#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Algerian hacker | Breaking Cybersecurity News | The Hacker News

Exclusive: More than 200,000 Algerian TP-LINK Routers are vulnerable to Hackers

Exclusive: More than 200,000 Algerian TP-LINK Routers are vulnerable to Hackers
Jan 16, 2014
More than 15.2% of the Algerian population use Internet service which is provided by around 30 Internet Service Providers and one of the largest shares is served by Algerie Telecom .  Algerie Telecom provides  TP-LINK TD-W8951ND  Router to most of their home customers who Opt-In for Internet services and each of which has ZYXEL embedded firmware installed in it. ABDELLI Nassereddine, penetration tester and Algerian Computer Science Student has reported highly critical unauthorized access and password disclosure vulnerabilities in the Routers provided by Algerie Telecom. He told ' The Hacker News ' that the vulnerabilities can be exploited by any remote hacker just by exploiting a very simple loophole in the firmware. First, he found that an unauthorized access is available to ' Firmware/Romfile Upgrade'  Section on the Router's panel that can be accessed without any login password i.e. https://IP//rpFWUpload.html This page actually allows a user to upgrade

Algerian Hacker linked to SpyEye virus extradited to US

Algerian Hacker linked to SpyEye virus extradited to US
May 04, 2013
The Algerian hacker linked with the SpyEye computer virus, designed to steal financial and personal information was extradited by Thailand to the United States to face charges that he hijacked customer accounts at more than 200 banks and financial institutions and have been used to steal more than $100 million in the last five years. A SpyEye allowed cybercriminals to alter the display of Web pages in the victims' browsers as a way to trick them into turning over personal financial information. The virus only impacts PCs and not Macintosh operating systems. A report issued last year by security firms McAfee said that about a dozen cybercrime groups have been using variants of Zeus and SpyEye, which automate the process of transferring money from bank accounts. The stolen funds are transferred to prepaid debit cards or into accounts controlled by money mules, allowing the mules to withdraw the money and wire it to the attackers. Hamza Bendelladj , also known as

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Arrested 'Happy Hacker' is the ZeuS Botnet Mastermind

Arrested 'Happy Hacker' is the ZeuS Botnet Mastermind
Jan 11, 2013
Last week, Happy Hacker   arrested in Thailand on charges of stealing millions from online bank accounts. According to new reports same hacker alleged as ZeuS Mastermind and used to have the profile of a miscreant nicknamed " bx1 ," a hacker fingered by Microsoft before as a major operator of botnets powered by the ZeuS banking trojan .  He remained smiling throughout a press conference in which Thai police explained that Thailand will seek to extradite Mr Bendelladj to the US state of Georgia, where a court has issued a warrant for his arrest. 24-year-old Algerian Hacker , Hamza Bendelladj   arrested at a Bangkok airport enroute from Malaysia to Egypt. The ZeuS botnet is one of the most notorious in existence, and it's also one that has earned its masters some pretty massive payouts. The Email ID's  daniel.h.b@universityofsutton.com , and danieldelcore@hotmail.com  mentioned by Microsoft in a complaint submitted to the U.S. District Court for the Eastern Distr

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

FBI wanted Algerian Hacker Arrested in Thailand

FBI wanted Algerian Hacker Arrested in Thailand
Jan 07, 2013
Thai police arrested an Algerian Hacker, wanted by the US Federal Bureau of Investigation for allegedly making millions from cybercrime.  Hamza Bendelladj , 24, was arrested late Sunday while attempting to transit through Bangkok's Suvarnabhumi Airport from Malaysia. Police confiscated from Bendelladj two laptops, one tablet computer, a satellite phone and a number of external hard drives, where satellite phone and notebook computer were his main tools, the commissioner said. Bendelladj graduated in computer sciences from Algeria in 2008, has allegedly hacked private accounts in 217 banks and financial companies worldwide. " With just one transaction he could earn 10 to 20 million dollars ," Lt Gen Phanu said. " He's been travelling the world flying first class and living a life of luxury. " Bendelladj will be extradited to the U.S. state of Georgia, where a district court has issued an arrest warrant. " I'm not in the top 10, maybe just

Algerian Hacker hijack Romanian Google and Yahoo Domain

Algerian Hacker hijack Romanian Google and Yahoo Domain
Nov 28, 2012
Algerian Hacker today hijack DNS Yahoo, Microsoft or Google and Paypal redirect users to a deface page. Credit being taken by Hacker going by name MCA-CRB , a serial website defacer. MCA-CRB is a prolific online graffiti artist who has defaced at least 5,000 sites, according to records kept by Zone-H. After Hijacking both domains resolve to an IP address located in the Netherlands," at 95.128.3.172 (server1.joomlapartner.nl). " When we heard about this incident, we were pretty skeptical about the attack. A site such as Google's can be theoretically hacked, but it is very unlikely. Then we noticed that both domains were directed to an IP address in the Netherlands […], so it seemed more like a DNS poisoning attack ," said Stefan Tanase from Kaspersky Lab Romania. " All we know is that Google's public DNS servers (8.8.8.8 and 8.8.4.4) were resolving requests for google.ro and other major .RO websites to the IP address hosting the defacement page ," Tanase said. Google

Indian Defence organisation DRDO website hacked

Indian Defence organisation DRDO website hacked
Nov 01, 2012
Algerian hackers going by name ' SanFour25 ' yesterday deface 7 Indian government  websites including Indian Defence Research and Development Organisation (DRDO), West Bengal police and the Prime Minister's Office (PMO) websites. According to TheHindu , The most sensitive website that came under attack was the one operated by the Recruitment and Assessment Centre (RAC) of the DRDO ( www.rac.gov.in/experts/Dz.php ). The website was down for over 9 hours, which actually deals with the recruitment of scientists to the several laboratories of the DRDO. List of Hacked domains: https://rciregistration.nic.in/rehabcouncil/Dz.txt policewb.gov.in/wbp/counter.txt www.rac.gov.in/experts/Dz.php www.diu.gov.in/departments/Dz.php gpra.nic.in/writereaddata/Dz.php birapdbt.nic.in/video/Dz.php iii.gov.in/tmp/Dz.php Mirrors of hacked sites are available on Zone-H at  SanFour25 archive. It is possible that  the hackers could have attacked the website to get details of the scientist
Cybersecurity Resources