Security Geeks: 2012

Friday, 21 December 2012

Linux Mint 14 Xfce Edition Is Available for Download

Linux Mint Xfce, a modern, elegant and comfortable operating system based on Ubuntu and Debian, has just reached version 14.

Even though it's a little late to the party, the Xfce version of Linux Mint 14 is finally here and not a moment too soon. It would have been hard to release it after the Apocalypse.

In any case, Linux Mint Xfce shares the same codename with the other releases, Nadia and just like its brethren, it comes with quite a few new features and updates.

As you can imagine, Linux Mint Xfce 14 is based on Xfce 4.10. According to the developers, this is a lightweight desktop environment that aims to be fast and low on system resources, while still being visually appealing and user friendly.

This latest version of Xfce 4.10 features online documentation, an application finder, multiple rows and deskbar mode in the panel, an actions plugin, a MIME type editor, a single-click operation, automated background image cycling and thumbnail rendering on the desktop, not to mention edge-tiling in the window manager.

Highlights of Linux Mint 14 Xfce Edition:

• Thunar is the default file browser of the distribution;
• Xfce Terminal is the default terminal application;
• Xfburn is the default CD/DVD burner application;
• Ristretto is the default image viewer;
• Blueman is used by default for Bluetooth support;
• The default notification daemon is xfce4-notifyd, which is themeable and configurable.

The MDM display manager comes with a lot of themes and the theme format is so trivial that users can make their own very easily and make the login screen look exactly the way they want.

The Software Manager has also received a lot of "under the hood" improvements and it no longer uses aptdaemon, which was responsible for crashing or freezing the application.

Check out the official announcement for a complete list of changes and updates.

Download it here.

Secondary Twitter “Sign In” Form Found to Transmit Passwords in Plain Text

Zohar Alon, the CEO of security solutions provider Dome9, discovered that the “secondary” Twitter sign-in page transmitted user passwords via HTTP, instead of the secure HTTPS.

Fortunately, Twitter rushed to address the issue immediately after being notified, but until a few hours ago, many cybercriminals could have exploited the flaw.

According to TNW, the bug didn’t affect the main sign-in page – the one that users are presented with when they access Twitter. Instead, it affected the drop-down sign-in form which customers can access when viewing a profile or a tweet without being logged in to their accounts.

The main login page transmitted the information in a secure manner, but this alternative page used HTTP, which meant that all passwords could be easily intercepted by someone who was sniffing a potential victim’s network traffic.

After being notified by TNW and Alon about the security hole, Twitter’s security team patched up the issue. However, this fairly serious vulnerability could have been there for some time, impacting the social media site’s 200 million customers.

While this secondary sign-in page is not used as often as the main page, it’s still utilized by a large number of internauts.

Microsoft has just published the changelog for the recently released Windows Phone 8 update for Nokia Lumia 920 and Lumia 820.

The update is currently pushed in Canada at Rogers and in the US via AT&T. Unfortunately, Nokia announced it wouldn't launch the new firmware version in other countries until early February, 2013.

Microsoft also hints to a staggered rollout of this Windows Phone 8 update and states that it “will be made available at different times, depending on your country or region, mobile operator, and phone model.”

After ten years of legal battles, it seems that NASA hacker Garry McKinnon is finally off the hook. UK authorities decided that they would not commence a criminal investigation against him.

In a joint statement, the Crown Prosecution Service (CPS) and the Metropolitan Police Service (MPS) reveal that the decision comes after consultations with the US authorities.

Back in 2002, the US Department of Justice, the UK police and the CPS decided that McKinnon should be tried in the United States because

Serbia Google, Gmail, Microsoft, OVI, And More High Level Domains Defaced By Pakistani Hackers

Serbian Google, Gmail, Microsoft, OVI and more high level domain were defaced by Pakistani hackers with the names 1337, H4x0rl1f3, ZombiE_KsA, Invectus, and Shadow008
Those names might be familiar to you from other attacks defacing Israeli MSN, Bing and more high level domains as well.
Mirrors of the website can be found here

iPad mini – Apple’s Best iPad Yet

If you’re deciding between several gadgets to put something under the Christmas tree this year, you might want to consider the iPad mini. For all the inches it shaves off, it offers a truly compelling tablet experience.

Apple had to jump over many hurdles to get where it is today in the tablet space (and not only). Launching the first iPad in 2010 took a tremendous amount of prototyping over several years.

Finnish mobile phone maker Nokia is focused on the release of Windows Phone devices as part of its partnership with Microsoft, but it seems that the company is also looking into other platforms out there.

In fact, the handset vendor has already published a job listing on LinkedIn, announcing that it is looking for a Linux software engineer.

According to the post, which is dated November 29, Nokia is looking into embedding Linux software and drivers into its new products, which would suggest that Android might soon arrive on its devices.

Secret Admin Backdoor Accounts Found in Samsung Printers

One would think that printers aren't much of a security risk, but while this was true a decade ago, it is no longer the case. Samsung's printer line is more or less clearly showing it.

There is a lot of software involved in the operation of today's printers, especially in regard to network connectivity.

Whereas once they needed to get every bit of information straight from the PC through a dedicated cable, printers have their own software now and can perform certain things on their own, especially when they have extra functions like scanning and photocopying.

An Algerian hacker using the online moniker MCA-CRB has managed to deface the Romanian sites of Google (google.ro) and Yahoo! (yahoo.ro).

Most likely, the attacker hasn’t actually breached Yahoo! or Google severs. Instead, he gained access to DNS servers and altered the records to ensure that all visitors of yahoo.ro or google.ro would be redirected to his defacement page.

Piwik.org Hacked, Attacker Adds Malicious Code to Installation Files

Piwik.org, the official website of the free software web analytics system for PHP/MySQL webservers, has been hacked. The attacker planted a piece of malicious code inside the .zip file containing Piwik 1.9.2.

According to Piwik representatives, the incident affects only users who updated or installed Piwik 1.9.2 on November 26, between 15:43 UTC and 23:59 UTC.

Apple is finally letting word out that its new iMacs are indeed shipping this month. The 21-inch model will be available on Friday, November 30, while the 27-inch version will start shipping next month, according to the announcement.

Barely respecting its self-imposed timeframe, Apple today confirmed that its sleek new iMacs are shipping on Friday, the last day of November.

Official Photos of Prince William Expose Royal Air Force Usernames, Passwords

A number of photographs posted on the official St James’ Palace website – picturing Britain’s Prince William in his daily life – have been found to expose a number of passwords and other sensitive information belonging to the Royal Air Force (RAF).

The 10 pictures, meant for the website of the Duke and Duchess of Cambridge, were taken by a RAF photographer, but they were not “properly cleared” at RAF Valley before being made public, Daily Mail informs.

Windows 8 is alive and kicking, but although the Redmond-based devices and services firm (as Mr. Ballmer calls his company right now) is apparently pretty disappointed with the sales performance of its software.

We’ve heard that Ballmer and the other Microsoft executives are blaming the PC industry for the lack of devices running its Windows 8 OS. While hardware manufacturers could be more or less at fault, this isn’t entirely true.

A dozen of Windows 8 users are complaining that a Windows 8 update causes the Start Screen to freeze, while all the other apps fail to respond.

While Microsoft is yet to confirm the problem, it appears that most consumers affected by the issue have deployed an official Windows 8 update, although some of them are actually claiming that all problems appeared two or three days after the update has been installed.

Pakistani Google, Yahoo, Microsoft, And More High Profile Domains Defaced!

Today another DNS Hijacking attack happened to high profile domains from Pakistan!

A hacker called "eboz" from Turkey defaced Google, Yahoo, Microsoft, and a couple of more high profile domains of Pakistan. Their DNS was hijacked by the hacker, and redirected to his deface page.

MSN, Bing, Microsoft, and many high profile websites of Israel defaced by 1337 supporting Gaza

Today a Pakistani hacker called 1337, defaced almost all the Israeli high profile websites including MSN, Bing, Amazon, Microsfot, and many more. and still, the hacker is planning to take down more!
Mirrors to the website can be found Here. Yet, the israeli Government is saying it stopped many of the attacks, including the DDoS attacks on their Government website which were successful as well!

Critical Security Flaw Can Get Your Skype Account Hacked in Seconds

Russian hackers have found a way to break into any Skype account using only the original email address provided at registration.

TNW reports that Microsoft has already been informed of the glitch and, although the security hole was discovered nearly two months ago, they’re still working on a fix.

Basically, hackers only need the username and the email address of the Skype account in order to reset the password and get access to the targeted account. It all comes down to a total of five different steps which are (fortunately) unavailable for the time being.

Adobe has confirmed that one of its websites, the Connectusers.com forum, has been compromised. An Egyptian hacker going by the name of ViruS_HimA has taken credit for the attack.

“Adobe is currently investigating reports of a compromise of a Connectusers.com forum database. These reports first started circulating late during the day on Tuesday, November 13, 2012,” Guillaume Privat, the director of Adobe Connect, explained.

Antivirus Firm Founder John McAfee Accused of Murder, Says He’s Innocent

John McAfee, the founder of the world-renowned security solutions provider, is accused of having murdered his neighbor. McAfee claims that he’s innocent and he even believes that he might have been the killer’s target.

It’s no secret to anyone that John McAfee doesn’t get along with authorities from Belize. Back in April, the Gang Suppression Unit raided his home, confiscated his weapons and his passport, killed one of his dogs, and arrested him.

Hacker Releases iOS 6.0.1 Jailbreak for A4 Devices

iH8sn0w icon

Hacker iH8sn0w has released a new version of his sn0wbreeze jailbreak utility. The tool enables rogue users of Apple’s iPhones and iPads to hack their devices using a Windows PC and install third-party apps and themes otherwise unapproved by the Cupertino company.

In a recent blog entry, iH8sn0w confirms that sn0wbreeze v2.9.7 adds support for iOS 6.0 Build 10A403 and iOS 6.0.1 Build 10A523.

Facebook Chat Can Be Used to Launch DOS Attacks, Expert Finds

Security researcher Chris C. Russo claims to have discovered a way to use Facebook’s chat module to launch denial-of-service (DOS) attack against any user, even if they’re not friends with the attacker.

Russo reveals that the attack is similar to the ones launched back in the day via MSN messenger. A large number of packets are sent to the target, causing his application to crash.

According to the latest research from Strategy Analytics, Apple’s iPhone is no longer king of the smartphones. At least not in the third quarter of 2012, when Samsung shipped a total of 18 million Galaxy S III handsets, Strategy Analytics reports.

By comparison, Apple shipped 16.2 million iPhone 4S handsets, falling to the #2 spot in the respective quarter.

Windows 8 and Windows RT will receive the first batch of updates since their debut next week, as part of Microsoft’s “Patch Tuesday” schedule.

While Microsoft hasn’t yet released specific details about the glitches these updates are supposed to fix, the company will deliver a total of six separate patches, three of which will be aimed at 32- and 64-bit versions of Windows 8. All three are marked as critical.

In addition, Windows RT, the operating system that was designed to be installed on tablets such as Microsoft’s Surface, will get two different updates, one flagged as critical and another one rated “important.”

Hackers Use Malware to Steal Photos, Blackmail Users

Experts have identified an interesting piece of malware whose main goal is to steal all the picture files from an infected computer and upload them to a remote FTP server.

The picture files we store on our computers often hold valuable information. Whether it’s work-related stuff, documents containing personal information, or those pictures stored in hidden folders we hope no one will ever see, any of them could represent a highly valuable loot for cybercriminals.

A Hacker News member noticed that by performing a Google search for “inurl:bcode=[*]+n_m=[*] site:facebook.com,” links to the accounts of around 1.3 million Facebook users would show up. Some of the links could be utilized to gain access to the accounts in question without the need for a password.

The temporary links generated by Facebook expired as soon as you clicked on them and since many of them were already clicked at the time when the “hack technique” was identified, the accounts could not be accessed without the password.

NullCrew Hackers Target NSA, MasterCard, BB&T, US Department of Defense Sites

Hackers part of the NullCrew collective continue to take aim at high profile websites as part of their operation against governments from all over the world.

Their latest targets are The Department of Defense Pharmacoeconomic Center (pec.ha.osd.mil), Department of Defense (defense.gov), the US National Security Agency (NSA), MasterCard, and the BB&T bank.

For each one of these websites they have published some information.

Last week we learned that the NullCrew collective launched an operation against governments from all over the world.

The first targets of this campaign are the sites of the State of Louisiana (louisiana.gov), the State of Texas (texas.gov), the State of Montana (mt.gov), UNESCO (unesco.org), United Nations (un.org), and the Force Health Protection & Readiness site managed by the Office of the Deputy Assistant Secretary of Defense (fhpr.odf.mil).

Hackers part of the Team GhostShell collective are back in their typical style, leaking 2.5 million records stolen from government, educational, political, law enforcement, telecoms, research, medical, academic, financial and other high-profile Russian organizations. This latest campaign is called Project BlackStar.

“For far too long Russia has been a state of tyranny and regret. The average citizen is forced to live an isolated life from the rest of the world imposed by its politicians and leaders,” DeadMellox, one of the hackers, wrote in a statement.

Ubuntu 14.04 Will Come to Phones, TVs and Tablets

Another 6 months, another Ubuntu Developer Summit event for Canonical, where Mark Shuttleworth is always present and keeps his audience captivated.

Yes, we’re talking about the Ubuntu Developer Summit (UDS) event for the upcoming Ubuntu 13.04 (Raring Ringtail) operating system, which takes place these days, between October 29th and November 1st, in Copenhagen, Denmark.

Anonymous Takes Aim at Zynga for “Outrageous Treatment of Employees”

Anonymous hackers have initiated an operation called “maZynga.” The campaign was launched shortly after the company revealed its plans to lay off around 5% of its workforce.

The hacktivists published a video statement to announce the start of the operation, but the clip was removed from YouTube. However, a transcript of the statement posted on AnonNews reveals their plans.

Anonymous hacktivists have leaked confidential documents and user credentials which they allegedly stole from the systems of Greece’s Ministry of Finance. The breach comes at a time when the Greek government is trying to adopt a new austerity package.

“The Greek government is prepared to testify to a vote in the Greek Parliament the new package of economic austerity measures of 13.5 billion euros which are expected to prolong the recession in Greece,” the hackers wrote in a statement.

The latest target of the hacker collective known as NullCrew is the website of world-renowned car manufacturer Ford.

The hackers claim to have leveraged an SQL Injection vulnerability in order to gain access to the databases behind the social.ford.com subdomain. As a result of the breach, database and table names, customer usernames – represented by email addresses – and encrypted passwords have been leaked.

Gadgets add complexity to brutal bank layoffs

In the high-tech, gadget-addicted world of investment banking, layoffs are becoming more complex and brutal as firms try to stop sensitive data leaving with employees.
Sackings are usually swift, with bankers escorted out, a few belongings thrown into boxes and Blackberries and phones disabled the minute they get their marching orders.
But weeks of trawling through old emails and planning software lockdowns now precede and follow the job cuts that are happening in thousands, adding a new layer of indignity to the process.

A number of Israel's government offices have fallen victim to a cyber attack over the past week, one apparently aimed at slipping a "Trojan horse" into the computer servers at these ministries.

Israeli police immediately pulled the national computer network from the civilian Internet after this cyber threat . A Trojan horse has been sent as files attached to emails bearing the name of the IDF Chief of Staff Benny Gantz in the subject line.

DOS Vulnerability Found in Wireless Chips Used by Apple, HTC, Samsung, Ford, Others

Researchers Andres Blanco and Matias Eissler from Core Security’s Core Impact team have uncovered a remotely exploitable vulnerability in Broadcom BCM4325 and BCM4329 wireless chipsets that could be leveraged by cybercriminals to launch a denial-of-service (DOS) attack.

According to advisories published by the United States Computer Emergency Readiness Team and Core Security, the vulnerability is caused by an out-of-bounds read error condition that exists in the chips’ firmware.

Medical Devices Vulnerable to Hacking

A heart defibrillator remotely controlled by a villainous hacker to trigger a fatal heart attack? Yes now its possible, The Government Accountability Office has released a report warning that medical devices are vulnerable to hacking and calling for greater FDA oversight of such devices.

The investigation into electronic medical-device safety was initiated after computer-security researchers found dangerous vulnerabilities in insulin pumps. The FDA in 2009 issued guidance urging hospitals and medical device manufacturers to work together to eliminate security risks. But in September, the Government Accountability Office issued a report warning that implantable medical devices could be vulnerable to hacking, posing a safety threat, and asked the FDA to address the issue.

Anonymous Hacker claims to have 20,000 debit card details from HSBC Cyberattack

One of Anonymous hacker groups "FawkesSecurity" who claim responsibility for a DDOS cyber attack on HSBC Bank says that they also manage to get 20,000 debit card details.

When HSBC said, "This denial-of-service attack did not affect any customer data, but did prevent customers using HSBC online services, including Internet banking.", Anonymous tweeted on Friday. “We also managed to log 20,000 debit card details.”

According to the Center for Copyright Information, the controversial "Copyright Alert System" will hit the U.S. within weeks. A blog post by Jill Lesser, executive director of the Center for Copyright Information, revealed the long-awaited Copyright Alert System (CAS) will begin "in the coming weeks" and provided some details about the partnership with ISPs to deter subscribers from infringement over peer-to-peer networks.

Microsoft Profit Slips to $16 Billion (€12.2 Billion) as Everyone Waits for Windows 8

Microsoft’s profit for the first quarter of fiscal year 2013 dropped to $16 billion (€12.2 billion), while sales of the Windows division went down significantly ahead of the new Windows 8 debut.

Everybody is waiting to see the new Windows 8 at work, said company CEO Steve Ballmer, so sales and revenues are very likely to increase after the launch of the new operating system.

Apple Inc is removing old versions of Oracle Corp's Java software from Internet browsers on the computers of its customers when they install the latest update to its Mac operating system.
Apple, which has previously included Java with installations of Mac OS X, announced the move on its support site. It said that customers need to obtain Java directly from Oracle if they want to access web

Google Ireland and Yahoo Domains Hijacked

Irish websites Google.ie and Yahoo.ie went offline on Tuesday afternoon after their DNS servers were apparently hijacked to point to those of a third party, resulting in visitors being redirected to an 'allegedly fraudulent' address - farahatz.net. That site has now been taken offline, but it is not known whether the site could have been created with malicious intent.

A short note on the homepage of the IE Domain Registry said the move followed a "security incident on Tuesday 9th October, involving two high profile .ie domains that has warranted further investigation and some precautionary actions on the part of the IEDR." The IE Domain Registry have requested assistance from the Garda Bureau of Fraud Investigation.

ICS-CERT - Industrial Control Systems Cyber Emergency Response Team has released the Advisory titled ICS-ALERT-12-284-01 - Sinapsi eSolar Light Multiple Vulnerabilities. They Report about report multiple vulnerabilities with proof-of-concept (PoC) exploit code that affecting the Sinapsi eSolar Light Photovoltaic System Monitor which is a supervisory control and data acquisition (SCADA) monitoring product.

The US Department of Homeland Security is warning about vulnerabilities in a common SCADA (supervisory control and data acquisition) package that is used to remotely monitor and manage solar energy-generating power plants.

Windows 8 Security flaw : Logon Passwords Stores in Plain Text

Windows 8 is the first operating system from Microsoft to support alternative non-biometric authentication mechanisms such as Picture Password and PIN. A vulnerability discovered by a password security vendor - "Passcape" in Microsoft’s Windows 8 operating system that it saves a log on password in plain text and allows any user with admin rights to see the password details.

Flash Websites Won’t Load in IE 10 Unless Microsoft Approves Them

Internet Explorer 10, the version that’s currently available to Windows 8 users only, won’t load Flash websites unless Microsoft places them on its very own whitelist.

Windows 8 comes with two different versions of Internet Explorer: one that loads in the Metro environment and runs full screen and another one accessible from the desktop that works in a similar fashion to the previous releases of the browser.

Satellite imagery tools have been around for a while (especially Google’s) and state authorities from all over the world closely worked with parent companies to censor specific images that aren’t supposed to be seen by everyone.

Bing’s satellite map service however apparently revealed what seems to be CIA’s secret Bin Laden training facility. In plain English, this is the place where the SEAL Team Six trained before eventually going after Osama Bin Laden.

The Atlantic Wire writes that Bing published an aerial photo of the Harvey Point Defense Testing in North Carolina that perfectly copies Osama bin Laden’s hiding spot.

Hacker group RedHack faces up to 24 years in prison for terrorist crimes

As part of an investigation launched by Başsavcıvekilliği in Ankara on March 20 arrested seven people, including college students. 13 of the indictment prepared by the prosecutor's office in Ankara Was adopted by the High Criminal Court.

Court has accepted an indictment against RedHack, a Turkish hacker group, seeking prison sentences of 8.5 to 24 years for its members as “members of a terrorist group.”

In an attempt to block pirated versions of its software from reaching the web, Microsoft requested the search engine giant Google to block access to links coming from CNN, The Huffington Post, Wikipedia and even the US government.

The latest Digital Millennium Copyright Act (DMCA) comes with what appears to be an unfortunate mistake, as some of the copyright infringement claims mentioned by Microsoft are aimed at legitimate websites.

TinKode Gets 2-Year Suspended Jail Term, Ordered to Pay $120,000 (€93,000)

The famous hacker known as TinKode has been given a two-year suspended prison sentence. The Romanian court that handled the case also ordered him to pay around $120,000 (93,000 EUR) representing the total losses caused to the organizations he breached.

According to court documents, Cernaianu Manole Razvan received three 2-year sentences and three 1-year sentences. However, the sentences have been merged into one 2-year punishment.

U.S. bank website hackers used advanced botnets, diverse tools

The hackers behind the cyber attacks on major U.S. banks have repeatedly disrupted online banking by using sophisticated and diverse tools that point to a carefully coordinated campaign, according to security researchers.
The hackers, believed to be activists in the Middle East, were highly knowledgeable about the defensive equipment used by the banks and likely spent months on reconnaissance, said several researchers interviewed by Reuters, who viewed the assaults as among the strongest and most complex the world has seen to date.

“Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.” From last 3 months Google users were surprised to see this unusual notification at the top of their Gmail inbox, Google home page or Chrome browser. These warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack.

Pages

Friday, 21 December 2012

Thursday, 20 December 2012

Tuesday, 4 December 2012

Saturday, 1 December 2012

Wednesday, 28 November 2012

Tuesday, 27 November 2012

Monday, 26 November 2012

Friday, 23 November 2012

Monday, 19 November 2012

Thursday, 15 November 2012

Tuesday, 13 November 2012

Monday, 12 November 2012

Friday, 9 November 2012

Sunday, 4 November 2012

Saturday, 3 November 2012

Thursday, 1 November 2012

Monday, 29 October 2012

Saturday, 27 October 2012

Friday, 26 October 2012

Wednesday, 24 October 2012

Sunday, 21 October 2012

Friday, 19 October 2012

Friday, 12 October 2012

Thursday, 11 October 2012

Monday, 8 October 2012

Friday, 5 October 2012

Thursday, 4 October 2012

Search The Blog

Follow Us

Search The Blog

Become a Fan Today!

Popular Posts

Site Links

Followers

Blog Archive

Follow Me on Facebook.com