Security Geeks: September 2012

Saturday, 29 September 2012

Researcher says flaw in Android creates phone risk

Cellphones using Google's Android operating system are at risk of being disabled or wiped clean of their data, including contacts, music and photos because of a security flaw that was discovered several months ago but went unnoticed until now.
Opening a link to a website or a mobile application embedded with malicious code can trigger an attack capable of destroying the memory card in Android-equipped handsets made by

Canada said on Friday it was aware of an attempt by hackers to target a domestic energy company, the second time in 24 hours Ottawa had acknowledged a cyber security attack against a Canadian firm.
In both cases the Canadian government declined to comment on reports which suggested a Chinese connection.
The news comes at an awkward time for Canada's Conservative government, which is deciding whether to approve a landmark $15.1 billion bid by China's CNOOC Ltd to take over Canadian oil producer Nexen Inc.

Billions of Windows Users Affects with Java Vulnerability

Researchers at Security Explorations disclosed a new vulnerability in Java that could provide an attacker with control of a victim's computer. The researchers have confirmed that Java SE 5 – Update 22, Java SE 6 – Update 35, and Java SE 7 Update 7 running on fully patched Windows 7 32-bit operating systems are susceptible to the attack.

A Romanian researcher - Radu Drăgușin found that 100000 usernames and passwords of the Institute of Electrical and Electronics Engineers (IEEE) was stored in plaint-text on a publicly accessible FTP server.

According to him, on Sept. 18 he first discovered a log with usernames and passwords in plaintext, publicly available via IEEE's FTP server for at least a month. He informed them of his find yesterday, and evidently the organization is addressing the issue.

New Android Exploit Could Force Factory Reset remotely

Clicking one wrong link can cause malicious code to execute, which could do anything from infecting your computer with malware to, apparently, wiping your phone data completely. At the Ekoparty security conference, researcher Ravi Borganokar demonstrated at the Ekoparty security conference in Argentina last week, that how a single line of HTML code could be used to run a factory reset or even clear the SIM card on certain Samsung phones.

Syria's ministry of information on Monday denied the sacking of the country's ambassador to Lebanon and said a previous email announcement was a result of hacking, state television reported.
"The email account of the ministry was hacked in order to publish inaccurate information" about the reported dismissal of the Syrian Ambassador to Lebanon Ali Abdel Karim Ali, the ministry said in a statement carried by state television.

Twitter Accounts of John Cena, John Morrison, Steve-O, Other Celebs Hacked

Cybercriminals will often take over Twitter accounts and use them to attract as many users as possible to their malicious websites. However, spammers and phishers are well aware of the fact that nothing can ensure the success of a campaign as the hijacked account of a celebrity.

The large number of Twitter followers makes public figures such as pro wrestler John Morrison (over 500,000 followers), WWE’s John Cena (2.7 million followers), The Usos team (125,000 followers), comedian Steve-O (close to 600,000 followers), and actor Donnie Wahlberg (368,000 followers) a tempting target for hackers.

Researchers Use NFC-Based Exploit to Ride the Subway for Free [Video]

A lot of interesting things have been presented at this year’s EUSecWest security conference. One of them is an Android app that relies on near-field communications (NFC) to reset the public transit access cards utilized in San Francisco (MUNI) and New Jersey (PATH).

Researchers Corey Benninger and Max Sobell of the Intrepidus Group have demonstrated that an NFC-enabled Android phone, fitted with a clever app they designed, could be used to reset and reuse the cards for free, engadget.com reports.

First iPhone 5 Jailbreak Confirmed [Photos]

iOS hacker Grant Paul, also known as @chpwn in Twitter circles, has released images of the first jailbroken iPhone 5, complete with a couple of screenshots showing Cydia (the jailbreak alternative to Apple’s App Store) running on the device.

ASUS Computers Official Website Hacked By 1337 | Tha Dark

Android 4.0.4 multiple Zero-Day Vulnerabilities

The Samsung Galaxy S3 can be hacked via NFC, allowing attackers to download all data from the Android smartphone, security researchers demonstrated during the Mobile Pwn2Own contest in Amsterdam.

Using a pair of zero day vulnerabilities, a team of security researchers from U.K.-based MWR Labs hacked into a Samsung Galaxy S3 phone running Android 4.0.4 by beaming an exploit via NFC (Near Field Communications).

Oracle Database stealth password cracking vulnerability

Oracle suffered with serious vulnerability in the authentication protocol used by some Oracle databases. This Flaw enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user's password.

A researcher - Esteban Martinez Fayo, a researcher with AppSec tomorrow will demonstrate a proof-of-concept attack.

Indian programmer charged with hacking into Toyota's network

WASHINGTON: An Indian computer programmer has been charged by the FBI for hacking into Toyota's computer network and sabotaging it, after he was fired by his company that provided IT services to the Japanese automobile major.

Ibrahimshah Shahulhameed, who provided contractual services for Toyota Motor Manufacturing in central Kentucky, allegedly hacked into the company's website and issued wrong commands leading to the crashing of the firm's supplier computer network.

Virgin Mobile USA online subscriber accounts can be easily hacked, developer says

September 18, 2012 — IDG News Service — The online accounts of Virgin Mobile USA subscribers are vulnerable to brute force attacks because the company forces customers to use weak passwords on its website, according to a software developer.
"Virgin Mobile forces you to use your phone number as your username, and a 6-digit number as your password," Kevin Burke, a software engineer at cloud communication company Twilio said Monday in a blog post. "This means that there are only one million possible passwords you can choose."
"This is horribly insecure," Burke said. "Compare a 6-digit number with a randomly generated 8-letter password containing upper-case letters, lower-case letters, and digits - the latter has 218,340,105,584,896 possible combinations."

SMS-Sending Bug Found in avast! Mobile Security, Company Rushes to Address Issue

A few days ago, independent security researcher Bogdan Alecu claimed to have identified a serious issue that affected avast! Mobile Security. Apparently, the app sent out SMSs without the users’ knowledge, inflating their phone bills.

The researcher identified the issue while testing the application. He found that the app would send out an SMS message to a number from the Czech Republic, most likely belonging to the company.

Internet Explorer Zero-Day Exploited in Wild, Tied to Poison Ivy and Nitro Attacks

A few hours ago, researchers from Rapid 7 confirmed that an exploit code for a zero-day that affected Internet Explorer 9 and older versions on Windows XP, Vista and 7 had been added to Metasploit. In the meantime, security companies have started spotting attacks that leverage the vulnerability.

Identified by Eric Romang, the zero-day exploits a use-after-free vulnerability in Internet Explorer 7, 8 and 9, and it could allow a remote attacker to execute arbitrary code on the affected system.

A controversial new Russian media law could be used to block YouTube in the country over postings of the anti-Islam film that has sparked deadly rioting, the communications minister warned Tuesday.
“It sounds like a joke, but because of this video... all of YouTube could be blocked throughout Russia,” minister Nikolai Nikiforov wrote on Twitter.

Researchers Find Botnet C&C Servers Hidden in Tor Anonymity Network

Security researchers have uncovered a new breed of botnets which rely on the functionality offered by the Tor (The Onion Router) anonymity network.

A few days ago, at the DefCon Bangalore security conference – 17-year-old researcher Suriya Prakash presented his findings on how botnets are starting to rely more and more on Tor to hide their traces.

FBI Visits 16-Year-Old Over YouTube Video, Tries to Get Him to Spy on Anonymous

Justin Hallman, a 16-year-old student from the United States has been visited by a couple of FBI agents after making a YouTube video for his American Government class about Congressman Ron Paul and the fact that the US is becoming a police state.

In the past few weeks, we’ve told you numerous times to be careful about what you write on social media websites, as it might be seen as a threat to the national security of the US. Here we have another example.

iPhone 5 Scam Alert: 1 Million Fakes Might Be Sold

Experts from Scambook are warning users to be on the lookout for too-good-to-be true offers that advertise the new iPhone 5. They estimate that as many as 1 million fake devices might be sold in the upcoming period.

Just before the big launch, Scambook advised consumers to beware of schemes that may leverage the event in order to trick internauts into visiting malicious websites. The scams will most likely continue now that the iPhone 5 is finally out.

Apple Launches the New iPhone 5

Tim Cook and his troops took the stage at San Francisco’s Yerba Buena Center for the Arts today and introduced the new generation Apple smartphone - the iPhone 5.

Touted as the thinnest and lightest iPhone ever, the iPhone 5 is redesigned with a unibody aluminum case, a 4-inch Retina display, an Apple-designed A6 chip, fast wireless technology, better battery life, and iOS 6, “the world’s most advanced mobile operating system with over 200 new features."

“iPhone 5 is the most beautiful consumer device that we’ve ever created,” said Philip Schiller, Apple’s senior vice president of Worldwide Marketing.

Although the Olympics and the Paralympics have come to an end, researchers say that cybercriminals are still relying on them to spread their malicious elements. A site that attempts to replicate Google Play – iplay-andro7d.net - has been found to serve all sorts of shady apps that hide an SMS Trojan.

GFI Software has released its VIPRE Report for August 2012 and the numbers show that in the past month cybercriminals have been busy launching email scams, malicious mobile applications, and phishing campaigns.

One of the biggest spam campaigns recorded in August revolved around Nationwide. Several variants of the bogus emails have been spotted, all of them attempting to lure internauts to websites where they were requested to hand over their account details.

Microsoft has issued two security bulletins as part of its September 2012 Patch Tuesday release. One noteworthy fact is that the company hasn’t made available so few bulletins since May 2011.

The first bulletin – rated as Important - addresses a cross-site scripting (XSS) security hole present in Visual Studio Team Foundation Server.

Avira, Mcdonalds, Hyundai And Microsoft Sites Hacked by Hmei7

World 3rd most Dangerous hacker of the World in now a day "Hmei7" indonesian hacker Hacked official sites of Avira, Mcdonalds, Hyundai And Microsoft. This kind of attack show the level of knowledge of those Black hats who remain under cover but still they are lot more power full the world Security Experts.

Hackers Stole Apple Data From US Company, Not FBI

A US company says that its files - not an FBI agent's laptop - were hacked by a renegade group that released Apple product identification data it claimed to have obtained through a breach of the law enforcement agency.
"We want to apologise, announce what happened and set the record straight," said Paul DeHart, chief executive of software company BlueToad.
FBI spokesman Paul Bresson confirmed that "it certainly does appear that BlueToad was where the information was actually compromised."
BlueToad hosts more than 5,000 worldwide publications including consumer magazines and business documents, and creates apps for its clients. DeHart said the company experiences about 1,000 unsuccessful break-in attempts a day.

Pirate Bay founder Gottfrid Svartholm Warg, who faces a year-long prison sentence for promoting copyright infringement, was detained on new computer hacking suspicions when he landed in Sweden on Tuesday morning.
Cambodia deports Pirate Bay founder to Sweden (11 Sep 12)
Cambodia to deport Pirate Bay co-founder (4 Sep 12)
Pirate Bay founder arrested in Cambodia (1 Sep 12)

JERUSALEM -- The Jewish Agency's website was attacked by unknown hackers.

The wave of attacks began Septembers 7 and continued through the weekend, the organization said in a statement released Tuesday.

Trend Micro released the new line of Titanium products for 2013. The focus in this release is on user’s social online activity.

As such, the company integrated a security component for social networks that works across multiple online services: Facebook, Twitter, Google+, LinkedIn, MySpace and Pinterest. This allows the user to share information with their friends whenever Trend Micro identifies a malicious link.

New SSL/TLS attack for Hijacking HTTPS Sessions

Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS.

Gauss Malware Detection Tool released by Iranian CERT

Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection. Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm.

Gauss primarily infects 32-bit versions of Windows, though a separate spy module for USB

CBS News) GoDaddy, the domain registrar and Web hosting company, is down, perhaps taking millions of websites down as a result.

"Status Alert: Hey, all. We're aware of the trouble people are having with our site. We're working on it," @GoDaddy tweeted Monday.

A quick call to the company's customer service line resulted in this voice message:

"If you are having a problem with your email, we are aware of the problem."

GoDaddy email addresses are down, as well. The blog suggests customers concerned with that their site has been affected can check online status at Down For Everyone Or Just Me.

Twitter accounts claiming to be associated with the hacking group Anonymous claimed responsibility for the attack.

"Basically, every GoDaddy site on the planet just crashed," @TibitXimer tweeted.

"#TangoDown - godaddy.com," @AnonOpsLegion tweeted Monday, claiming that the Twitter account @AnonymousOwn3r was responsible for the breach. "TangoDown" is the term that Anonymous generally uses to signify that a website is down.

"By using / supporting Godaddy, you are supporting censorship of the Internet," @AnonOpsLegion tweeted again later.

GoDaddy was the target of protests after it was discovered that the company supported unpopular bills the Stop Online Piracy Act (SOPA) and Protect IP Act (PIPA).

GoDaddy did not immediately respond to CBS News' request for comment.

Source: HackersMedia

Google Acquires Malware-Scanning Site VirusTotal

Google has acquired VirusTotal, a malware-scanning company that offered its services for free. Users can submit a file or an URL to be scanned and the site warns them if it contains any malware. The site relies on over 40 antivirus engines and other tools to scan the files.

A week ago, a new strike the cyber space about the hackers arrested in mobile company scam and Indishell is associated with those hackers

Today Indishell released a Media Note for the Incidence :

A unexpected storm has hit and wiped out everything which we hold dear . The pride of the name Indishell and its motto is hanging on the edge and we feel its our responsibility to answer the nation and the company which incurred huge loss due to greed of few.

INDISHELL:

The well known Pakistani hacker Shadow008 who hacked TheHackerNews a week ago, have gained admin access to Th3-Outlawz Official forum and posted this message as a thread with the admin user:

HACKED! Sony mobile users' emails accessed

Japan's Sony Corp said hackers have accessed the email addresses and names of as many as 400 of its mobile unit's customers in China and Taiwan held on servers owned by a third-party vendor. No credit card information was compromised in the attack, which hacking group NullCrew claimed in

Iran still on target of 'Mahdi' malware after detection

In JULY Kaspersky Lab and Seculert revealed the presence of a new cyber-espionage weapon known targeting users in the Middle East. Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread.

The malware, known as 'Mahdi' or 'Madi', was originally discovered by Seculert. In addition to stealing data from infected Windows computers, it is also capable of monitoring email and instant messages, recording audio, capturing keystrokes and taking screenshots of victims' computers.

What Apple UDID’s? FBI Denies Being Hacked By AntiSec

What Apple UDID’s? FBI denies being hacked by AntiSec
Washington: The FBI on Tuesday disputed a computer hacker group’s claim that it stole personal identification data on millions of Apple device owners from an FBI agent’s laptop.
FBI officials said the bureau never asked for and never possessed the database that the group, which calls itself AntiSec, is posting on a website.

The group has released a link to a database of more than 1 million unique identification numbers for Apple devices, which could include iPhones and iPads. AntiSec said the data is just a piece of the more than 12 million unique identification numbers and personal information on the device owners that it got from a laptop used by an FBI agent.

A Madisonville Police Officer -- recently accused of hacking into a department computer -- has turned himself in for breach of security; a state jail felony.
Holding criminals accountable for their actions is a standard that's always upheld at the Madisonville Police Department -- even if it involves -- one of their own.

HACKERS are using a recent Microsoft email notification regarding changes in its Services Agreement to trick people into installing malicious programs based on an exploit in Oracle's Java software.
The SANS Institute's Internet Storm Centre issued warnings about the rogue emails at the weekend, saying that they are based on a 27 August communication from Microsoft about popular products such as Hotmail and Skydrive.

TheHackerNews Hacked by Shadow008

The well known Pakistani Hacker Shadow008 has Hacked the worlds famous Hackers News Blog. The Hacker had posted a message saying below:

ADS-B Is Insecure and Easily Spoofed, Say Hackers

The ADS-B system that is the cornerstone of the FAA’s NextGen ATC modernization plan is at risk of serious security breaches, according to Brad Haines, a hacker and network security consultant who is worried about ADS-B vulnerabilities. Haines first outlined his concerns during a presentation he gave at the Def Con 20 hacker conference in Las Vegas in July. Automatic Dependent Surveillance-Broadcast (ADS-B) is on track to replace radar with a system that broadcasts GPS-based position data to controllers and other ADS-B-equipped aircraft as part of the NextGen system. Yet according to Haines–aka RenderMan–ADS-B signals are unauthenticated and unencrypted, and “spoofing” or inserting a fake aircraft into the ADS-B system is easy.

The hacked websites include the Swedish Armed Forces, Sweden.se and the Swedish Institute.
Several Swedish government websites have been hacked and jammed by some supporters of WikiLeaks founder Julian Assange with some of them claiming responsibility for this on Twitter.
The hacked websites include the Swedish Armed Forces, Sweden.se, the Swedish Institute, and the Swedish Courts.

Reuters blog platform hacked for 2nd time

The Reuters news agency says hackers have broken into one of its websites for the second time in two weeks and posted a false story saying Saudi Arabia's foreign minister had died.

Reuters said Wednesday in a news story posted on its website that a fabricated piece saying Prince Saud al-Faisal had died "was illegally posted

UK police make new phone hacking arrest

British police investigating computer hacking and privacy offenses said Thursday they arrested a 60-year-old man at his southwest London home.

British media including the BBC and the Press Association identified the man as Tom Crone, the former legal manager for Rupert Murdoch's News of the World tabloid.

Samsung unveils voice-controlled camera

Samsung has unveiled a voice-controlled camera as part of a fall lineup of consumer gadgets aimed at setting itself apart from rival Apple.

The South Korean electronics giant presented the 16-megapixel Galaxy Camera at the IFA tech show in Berlin on Wednesday. It comes days after Samsung suffered a costly defeat in a patent dispute with Apple in the United States.

2 Indishell Members Arrested For Hacking Cell Recharge Site

NOIDA: Two members of the hacker group, "Indishell", and its offshoots were arrested on Saturday after an extensive investigation by the Gautam Budh Nagar cyber crime cell. The accused, who did BTech in computer science, were charged with hacking into an e-commerce website that specializes in mobile recharge. Cops said four members of the gang with pan-India operations were at large.

security researchers found yet another vulnerability in JAVA after update

Oracle released an emergency patch on Thursday for previously unknown Java vulnerabilities that cybercriminals had targeted with popular exploit kits within hours after the bugs' existence became public, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed.

HP Launches Beta Release Of Open WebOS

Months after Hewlett-Packard originally announced the open-source version of WebOS, the beta version of the platform is on its way out the door. Friday's release includes two environments for developers.

Wiper, the Destructive Malware possibly connected to Stuxnet and Duqu

Kaspersky Lab publishes research resulting from the digital forensic analysis of the hard disk images obtained from the machines attacked by the Wiper - a destructive malware program attacking computer systems related to oil facilities in Western Asia.

Classmate of Lulzsec Hacker arrested and accused as another Lulzsec teammate

The two students accused of Sony Pictures hack participated in Cyber Defense Competition team exercises at the University of Advanced Technology in Arizona. US authorities have reportedly arrested a second suspected member of hacking group LulzSec on charges of taking part in an extensive computer breach of Sony Pictures Entertainment.

Pages

Saturday, 29 September 2012

Tuesday, 25 September 2012

Monday, 24 September 2012

Sunday, 23 September 2012

Saturday, 22 September 2012

Friday, 21 September 2012

Thursday, 20 September 2012

Wednesday, 19 September 2012

Tuesday, 18 September 2012

Sunday, 16 September 2012

Saturday, 15 September 2012

Thursday, 13 September 2012

Wednesday, 12 September 2012

Tuesday, 11 September 2012

Monday, 10 September 2012

Saturday, 8 September 2012

Friday, 7 September 2012

Wednesday, 5 September 2012

Tuesday, 4 September 2012

Sunday, 2 September 2012

Saturday, 1 September 2012

Search The Blog

Follow Us

Search The Blog

Become a Fan Today!

Popular Posts

Site Links

Followers

Blog Archive

Follow Me on Facebook.com