The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Hacker News

TinKode sentenced by a Romanian court and $120000 Fine

TinKode sentenced by a Romanian court and $120000 Fine

October 06, 2012Mohit Kumar
" Cernaianu Manole Razvan " akka TinKode , the Romanian behind attacks against NASA, Oracle, the Pentagon, and U.S. Army, was sentenced this week to a two-year suspended sentence, according to local media reports and was ordered to pay damages totalling more than US$120,000. He was arrested in January for his part in a number of attacks. According to Cernianu's case file summary on the Romanian Ministry of Justice Web portal, he was sentenced on September 26 and received six prison sentences of one or two years for separate computer-related offenses. The offenses included: gaining unauthorized access to a protected computer system; transferring data from a computer system without authorization; affecting the normal operation of a computer system by deleting, modifying or sending electronic data; creating, selling or distributing a devices or a computer program designed to be used in computer crimes; creating, selling or distributing a password or access cod
Universal Cross-site scripting vulnerability in Opera browser

Universal Cross-site scripting vulnerability in Opera browser

October 06, 2012Mohit Kumar
A Universal Cross-site scripting vulnerability in Opera browser was disclosed today on a Russian forum rdot.org . The flaw has the ability to be triggered by exploiting flaws inside browsers, instead of leveraging the vulnerabilities against insecure web sites. " Vulnerable versions Opera for Windows, Mac and Linux to 2.12 inclusive (the latest version as of today). On versions prior to 9.50 check is not performed. advise after referring to the following opera when redirecting to a site on data: URL via HTTP -header Location property document.domain has a value in the last redirecting site " The vulnerability actually use the Data URI Scheme in combination with another flaw called " Open Redirection " which happens when an attacker can use the webpage to redirect the user to any URI of his choice. Even one don't have "Open Redirection" flaw in his site, still this XSS can be triggered using various short url services like bit.ly and tinyurl.com.  Here 's a p
Barrett Brown charged with Internet threats, retaliation, conspiracy charges

Barrett Brown charged with Internet threats, retaliation, conspiracy charges

October 05, 2012Mohit Kumar
A Dallas man linked to the worldwide hacking group Anonymous is accused of threatening to ruin an FBI agent's life in online postings. Barrett Lancaster Brown , 31, of Dallas, was indicted on one count of making an Internet threat, one count of conspiring to make restricted personal information of an employee of the United States publicly available, and one count of retaliation against a federal law enforcement officer. Serious charges, but not totally unexpected. Authorities raided Brown's apartment and arrested him last month while he was chatting online with Anonymous folks, but authorities wouldn't say why he was being detained until Thursday, when the U.S. attorney's office announced a three-count indictment against him. Brown's attorney, Jay Leiderman, has said he believes some of the charges stem from a YouTube video in which Brown rails against law enforcement. The indictment lists several tweets in which Brown talks about having a " plan
Four million hotel locks vulnerable to 'Dry erase marker'

Four million hotel locks vulnerable to 'Dry erase marker'

October 05, 2012Mohit Kumar
At Black Hat security conference this year Cody Brocious demonstrated that How a simple Dry erase marker allows him to open an Onity hotel room door lock with an Arduino, which is totally James Bond. This is just kind of scary on multiple levels, the least being that dry erase markers are one of the most ordinary, non-suspicious objects we can think of. Watch the video below and be afraid – be very afraid. It has been refined to such a state where there are no dangling bits that come out of the marker, with a tip that looks totally normal sans any wires. All you need to do is touch the tip of the market to the door port, and you would have gained entry without mentioning a secret password. The story didn't stop there with Onity, the electronic door specialist in question, stepping in to introduce several measures to secure the doors. Brocious created a proof-of-concept device to show to security experts and press, but it was a bit crude. In order to build and test all of this yoursel
5 Major Japanese universities websites hacked

5 Major Japanese universities websites hacked

October 05, 2012Mohit Kumar
A group of hackers identifying itself as " Ghost Shell " said that he has leaked some 120,000 pieces of information from 100 universities across the globe including Harvard University and the University of Cambridge.  Today reports says that Servers at the University of Tokyo and four other major universities in Japan have apparently been attacked by hackers, and same hacker release IDs and passwords from databases. Officials at the University of Tokyo confirmed that the e-mail addresses, names and telephone numbers of people who appear to be students and professors were leaked. The information was stored on four computer servers at the university. The university has closed the sites from which the information was stolen. Officials at Kyoto and Tohoku universities said they had not confirmed whether personal information had been leaked. The Ministry of Education, Culture, Sports, Science and Technology has launched an investigation into the domestic cases following consul
Cyber attack on Iran’s Internet system Disrupts Iran Internet

Cyber attack on Iran's Internet system Disrupts Iran Internet

October 04, 2012Mohit Kumar
IRAN state official has said that Cyber attackers have targeted Iranian infrastructure and communications companies, disrupting the Internet across the country. " Yesterday we had a heavy attack against the country's infrastructure and communications companies which has forced us to limit the Internet ," Iran the world's no. 5 oil exporter, has tightened cyber security since its uranium enrichment centrifuges were hit in 2010 by the Stuxnet computer worm, which Tehran believes was planted by arch-adversaries Israel or the United States. Last week, the Islamic republic cut citizens' access to Gmail and the secure version of Google Search. Gmail has since been restored. Since sites such as Youtube and Facebook were used to organise mass anti-government protests against the re-election of President Mahmoud Ahmadinejad back in 2009, the Iranian government has maintained one of the world's largest internet filters, blocking access to thousands of sites and IP address
Universal Man in the Browser Attacks

Universal Man in the Browser Attacks

October 04, 2012Mohit Kumar
Researchers have discovered a new type of Man-in-the-Browser (MItB) attack that is Website independent, and does not target specific Websites, but instead collects data submitted to all sites. Trusteer have discovered a new Man in the Browser (MitB) scam that can collects data submitted to all websites without the need for post-processing. According to Trusteer's CTO Amit Klein: " In comparison, uMitB does not target a specific web site. Instead, it collects data entered in the browser at all websites and uses "generic" real time logic on the form submissions to perform the equivalent of post-processing. This attack can target victims of new infections as well as machines that were previously infected by updating the existing malware with a new configuration. The data stolen by uMitB malware is stored in a portal where it is organized and sold ." In a YouTube video, the company demonstrated how the attack could happen. The video showed how a user could enter personal a
Thousands of sites defaced by Bangladeshi hackers to protest against movie "Innocence of Muslims"

Thousands of sites defaced by Bangladeshi hackers to protest against movie "Innocence of Muslims"

October 04, 2012Mohit Kumar
A new group of hackers, known as Bangladesh Hackers group called " 3xp1r3 cyber army "  has emerged from a collection of Arab countries and it looks like their call to cyber arms is based upon the controversial Nakoula Basseley film, Innocence of Muslims. They deface more than 1000 websites to show their protest against the movie. Hackers write message on deface page," Islam means Peace. We, the Muslims want peace all over the world. But you don't want to be stay in peace. Don't think us weak. We are more more and more stronger than you that you cannot imagine. By creating this video you have just insulted our "Islam" and our beloved Prophet Muhammad(s.a.w.) and break the peace between you and us. Now we are in your cyber space to destroy it. We will hit you until you stop hitting us and want marcy for your did. " Recently the six major American banks suffered denial-of-service attacks, in which  " Mrt. Izz ad-Din alQasssam Cyber Fighters 
Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

October 03, 2012Mohit Kumar
Computer hackers claiming to be from the Anonymous network took over the official website of Sweden's National Board of Health and Welfare. The attacks come just days after police on Monday raided a Stockholm-based webhosting company, PRQ, and a video was posted on YouTube - allegedly made on behalf of the hacker group Anonymous - warning Swedish authorities of repercussions. Hacktivist network Anonymous has warned that Sweden's Riksbank will suffer a cyber-attack on Wednesday night.  " It's come to our attention that Swedish government raided PRQ servers in order to shut down numerous file sharing and torrent websites ," " This has gone too far. This is unacceptable. Anonymous says this stops right now. You don't fuck with The Internet… Today we hit their wallets hard. "  wrote the Anonymous group on 4chan. The Riksbank is taking the threat seriously: " We recognize this as a public threat against websites and we are always trying to keep the web as safe as possible. We have
Google Warning about New State Sponsored Attacks

Google Warning about New State Sponsored Attacks

October 03, 2012Mohit Kumar
" Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer ." From last 3 months Google users were surprised to see this unusual notification at the top of their Gmail inbox, Google home page or Chrome browser. These warnings are not being shown because Google's internal systems have been compromised or because of a particular attack. " The company said that since it started alerting users to malicious probably state-sponsored activity on their computers in June, it has picked up thousands more instances of cyberattacks than it anticipated. "  NYtimes said. Google will now start sending out these messages to tens of thousands more people, as its methods for detecting suspicious activity have improved. Mike Wiacek, a manager on Google's information security team, said that since then, Google has improved its knowledge on attack methods and the groups behind them, and has started pushing out new alerts on Tuesday - as evidenced b
300% Increase in malnets Attack in the past six months

300% Increase in malnets Attack in the past six months

October 03, 2012Mohit Kumar
Blue Coat systems has undertaken detailed research into the use of 'malnets' by criminals to help support their various attacks in order to uncover the best ways to take down these systems. Botnet infections are commonly spread though compromised websites seeded with malicious scripts and promoted via black hat SEO tactics such as link farms. These malware networks, or malnets, pose a growing threat, The company said the number of malnets now stands at more than 1,500, an increase of 300% in the past six months, and it expects they will be, "responsible for two-thirds of all malicious cyberattacks in 2012." According to Blue Coat, the largest known malnet is Shnakule, which has used up to 5,005 malicious hosts or servers at any given time, depending on the capabilities needed at any given moment by its operators. Blue Coat believes that Shnakule is controlled by a single gang, and it's been used to serve up just about every type of known attack, including &quo
Internet freedom : Anonymous Brings Philippines Government Sites Offline

Internet freedom : Anonymous Brings Philippines Government Sites Offline

October 03, 2012Mohit Kumar
Hacker groups that are against the controversial Cybercrime Prevention Law for its effect on the country's freedom of expression defaced 11 more government websites since 11 p.m. Monday A message which said, " Hacked by M4N1L4 PR1D3, PHILIPPINE CYBER ARMY AND -=TheFamilyPride=- ," appeared on the homepage of PNP's Police Community Relations Group (PCRG). "Private X" and "Anonymous Philippines" hacked websites of the Department of Interior and Local Government, the One-Stop Information Shop for Technologies in the Philippines of the Department of Science and Technology, National Telecommunications Commission (NTC), Philippine Nuclear Institute, Intellectual Property Office of the Philippines, Tourism website of the City of San Fernando, Optical Media Board, Pilipinas Anti-Piracy Team, Department of Health's Smoke Free Philippines, Marina Industry Authority and the Maritime Training Council. The Twitter account of the Department of Social Welfare and Services was
Millions of DSL modems hacked in Brazil, spread banking malware

Millions of DSL modems hacked in Brazil, spread banking malware

October 02, 2012Mohit Kumar
More than 4.5 million DSL modems have been compromised as part of a sustained hacking campaign in Brazil, with the devices spreading malware and malicious web address redirects. According to the malware analyst at Kaspersky Lab in Brazil, Fabio Assolini. The vulnerability exploited by attackers allowed the use of a script to steal passwords and remotely access the configuration of modems. The attacks was described as " One firmware vulnerability, two malicious scripts, three hardware manufacturers, 35 malicious DNS servers, thousands of compromised ADSL modems, millions of victims. " According to Kaspersky, the Brazilian attackers sought to steal users' banking credentials by redirecting users to false versions of popular sites like Facebook or Google and prompting them to install malware. Some 40 DNS servers were set up outside Brazil too in order to serve forged requests for domain names belonging to Brazilian banks. Nakedsecurity writes,-- The first thing users ma
Cisco CallManager vulnerable to brute force attack

Cisco CallManager vulnerable to brute force attack

October 02, 2012Mohit Kumar
Roberto Suggi Liverani , founder of the OWASP (Open Web Application Security Project) New Zealand chapter discover a vulnerability in Cisco CallManager AKA Unified Communications Manager. It is a software-based call-processing system developed by Cisco Systems. He described on his blog " During a security review, I have found a quick way to perform PIN brute force attack against accounts registered with a Cisco Unified Communications Manager (CallManager). " Researcher target the HTTP GET requests used by CallManager to initiate the login process. :  https://x.x.x.x/ccmpd/pdCheckLogin.do?name=undefined He Demonstrated the idea with Burp Suite (Penetration testing Framework). He showed the html form parameter used for login as shown below: https://x.x.x.x/ccmpd/login.do?sid=_sid_value_&userid=_userid_&pin=_PIN_ The sid token is required to perform the PIN brute force attack. So first get a valid sid token value and then you can brute force  userid and pin usin
Chinese hackers attack on White House computers

Chinese hackers attack on White House computers

October 01, 2012Mohit Kumar
The White House acknowledged Monday that one of its computer networks was hit by a cyber attack, but said there was no breach of any classified systems and no indication any data was lost. Including systems used by the military for nuclear commands were breached by Chinese hackers. A conservative newspaper that has been regularly critical of the Obama administration, called The Washington Free Beacon, first published the report on Sunday and said that the attackers were linked to the Chinese government. One official said the cyber breach was one of Beijing's most brazen cyber attacks against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks. Disclosure of the cyber attack also comes amid heightened tensions in Asia, as the Pentagon moved two U.S. aircraft carrier strike groups and Marine amphibious units near waters by Japan's Senkaku islands. The official called the incident a " spear-phishing " a
Cyber Attacks on Six Major American Banks

Cyber Attacks on Six Major American Banks

October 01, 2012Mohit Kumar
According to reports, some of the United States biggest financial institutions  including Wells Fargo, JPMorgan Chase, Bank of America, Citigroup, and Bancorp were hit by a series of cyber attacks last week, by a group claiming Middle Eastern ties, that caused Internet blackouts and delays in online banking. The banks suffered denial-of-service attacks, in which hackers barrage a website with traffic until it is overwhelmed and shuts down. Such attacks, while a nuisance, are not technically sophisticated and do not affect a company's computer network or, in this case, funds or customer bank accounts. Hacktivists, calling themselves " Mrt. Izz ad-Din alQasssam Cyber Fighters ," attacked Wells Fargo and posted on Pastebin that U.S. Bancorp and PNC Financial Services Group are next. The group said it had attacked the banks in retaliation for an anti-Islam video that mocks the Prophet Muhammad. It also pledged to continue to attack American credit and financial instit
100k IEEE site Plain-Text Passwords found on Public FTP

100k IEEE site Plain-Text Passwords found on Public FTP

September 26, 2012Mohit Kumar
A Romanian researcher - Radu Drăgușin  found that 100000 usernames and passwords of the Institute of Electrical and Electronics Engineers (IEEE) was stored in plaint-text on a publicly accessible FTP server. According to him, on Sept. 18 he first discovered a log with usernames and passwords in plaintext, publicly available via IEEE's FTP server for at least a month. He informed them of his find yesterday, and evidently the organization is addressing the issue. On the FTP server, according Dragusin were the logfiles for the offers and ieee.org spectrum.ieee.org - Total data to approximately 376 million HTTP requests. Including 411,308 log entries with login and password in plain text. Among the users who's information was exposed are researchers at NASA, Stanford, IBM, Google, Apple, Oracle and Samsung. IEEE's membership of over 340,000 is roughly half American (49.8 percent as of 2011). " IEEE suffered a data breach which I discovered on September 18. For a few da
Backdoored PhpMyAdmin distributed at SourceForge site

Backdoored PhpMyAdmin distributed at SourceForge site

September 26, 2012Mohit Kumar
A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. One of the SourceForge.net mirrors, namely cdnetworks-kr-1, was being used to distribute a modified archive of phpMyAdmin, which includes a backdoor. This backdoor is located in file server_sync.php and allows an attacker to remotely execute PHP code. Another file, js/cross_framing_protection.js, has also been modified. SourceForge.Net is the world's largest open source software development website. A very large impact on the domestic users with this incident. The vulnerability has been cataloged as being a critical one. A screenshot as shown of a system containing a malicious backdoor that was snuck into the open-source phpMyAdmin package. On official website in issue &qu
Symantec Norton Utilities 2006 source code leaked by Anonymous

Symantec Norton Utilities 2006 source code leaked by Anonymous

September 25, 2012Mohit Kumar
Symantec is looking into claims more of its products' source code has been leaked online, following a similar incident earlier this year. This time source code from Norton Utilities 2006 was reportedly leaked on The Pirate Bay by Anonymous member STUN. " As you all see its fully 7z packed content, whats in it!? The loosely Source Code of Norton Utilities 2006 made by one of the worse security vendors on planet earth, Symantec! Also as many of you know this was planned back before Sabu was arrested. Yeah McAfee you suck too! " says the accompanying text. The security vendor then admitted its servers had been hacked, but maintained it was unlikely its customers were affected by the leak. Symantec said it was investigating it. "Symantec is one of the most visible targets in the world for cyber attacks on a daily basis. We take each and every claim very seriously and have a process in place for investigating each incident," a spokesperson said, in an emailed statement sent to
New Android Exploit Could Force Factory Reset remotely

New Android Exploit Could Force Factory Reset remotely

September 25, 2012Mohit Kumar
Clicking one wrong link can cause malicious code to execute, which could do anything from infecting your computer with malware to, apparently, wiping your phone data completely. At the Ekoparty security conference, researcher Ravi Borganokar demonstrated at the Ekoparty security conference in Argentina last week, that how a single line of HTML code could be used to run a factory reset or even clear the SIM card on certain Samsung phones. Malicious hackers can hide a code in a web page that will trigger a full factory reset of Samsung's best-selling Galaxy S3 smartphone, deleting contacts, photographs, music, apps and other valuable data. The devastating flaw lies in Samsung's dialling software, triggered by the tel protocol in a URL. It isn't applicable to all the company's Android handsets, but those that are vulnerable can have their PIN changed or be wiped completely just by visiting a web page or snapping a bad QR code, or even bonking up against the wrong wireless N
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.