The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Hosting

Google App Engine — More than 30 Vulnerabilities Discovered

Google App Engine — More than 30 Vulnerabilities Discovered
December 08, 2014Swati Khandelwal
Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that enables attackers to bypass critical security sandbox defenses. Google App Engine is Google's PaaS (Platform as a Service) Cloud computing Platform for developing and hosting web applications in Google-managed data centers. GAE offers to run custom-built programs using a wide variety of popular languages and frameworks, out of which many are built on the Java environment. The vulnerabilities was reported by Security Explorations, the same security research company that carried out multiple researches related to Java in past. The discovery was announced on the Full Disclosure security mailing list by Adam Gowdiak , founder and CEO of Security Explorations. According to the security firm, the flaws can be exploited by attackers to achieve a complete Java VM security sandbox escape, as well as to execute an arbitrary code. The researchers

U.S. based Cloud Hosting providers contribute 44% of Malware distribution

U.S. based Cloud Hosting providers contribute 44% of Malware distribution
January 20, 2014Anonymous
U.S. has the top Security Agencies like NSA, FBI to tackle cyber crime and terrorism with their high profile surveillance technologies, but even after that U.S is proudly hosting 44% of the entire cloud based malware distribution. With the enhancement in Internet technology, Cloud computing has shown the possibility of existence and now has become an essential gradient for any Internet Identity. Cloud services are designed in such a way that it is easy to maintain, use, configure and can be scaled depending upon the requirement of the service being provided using the CLOUD technology with cost effective manner. Due to the Easy and Cost effective alternative of traditional computing, Malware writers are using the big cloud hosting platforms to quickly and effectively serve malware to Internet users, allowing them to bypass detection and geographic blacklisting by serving from a trusted provider. Hiding behind trusted domains and names is not something new. According to recently

Web Hosting software WHMCS vulnerable to SQL Injection; emergency security update released

Web Hosting software WHMCS vulnerable to SQL Injection; emergency security update released
October 05, 2013Mohit Kumar
WHMCS, a popular client management, billing and support application for Web hosting providers, released an emergency security update for the 5.2 and 5.1 minor releases, to patch a critical vulnerability that was publicly disclosed. The vulnerability was publicly posted by a user named as ' localhost ' on October 3rd, 2013 and also reported by several users on various Hosting related Forums . He also released a  proof-of-concept exploit code  for this SQL injection vulnerability in WHMCS. WHMCS says , as the updates have " critical security impacts .", enables attackers to execute SQL injection attacks against WHMCS deployments in order to extract or modify sensitive information from their databases i.e. Including information about existing accounts, their hashed passwords, which can result in the compromise of the administrator account. Yesterday a group of Palestinian hackers , named as KDMS Team  possibly used the same vulnerability against one of the largest Host

World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team

World's Largest Web Hosting company 'LeaseWeb' Hacked by KDMS Team
October 05, 2013Wang Wei
LeaseWeb , one of the World's largest hosting provider has been defaced by Palestinian hackers, named as KDMS Team . LeaseWeb was also hosting provider for one of the biggest file-sharing website Megaupload in the past. Later Megaupload Founder, Kim Dotcom claimed that  Leaseweb had deleted all Megaupload user data from 690 servers without warning. The hacker group replaced the Homepage of the website for just a few hours with an Anonymous Palestine , homepage titled " You Got Pwned " and the defacement message says: Hello Lease Web Who Are You ? Who is but the form following the function of what and what are you is a hosting company with no security KDMS Team : Well ,, We Can See That :P We noticed that Attacker has just changed the DNS server to point the Domain to another server at 67.23.254.6, owned by the attacker. At the time of writing, Leaseweb team resolved the issue and get their Domain back to the original server . But because the hac

FBI compromised Tor hidden service to bust largest Child Pornography Ring

FBI compromised Tor hidden service to bust largest Child Pornography Ring
September 14, 2013Wang Wei
A few days before the servers of the largest provider of Ultra Anonymous hosting were found to be serving custom malware designed to identify visitors who were using the Tor service to hide their identity online. The javascript code exploited a security vulnerability in the open-source version of Firefox that the Tor network is based on. In an Irish court, FBI agent admitted publicly that the agency had control of Freedom Hosting , a Tor hidden service operator company, in an effort to arrest a suspect behind the largest child porn facilitator on the planet. Eric Eoin Marques, a 28-year-old Irishman, is now awaiting extradition to the US where he could face 100 years in prison on child pornography charges. Marques is the owner and operator of Freedom Hosting , one of the largest web hosts for the Tor network., Hosting many of the darkest hidden services on the Darknet, including criminal hacking site HackBB, money laundering services, and responsible for hosting chi

Megaupload files deleted by Dutch hosting company LeaseWeb

Megaupload files deleted by Dutch hosting company LeaseWeb
June 20, 2013Anonymous
Kim Dotcom today said on Twitter that Megaupload user data in Europe has been irreversibly lost because it was deleted by a Dutch hosting company called LeaseWeb.  LeaseWeb is based in Germany and has subsidiaries also in the United States, the company.  LeaseWeb has 60,000 servers under its management and more than 15,000 clients worldwide. " The greatest massacre data of history ", The news is shocking if we consider the wealth of information contained in the files.  Leaseweb has informed Kim Dotcom that all 630 servers they rented have been wiped clean. This means that petabytes of data belonging to Megaupload users is now gone without any notice. LeaseWeb responds to Kim Dotcom " When Megaupload was taken offline, 60 servers owned by MegaUpload were directly confiscated by the FIOD and transported to the US. Next to that, MegaUpload still had 630 rented dedicated servers with LeaseWeb. For clarity, these servers were not owned by MegaUpload, t
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.