The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: vulnerability assessment

Air Force openly Seeks Offensive Cyber Weapons

Air Force openly Seeks Offensive Cyber Weapons

August 31, 2012Mohit Kumar
The Air Force Life Cycle Management Center posted a broad agency announcement recently, calling on contractors to submit concept papers detailing technological demonstrations of 'cyberspace warfare operations' capabilities.  Air Force is seeking to obtain the abilities to 'destroy, deny, degrade, disrupt, deceive, corrupt, or usurp the adversaries' ability to use the cyberspace domain for his advantage' and capabilities that would allow them to intercept, identify, and locate sources of vulnerability for threat recognition, targeting, and planning, both immediately and for future operations. According to the document the issuing Program Office "is an organisation focused on the development and sustainment of Cyberspace Warfare Attack capabilites that directly support Cyberspace Warfare capabilities of the Air Force." Technologies that can map data and voice networks, provide access to the adversary's information, networks, systems or devices, manip
Oracle releases patches for Java vulnerability CVE-2012-4681

Oracle releases patches for Java vulnerability CVE-2012-4681

August 31, 2012Mohit Kumar
Oracle has released a new patch which kills off a vulnerability in Java 7 that was being exploited by malware developers. " Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible ," Eric Maurice, the company's director of software security assurance. The out-of-band Security Alert CVE-2012-4681 includes fixes for "three distinct but related vulnerabilities and one security-in-depth issue" affecting Java running within the browser. Users with vulnerable versions of Java installed can have malware silently planted on their systems just by browsing to a hacked or malicious website unknowingly.Java is a free programming language widely used to enable every day programs and website elements to function, including some games, apps and chat, as well as enterprise apps. The attacks using this vulnerability so far have been Windows-based, the exploit was demonstrated on other platforms supported by Java
FireEye spotted Critical 0-day vulnerability in Java Runtime Environment

FireEye spotted Critical 0-day vulnerability in Java Runtime Environment

August 27, 2012Mohit Kumar
FireEye's Malware Intelligence Lab is making the claim that there is a new zero day vulnerability in the wild that affects the latest version of Java.Researcher. Atif Mushtaq wrote on the company's blog that he spotted the initial exploit on a domain that pointed to an IP address in China. The vulnerability allows computers to be infected by simply visiting a specially crafted web page, and the malware served in the current attacks contacts a C&C server in Singapore. Researchers from heise Security have also created a PoC page using information that is publicly available. A separate post published on Monday by researchers Andre M. DiMino and Mila Parkour said the number of attacks, which appear to install the Poison Ivy Remote Access Trojan, were low. But they went on to note that the typical delay in issuing Java patches, combined with the circulation of exploit code, meant it was only a matter of time until the vulnerability is exploited more widely by other attackers.
Half Million Chinese Android Devices got infected with SMSZombie

Half Million Chinese Android Devices got infected with SMSZombie

August 21, 2012Mohit Kumar
The amount of malware crafted and aimed at Android devices is ever-increasing. With Android being the most popular platform for smartphones and tablets around the world, Android users have become the low-hanging fruit when it comes to writing malware by the nefarious users. A new Android threat has affected 500,000 devices in China so far. Analysts at TrustGo Security Labs have discovered the Trojan!SMSZombie.A. It is a complex and sophisticated malware that exploits a vulnerability in the China Mobile SMS Payment System to fund unauthorised payments, steal bank card numbers and receipt information regarding money transfers. The trojan is difficult to detect, and even more difficult to remove.  SMSZombieA was first discovered on August 8, and the malware is embedded in several wallpaper apps. The wallpaper apps are noted to use provocative titles and nude images to encourage users to download. The trojan installs itself on a device after its user has downloaded and installed the app
Security Firm Reveals Flaw in Dirt Jumper Bot

Security Firm Reveals Flaw in Dirt Jumper Bot

August 16, 2012Mohit Kumar
A team of researchers has discovered a weakness in the command-and-control infrastructure of one of the major DDoS toolkits, Dirt Jumper, that enables them to stop attacks that are in progress. The command and control (C&C) servers of the Dirt Jumper DDoS toolkit can be compromised and, in principle, completely taken over via SQL injection holes. SQL injection involves inserting database instructions in unexpected and unprotected places, effectively taking charge of a web application's database from the outside. According to the Prolexic report, the open source penetration testing tool sqlmap can be used to dump the contents of Dirt Jumper's database configuration file in a matter of seconds, revealing administrative usernames and passwords. The company's research includes Dirt Jumper v.3, Pandora and Di BoT. According to Prolexic, the Dirt Jumper family of DDoS botnet kits was originally authored by an individual who uses the handle 'sokol.' Various versions of Dir
CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

July 24, 2012Mohit Kumar
Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su cient for a feasible attack. Android version 4.0.4 and below are Vulnerable to this bug. Weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. DNS poisoning attacks may endanger the integrity and con dentiality of the attacked system. For example, in Android, the Browser app can be attacked in order to steal the victim's cookies of a domain of the attacker's choice. If the attacker manages to lure the victim to browse to a web page controlled by him/her, the attacker can use JavaScript, to start resolving non-existing sub-domains. Upon success, a sub-domain points to the attacker's IP, which enables the latter to steal wild card
CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released

CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released

July 24, 2012Mohit Kumar
The Vulnerability reported on 06/12/2012, dubbed as " CVE-2012-0217 " - according to that Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape. FreeBSD/amd64 runs on CPUs from different vendors. Due to varying behaviour of CPUs in 64 bit mode a sanity check of the kernel may be insufficient when returning from a system call. Successful exploitation of the problem can lead to local kernel privilege escalation, kernel data corruption and/or crash. Inj3ct0r team today released related private exploit on their website , which allow normal FreeBSD users to Privilege Escalation. All systems running 64 bit Xen hypervisor running 64 bit PV guests onIntel CPUs are vulnerable to this issue. However FreeBSD/amd64 running on AMD CPUs is not vulnerable to thisparticular problem.Systems with
Hack a Server - The man behind the idea

Hack a Server - The man behind the idea

July 24, 2012Mohit Kumar
" Choose a job you love, and you will never have to work a day in your life " said Confucius. These would be the words that describe Marius Corîci the most. In 2003 he started doing business in the plumbing industry and co-founded ITS Group, a franchise for Romstal Company, the biggest plumbing installations retailer from South-Eastern Europe. In 2007 he moved into Artificial Intelligence field and founded Intelligentics, a group for Natural Language Processing. Now, he is very focused on infosec and got involved in all the biggest independent security projects in Romania: S3ntinel , Hack Me If You Can , Hack a Server and DefCamp . Marius considers himself a serial entrepreneur and is very passionate about Artificial Intelligence. Never a quitter, always a perfectionist, looking for challenges that will change the world we live in. He believes in people and the power of great teams, and he intends to start blogging in the near future. What determined you to shift your attention towar
Reliance Communications Server Compromised with Information disclosure Vulnerability

Reliance Communications Server Compromised with Information disclosure Vulnerability

July 22, 2012Mohit Kumar
Hacker with nickname " mr.hack3r420 " has successfully compromise the web server of Reliance Communications ( rcom.co.in ) as shown in image ( screenshot taken by THN team and we make link hidden to save site from further misuse of damage ). Hacker most probably get this access because of Information disclosure Vulnerability in Reliance website.Most of the Folders on website are visible to everyone publicly and there is a interesting file called "Upload_AppId_VId.php" available , using which hacker may be able to upload his own php shell on the server to get access to FTP and Linux User account. This is not the first time Reliance become the victim, a few months back, hacker named "ISAC" was able to access  Reliance Communications ISP  server, and he release the list of all blocked sites by Reliance to Protest against Internet Censorship.
Yahoo Voice hacked, 400,000 yahoo passwords leaked

Yahoo Voice hacked, 400,000 yahoo passwords leaked

July 12, 2012Mohit Kumar
A list of over 450,000 email addresses and plain-text passwords, in a document marked " Owned and Exposed " apparently from users of a Yahoo! service, is in circulation on the internet. The affected accounts appeared to belong to a voice-over-Internet-protocol, or VOIP, service called Yahoo Voices, which runs on Yahoo's instant messenger. The Voices service is powered by Jajah, a VOIP platform that was bought by Telefonica Europe BV in 2010. The dump, posted on a public website by a hacking collective known as D33Ds Company , said it penetrated the Yahoo subdomain using what's known as a union-based SQL injection. By injecting powerful database commands into them, attackers can trick back-end servers into dumping huge amounts of sensitive information. Since all the accounts are in plain-text, anyone with an account present in the leak which also has the same password on other sites (e-mail, Facebook, Twitter, etc), should assume that someone has accessed their accoun
Indian Officials Get Training from Hackers who cracked CERN's IT system

Indian Officials Get Training from Hackers who cracked CERN's IT system

July 11, 2012Mohit Kumar
Two Argentina-based cyber security experts -   Chris Russo  and Fernando Viacanel , who claimed to have cracked the security code of IT systems involved in the discovery of 'God Particle', today conducted training sessions for Indian government officials. Both the hackers are partners of IT security firm E2 Labs and their company in arrangement with industry chamber Assocham has plans to conduct series of technology exchange programmes on cyber security. Russo said that three times he has been able to find vulnerability in IT system of European Organisation for Nuclear Research (CERN) that has been involved in discovery of 'God Particle' or Higgs Boson. Programme was attended by officials from Cabinet secretariat, National Technical Research Organisation, Airforce, C-DAC, Income Tax Department, Assam's AMTRON along with representatives from private sector entities, Aircel and Cisco. "Talents required to be cyber security experts are mostly available in peo
Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

July 10, 2012Mohit Kumar
Sucuri Malware Labs notify that some zero-day exploits are available to Hackers which are being used to Hack into Parallels' Plesk Panel (Port Number 8443). These attacks was keep on raising from last few months as you can see in the Graph: At least 4000 new websites were infected each day, Sucuri malware researcher Daniel Cid. On other News Portals , there was a news recently that Some 50,000 websites have been compromised as part of a sustained iframe injection attack campaign. Security analyst found that, The majority of the sites being targeted are running Plesk Panel version 10.4.4 or older versions. Brian Krebs on his blog report that Hackers in the criminal underground are selling an exploit that extracts the master password needed to control Parallels' Plesk Panel. This zero-day exploit for Plesk is being sold on the black market for around $8,000 per purchase. Many of the queries probed for web hosting software Plesk, a finding backed by the Sans Internet Storms Centr
4XP Critical SQL Injection Vulnerability Exposed

4XP Critical SQL Injection Vulnerability Exposed

July 10, 2012Mohit Kumar
zSecure team has recently discovered a critical SQL Injection Vulnerability in the web portal of 4XP, a leading online forex broker having more than 1 lakh customer base. Financial transactions are carried on the broker's paltform on daily basis including but not limited to Credit Card Transactions. The critical vulnerability allows to get complete access to brokers database which can be misused to access their customers confidential information including their login id's, passwords, home address, email-id's, mobile no's, credit card details etc. This critical vulnerbility could prove devastating to the company if they doesn't fix it asap. Below are the details about the company & discovered vulnerability.   About the Company 4XP is an online forex broker that specializes in providing an all-inclusive trading package backed by a caring and devoted support team. 4XP was founded by a group of retail-ended entrepreneurs and capital market dealers sharing a vis
Microsoft to patch three critical vulnerabilities on Tuesday

Microsoft to patch three critical vulnerabilities on Tuesday

July 06, 2012Mohit Kumar
Microsoft to patch three critical vulnerabilities on Tuesday When Patch Tuesday rolls around next week, Three critical vulnerabilities , as well as six Important issues will be addressed by Microsoft . Only three of the nine security bulletins are ranked Critical, while the remaining six are rated as Important. Although all three of of the Critical vulnerabilities center on Windows, one of them also includes Internet Explorer 9. Interestingly, the flaw does not extend to previous versions of the browser, so it appears it's something new. The two other critical bulletins could allow malicious users to remotely execute code on Windows operating systems, including all supported server and client versions. "Many are expecting a patch for CVE-2012-1889: a vulnerability in Microsoft XML Core Services, which is currently being exploited in the wild," says Marcus Carey, a security researcher with Rapid7. Get the full details when the security bulletins are officially release
CVE-2012-3372 : Traffic Interception Vulnerability found in Cyberoam

CVE-2012-3372 : Traffic Interception Vulnerability found in Cyberoam

July 04, 2012Mohit Kumar
Traffic Interception Vulnerability found in Cyberoam The TOR team have discovered a fake certificate in the wild. The certificate, issued by a US company called Cyberoam , was used in an attempt to trick a user in Jordan into believing that her/his connection to the TOR website, was private and secure, though in fact it was being spied upon by a Cyberoam device. This issue was discovered and analysed by Runa A. Sandvik of the TorProject and Ben Laurie. A certificate handling flaw in Cyberoam's deep packet inspection (DPI) devices allow traffic from a single 'victim' to be intercepted by any DPI device from the vendor, according to the Tor Project. Cyberoam make a range of DPI devices which are capable of intercepting SSL connections. " While investigating this further, Ben Laurie and I found a security vulnerability affecting all Cyberoam DPI devices. Examination of a certificate chain generated by a Cyberoam DPI device shows that all such devices share the same CA certificate an
Drones can be hijacked by terrorist, Researchers says Vulnerability Exist

Drones can be hijacked by terrorist, Researchers says Vulnerability Exist

June 26, 2012Mohit Kumar
Drones can be hijacked by terrorist , Researchers says Vulnerability Exist Fox News is reporting that researchers say that terrorists or drug gangs, with the right kind of equipment could turn the drones into "suicide" weapons. A University of Texas researcher illustrated that fact in a series of test flights recently, showing that GPS "spoofing" could cause a drone to veer off its course and even purposely crash. This is particularly worrisome, given that the US is looking to grant US airspace to drones for domestic jobs including police surveillance or even FedEx deliveries In other words, with the right equipment, anyone can take control of a GPS-guided drone and make it do anything they want it to. Spoofers are a much more dangerous type of technology because they actually mimic a command by the GPS system and convince the drone it is receiving new coordinates. With his device what Humphreys calls the most advanced spoofer ever built (at a cost of just $1,000) he was
PayPal will Pay Security Researchers for finding Vulnerabilities

PayPal will Pay Security Researchers for finding Vulnerabilities

June 25, 2012Mohit Kumar
PayPal will Pay Security Researchers for finding Vulnerabilities Payment services provider PayPal will reward security researchers who discover vulnerabilities in its website with money, if they report their findings to the company in a responsible manner. If you manage to find a security flaw in any of PayPal's products, you may be entitled to a cash reward. " I'm pleased to announce that we have updated our original bug reporting process into a paid 'bug bounty' program, " PayPal's Chief Information Security Officer Michael Barrett said in a  blog post  on Thursday. While Barrett disclosed vulnerability categories, he did not say how much cash the firm will be offering. PayPal plans to categorize reported bugs into one of four categories: XSS (Cross Site Scripting), CSRF (Cross Site Request Forgery), SQL Injection or Authentication Bypass  Researchers need to have a verified PayPal account in order to receive the monetary rewards. " I original
Apple : 0 | Flashback trojan : 1 , Apple admits malware defeat

Apple : 0 | Flashback trojan : 1 , Apple admits malware defeat

June 25, 2012Mohit Kumar
Apple : 0 | Flashback trojan : 1 , Apple admits malware defeat Apple has quietly removed a statement from its website that the Mac operating system isn't susceptible to viruses. Apple released a patch to a Java vulnerability that lead to the infection of roughly 600,000 Macs with the Flashback Trojan earlier this year, there were claims weeks later from security researchers that hundreds of thousands of Macs were still infected. Apple is one of the single software companies that hasn't really faced the problem of viruses, for years claiming their operating system is the most secure among all. The specific language about the operating system, " It doesn't get PC viruses " was replaced with " It's built to be safe. " But now, Apple may be taking security threats more seriously. Apple is introducing a new app security measure called Gatekeeper in the upcoming release of Mountain Lion, the latest version of Mac OS X. The majority of malware might still be floating around in th
Hackers Exploit Unpatched Windows XML vulnerability

Hackers Exploit Unpatched Windows XML vulnerability

June 22, 2012Mohit Kumar
Hackers Exploit Unpatched Windows XML vulnerability An unpatched vulnerability in the Microsoft XML Core Services (MSXML) is being exploited in attacks launched from compromised websites to infect computers with malware. This zero-day exploit that potentially affects all supported versions of Microsoft Windows, and which has been tied to a warning by Google about state-sponsored attacks, has been identified carrying out attacks in Europe. Microsoft security bulletin MS12-037 was this month's cumulative update for Internet Explorer. It is rated as Critical, and addresses 14 separate vulnerabilities that affect every supported version of Internet Explorer in some way.One vulnerability in particular is more urgent than the rest, though. There are multiple attacks circulating online that target CVE-2012-1875 .The name of the vulnerability is " Same ID Property Remote Code Execution Vulnerability ", which doesn't really explain much. Until a patch is released, the Microsoft workaround
Intel CPU Vulnerability can provide control of your system to attacker

Intel CPU Vulnerability can provide control of your system to attacker

June 20, 2012Mohit Kumar
Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team (US-CERT) has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of Microsoft Windows 7, FreeBSD, NetBSD and there's a chance Apple's OS X may also be vulnerable. The flaw was disclosed the vulnerability in a security advisory released this week. Attackers could execute malicious code via kernel privileges or launch a local privilege escalation attack.  VMware's virtualization software is not affected, and neither are AMD's processors, as they do not use the SYSRET instruction whose incorrect handling causes the flaw or handle it differently.Many of the affected vendors have already pushed out an update that defuses the flaw. However, it said that while 32-bit operating systems are safe, " Intel CPUs that use the Intel 64 extension need th
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.