The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: website hosting

Its Fail 2011 - Year of Hacks !

Its Fail 2011 - Year of Hacks !

September 16, 2011Mohit Kumar
Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth
100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group

100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group

September 04, 2011Mohit Kumar
100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group Cyber-Warrior / AKINCILAR Group has started an attack about the political tension between Turkey and Israel (Ahmet Davutoglu - Dr. Michael Ben-Ari), and they still keep attacking. Cyber-Warrior / AKINCILAR Group made a name for themselves by hacking thousands of websites that insults their country, religion and nation. The group is called as " Virtual Castle of Turkey ". Within the context of attack the website of Dr. Michael Ben-Ari who attracted attention by saying " Turkey should be declared as enemy country ". To show their protest in the virtual world Cyber-Warrior / AKINCILAR Group has also hacked the free hosting service called 020.com 's all the websites. After the attack the personal website and thousands of other Israel websites' homepages changed with the same text. The following text have put on hacked websites' homepages: " Israel has to apologize from Turkey and all Islamic world because of
Cross Site Scripting Vulnerability at Google Appspot

Cross Site Scripting Vulnerability at Google Appspot

August 19, 2011Mohit Kumar
Cross Site Scripting Vulnerability at Google Appspot The Google Appspot " ClickDesk " login page is vulnerable to Cross Site Scripting attack. Cross Site scripting attack is a critical issue in web application. When an attacker gets a user's browser to execute his/her XSS code, the code will run within the security context (or zone) of the hosting web site. With this level of privilege, the code has the ability to read (keylogging), modify and transmit any sensitive data accessible by the browser. A Cross-site Scripted user could have his/her account hijacked (cookie theft), their browser redirected to another location, or possibly shown fraudulent content delivered by the web site they are visiting. The vulnerability can easily be amplified by publicly available tools like Cross Site Scripting framework (XSSF), Cross Site Scripting harvest perl (XSS-Harvest) and so on. Proof of concept: The following proof-of concept sample will do a HTTP POST to trigger the XSS vuln
Emperor Hacking Team : iM4n account exposed

Emperor Hacking Team : iM4n account exposed

August 12, 2011Mohit Kumar
Emperor Hacking Team : iM4n account exposed Just a few days back, the Backbox Linux distribution based website got hacked by the Emperor Hacking Team. A few hours later, Backbox maintainers managed to reconstruct the attack step by step and found infos that proved "iM4n" as the attacker. He owns an account on www.server4you.de, a webhosting company specialized in virtually dedicated servers. His account has been hacked. Brief technical report:  https://raffaele.backbox.org/content/im4n-account-exposed Backbox Team : " Backbox is just a Linux distribution. Such an attack was absolutely unexpected. The 'dreaded' eMP3R0r_TEAM turned out to be a group of iranian activists who carry out random attacks on potential vulnerable websites by targeting mostly European ones. During our investigation and analysis we were able to obtain complete details of the man who personally performed the attack (nick iM4n) and we collected a variety of tests that confirmed his identity.
Israel Web Hosting Server Hacked For Palestine By Dr T

Israel Web Hosting Server Hacked For Palestine By Dr T

July 18, 2011Mohit Kumar
Israel Web Hosting Server Hacked For Palestine By Dr T Israel Web Hosting Server Rooted Via Server Intrusion and all Domains on Server are Mass Defaced For Palestine By Dr Torjan and Code5 named hackers.  Hacked Websites List is available at :  https://pastebin.com/WvQmSSKh  .
EC-Council Academy Hacked by GaySec (Malaysian hackers)

EC-Council Academy Hacked by GaySec (Malaysian hackers)

July 15, 2011Mohit Kumar
EC-Council Academy Hacked by GaySec (Malaysian hackers) EC-Council Academy ( https://eccouncilacademy.org )   Hacked by GaySec (Malaysian hackers). EC-Council Academy is a separate distinct company with no corporate connection between itself and EC-Council or EC-Council University. Some months before same site was got hacked by some other hacker. Read here ... Some Hack Proofs : [-] Enter Target: -> www.eccouncilacademy.org [-] Enter Path: -> / [-] Port: -> 80 [+] Connecting to www.eccouncilacademy.org... [+] Connected to eccouncilacademy.org [+] Searching for token... [+] W000t!! got it! "AMXhybB3FSBDBYJZU" [+] Convert the token to the RCE Payload [+] Execute the shell... [+] Trying... [+] Got it!!! -> Reverse Shell Started $ id; uname -a; pwd uid=7647041(ecco1665) gid=100450(inetuser) groups=100450(inetuser) context=user_u:system_r:unconfined_t:s0 Linux sg2nlhg017.shr.prod.sin2.secureserver.net 2.6.18-194.32.1.el5PAE #1 SMP Wed Jan 5 1
JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

June 23, 2011Mohit Kumar
JustHost Hosting Server Compromised, More than 1000's of websites at Risk ! JustHost.com Server Breached ! " Just host is one of the fast growing hosting industries with the good uptime reliability with the best support and it's new to the world wide in the year 2008.Just host .com is one of the uppermost web hosting suppliers and are identified for their uptime reliability with the most superb support. "  Millions of websites Hosted on various JustHost Servers. One of them got Hacked by some hacker. Breached data become public from twitter account of " ContraHax " . This Hack is seems to be Dedicated to " Antisec operation " Started by Anonymous and Lulzsec. The exposed data includes : 1.) DNS file :  https://pastebin.com/bXLEw0TL 2.) Directories of Websites  3.) /etc/passwd Backup :  https://pastebin.com/M637rkJz We Have Inform JustHost admins, Stay Tuned for their Comments on This Security Breach.
BrainNET ISP/TV Provider hacked by ProDom Security

BrainNET ISP/TV Provider hacked by ProDom Security

June 20, 2011Mohit Kumar
BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: https://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.
NIIT Technologies GIS subsidiary’s server hacked by Tigers of Indian Cyber (TIC)

NIIT Technologies GIS subsidiary's server hacked by Tigers of Indian Cyber (TIC)

May 26, 2011Mohit Kumar
NIIT Technologies GIS subsidiary 's server hacked by Tigers of Indian Cyber (TIC) A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the 'Tigers of Indian Cyber' (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS' server was compromised — not the servers at NIIT Technologies. The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. "The executed query enumerates expected information from the database tables," says Omair. Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detec
Fake antivirus campaign on India’s DNA e-newspaper website !

Fake antivirus campaign on India's DNA e-newspaper website !

May 16, 2011Mohit Kumar
Fake antivirus campaign on India's DNA e-newspaper website ! DNA (Daily News and Analysis) is an Indian daily English language newspaper. According to Wikipedia, DNA ranks 8th among the top ten English dailies in India. Recently, the Zscaler solution was blocking access to this site, as it contained malicious content. Here is the homepage of this website: The 'Today's E-newspaper' link (circled above) is an online version of the printed periodical. We discovered that one of the pages from this e-newspaper site was infected with malicious script. Here is the screenshot of that page: The malicious script tag had been inserted in plain text as can be seen in this screenshot of page source: The malicious script tag directs the victim's browser to 'hxxp://vcvsta.com/ur.php'. This page then redirects the user to another malicious site ('hxxp://www4.to-gysave.byinter.net,), which will again redirect victim to random sites hosting fake antivirus campaigns. Here is the screenshot disp
Preview : Web App Hacker's Handbook 2nd Edition !

Preview : Web App Hacker's Handbook 2nd Edition !

May 11, 2011Mohit Kumar
Preview : Web App Hacker's Handbook 2nd Edition ! The first draft of the new edition of WAHH is now completed, and the lengthy editing and production process is underway. Just to whet everyone's appetite, I'm posting below an exclusive extract from the Introduction, describing what has changed in the second edition. (And in a vain attempt to quell the tidal wave of questions: the book will be published in October; there won't be any more extracts; we don't need any proof readers, thanks.) What's Changed in the Second Edition? In the four years since the first edition of this book was published, much has changed and much has stayed the same. The march of new technology has, of course, continued apace, and this has given rise to specific new vulnerabilities and attacks. The ingenuity of hackers has also led to the development of new attack techniques, and new ways of exploiting old bugs. But neither of these factors, technological or human, has created a rev
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

May 09, 2011Mohit Kumar
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a vulnerable machine. The company said that they are not going to disclose the details of the bugs right now, but that they have shared information on them with some of their government customers through its customer program. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said. VUPEN published a video (  https://www.vupen.com/demos / ) that demonstrates an attack that exploits the Chrome vulnerabilities, although there is no further clues about the bugs themselves. "The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

May 06, 2011Mohit Kumar
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman The FBI has raided the Gig Harbor home of an alleged hacker suspected in a cyber attack against Kiss bassist Gene Simmons. The October attack purportedly conducted by Anonymous – the same hacker group Sony claims crashed the Playstation Network – left the 61-year-old glam rocker's websites down for about a week after he spoke at an anti-online piracy conference. Now, an FBI cyber crime squad has traced the attack to a Gig Harbor home where agents seized computer equipment late last month. In court documents filed with the U.S. District Court in Tacoma, a Los Angeles-based FBI special agent alleged the perpetrator of the attack was "most likely" someone living at the Gig Harbor residence. Writing the court, though, the agent, a member of the Bureau cyber crime unit, stopped short of saying so with certainty. "I believe that someone with access to the computer at the subject r
DDOS attack on Change.org from China !

DDOS attack on Change.org from China !

April 20, 2011Mohit Kumar
DDOS attack on Change.org from China ! Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody. The attacks, which started late Sunday, have nearly brought down the site, according to Change.org founder Ben Rattray. DDoS attacks work by using hundreds or thousands of hacked computers to send traffic to a website, overwhelming it with data so it becomes inaccessible to normal users. Change.org said the current attack originates from an expanding group of computers primarily based in China, and has yet to stop. This is the first time the site has been hit with a DDoS attack. Change.org has been hosting a online petition calling for the release of Chinese artist Ai Weiwei, who is currently under arrest. The petition has attracted almost 100,000 people from 175 countries, making it one of Change.org'
Calling All Hackers - Grand Prize in Sunshine State “Hacktacular” Challenge !

Calling All Hackers - Grand Prize in Sunshine State "Hacktacular" Challenge !

April 17, 2011Mohit Kumar
Calling All Hackers - Grand Prize in Sunshine State " Hacktacular " Challenge ! Calling all hackers: Data Analyzers, LLC (www.datanalyzers.com) in Orlando, Florida, is hosting the Sunshine State "Hacktacular" Challenge with a big prize for the top competitor – a full-time job with benefits and relocation allowance if you move to Orlando. Data Analyzers has an immediate job opening for a junior data recovery engineer. The four-year old firm specializes in data recovery, computer forensics and ethical hacking, and has enough corporate clients to keep its engineers working overtime to meet deadlines. Trouble is, very few people in the U.S. possess the skills to qualify. No two data recovery problems are ever the same, and security safeguards are evolving almost as fast as hacking technology. "Data recovery skills are so specialized that typical 'help wanted' ads, even at colleges and universities that offer graduate degrees in computer sciences, don't do the job," said An
Hosting company Hostkey.ru got Compromised !

Hosting company Hostkey.ru got Compromised !

April 04, 2011Mohit Kumar
Hosting company Hostkey.ru got Compromised ! A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here : 1.)  Cms Hacked 2.) PhpMyAdmin Hacked 3.) Shell on Server 4.) Config File https://pastebin.com/VbuD0acE 5.) Server Rooted https://pastebin.com/h5RW3w6c Full compromise step-by-step @ forum https://tinyurl.com/dusbitchez News Source :  anonymous 
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.