The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Real Story about rootkit.com , HBGary E-mail ! HBGary E-mail Viewer greg@hbgary.com Go back Original file: 27606 click here to show this e-mail with HTML markup From: jussi jaakonaho <jussij@gmail.com> To: Greg Hoglund <greg@hbgary.com> Date: Sun, 6 Feb 2011 22:15:54 +0200 Subject: Re: need to ssh into rootkit click here to show full headers Attachments: This e-mail does not have any attachments. did you open something running on high port? On Feb 6, 2011, at 9:43 PM, Greg Hoglund wrote: > ok let me know if you need me >  > On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote: >> tnx. >> i am also connected to the box, seems some people have download problems - >> have figured earlier that some chinese used chinese chars on names of files, >> which then our filtering stripped off when putting db etc. so some db >> editing >>  >>  >> _jussi ...

Anonymous used to be all about disrupting the Web sites of companies that helped block WikiLeaks’ funding. Now it’s starting to act like WikiLeaks itself. The group is planning, as early as today, to release 27,000 e-mails from the server of Greg Hoglund, the chief executive of software security firm HPGary, which it says could have permanently damaging consequences for the company. Anonymous has already posted around 50,000 emails of Aaron Barr, the CEO of sister organisation HPGary Federal, which revealed a report by the firm looking at ways to sabotage WikiLeaks in collaboration with Palantir Technologies and Berico Technologies. The emails also show that Bank of America, a potential target of WikiLeaks, was to hear the proposal via its outside law firm Hunton & Williams. A source from Anonymous says that most of the new e-mails from Hoglund are still unchecked and it is unclear who will be most liable when the information is made public, but added that briefly skimming the ...

Contents of HITB Magazine Issue 005: Linux Security: Investigating Kernel Return Codes with the Linux Audit System Network Security: Secure Shell Attack Measurement and Mitigation and ARP Spoofing Attacks & Methods for Detection and Prevention: Exploiting Web Virtual Hosting –Malware Infections Windows Security: Windows CSRSS Tips & Tricks Professional development: CISSP® Corner – Tips and Trick on becoming a Certified Information Systems Security Professional Interview: Rolf Rolles And much more…. Click here to read online via Google Docs.

“VERA is a Visualizing Executables for Reversing and Analysis tool. It is a tool for reverse engineering Windows executables. It is used in conjunction with the Ether framework to generate visualizations to help with the RE process.” This is the official change log: Added processing of trace files without having to use gengraph via new wizard Better handling of low memory situations Major code cleanup, refactoring, and new buzzwordy sounding tasks Added a toolbar, because everyone loves those Added IDA integration and IDA Pro module Fixed a bug involving parsing of non-traditional Ether trace files Now should support larger and more complicated graphs Author getting paid to write and support VERA. This new version contains a bunch of new features and API improvements. The two biggest updates are the addition of the trace file parsing and analysis inside of the GUI. This alleviates the need for the gengraph.exe program. The next big feature is the integration with IDA Pro. Cu...

Has anyone you know ever lost control of an email account and inadvertently sent spam—or worse—to their friends and family? There are plenty of examples (like the classic  "Mugged in London" scam ) that demonstrate why it's important to take steps to help secure your activities online. Your Gmail account, your photos, your private documents—if you reuse the same password on multiple sites and one of those sites gets hacked, or your password is conned out of you directly through a phishing scam, it can be used to access some of your most closely-held information. Most of us are used to entrusting our information to a password, but we know that some of you are looking for something stronger. As we announced to our Google Apps customers  a few months ago , we've developed an advanced opt-in security feature called  2-step verification that makes your Google Account significantly more secure by helping to verify that you're the real owner of your account. Now it...

Free cellphone encryption is coming to Android users in Egypt courtesy of San Francisco software maker Whisper Systems. Until now, Redphone and TextSecure, voice- and text-encryption apps respectively, have generally been available in the US only. Whisper Systems has been working on making the packages available internationally. With cellphone communication playing a vital role in the more than two weeks of protests in Cairo and Alexandria, the company decided to jump-start a version for Egyptians, said principal Moxie Marlinspike. “Given the events in Egypt, we've stepped up our efforts to incorporate international support, and are almost ready to do our first international release by deploying RedPhone and TextSecure (which is also unavailable there) into Egypt,” he wrote in an email. Marlinspike is no stranger to government surveillance. While returning from a trip overseas, US feds recently confiscated his handset and laptop. TextSecure uses strong encryption to make text ...

The Egyptian government shut down most of its country’s internet not by phoning ISPs one at a time, but by simply throwing a switch in a crucial data center in Cairo. That according to a February presentation to the Department of Homeland Security’s Infosec Technology Transition Council. The presentation — made by Bill Woodcock, research director of the Packet Clearing House — argues that the Egyptian Communications Ministry acted quite responsibly in the procedure it used to cut ties from the net, after the shutdown was ordered by Egypt’s much-feared intelligence service. “Most of the outage was effected through a breaker flipped in the Ramses exchange, and the rest was phone calls and arm-twisting,” the presentation says. ‘Ramses exchange’ refers to a central building in Cairo where Egyptian ISPs meet to trade traffic and connect outside of the country, a facility known as an Internet Exchange Point. The report’s timeline also contradicts many observers’ guesses that a smal...

Anonymous Response to Egyptian President Mubarak 's Second Speech ! Mr. Mubarak Billions of people around the world have naively held their hopes high only to watch in dismay while one single stubborn man once again highjacked the lives of millions.- The blood of the fallen in the struggle for freedom will not be crushed by your blind disregard for those clamouring for you to relinquish your desperate hold on power. Your abuses must end, now, and with them your pathetically transparent attempt to retain control through your henchmen, professional torturer, Mr Suleiman.- Your fractured, failed, despotic regime cannot be tolerated a minute longer. The people have spoken, in their millions. Your refusal to acknlowledge this fact and depart with dignity has shown us your delusion . You are aware of this, and so are we.- The Egyptian people are an inspiration for all living under a dictatorship. They will no longer stand by and listen to you speak on their behalf. They will be ...

This is the first time Mr.  Amr Thabet from Egypt , student at Alexandria University Faculty of Engineering Mechanical Department  ,  reverse a rootkit. He choose Stuxnet Rootkit (as it's a famous virus) and begin reversing.. Finally now he convert it into C++ code with a commented IDA Pro v.5.1 Database for it. Download Here

Online dating giant  eHarmony  has begun urging many users to change their passwords, after being alerted  to a potential security breach of customer information. The individual responsible for all the ruckus is an Argentinian hacker who recently claimed responsibility for a similar breach  at competing e-dating site PlentyOfFish.com . Late last year,  Chris “Ch” Russo , a self-styled “security researcher” from Buenos Aires, told me he’d discovered vulnerabilities in eHarmony’s network that allowed him to view passwords and other information on tens of thousands of eHarmony users. Russo first alerted me to his findings in late December, right after he said he first began contacting site administrators about the flaw. At the time, I sent messages to several of the administrative eHarmony e-mail addresses whose passwords Russo said he was able to discover, although I received no response. Russo told me shortly thereafter that he’d hit a brick wall in his researc...

JAIPUR: A senior manager of a private bank has registered an FIR against some unidentified persons who allegedly hacked his email ID and sent objectionable emails. The Ashok Nagar police are investigating the matter. SHO, Ashok Nagar and investigating officer of the case Jagmohan said one Brijesh Kumar registered the FIR on Wednesday. "He says that someone hacked his email account and sent mails with pornographic content and other objectionable mails," the officer said. "We have lodged a case under sections of Information Technology Act," the officer added.

Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit Framework version 3.5.2! “The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.“ This is the detailed release log: Statistics: * Metasploit now ships with 644 exploit modules and 330 auxiliary modules. * 39 new modules and payloads have been added since the last point release. * 58 tickets were resolved and 331 commits were made since the last point release. New Modules: New Exploits and Auxiliaries: * Apache Tomcat Transfer-Encoding Information Disclosure and DoS * Microsoft IIS FTP Server Encoded Response Overflow Trigger * Apache HTTPD mod_negotiation Filename Bruter * Apache HTTPD mod_negotiatio...

Leader.ir Next Target by Anonymous at 11.02.2011 at 18.00 !! TARGET: Leader.ir -- 11.02.2011 at 18.00 ( 6 PM ) GMT LOIC:   http://3.ly/77Dy PRESS:   Operation Iran - Press release by Anonymous Hackers ! REASONS:   http://www.youtube.com/watch?v=3_IHeYjiFlY

On February 6, 2011, as part of their attack on HBGary , the Anonymous group social engineered administrator of rootkit.com , Jussi Jaakonaho, to gain root access to rootkit.com . The entire MySQL database backup was then released by Anonymous and announced using HBGary's CEO Twitter account, @aaronbarr   : Sup, here's rootkit.com MySQL Backup http://stfu.cc/rootkit_com_mysqlbackup_02_06_11.gz #hbgary #rootkit #anonymous.   The table pic shown is the list of accounts found in rootkit.com MySQL database backup with passwords in cleartext.

Hackers in China  are causing havoc among computer systems of five multinational oil and gas companies, according to a new report by McAfee.  Security outfits have warned that this type of attack could get lot worse as multinationals continue to prod the Chinese government.  McAfee said in its  Night Dragon whitepaper  that hackers have stolen bidding plans and other critical proprietary information. This can be used to detrimental effect and give competitors an advantage.  It could not name the five petrochemical and oil companies as it says they are clients. George Kurtz, CTO, said in a  blog post : "We have strong evidence suggesting that the attackers were based in China. The tools, techniques, and network activities used in these attacks originate primarily in China. These tools are widely available on the Chinese Web forums and tend to be used extensively by Chinese hacker groups." He warns that well-coordinated, targeted attacks such a...