Indian Hackers | Breaking Cybersecurity News | The Hacker News

Ani-Shell v1.5 (Final) Released Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization Features: Shell Mass Mailer DDos Web-Server Fuzzer Uploader Design Login Mass Code Injector (Appender and Overwriter) Encoded Title Back Connect Bind Shell Lock Mode Customisable Tracebacks (email alerts) PHP Evaluate PHP MD5 Cracker Anti-Crawler Mass Deface New in This Version :- Better CSS Intelligent File Manager Auto Rooter PHP Obfuscater Google Dork Creator Zip Downloader (Download any File or Directory from the web-server) Fixed the Memory Exhausted Error in MD5 Cracker login : lionaneesh pass : lionaneesh Download Here

Embassy of Kazakhstan hacked by Anonymous Supporters The official website of Embassy of Kazakhstan in Delhi having SQL injection Vulnerability, and Hacker with codename -  Abs0luti0n has successfully Extract the database tables info and leak it on a pastebin note  including Admin's Username and Password. Hacker said," Lately we have been experimenting on some new large targets which will be unveiled soon. However today while we were cruising around in our lulzmobile,we set sights momentarily on another outdated weak vehicle and with great ease put the pedal to the metal, ran all the lights and flew straight through our accquired target ." SQL Injection is a type of web application security vulnerability in which an attacker is able to submit a database SQL command which is executed by a web application, exposing the back-end database. Attackers utilize this vulnerability by providing specially crafted input data to the SQL interpreter in such a manner that the int

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Phishing Google Users with the Help of Google ! How Hackers are phishing Gmail/Google users successfully ?  Christy Philip Mathew, an Information Security Instructor from India shared a perfect trick with us. He just exploit human psychology. Lets see how: He Created a phishing Page of Google and Uploaded to :  https://www.keepbacktrack.net84.net/  . Now How to make this URL legit for Victims ? Simple, Using Google translation Tool. Google translation has got a vulnerability that if an attacker plan out translating a fake gmail login page he would get a perfectly crafted link that can be used for malicious purposes or Phishing. Above Shown Image the example of this Trick. New Phishing  URL is Here  after using Translation tool. This is Art of psychological manipulation using Google to Hack Google Users.

SOPA in US and Censorship in India : A cocktail to destroy Internet Freedom ! As US senators mull over the SOPA(Stopping Online Piracy Act) and PIPA(Protecting Intellectual Property Act) bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook, Mozilla, Godaddy, etc are speaking in one unanimous voice against SOPA and Internet Censorship. The draconian provisions of SOPA/PIPA are bound to create the deathbed of internet freedom and free speech, and if a careful reading of the proposed legislation is done, one realizes that it is likely to have the same impact on India. In the disguise of protecting copyrights and stopping piracy its completely clear that the US government is trying to assert its control over the free flow of information on internet which is some time uncomfortable to them. Giving power to Attorney General to direct search engines like Google to filter particular search results, or asking an ISP to manipulat

Indian BJP Politician 's bank accounts hacked A local News paper today reported that ,The four axis bank accounts belonging to city's Ganesh Shipping firm were hacked by unknown persons and Rs 4, 00,100 was transferred to a different account of Moradabad and Sind Bank. Following a complaint by Shetty, Bunder North Police Inspector Vinay Goankar ensured that the Moradabad account was frozen by informing bank authorities there. Investigation in Process.

Hacker will release full Norton Antivirus code on Tuesday A hacker with code name of ' Yama Tough ' announce via Twitter that on Tuesday he will leak the full source code for Symantec Corp's flagship Norton Antivirus software which is 1,7Gb src. Last week Yama Tough has released fragments of source code from Symantec products along with a cache of emails. The hacker says all the data was taken from Indian government servers. Yama Tough is trying to prove that Indian government was snooping on America and China. YamaTough said via Twitter " Pass it on to forensics and win the lawsuit ,".He has offered support to an American man who filed a lawsuit against Symantec Corp by publishing source code from a 2006 version of Norton Utilities, a software program at the heart of the legal dispute. It was not immediately clear how the source code might help the case. A Symantec spokesperson commented on the incident: " We are still gathering information on the det

US become victim of Indian spy unit, Apple & RIM deny their role ! A recently leaked memo reveals that American and Canadian based company's Apple, Research in Motion and Nokia may have helped the government of India spy on U.S. agencies in order to receive larger shares of the overall Indian cell phone market. Last week, an Indian hacker crew successfully broke into a secured Indian military government network. The group, the Lords of Dharmaraja (who posted up outdated Norton security source code last week) posted documents that infer Apple, Nokia, and Research In Motion gave the Indian government backdoor access to their devices in exchange for mobile phone market rights. The US-China Economic and Security Review Commission (USCC) has asked for an investigation after hackers posted. " We are aware of these reports and have contacted relevant authorities to investigate the matter ," said USCC spokesman Jonathan Weston on Monday. " We are unable to make furthe

Hackers leak the Source Code for Symantec Product A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse of the source code for the internet security software. But Symantec spokesman Cris Paden said "no source code was disclosed" in the post, which was a 12-year-old document describing how the software worked, but not the code. Paden said Symantec continues to investigate the hackers' claim that they have source code. But now Symantec, the makers of Norton AntiVirus, has confirmed that a hacking group has gained access to some of the security product's source code. " Symantec can confirm that a segment of its source code has been accessed. Symantec's own network was not breached, but rather that of a third party entity.We are still gathering information on the details and are not in a position to provide specifics on the third party involved.Presently, we have no indication that the code disclosure

30 Pakistan government Sites goes down ! Indian Hacking Group Indishell claiming to hack and Bring down 30 30 Pakistan government websites, Including  Police and Navy Sites also. Hacker attack on webserver located at 50.23.225.39 IP address. List of all Hacked Sites is Here  and Mirror of Deface Pages can be checked Here .

Zero Day Reflected Cross Site Scripting vulnerability in wordpress 3.3 Two Indian Security Experts : Aditya Modha & Samir Shah from from Net-Square Solutions reveals Zero Day Reflected Cross Site Scripting vulnerability in latest version of wordpress 3.3 ! Vulnerability exploit the comment feature of Wordpress Blog. Following two Steps mentioned in Exploit . Step 1: Post a comment to the target website. Step 2: Replace the value of author tag, email tag, comment tag with the exact value of what has been post in the last comment. Change the value of comment_post_ID to the value of post (which can be known by opening that post and checking the value of p parameter in the url). For example the if the url is https://192.168.1.102/wordpress/?p=6 then the value of comment_post_ID is 6. Get Complete Exploit  Here

Windows 7 64 bit Memory Corruption Vulnerability A person known by the alias of " w3bd3vil " on twitter released an HTML snippet that will cause the 64 bit version of Windows 7 to blue screen if viewed under Safari. The underlying vulnerability is however not a flaw in Safari but rather a flaw in the Windows kernel mode device driver, win32k.sys. " A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large "height" attribute viewed using the Apple Safari browser. Successful exploitation may allow execution of arbitrary code with kernel-mode privileges ," the Secunia advisory said. The possibility that the vulnerability can be exploited by using means other than Safari cannot be ruled out.

Biggest Pakistan News site Dawn.com hacked by LuCkY Indian hacking Group " Indishell " hackers once again hit Pakistani cyber space. This time LuCkY from Indishell team deface the biggest Pakistani News site Dawn.com  ( Alexa Rank : 3540 ). He also post Database Info ie. Database Name - archives_wpress Database Name - archives_user2 Database Password - 'B,!R~T-K^L2)'); Deface page message include the possible hack reason " You Wont get kashmir by hacking sites lol , Kashmir is ours will be".  Hackers on both sides have indulged in sporadic attacks against each other ever since 1998 nuclear tests. The Indishell and PCA warriors hide behind coded named such as 'Zombie' , 'Lucky' and are thought to be young IT professionals.

Invitation for DEF-CON Chennai January Meet 2012 (DC602028) We like to invite all of you for our 4th meet which is going to held on 29th January 2012. DEF-CON Chennai is a registered group of DEF-CON, our group id is DC602028. [ Tickets for the Meet] For General Public : 700 INR For Students: 600 INR To book the tickets mail to dc602028@gmail.com [ Time of the Meet ] On 29th January 2012 From 2 PM to 7 PM Do make sure that your at the venue by 1:45 PM [ Venue of the Meet ] The Venue is going to be at Le Waterina Hotel, a 4 Star Resort. Le Waterina – The Boutique Hotel No 35 Kaveri Nagar (near Bella Ciao) Waterland Drive,Thiruvanmiyur Kottivakkam Beach.Chennai 600041. Refer: https://www.defcontn.com/DC602028/invitation-for-the-january-meet-2012/

More than 100 Pakistani Government Sites Under Malware attack Website Malware : A newer form of malware is what can be found attacking websites today. In the old days malware was mostly in the form of computer viruses. In today's age of globalization, malware starts to target websites and mobile devices.  Almost 100's of Pakistan Government sites are under attack by Godzilla Malware, Which is Created and implemented by an Indian Hacker. Hacker named " Godzilla " publish a list of all Freezed sites list here  ,including Peshawar Electric Supply Company website (www.pesco.gov.pk), Ministry of Information and Broadcasting - Government of Pakistan website (www.infopak.gov.pk), Pakistan Navy website (www.paknavy.gov.pk) and Many more. Hacker said," The malware is freezing the sever and if the server is changed then banner of malware hits the live ip.. " Today malware is much more sinister. It is backed up by an industry which some estimate at $2 billion a

National program for Cyber army to be launched in India Increasing attacks on cyberspace in India has brought several professionals and experts from the Industry, in support with the Government of India to jointly form a national level program to identify credible and valuable information security experts. The program " National Security Database " is all set to launch this Saturday in Mumbai at a major Information security conference, MalCon. The database will include ethical hackers and programmers who can protect country's cyberspace. They will all be registered with the National Security Database, a brainchild of Information Sharing and Analysis Centre (ISAC) , a non profit foundation which works closely with the Government on the issue of cyber security. The need of such database originated after 2008 attacks in Mumbai when the cyber security professionals realised that a lot needed to be done in the area. "It is observed that some or other form of electronic n

Cross Site Scripting Vulnerability in Speed Bit Search Engine Debasish Mandal, A hacker from India , Found that there is a XSS through JavaScript Injection vulnerability in the Home page of Speed Bit Search Engine.The XSS filter is filtering normal html /script /iframe tags but XSS can be achieved by injecting JavaScript event "onmouseover()".Technical Description is below. Debasish have reported the vulnerability to the Speed Bit Team but haven't yet got any response from their side. Proof Of Concept: 1) Visit this URL https://search.speedbit.com/?aff=grbr" onmousemove="alert(document.cookie) 2) Bring mouse cursor over the hyperlink shown in the image and you should see a POP up box showing the browser cookies. Submitted By :  Debasish Mandal, India.

The Hacker News (THN) 1st Anniversary Celebration It has been a wonderful "HACK" filled year as we disseminated security and hacking information around the world. We are grateful for our loyal readership and welcome new readers and contributors. Let's face it. Hacking isn't going away and growing security concerns are an issue we all need to stay on top of. Being informed about the latest and newest in security measures and the work of hackers to break into these means is a global issue with tremendous consequences. Hacking and security violations affect us all. Not only big corporations which store your information but the health and welfare of your personal PC's. The Hacker news has tracked the events of the last year and we are amazed and the talent and finesse of techy people who can break into the most complicated and sophisticated systems. You can depend on us for breaking news in the area of computer security. Keep reading and keep checking our daily web news. In c

Most advanced and dangerous malware for Apple products - Why you should be concerned ! Indian security researcher from MalCon has created an advanced and dangerous malware for Apple products which can not only compromize your privacy but also steal important data and let hackers control your device by simple text messages. If you are using any Apple product such as iPhone, iPad or iPod, then you shuuld be concerned. Indian security researcher from MalCon , Atul Alex has created an advanced malware for the Apple products which can not only intercept calls of users, steal data, but also provide a reverse VNC to see remotely all the actions of the victim. The malware can be deployed remotely over the web and is supposed to work on the latest iOS 5. Atul Alex, Technical director of MalCon said " Apple products are extremely secure by design. The malware works on jailbroken devices - something which over 90% of users have. If your device is not jailbroken, you have nothing to w

Malware for xbox Kinect created by 15 years old  Indian researchers Indian researchers from MalCon have created a malware that utlizes Microsoft Kinect to secretly capture pictures and upload to a picasa account. A 15year old Indian security researcher ' Shantanu Gawde ' from MalCon Research has created a malware that utilizes the Microsoft xbox kinect controller. Kinect for Xbox 360, or simply Kinect, is a motion sensing input device by Microsoft for the Xbox 360 video game console. With over 10 million devices sold till date, the kinect holds the Guiness book for world record for the fastest selling consumer electronics device - and is exactly the reason why the malware is a concern. In recent months, there have been a number of innovative kinect hacks that make use of the kinect using both Open source drivers and the Kinect SDK. The malware, code-named 'gawde' after its creators name, works on Windows 7 to secretly capture pictures of the victim / surroundin

XSS Vulnerability in Interactive YouTube API Demo Beta There is a Critical Cross site XSS Vulnerability in Interactive YouTube API Demo Beta, Discovered by various sources. One of the White Hat Hacker " Vansh Sharma " Inform us about this XSS Vulnerability with proof of concept. Proof Of Concept : Open  https://gdata.youtube.com/ Enter script <img src="<img src=search"/onerror=alert("xss")//"> in the keyword area. Press ADD