Hackin9

InfoSec News

Bangladesh Cyber Army has sent out a message to the indian government in hope to stop this on going cyber war that has been taking place for months and months now and has seen thousands of websites taken offline and or defaced and leaked.


 
Yesterday we posted data that was submitted to ozdc.net and it has now been claimed by AlienZ and is apart of the on going cyber war we are seeing flare up in the middle east. The websites that was attacked was islamicfinder.org and culturecrossing.net and both contained account leaks with the islamic Finder leak being over 300 accounts with encrypted passwords.


 
Over the past couple of weeks a hacker who use's the handle SEPO and goes by the twitter handle @Anon_4freedom has been on a mission to expose many websites as well as dumping minor data from the attacks.


 
Apple's new Mountain Lion OS, which was previewed Thursday, includes a sharing feature readily available in most apps -- but users can't use the menu to share via Facebook.
 
Facebook is kind of training its user base that it is OKto click on links in emails, as long as they look like pretty buttons. When there is a friend request, or a comment has been added, in the interest of making sure that you get the message it is emailed. It was probably only a matter of time before Facebook like SPAM/PHISHemail started arriving.
When Ireceived the following, I must confess Inearly clicked it automatically, before Inoticed the actual link.

When Idid click the link, Igot a second surprise. To be honest Iwas expecting a facebook login page, failing that Iwas expecting malware, but what Iended up with was this. Plain old SPAM

Not terribly exciting Iagree. What caught my eye however was that the SPAMemail looked darn close to the real thing, the emails Facebook users get every day.
If you have a user base that uses Facebook, you may wish to bring this to their attention. At the moment it is only SPAM, but it doesn't have to be.
If you are into blocking, this particular SPAM run ends up on 115.145.129.35 (South Korea), loads medicalaf.ru (In China) which redirects to cvecpills.com (In Romania). Not a bad method to get some distance between the emil and the eventual landing page. Allows them to switch targets easily.
Mark H -Shearwater
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Oracle and SAP may be back in court on June 18 to begin a retrial of Oracle's corporate theft lawsuit involving SAP's former TomorrowNow subsidiary, according to a judge's order Thursday.
 
Baidu's fourth-quarter profit increased 77 percent from a year earlier as its online marketing customers nearly doubled, the Chinese search giant said.
 
The age of monolithic cell-tower networks with a few Wi-Fi hotspots and home femtocells sprinkled in may come to an end at this year's Mobile World Congress, where a diverse range of small cells and integrated Wi-Fi systems will be on display.
 
Leaders in the U.S. Senate are trying to fast-track new cybersecurity legislation that will create costly new regulations for some businesses, some critics said Thursday.
 
XRay CMS 'username' and 'password' SQL Injection Vulnerabilities
 
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
 
The cloud is being pitched as the best way to do more with less, but government agencies are slow to modernize, California official stresses
 
Tomorrow's computers will constantly improve their understanding of the data they work with, which in turn will help them provide users with more appropriate information, predicted the software mastermind behind IBM's Watson system.
 
A U.S. school district Thursday said it was handing students 2,000 Fujitsu tablets with the Windows 7 OS, and selected it over the iPad because of durability and security concerns.
 
Health care and pharmaceutical company Roche Group will standardize its email and calendaring system on Google Apps for about 90,000 employees worldwide, the companies announced on Thursday.
 
With smartphones and tablets quickly gaining widespread adoption, even IBM is calling this a "post-PC era". It's a world of portability, apps, and touch-enabled devices. This is clear not only in the dominance of mobile devices and laptops on the hardware side, but in the way that Apple and Microsoft are merging their mobile and desktop operating systems.
 
This year is shaping up as a repeat of 2009, when Microsoft and Apple last faced off with rival operating system upgrades, analysts said today.
 
Get Android OS news, reviews, analysis and more with complete Computerworld coverage.
 
libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
 
Google Chrome Prior to 17.0.963.56 Multiple Security Vulnerabilities
 
Oracle Java SE CVE-2012-0498 Remote Java Runtime Environment Vulnerability
 
A major tussle is emerging in the debate over how government agencies can gather and use information posted publicly on social networks like Facebook and Twitter.
 
Big data, and the need to analyze the information that's collected from every interface and sensor imaginable, is increasing employer demand for people with backgrounds in statistics and mathematics.
 
Google is making changes to its Chrome OS to reduce the number of times that Chromebooks drop their connections to Wi-Fi networks, an issue some users have complained about for months.
 
Cybercriminals have started launching distributed denial-of-service (DDoS) attacks against networks that transmit data over IPv6 (Internet Protocol version 6), according to a report published recently by DDoS mitigation vendor Arbor Networks.
 
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
 
Oracle Java SE CVE-2012-0500 Remote Java Runtime Environment Vulnerability
 
One firm will leave RSA 2012 with the ?Most Innovative? title, but industry experts say they all contribute in bringing the security industry up to par with sophisticated malware and hacking techniques.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
As FedRAMP initiative ramps up, cloud service providers can look forward to clearer guidance from federal clients and a robust market as administration tech chiefs press on toward a 'Perfect Storm' in cloud computing.
 
In a move that surprised many, Apple today seeded developers with a preview of Mac OS X 10.8, dubbed "Mountain Lion," and said it would offer the upgrade to customers this summer.
 
Apple announced an update Thursday to its OSX operating system, . Notable in the updated features is tighter integration with iCloud, its cloud-based file, apps, and settings syncing service. For businesses, this isn't big news, since iCloud targets individual consumers, and has almost no business-friendly features. What can Apple do to change that?
 

DNS flaw reanimates slain evil sites as ghost domains
Register
Jack Koziol, a director at the InfoSec Institute, a Chicago-based security biz, told El Reg that ghost domain DNS trickery might be used by cyber-crooks to keep malicious domains alive and resolvable for much longer, perhaps even indefinitely.

 
Extending its range of open-source projects to cloud computing, the Apache Software Foundation has approved the Deltacloud as a top-level project, the organization announced Thursday.
 
Researchers at UC San Diego and Microsoft found that as NAND flash densities increase, read and write latency as well as errors grow, giving SSD a finite life as a technology.
 
A new version of the Waledac malware has been spotted on the Internet, but unlike previous variants, which were mainly used for spamming purposes, this one steals various log-in credentials and BitCoins, a type of virtual currency.
 
After a tumultuous year for Hewlett-Packard Co., new CEO Meg Whitman brought the vendor back to its roots and delivered the messages channel partners wanted to hear in her keynote at the global partner conference Wednesday.
 
An Adobe Systems security update fixed seven critical flaws in Flash Player, including a cross-site scripting vulnerability being actively targeted by attackers.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 

Hacker Suspected in Pentagon, NASA Breaches is Arrested
PCWorld
Anthony M. Freed, managing editor of Infosec Island, says that TinKode is known to have taken advantage of several well-known vulnerabilities that many of his targets should have resolved before he exploited them through SQL injections -- a technique ...

and more »
 
Cloud services company Rackspace has purchased SharePoint911, a consulting firm for SharePoint users.
 
TYPO3 Category System Extension Cross Site Scripting and SQL Injection Vulnerabilities
 
TYPO3 'bc_post2facebook' Extension Unspecified Cross-Site Scripting and SQL-Injection Vulnerability
 
TYPO3 Yet another Google search Extension Cross Site Scripting Vulnerability
 
Use your contract to protect your company's interests before a breach occurs.
 
Re: sqlinjection bug in nova cms
 
Hackito Ergo sum // HES2012 Final CFP // Call for Hackers
 
The February Critical Patch Update for Java SE was recently released from Oracle. February has brought the release of 14 patches from Oracle that are categorized as Critical. As stated on the release page All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.



This alone is reason enough to fast track this package into your change management solution and deploy as quickly as possible.


Tony Carothers
tony d0t carothers at gmail (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
In the last couple of months BSNL( Bharat Sanchar Nigam Ltd ), india's largest telcom Services Provdier to public and business clients has become victim to many attacks which have proven that the companys website security standards need revising asap.


 
[PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip
 
2012 Honeynet Project Security Workshop
 
[SECURITY] [DSA 2410-1] libpng security update
 
Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
 
Messages is now ready for Mac users to test drive. Shortly after announcing its planned Mountain Lion update for OS X on Thursday, Apple released a beta of the revamped version of iChat that will ship with the new operating system this summer.
 
(Image Caption: The actual wording is in flux, but Mountain Lion will warn you if you try to open an app from an unidentified developer.)
 
For years, many Mac app developers have had to design their own ways to get your attention. The open-source project Growl helped save those developers from reinventing the wheel by creating a more general notification system supported by lots of apps. But with Mountain Lion, a true systemwide notification service will finally arrive when the Mac OS X update ships this summer.
 
Two of the new iOS-flavored apps to move to the Mac with the release of Mountain Lion this summer are Notes and Reminders. Here's a sneak peek at how they work.
 
Apple updates its iOS mobile operating system once a year. But why should the iPhone and iPad have all the fun? On Thursday Apple announced that it will release a new version of OS X--Mountain Lion--this summer, just a year after the release of OS X Lion.
 
iChat is dead--long live Messages. With Thursday's announcement of Mac OS X Mountain Lion comes the news that iChat is being upgraded and renamed to Messages, with support for the iMessage chat system introduced with iOS 5.
 

Romanian Police Arrest Alleged Hacker in Pentagon, NASA Breaches
CIO
Anthony M. Freed, managing editor of Infosec Island, says that TinKode is known to have taken advantage of several well-known vulnerabilities that many of his targets should have resolved before he exploited them through SQL injections -- a technique ...

and more »
 
Iomega introduced a new line of arrays that can utilize either high-capacity SATA drives or solid state drives, offers up to 36TB of capacity and has web-based management features.
 
Your CEO and CFO want to know what value they are getting for their investment in IT. Tell them. Insider (registration required)
 
Adobe on Wednesday patched seven critical vulnerabilities in Flash Player, including one reported by Google researchers that hackers are using in 'active targeted attacks.'
 
Opera Software has acquired Mobile Theory and 4th Screen Advertising in an effort to boost its push into the mobile advertising space, the Norwegian company said on Thursday.
 
Copyright holders cannot force social networking sites to install filters to prevent illegal file-sharing the European Court of Justice (ECJ) ruled on Thursday.
 
Not without controversy, police departments are turning to an array of tech devices including gunshot detection systems and eye-in-the-sky drones to investigate and solve cases.
 
Sony has completed its purchase of the Sony Ericsson mobile phone joint venture and turned the company into a subsidiary.
 
A couple of days ago one of the anonymous based websites that is more well known was attacked and defaced by a hacker using the handle exotz, well when this happened in the deface was a email so naturally we sent out contact to it and got a response.


 
Saadi n Hax.r00t who was apart of PCA, pak cyber army have contuined to wreak websites leaving them derfaced in the on going cyber war they are waging and fighting. so far this year we have seen hundreds of sites hacked by these guys and no doubt we are going to see much more.


 
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
 
Microsoft's MSN launched its msnNow site that puts together brief summaries on topics that are trending on Facebook, Twitter, Bing, and news site BreakingNews.com on a website accessible on PCs, tablets, and mobile phones.
 
If you work as a Linux developer or system administrator, your pay should be increasing -- and so should your job offers -- according to a new survey of hiring managers.
 

Posted by InfoSec News on Feb 16

http://www.nextgov.com/nextgov/ng_20120215_5840.php

By Aliya Sternstein
Nextgov
02/15/2012

Hackers posing as officials from the geopolitical analysis publisher
Stratfor are emailing infected links to government subscribers whose
email addresses were stolen during an earlier raid on the company's
computers, Microsoft researchers say.

To expose the ruse, Stratfor has instituted a temporary no-link policy
for all official emails,...
 

Posted by InfoSec News on Feb 16

http://online.wsj.com/article/SB10001424052970204883304577219543897943980.html

By RICHARD A. CLARKE
The Wall Street Journal
FEBRUARY 16, 2012

For most of this year, Arab-Israeli tensions have been spilling off the
streets and airwaves and onto the region's fiber optic cables. Citizen
hackers on both sides have engaged in tit-for-tat raids on Israeli,
Saudi and other regional computer networks. Stock exchanges, airlines,
government...
 

Posted by InfoSec News on Feb 16

http://www.myfoxboston.com/dpp/news/crime_files/crime_watch/5-ny-men-face-charges-following-their-arrest-at-natick-labs-20120214

15 Feb 2012

FRAMINGHAM (FOX 25 / MyFoxBoston.com) - Five men from Bronx, New York
answered to charges on Tuesday for allegedly trying to enter the U.S.
Soldiers System Lab in Natick with dozens of fake credit cards and
potentially stolen electronics.

Natick Police tell FOX 25 that Bryand Raposo, 20, Jeriel...
 

Posted by InfoSec News on Feb 16

http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/232600968/new-waledac-variant-goes-rogue.html

By Kelly Jackson Higgins
Dark Reading
Feb 15, 2012

Remember the infamous Storm spamming botnet that later re-emerged as
Waledac and was later silenced in a high-profile takedown led by
Microsoft? It's baaaack -- and this time it's performing more malicious
activity than sending annoying spam messages....
 

Posted by InfoSec News on Feb 16

http://www.theglobeandmail.com/report-on-business/nortel-turned-to-rcmp-about-cyber-hacking-in-2004-ex-employee-says/article2340002/

By Iain Marlow
Globe and Mail
Feb. 15, 2012

Nortel Networks Corp. approached the RCMP about Chinese industrial
espionage in 2004 but got no help from Canadian law enforcement or
intelligence agencies, according to a former employee concerned about
the theft of valuable intellectual property.

Brian Shields, a...
 

SYS-CON Media (press release) (blog)

Oops! HTML5 Does It Again
SYS-CON Media (press release) (blog)
#HTML5 #infosec A multitude of security-related solutions rely upon the ability to extract and examine mime-objects from web-content. HTML5 may significantly impair their ability to do so. The trade off between security and performance has long been a ...

 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
On Tuesday, Adobe released an update for Shockwave Player (APSB12-02) and RoboHelp for Word (APSB12-04). The odd question on tuesday was: What happened to APSB12-03. Today, we learned the answer: Another bulletin from Adobe, APSB12-03, accompanied by a patch for Adobe's Flash player.
Sadly, with the odd release date, this bulletin has fallen a bit between the cracks. However, you should apply the patch *QUICKLY* as at least one of the vulnerabilities has already been exploited in the wild.
http://www.adobe.com/support/security/bulletins/apsb12-03.html
------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Internet Storm Center Infocon Status