executive chair-women Mitchell Baker on company's blog.

 "He’s been actively involved with Mozilla since before we shipped Firefox 1.0, he’s guided and directed many of our innovative projects, and his vision and sense of Mozilla is equal to anyone’s. I have relied on his judgement and advice for nearly a decade. This is an excellent time for Chris to bring his understanding of Mozilla to the Board." Mitchell Baker continued

While the Beard is only interim CEO , the board still searches for someone to take place of Eich on permanent basis. Brendan Eich was promoted to chief executive on 24 March. Mozilla had to face criticism as Eich donated $1,000 to a campaign to ban same-sex marriage. 


Ten days later , Eich resigned.
Continue reading →

What Experts Say on Possible Cyber Attacks

0 comments


Experts say the keyboard can create more disastrous results than a bomb or natural disaster. Cyber attacks what many fear are the new face of terrorism.
In April 2011, tornadoes hit Alabama hard, wiping the power supply to millions of homes for days. Could the results of that natural disaster be recreated by man in the form of a cyber attack?
For those in the industry of preventing cyber attacks, it's a continuing game of cat and a click of a mouse. For the Tennessee Valley, the heart of power generation lies with TVA and nuclear power from Browns Ferry.
Rob Arnold heads up the team of trained professionals who oversee cyber security operations for TVA. Right away, Arnold put even the chance of a cyber induced nuclear meltdown to rest.
"It's not theoretically possible for an individual at home on his laptop to control our plant centrifuges," said Arnold, Enterprise Cyber Security Manager.
That's because none of the reactors are connected to the internet - their controls are hard wired into the facility. That's not to say organized crime hasn't tried other avenues.
TVA officials recognize cyber hits to its business network in the form of "commercial grade mal-ware or recreational espionage," where hackers try to tap into the computers that control TVA's administrative functions, or internal emails, and customer information. That includes "phishing attacks," where hackers literally fish for information a little bit at a time.
So years ago, TVA separated their business network from their control systems that operate equipment to give hackers less ability to take down all of TVA at once.
"TVA recognizes the threat to our cyber security," said Arnold. "We are a high valued target because we are a federal corporation, we're a government entity, and we understand those threats."
An eye opener came on April 27th 2011, where tornadoes caused the worst damage TVA had seen in 40 years.
"That event showed us our weaknesses," said Arnold. "Some of the lessons learned is we had to do some of the same things with our information technology as well and put redundant paths, redundant communications whether it be satellite, whether it be microwave communications because we lost a lot of those capabilities at that time."
However, with all that protection in place for outsiders, what about those on the inside? For example, internal sabotage. The same people who know to fix problems at TVA know how to create them, too.
"Without a doubt, the possibility exists," said Arnold. "We do background investigations, pre-employment on individuals, we do clearance checks."
Officials at TVA seem to be more worried about a "hybrid attack," where a cyber attack and a physical attack like on a substation happen at the same time.
Last year, crooks skipped the web and went straight for a California power grid by opening fire on an electrical substation, knocking out 17 giant transformers and power to millions of customers.
TVA has never seen that kind of attack, but industry leaders believe if it was copied across the nation, it could take down the U.S. electric grid.
Industrial Cyber Expert Bryan Singer said hackers aren't always in it to create the biggest splash; sometimes it's just about creating a nuisance and costing a company millions of dollars.
However, if a company invests in protection up front, it will pay off later.
"We'll always be somewhat behind on the latest attack trend, yes," said Singer. "However, there's not been a single attack trend I've seen that a well-designed, robust system architecture can't prevent against."
Local industry leaders are starting to share ideas. The Cyber Huntsville organization pulls experts in the field together to collaborate and raise the level of awareness in the cyber community and educate younger minds in the process.

                                                                                                                                               
Continue reading →

Hacker Transfer $1.7 million From School Fund

0 comments

Social Engineering is a part of hacking technique which is easily be done. U.K.'s St. Aldhelm's Academy loses $1.7 Million when they receive a Phishing Email – a Spoo email from their bank which asked for the bank account details. 

The finance staff didn’t check for its authentication and gave all the details in reply to that e-mail. They even didn’t recognize it’s fake until they loss more than 1 million.



These were the funds taken as a loan from Department for Education's Education Funding Agency for the building. The school is now paying it back without even using it in right place for what actually they taken for.



The school has placed a report and police is still investigating.
Continue reading →

Three Hackers Arrested in South Korea, Self-Described as ‘Anonymous’

0 comments


Latest arrest in South Korea is against cyber-attack.

The Chosun Ilbo reports that two teenagers and a university student were recently arrested for threatening to launch cyber attacks on the South Korean government on April 14, 2014.

The three, surnamed Kang, 17, Bae, 14, and Woo, 23, posted a YouTube video on March 21, 2014, stating, "To the Government of South Korea. We are watching you, and We Expect for the changes of the Korean Government. ... This is the LAST WARNING MESSAGE for Korean Government. In April 14th 2014, Expect Our Revolution and You CAN'T STOP US!!"

According to the police, the threat was a prank.

While Kang and Bae had met via Anonymous' Facebook and Twitter pages and Kang claimed to be a member of Anonymous, none of the three appears to have any hacking skills. "Police became suspicious when Anonymous denied the attack plans," the Chosun Ilbo reports.

These three have been charged with threatening to launch cyber attacks against the Korean government.
Continue reading →

Websites might be rewarded for strong encryption by GOOGLE

0 comments


When Heartbleed is the most common and popular vulnerability now-a-days, INTERNET SEARCH AND ADVERTISING HULK Google is considering giving websites that use strong encryption preferential placement on its search listings.

Matt Cutts, Google senior engineer has hinted at this. Cutts was talking at the SMX West conference in San Jose, California, when website hacking came up and he talked about Google responses to it.
He said that rewarding secure websites will save Google time whenever a fresh security panic sweeps the internet, according to Time magazine.

"We don't have the time to maybe hold your hand and walk you through and show you exactly where it happened," was what he reportedly said at the SMX event last month.

No one is expecting the change to happen anytime soon, however Google is throwing resources at Heartbleed, which is a much more immediate issue,
Google is one of the few outfits that had prior knowledge of the OpenSSL vulnerability, and now, almost a week later, it is still reacting to it.

In an update to its Online Security blog it suggested that some of its users should establish new encryption keys immediately.

"In light of new research on extracting keys using the Heartbleed bug, we are recommending that Google Compute Engine (GCE) customers create new keys for any affected SSL services. Google Search Appliance (GSA) customers should also consider creating new keys after patching their GSA," it wrote yesterday.

"Engineers are working on a patch for the GSA, and the Google Enterprise Support Portal will be updated with the patch as soon as it is available."

In March, following PRISM revelations, Google began to step up encryption of its services, and applied extra security to email, searches and servers.
Continue reading →

Scammers suspected for stealing millions and infecting computers through 'Zeus'

0 comments



Nine people linked with 'Zeus' malware have been blamed for stealing million and infecting thousands of computers, federal officials announced on Friday as they declared the code "one of the most damaging pieces of financial malware that has ever been used."

A blame in PDF File has been unsealed Friday charges nine people, most of them belongs to Ukraine. The authorities said that the defendants used 'Zeus' to steal passwords , accoutn numbers and personal identocation numbers.




According to the Justice Department , Kulibaba approximately ran 'the conspirators' a money laundering network in U.S which provided money mules and their banking credentials from U.S based victims accounts.

First seen in 2007 , malwares based on 'Zeus' infected millions of computers world wide. In 2010 a study by company RSA  a network securioty company conlcuded that 500 companies showed evidence of some form a 'Zeus' botnet infection.

Zeus was being sold as a commerical product on $700 price and Its source code was posted in many forums in 2011 by several hackers.
Continue reading →

Microsoft’s free Threat Modeling tool updated

0 comments


According to Tim Rains, director of Microsoft Trustworthy Computing Microsoft’s threat modeling tool updated with new features designed to offer organizations more flexibility and help them implement a secure development lifecycle.

"More and more of the customers I have been talking to have been leveraging threat modeling as a systematic way to find design-level security and privacy weaknesses in systems they are building and operating," blogged Tim Rains. "Threat modeling is also used to help identify mitigations that can reduce the overall risk to a system and the data it processes. Once customers try threat modeling, they typically find it to be a useful addition to their approach to risk management."

The latest version of the tool includes the following new features:
•    New Drawing Surface this new release has its own drawing surface and Visio is no longer needed.
•    STRIDE per Interaction Big improvement for this release is change in approach of how we generate threats. Microsoft Threat Modeling Tool 2014 uses STRIDE per interaction for threat generation, were past versions of the tool used STRIDE per element.
•    Migration for v3 Models Updating your older threat models is easier than ever. You can migrate threat models built with Threat Modeling Tool v3.1.8 to the format in Microsoft Threat Modeling Tool 2014
•    Update Threat Definitions We over further flexibility to our users to customize the tool according to their specific domain. Users can now extend the included threat definitions with ones of their own.

Further he wrote "Microsoft Threat Modeling Tool 2014 comes with a base set of threat definitions using STRIDE categories," blogged Emil Karafezov, program manager on the Secure Development Tools and Policies team at Microsoft. "This set includes only suggested threat definitions and mitigations which are automatically generated to show potential security vulnerabilities for your data flow diagram. You should analyze your threat model with your team to ensure you have addressed all potential security pitfalls."

"We hope these new enhancements in Microsoft Threat Modeling Tool 2014 will provide greater flexibility and help enable you to effectively implement the SDL process in your organization," he added.

Continue reading →

Malicious Android version Adobe Reader.

0 comments


The Adobe PDF Reader - android version contains a security bug that could allow an attacker to compromise documents stored in reader and other files stored on the android's memory card.
According to a security researcher the problem is because of few insecure Javascript interfaces.  These Javascript interfaces allow an attacker to run malicious Javascript code inside Adobe reader.

"An attacker can create a specially crafted PDF file containing Javascript that runs when the target user views (or interacts with) this PDF file" security researcher Yorick Koster said.

Researcher has successfully verified the existence of vulnerability in the version 11.1.3 of the adobe reader for Android. The bug has been fixed in the latest version 11.2.0.

He also have released a poc code that will create '.txt' file, when an user open the specially crafted .pdf on vulnerable version of reader. And that makes bug easily to be worked for the hacker.
Adobe needs to take serious notice on such stupid bugs which are harming users data and also creating user a lack of trust to ADOBE.
Continue reading →

Brazil Government Under Attack

0 comments
Recently we got to know that a hacking group of Brazil named "Dk Brazil Hack Team" hacked their own country's government sites. After watching the record of their defacing at Zone-h, we got to know that this hacking group is mostly targeting Brazil Government. There might be many reasons for this attack, but this site is hacked for one reason which is that these hackers are against government somehow.




By looking at their deface page, at the end it shows that this hacking group is defacing since two years. As we told , this team is mostly involved in hacking brazilian government sites but they don't only target brazil. They are even defacing indian and other countries common sites.

As we all know, things are happening that we can't expect. Till now , the most active hackers nowadays are from Pakistan as Pakistani hackers are defacing and coming on news for defacing famous and popular websites. Other hackers like Indians etc are quite and mainly focussing on learning.

As we all know , while defacing hacker should be vigilant as he don't have to leave any traces behind on server like logs. This brazil government site was on Wordpress , which is easy to hack as it have many plugins vulnerable to public exploits. The hacked site can be found below:-




  • http://camaracrateus.ce.gov.br/
Continue reading →

Oracle working on Heartbleed fixes

0 comments


Oracle has emitted its formal advice about Heartbleed, revealing it has 13 products that need a patch and 14 more “which may be vulnerable”. Oracle points out that all its cloud services should be Heartbleed-proof and that six of its products – including Oracle Linux 6 and Solaris 10.2 – were vulnerable but can be patched with existing updates.


The news is not so good for the following products, as Oracle puts them in a bucket containing software that is “likely vulnerable but for which no fixes are yet available.”
1.    BlueKai
2.    Java ME - JSRs and Optional Packages
3.    Java ME - Mobile and Wireless
4.    MySQL Connector/C
5.    MySQL Connector/ODBC
6.    MySQL Workbench
7.    Oracle Communication Application Session Controller
8.    Oracle Communication Session Monitor
9.    Oracle Communications Internet Name and Address Management
10.    Oracle Communications Interactive Session Recorder 5.1
11.    Oracle Communications Network
12.    Oracle Communications WebRTC Session Controller
13.    Primavera P6 Prof Project Management

Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues.

Big Red also has another list of “products still under investigation, which may be vulnerable”. That list includes Oracle-branded fiber channel switches from Cisco and Qlogic, and the Sun Storage Common Array Manager.

Oracle has not, however, committed to a timetable to deliver patches. The post we've linked to says “Global Product Security will continue to follow up with the various product development teams within Oracle to monitor the creation of the appropriate fixes, determine whether additional products may be affected, and whether updated mitigation instructions are required.”
Continue reading →

Harley Medical Group (Cosmetic Surgery Firm) Hacked

0 comments


For money or sometimes to tease hack of websites are done in this era of technology.

A leading cosmetic surgery provider has been hacked by a computer hacker who may have accessed details of nearly 500,000 people considering procedures.

The Harley Medical Group said it believed the cyber-attack was an attempt to extort money from the company and it had contacted police.
Around 480,000 initial inquiry forms submitted online may have been accessed and they include a potential client's name, address and telephone number, the company confirmed.
The form also lists cosmetic procedures, including breast enlargements, liposuction and tummy tucks, in which potential clients can express an interest.

The Harley Medical Group - which has 21 clinics across the UK - has insisted that confidential clinical and financial information was not accessed.

The company's chairman, Peter Boddy, has also written to people whose details may have been accessed to apologize.
A spokesman for the Harley Medical Group said: "We acted immediately when we became aware that an individual had deliberately bypassed our website security, gaining access to contact information from initial inquiries, in an attempt to extort money from the company.

"The police and the Information Commissioner were notified and we contacted everyone whose inquiry may have been accessed to apologize and to reassure them that all clinical and financial records remain totally secure.

"We have taken action to further strengthen the security around website inquiries."
An ICO spokesman said: "We have recently been made aware of a possible data breach involving the Harley Medical Group.

"We will be making inquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken."

The police is working on it and The Harley Medical Group hope soon or later the hacker will be arrested. But it is still not sure about details of clients that what hacker is going to do of them.
Continue reading →

50 million Android Phones vulnerable to Heartbleed , Data shows

0 comments


Atleast four million android phones from U.S and tens of millions of android phones from world wide are vulnerable to the security flaw named "Heartbleed" which is now over-populated.

According to Google's announcement, Every device which is running android "Jelly Bean" software which means Android 4.1.1 released in 2012 is vulnerable.

Using data provided by the firm Chitika , It is the first time when an accurate estimate has been done on vulnerable devices. The android devices which are running Android 4.1 or 4.2 are not at risk.

Google has not provided the number of vulnerable android devices but they have indicated that the figure is less than 10% of world wide activated devices. It could be huge number as Google have activated about 900 million devices running with Google services world wide,  and there are hundreds of devices in China without Google services which is not shown in Google's system , that devices in China might be running vulnerable version.

"More than 80% of the people running Android 4.1 which have shared its data without looking are all affected," Marc Rogers, principal security researcher at the San Francisco-based company told.

Google released the first version of Android 4.1.1 in July 2012 which brought a bug fix for Nexus 7 tablets.

Only the version 4.1.1 uses the vulnerable version of OpenSSL as Google noticed it on a blog which was discussing the bugs affecting on Google products.
Continue reading →

Pakistani hackers hacked BJP Junagadh website

0 comments

"This is purely an attempt to get votes by playing the communal card ahead of the election" said by Gujarat Pradesh Congress Committee's President Arjun Modhwadia. These were his comments when news came about the hacking of BJP Junagadh website.



According to the officials of BJP the website shows some anti-view of party which may harm the good image of party in their voters. Some resources say this is done by a Pakistani Hacker “Sniper haxXx” who is been responsible for many hacked websites of India in recent past.








Sniper haxXx is been hacking many websites specially which were anti-Pak but this time they have hacked a political party’s website just to break their GOOD image so that they may not get good votes and can get no victory in elections – this is what BJP believes.



Police has reported the complaint about this and has started search to find the responsible people of this hack. Now BJP has to wait for some time no one can say for how long to get this case be resolved.



Some defacement-mirror of website shows, the hack appears to have taken place in February.  It is unclear whether these local reports referring this incident or the website got defaced again. The comments of opposite party’s presidents can never be taken as for granted, you never know what political parties can do.
Continue reading →

HeartBleed - Critical Crypto Bug Exposes Yahoo Mail

0 comments

OpenSSL is considered as a certificate for security but what when OpenSSL itself have a bug. That’s the reason Yahoo mail’s passwords were exposed. Heartbleed is a bug which is the result of a mundane coding error in OpenSSL. 



OpenSSL is for implementing HTTPS encryption in websites, e-mail servers, and applications. The result of a missing bounds check in the source code, Heartbleed allows attackers to recover large chunks of private computer memory that handle OpenSSL processes. The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.












After this bug and a huge loss to Yahoo Mail, OpenSSL developers have released version 1.0.1g that readers should install immediately on any vulnerable machines they maintain. But given the stakes and the time it takes to update millions of servers, the risks remain high.



This worked as by sending many requests at a time and get an entry into website through a hole because of heavy traffic. The bug allows to eavesdropping in a website who is using OpenSSL library.



The OpenSSL patch is only the starting point on the path of Heartbleed recovery. Website operators should strongly consider replacing their X.509 certificates after applying the update and getting all users and administrators to change passwords as well. 



Many websites have started to ask their users to change their passwords as soon as they have applied patch in their servers after knowing this attack and one of the example is most popular music website SOUNDCLUD.COM.



It's NOT probably so early for users to replace passwords across the board, but for sites they know have received the OpenSSL patch, it may be a good idea to change login credentials. People who are truly security conscious may want to change passwords a second time if they notice a patched site later updates its digital certificate.



It’s better to take step than cry later.
Continue reading →

Google kept the Heartbleed Bug hidden from Government

0 comments



As the Heartbleed bug has been over-rated as thousands of websites were vulnerable to the exploit. Heartbleed might be one of the most famous bugs which have been over-rated  and the most famous exploit ever discovered till now but the researchers which found this exploit didn't revealed it to the world.

In the days of discovery of the bug , Different companies are working on its patch as its a serious bug which should be patched before the site is exploited , Oracle is working on Heartbleed bug fixes as we have heard.


Including big companies websites and other hundreds of website are vulnerable to Heartbleed bug and the companies have warned its customers about the bug exploitation and Oracle is working on its patches.

According to the report published by Sydney Morning Herald , NSA was blamed that NSA knew about the Heartbleed bug from a long time but they didn't leaked it.

After Bloomberg article was published last week, the agency spokesman Vanee told the Time Magzine that,  “NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report. Reports that say otherwise are wrong.”

The Google security researcher Neel Mehta discovered the Heartbleed bug on March 21 or before as SMH reported and by the evening the company created a patch for the vulnerability, The NSA too discovered the vulnerability.


“Eliminating the vulnerabilities — ‘patching’ them — strengthens the security of US government, critical infrastructure, and other computer systems,” the group urged President Barack Obama.



The mos interesting thing is that when Google discovered the Heartbleed vulnerability on March 21 so they even patched this vulnerability till the evening. 
Continue reading →

Controversial appointment of Condoleezza Rice’s in Dropbox board

0 comments


When Dropbox is already in pain, appointment of Condoleezza Rice to board has grown more pains, but this time the hubbub concerns privacy and PR versus performance issues.

That appointee Dr. Condoleezza Rice, is both former Secretary of State and National Security Advisor.

Dropbox also confirmed two other leadership hires at that time: the promotion of Sujay Jaswa to chief financial officer and the addition of former Motorola Mobility CEO Dennis Woodside as chief operating officer.

At this point in time, it doesn't look like Dropbox is going to budge to users' fury, which has already spawned a group of protesters rallying around the hashtag "#DropDropbox."

The collective outlined a number of points as to why they think Rice should be removed from Dropbox's board, much of which concerns government surveillance and privacy concerns.
This is all the more heightened following the revelations about the National Security Agency's previously-secret data mining program, PRISM, which came to light last June via documents leaked by former government contractor Edward Snowden.

In those documents, the datacenters belonging to at least nine tech giants were used as sources for the PRISM program. Dropbox was not among that pool, but it was said to be next on the list.
Dropbox CEO Drew Houston finally issued a response on Friday afternoon, emphasizing the company's commitment to user privacy while also defending the decision to keep Rice on the board.
He wrote:
“We should have been clearer that none of this is going to change with Dr. Rice’s appointment to our Board. Our commitment to your rights and your privacy is at the heart of every decision we make, and this will continue.
We’re honored to have Dr. Rice join our board — she brings an incredible amount of experience and insight into international markets and the dynamics that define them. As we continue to expand into new countries, we need that type of insight to help us reach new users and defend their rights. Dr. Rice understands our stance on these issues and fully supports our commitments to our users.”
Continue reading →

Harvard University students Launched a new Social website “Skamster”

0 comments




Students from Harward university have recently launched a new social website known as "Skamster". The website have its own customise script with cool features.

website is going viral as at First day of launching it got more then 600+ Registered members.

Website is being getting popular within hours as a result facebook ban its link on its website, how ever many of pages groups and people are being seens in sharing this website.

After the recent exposure of NSA surveillance lets see Skamster keeps on supporting  Freedom of Speach and anti censorship or become puppet of NSA like Others.
Continue reading →

FBI raided Hacker , who hacked University for security reasons

0 comments

An employee of Baltimore-based software consulting firm on a project for the University of Maryland (UMD) got raided by FBI because he hacked his own company where he was working. Helkowski mentioned about a vulnerability of system but was not getting serious. Because of being ignored he revenged UMD and hacked the system and made them sure that he was not wrong.




He was raided on his house when he came back from dinner with his wife where police was already waiting for him in his house. Helkowski said that he cooperated fully with the agents. “During the RAID I provided my 20+ character system encryption password, my Keepass password, the location of my keyfiles, and a full description of everything. I basically 'confessed' everything to the FBI already. My stance is that I did nothing 'morally wrong.' My attempt the entire time has been to help the university improve their security.”



And the staff memo published by the University of Maryland from Ann G. Wiley, UMD’s interim vice president and chief information officer, Wiley wrote, “The FBI has informed the University that the intrusion resulted in no public release of any information and no damage to the institution, except for the release of personal data of one senior University official, who has been notified. We are unable to comment further on the intrusion at this time." 



Hacking could be done for any reason whether for revenge or for fun and this is the practical example of it. Let’s see what is going to happen with Helkowski when he hacked into system just to let  them sure that he was not wrong and system did have vulnerabilities.

Continue reading →

VMware’s ‘vSphere vuln’ patches released to overcome man-in-the-middle

0 comments


VMware has released an update to its vSphere Client which reports a potential – but hard to target – man-in-the-middle vulnerability for the virtu-lization tool.

The company said that users running vSphere Client 4.0, 4.1, 5.0, and 5.1 for Windows were vulnerable to a flaw that allows the client to download and install untrusted updates. Were an attacker to exploit the flaw, VMware said that users could be subject to remote code execution attacks via a malicious link or redirect.

Whereas systems running vSphere Client 5.5 are not vulnerable to the flaw.

Steve Pate, chief architect at virtualization security firm HyTrust, said that while administrators should always make sure users are running fully patched software, the risk of attacks targeting this vulnerability in the wild are likely to be low.

Pate explained that in the case of the vSphere Client vulnerability, an attacker would have to get in the middle of an update chain that runs when the vCenter Server platform is updated and no longer matches the end user's version of the vSphere client, at which point the vulnerable component is launched.

The update comes just two days after VMware told users that 28 of its products contain versions of OpenSSL subject to the infamous Heartbleed security flaw.

The company has yet to roll out a fix for that flaw as it releases the patch for the vSphere Client vulnerability. Still, administrators need not fret much over their VMware products, Pate said.
He prominent that as few VMware implementations directly face the public web, the risk posed by Heartbleed will be lower than that of platforms and applications that are more readily accessible to potential attackers
Continue reading →

Hackers Stole 200,000 South Korean Credit Cards Data

0 comments


Hackers stole the personal information of about 200,000 South Korean credit card users, making some fake credit cards and rack up fraudulent charges about $115,400.

The Financial Supervisory Service said that several suspects had late last year hacked into firm card managing payment processing terminals and extracted datas such as numbers, expiry dates and passwords for a point-amassing loyalty card.

The suspects exploit that some of the users had been using the same PIN numbers and or passwords for the both credit cards and loyalty card to create fake card to charge items earlier this year.

South Korean Police , the one which are investigating have so far identified 268 different cases of wrongful chatges. The leaked information , including cards issues by the biggest cards firm, Shinhan Card which didn't included pin numbers or passwords .

The hacking of the credit cards almost destroys credit cards owner's life as the hackers card things from the money of other persons but carders are the most wanted people in the list of agencies as every step is dangerous for carders.

Some even card things for others like other people buy hacked credit cards like 200,000 credit cards were hacked so same like this people buy hacked credit cards and provide to carder so they can card anything that they wish to have but this thing is wrong that you buy things for your ownself on others money.
Continue reading →

‘Oversight’ causes an error HeartBleed; says it’s Developer

0 comments


Robin Seggelmann, a programmer based in Germany, submitted the code in an update submitted at 11:59pm on New Year's Eve, 2011. It was supposed to enable a function called "Heartbeat" in OpenSSL, the software package used by nearly half of all web servers to enable secure connections.
He says the "Heartbleed" vulnerability to the open-source code used by thousands of websites says it was an "oversight" – but that its discovery validates the methods used.

His update did enable Heartbeat, but an "oversight" led to an error with major ramifications. But it accidentally created the "Heartbleed" vulnerability, which has been described as a "catastrophic" flaw which laid the contents of thousands of web servers open to hackers.
Seggelmann worked on the OpenSSL project during his PhD studies, from 2008 to 2012, but isn't involved with the project any more.

It has also been discovered in Cisco and Juniper routing gear, which could mean that hackers could capture sensitive data such as passwords passing over the internet.

He said that the mistake has nothing to do with its festive datestamp. "The code… was the work of several weeks. It’s only a coincidence that it was submitted during the holiday season.

"I am responsible for the error," he continued, "because I wrote the code and missed the necessary validation by an oversight. Unfortunately, this mistake also slipped through the review process and therefore made its way into the released version."

Open source

OpenSSL is an open-source project. The software is developed by a small community of engineers, giving their time for little or no reward, and releasing it free of charge to anyone who needs it.
For security software, that model is typically seen as advantageous, because the more people examine a line of code, the more chance there should be of some weakness coming to light. Additionally, it prevents "security by obscurity", whereby the bulk of the protection comes from people not knowing how the security software works – which can result in the whole edifice tumbling down if that confidential information is released or discovered externally.

Instead, Seggelmann blamed the lack of resources that OpenSSL has to work with. "OpenSSL is definitely under-resourced for its wide distribution. It has millions of users but only very few actually contribute to the project."

How Heartbleed works

The flaw which actually leaks data in the Heartbleed bug is almost painfully simple.
It relates to a function called Heartbeat which exists in "Transport Layer Security" (TLS), the system used to protect confidential data when surfing the web. Heartbeat is used to keep connections open, even when no data is being shared.

When it works properly, a user's computer sends a Heartbeat packet to the server. The packet simply contains a chunk of random data, and a note saying how much data it's sent; the server receives the packet, and then sends back exactly the same data, confirming that it's listening.
The problem which can be exploited in a Heartbleed attack involves the attacker's computer lying about how much data it has sent: it sends over a single byte of information, but tells the server that it has sent 64KB instead. The server makes a note, and knows that it has to send 64KB back, but doesn't have a full 64KB of data.

What pushes the error into a full-blown catastrophe is that the server then fills the rest of the packet with any other information which its memory at the time.

A computer's memory is where it stores information about the tasks it's working on, and so the data which it pulls into the Heartbleed packet is related to the other queries it's responding to. At Yahoo, that included usernames and passwords of users logging in at the same time; at DuckDuckGo, it was the full text of search queries. The researchers who discovered the bug also say it can include SSL keys, which would let an attacker decrypt conversations captured months before.
Continue reading →

55,000 Social Security Numbers exposed in the security breach of VFW.org

0 comments



The Veterans of Foreign Wars  recently began notifying their users that hackers hacked into VFW.org  and hackers were able to see their users personal information. 



In February 2014 , Veterans of Foreign Wars bitterest was hacked by hackers and hackers planted a malicious code , when ever any visitor visited their website with vulnerable version of Internet Explorer , The user is infected. This attack is believed to be done from China.



After the investigation it shows that names ,  security numbers and other personal details of about 55,000 users have been leaked because of VFW.org security breach. The letter dated April 4 said that VFW got to know about the security breach on April 4.



"VFW has been informed that the purpose of the attack wasn't identity theft, but rather to gain access to information regarding military plans or contracts"  says the letter.



VFW says that they're offering one year free of identity theft protection to the affected users.

 
Continue reading →

China’s Elite Hacking Unit Disappeared Inexplicably

0 comments


The company that helped uncover major online security breaches from China last year says exposing the hackers had the effect of shutting them down — at least temporarily.

Last year, the New York Times reported on what it believed to be an elite Chinese military unit that had been sitting on its networks, quietly spying on it and countless other U.S. companies. The news kicked off months' worth of debate about America's exposure to cyberattack.

The unit, labeled as "Advanced Persistent Threat 1" or APT1 by the independent security firm Mandiant, usually communicates with the malware it has installed in various targets year-round.
According to a new report from Mandiant published on Thursday, APT1 ceased virtually all its activity in early 2013.

An unusual behavior for this group was compared to previous years. And found an abnormal pattern compared to other threats Mandiant tracks and that it says are based in China.

After the Times report, this advanced persistent threat didn't stop its activities for more than a couple months. If anything, its command and control communications seemed to intensify in late summer last year compared to previous years.

"This is actually fascinating evidence (data in graphs by Mandiant) that shows that you have an adaptive adversary," said Allan Friedman, a cybersecurity scholar at George Washington University. "If we interpret this as a fairly complete sample, then it looks like they shut down things as soon as this information was published."

That's supported by another finding in the Mandiant report showing that APT1 abruptly changed the IP addresses it was using to access its malware when Mandiant issued its own profile on the hacking unit.

The drop in activity may also suggest that "naming and shaming" by the United States is a viable tactic, said Jason Healey, a cyber-scholar at the Washington-based Atlantic Council.
What's still unclear is who arranged the change in behavior. It's possible that higher-ups in the Chinese government were not aware of what APT1 was doing, said Friedman. If that's the case, he said, then upon seeing the U.S. reports, Beijing may have called down to stop the activity because it didn't serve China's strategic mission. But Friedman adds there's also a chance that APT1's espionage was part of an officially sanctioned program, and that when APT1 was detected, its tactics changed simply to limit the Chinese government's exposure to criticism.
Continue reading →

VPN is Still Vulnerable to Heartbleed

0 comments


Researchers earlier this month guessed heartbleed had infected two-thirds of all Web servers, and researchers at Sucuri reported Friday that just 2 percent of the top 1 million websites on the Internet remain infected and all of the top 1,000 sites have been patched against the OpenSSL vulnerability but Mandiant tracks a scary new attack vector--VPN user sessions.

But also on Friday, Mandiant researchers reported an attack they tracked beginning on April 8 in which an attacker "leveraged the Heartbleed vulnerability in a SSL VPN concentrator to remotely access our client's environment," culminating in the hijacking of "multiple active user sessions."
Mandiant said the attackers exploited the security vulnerability in OpenSSL running in the client’s SSL VPN concentrator to remotely access active sessions.

This is just the latest in an escalating series of attacks leveraging Heartbleed, which is a problem in OpenSSL’s heartbeat functionality, which if enabled, returns 64KB of memory in plaintext to any client or server requesting a connection. Already, there have been reports of attackers using Heartbleed to steal user names, session IDs, credentials and other data in plaintext. Late last week came the first reports of researchers piecing together enough information to successfully reproduce a private SSL key.

Mandiant said the attacker was able to steal active user session tokens in order to bypass the organization’s multifactor authentication and VPN client software used to validate the authenticity of systems connecting to network resources.

The Mandiant researchers recommended that all organizations running remote access software and appliances determined to be vulnerable to the Heartbleed exploit both upgrade with available patches immediately and review their VPN logs to see if an attack had occurred in the past.
Continue reading →

iBanking - Android app! helping to hack facebook accounts

0 comments


It is believed that an attacker can't hack a facebook account which has enabled two-step authentication and other additional security check, even if he knows the username and password. But, not more! Vulnerabilities in android apps can make it possible.
Cyber criminals have started to use Android Banking Trojan "iBanking" to bypass Facebook's two-factor verification.

iBanking is malicious android application capable of intercepting SMS messages, forwarding incoming voice calls to any number and record victim's voice using mic.

Freshly, RSA noted the release of source code for the iBanking trojan. This source code leak helped other cyber criminals to customize this trojan according to their needs.

ESET reports that a customized iBanking malware targeting Facebook users is being delivered via a new variant of Computer Banking Trojan Qadars.

When a system is infected with Qadars Trojan, it will show a message when user is logging into Facebook telling them "Facebook introduces new extra safety protection system" and instructs them to install an android app. This app will help cybercriminals to intercept SMS so that they can bypass the Facebook's two-factor verification.

Continue reading →

A Huge Frustration for Tax Refund Victims

0 comments



This is nothing new that people are stealing identities and then stealing their money from banks and even from tax-refund too. This gave a major start in 2013. Identity thieves are getting more creative and bold in stealing billions in tax refunds from Internal Revenue Service now.

A recent victim Laura Hankins knew something was wrong when she filed her daughter's tax return and it was rejected hours later: An identity thief already had sent in a return using the 19-year-old's personal information.

"This is the first time in her life she has ever filed income taxes, after earning all of $1,800 stocking products on grocery store shelves," Hankins said. "I did her taxes for her online, but immediately she got the rejection."

Thieves have claimed billions of dollars in bogus tax refunds from the IRS by swiping the Social Security numbers and identities of schoolchildren in Florida, prisoners in Pennsylvania, teachers in Washington state and soldiers deployed in Iraq and Afghanistan.

The IRS said Thursday that it has started more than 200 investigations into identity theft and refund fraud schemes this filing season and that enforcement efforts are taking place nationwide. It said investigators are especially focused on the misuse of specialized identification numbers assigned to firms that electronically file tax returns.

But the ease of the schemes means no one is immune. The best steps to reduce the chance of refund fraud are to protect your Social Security numbers and other personal information.
Because Hackers and employees with access to thousands of names stored in company databases have tapped into reams of personal information, allowing them to submit hundreds of fraudulent returns by computer and receive refunds within days.
It all adds up to a lot of frustration for legitimate taxpayers who face more paperwork and months of waiting for their tax refunds.

IRS has to take a step against this step, so people can start trusting them again rather to stop paying taxes.
Continue reading →

Hacker arrested by Canadan Police for exploiting HeartBleed Bug

0 comments


A 19-year-old man is arrested and charged by Canadian police a who allegedly exploited the Heartbleed bug to steal personal data from the Canadian Revenue Agency's website.

Stephen Arthuro Solis-Reyes, who allegedly grabbed 900 social insurance numbers (SINs) over a period of six hours, marks the first time that authorities have apprehended someone in relation to the bug in OpenSSL.

Solis-Reyes of London, Ontario is a student at Western University, was detained by the London Police Service and the Royal Canadian Mounted Police National Division Integrated Technological Crime Unit.

In a statement, Assistant Commissioner Gilles Michaud of the RCMP, said:
The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible. Investigators from National Division, along with our counterparts in "O" Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners.

He is scheduled to appear in court in Ottowa on 17 July 2014.

Canada's tax agency was one of the first major organizations to be impacted by the Heartbleed flaw and subsequently had to remove public access to its online services for four days in order to protect taxpayer information.

It's unclear what Solis-Reyes's motivations were. But it's important to remember that while security researchers and other interested parties may like to think that testing for Heartbleed or other vulnerabilities may be ethical and useful in purpose, the law may not agree.

Such activity may not be regulated in every nation, but some countries certainly do prohibit the testing of security on third-party websites without permission.

Furthermore, it should be obvious that actually exploiting any discovered vulnerabilities in order to gain unauthorized access to networks and data is a bad idea at all times. More so if the organization in question is your national tax office.

If you do have legitimate concerns about a website's security, the correct course of action would be to notify the owners and engage in responsible disclosure in a manner that doesn't place other people's data at jeopardy.
Continue reading →

Ukraine tensions could hurt international security efforts, Kaspersky says

0 comments

 


As governments all around the world are finding a peaceful solution for the political tension in Ukraine , the cyber-criminals could catch government with online attacks , warned Kaspersky Lab CEO Eugene Kaspersky.

"It is good news for the local IT projects, but the international projects will have less budgeted," says Kaspersky.

"When the governments don't talk to each other and cooperate, that damages traditional industry and economies, but also cyberspace"  They added.

"It will damage global Internet projects," he said. "Nations will be more focused on the national projects. That's good news for the local IT companies, but ... the evolution of cyberspace will slow down." They continued.


Anything that decreases trust among government can hurt such efforts, Kaspersky said. 



"Last years Edward Snowden's affair , in which the National Security Agency contractor revealed the evidence in which it told that U.S spied on foreign leaders which hurted International trust," Kaspersky added.



 
Continue reading →

Hacker/troll “weev” was charged in the wrong federal court – say The Third US Circuit Court of Appeals .

0 comments


A federal appeals court Friday reversed and vacated the conviction and sentence of hacker and Internet troll Andrew "weev" Auernheimer.

The case against Auernheimer, who has often been in solitary confinement for obtaining and disclosing personal data of about 140,000 iPad owners from a publicly available AT&T website, was seen as a test case on how far the authorities could go under the Computer Fraud and Abuse Act (CFAA), the same law that federal prosecutors were invoking against Aaron Swartz.

Auernheimer was accused of passing along the e-mail addresses to Gawker, which thereafter published the information in redacted form in 2010. Auernheimer was convicted in a New Jersey federal court of a felony under the CFAA for conspiracy to access AT&T's servers against the company's will.

The government argued that the New Jersey court was a proper venue for the case because 4,500 e-mail addresses were obtained from residents there. The authorities claimed that even if the venue was improper, is should be disregarded because it did "not affect substantial rights."
The court disagreed and suggested that Auernheimer's home state of Arkansas, where the alleged illegal activity took place, was the proper location for trial

Auernheimer's  helped co-defendant Daniel Spitler who discovered a security vulnerability in the website used to register iPad users who signed up for AT&T's 3G service. A script on AT&T's servers would accept an iPad's ICC-ID—a unique identifier embedded in the device's microSIM card—and return that user's e-mail address. Spitler figured out that ICC-IDs come in a predictable range, allowing him to enumerate the tens of thousands of them and obtain the corresponding e-mail addresses. And Auernheimer was accused of providing Spitler with advice and encouragement over IRC, and later disclosed the information Spitler obtained to the media.

Spitler pleaded guilty and was sentenced in January to three years probation.

While the court would not resolve whether Auernheimer's conduct was illegal, it commented that "no evidence was advanced at trial" that "any password gate or other code-based barrier" was breached.
A day before his sentencing, Auernheimer commented last year that his only "regret is being nice enough to give AT&T a chance to patch before dropping the dataset to Gawker. I won't nearly be as nice next time."

Now Auernheimer is waiting to listen his charges when the right court will be chosen for him against his crime.
Continue reading →

European Cyber Army Start Targeting Syria

0 comments

Syrian Web sites Job.sy and RealEstate.sy’s hacked data allegedly stolen by Hacker Zer0Pwn, a member of the European Cyber Arm (ECA).











In a Pastebin post entitled "ECA vs. Assad | Part 1," Zer0Pwn published sample data, along with a SendSpace link to the full databases.



The sample data includes full names, user names, encrypted passwords, e-mail addresses and phone numbers.



The file on SendSpace includes more than 60,000 full names, user names, phone numbers and home addresses, along with encrypted passwords for Jobs.sy and clear text passwords for RealEstate.sy.



Cyber War News notes that other recent targets of the European Cyber Army have included syrianmonster.com, syria-courts.com, sana.sy, moj.gov.sy, and banquecentrale.gov.sy.



Syria needs to work hardest on their websites security when they are already warned.

Continue reading →

POS made Michaels, Aaron Brothers risk millions of payment cards

0 comments


Two independent security firms that dates back to January, arts and crafts retailer Michaels Stores confirmed that, much like retail giant Target, its U.S. stores had experienced a payment card breach.
The Michaels breach involved malware on point-of-sale systems that neither security firm had encountered before, Michaels CEO Chuck Rubin wrote in a Thursday statement, explaining the malware has been removed and the incident has been fully contained.
About 2.6 million payment cards may have been compromised from Michaels outlets between May 8, 2013 and Jan. 27, Rubin said, adding that about 400,000 payment cards could have been compromised from Aarons Brothers stores, a Michaels subsidiary, between June 26, 2013 and Feb. 27.
Rubin explained that the breach impacted a “varying number” of Michaels stores, as well as 54 Aaron Brothers locations. The crafts retailer posted online which Michaels and Aaron Brothers locations were affected.
“While we have received limited reports of fraud, we are offering identity protection and credit monitoring services to affected Michaels and Aaron Brothers customers in the U.S. for 12 months at no cost to them,” Rubin said. “We also are offering these customers a fraud assistance service for 12 months at no cost to them.”
Rubin announced at the end of January that Michaels was looking into a possible payment card breach, shortly after technology writer Brian Krebs reported that the retailer was investigating an incident. The investigation was spurred due to reports of fraudulent activity on cards used in stores.

Continue reading →

Pentagon to triple its security workforce by 2016

0 comments


US is always worried about its security, no matter it’s about physical or cyber related.
Defense Secretary Chuck Hagel announced Pentagon efforts to strengthen its U.S. Cyber Command in coming years. By 2016, the Fort Meade, Md.-based military command expects to triple its security staff to 6,000 people, he said
Hagel revealed the recruitment efforts late last month during a speech at the National Security Agency's (NSA) headquarters, according to a March PBS report. In the speech, Hagel also shared that the Pentagon's hiring plans included military and civilian candidates.
By this year's end, Hagel expects the Pentagon's cyber security workforce to stand at 1,800 individuals.
The move comes as the government attempts to thwart cyber espionage threats from China and elsewhere, as well as other cyber-attacks that threaten national security or economic competitiveness.
In one measure to specifically stave off critical infrastructure attacks, the National Institute of Standards and Technology (NIST) released a cyber-security framework to help aid organizations and operators. NIST unveiled the voluntary framework in February, which was designed to complement organizations' existing security management programs. The framework was intended to serve as a guidepost for a range of industries managing integral processes for the nation, from water treatment facilities and energy companies to the finance and healthcare sectors.
On Tuesday, Michael Daly, the CTO for Raytheon's cyber business, told SCMagazine.com that the government would likely have to do a lot of training, while partnering with private companies and educational institutions, to fill the demand for such jobs.
“It has to do with having the skills,” Daly said. “I think that when the jobs are there, the people with the skills are seeking them out and going after them. What we are seeing is a huge backlog as far as being able to hire people into these jobs. The numbers of security jobs have grown, but these jobs are taking a lot longer to fill.”
By such action many people will get employed too. This would be beneficial for unemployed people and for country too.

Continue reading →
 
Copyright © 2013 MyBloggerBlog Template All Right Reserved
Designed by MyBloggerBlog | Powered by Blogger