InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The attacks which have left 50+ more sites defaced with the below message have been carried out by H3r0 and Magnum Sniper of Indishell team which have defaced thousands of websites todate.


Need to attribute information to ISC? Want to provide users with an avenue to visit the ISC site? Want to link directly to the ISC Stormcast, Infocon or other information? These methods and more are listed on out ISC Linkback Page! https://isc.sans.edu/linkback.html


Various text only links and terms: ISC, Stormcast, Log Submission http://isc.sans.edu/linkback.html#text

Show an ISC image logo for your link back to ISC: Homepage, Stormcast http://isc.sans.edu/linkback.html#image

ISC Inforcon status image http://isc.sans.edu/linkback.html#other


This works as DShield also. Just view the dshield.org url http://dshield.org/linkback.html

Don't see a link you'd like to use? Suggest in the comments section below or send any questions or comments in the contact form https://isc.sans.edu/contact.html


Adam Swanger, Web Developer (GWEB)

Internet Storm Center (http://isc.sans.edu) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Dana White, made a grave mistake, taking on the Internet hacktivisit giant, anonymous asking them to bring it on. Well as a result Dana White has now had all his personal details leaked online and been harassed like nothing else to a point he started fighting back and now has just gone quiet.

a young kid at the center of a massive breach on the popular smartphone app Grindr could be spare any sentence or conviction due to the fact no one within Australia has made a formal complaint about the breach. The hack which seen pretty much all the details of people leaked to various sources breached over a million accounts that allowed Mr nasty to control these accounts.

Well know wiki site provider wikispaces has been hacked and had a dump fo accounts leaked online by Netbashers. Netbashers have been making a load come today with already 2 big leaks, one that included a bollywood site and now this.

Netbashers are surely making this come back worth it, now leaking heaps of FTP accounts from a bollywood based website NineWinds.in. The accounts are fairly interesting to say the least, with universal music's account details being leaked as well as many other big name movies.

@psykonx from @Netbashers, who we have covered many many times before but they have been quiet for some time now have returned with thousands of accounts from a traffic exchange website called Just10time.com.

Companies are spending more time investigating the source of data breaches and their impacts than properly preparing for them, says a survey.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Google today dismissed concerns by a former senior federal IT official that its controversial new privacy policy would create problems for customers of Google Apps for Government.
Amid renewed reports of poor working conditions at factories making Apple products in China, it's unclear whether customers will demand change.
Bucking the trend of increasingly experimental desktop interfaces, the developers behind the Linux Mint are adopting a simpler desktop for the next version of the open-source Linux distribution.
When the U.S. Department of Justice shut down MegaUpload and sued its operators for copyright infringement last week, users who were storing files legally on the site became collateral damage. Now, some of them are looking to sue the government over lost data, TorrentFreak reports.
The iPhone may have opened the door for Apple in the enterprise, but it was the one-two punch of the iPad and revamped MacBook Air in 2010 that really did the trick, an analyst said today.
Google's decision this week to share user data across its online services has caught the attention of eight members of the U.S. House of Representatives, with the lawmakers asking whether the changes will compromise privacy.
Washington's attorney general announced two new lawsuits against Adscend Media, a company that allegedly has been earning US$20 million a year using a Facebook scam.
Companies are spending more time investigating the source of data breaches and their impacts to reduce expenses, says a survey.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
Sysax Multi Server 'Content-Disposition' Buffer Overflow Vulnerability
ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision
ESA-2012-005: EMC NetWorker buffer overflow vulnerability
Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability
If a new proposal by Oracle is accepted, oversight of Java technical standards will fall under the auspices of a single committee, rather than the current system, which has separate entities for Java EE/SE and ME.
Google+ is now officially welcoming teenagers and tailoring the experience of the social networking site for them by making it more restrictive and potentially safer.
When developing and integrating cloud systems, the public interfaces and external "contracts" among services mean that design and architecture can evolve rapidly and in parallel. But when they do and the teams are not in the same room, this speed is an invitation to chaos. As two teams work on opposite sides of an interface (the service provider and the service consumer), it's easy for the teams' definition of variables and methods to fall out of sync. Of course the service provider team could update its document and notify the other team about a new semantic of a field value or behavior of a service. But the reality is too often that they don't, and the classic problem of distributed version control rears its ugly head.
Tens of thousands of video conferencing setups, including some in corporate meeting rooms where the most confidential information is discussed, are vulnerable to spying attacks, researchers said.
In Silicon Valley, the saying "it's a dessert topping and a floor wax" is often used to puncture the pretensions of a product that promises that it can address every need; it's applied to products claiming oxymoronic qualities. For example, the saying would be applied to a product that claimed to perform network management and word processing--two different, mismatched, and disharmonious functionalities.
Intel said it had agreed to purchase RealNetworks streaming media patents and video codecs in a bid to improve the multimedia experience delivered through devices based on its chips.
The European Parliament's website fell under a distributed denial-of-service attack on Thursday in what the organization classified as retaliation for the shutdown of the Megaupload file-sharing site and an anti-counterfeiting trade agreement.
Apple sold more iPad tablets last quarter than any single PC maker sold personal computers. Will tablet sales eventually surpass PC sales?
The European Union signed up to the controversial Anti Counterfeiting Trade Agreement (ACTA) on Thursday despite widespread opposition, particularly in Poland where people took to the streets in protest.
AT&T Thursday reported a $6.7 billion loss in the fourth quarter of 2011 due to extraordinary charges that included a breakup fee for its thwarted plan for a merger with T-Mobile USA.
The digital divide is shutting many Americans out of the economy.
Ruby on Rails Translate Helper Method Cross Site Scripting Vulnerability
DimplesAkaKaren noticed that Windows came with two versions of Internet Explorer. She asked the Answer Line forum which she should use.
Nokia's sales dropped and losses increased during the fourth quarter, as sales of Symbian-based smartphones suffered and Windows Phones got started.
Excel puts lots of great tools on your desktop, but what each one of them does isn't always obvious, especially since so many Excel features are hidden.
@alsa7rx is just about to make alot of gamers panic, specially if they have used xboxliveclans.com and signed up and stupidly used the same usernames/password combos everywhere, which si very common.

Yesterday we reported that a few hospitals came under attack in Israel, as a result of this many Israeli hackers have become pissed off and unleashed more attacks agasint Iranian websites and have plans for many more.

European regulators have dropped a legal case against the United Kingdom over failure to implement ePrivacy laws saying that changes in UK legislation fixes the problems.
Nokia's sales dropped and losses increased during the fourth quarter, as sales of Symbian-based smartphones suffered and Windows Phones got started.
Anonymous hackers have recently hacked and leaked a huge amount of data, from Horia Hulubei National Institute of Physics and Nuclear Engineering ( IFIN HH).

NEC said Thursday it will cut 10,000 jobs, including 3,000 outside of Japan, and it now forecasts a $1.3 billion loss in the current fiscal year through March.
Rhapsody has acquired the Napster service in the U.K. and Germany, following up on its acquisition last year of Napster's U.S. operations from Best Buy.
Symantec this week told users of its pcAnywhere remote access software to disable or uninstall the software while it fixes an unknown number of bugs.
Nintendo on Thursday slashed its annual sales target for the flagship 3DS handheld, conceding that price cuts and a barrage of software titles were not enough to recover from a weak launch last year.
Sales of Android-based tablets more than tripled during the fourth quarter of 2011. But Apple still dominates, even as its market share dropped, according to Strategy Analytics.
Brendan Eich says that Google's language is not likely to get browser support and that JavaScript itself probably would not be extended to support native code
OpenSSL DTLS CVE-2012-0050 Remote Denial of Service Vulnerability
Google has whipped up a privacy brouhaha with a blog post announcing that the company is rewriting its privacy policy, consolidating user information across its services.
John Deere & Co., has moved about 800 software developers into an agile development process, and did so in just over a year.

Posted by InfoSec News on Jan 25


By Elinor Mills
InSecurity Complex
CNet News
January 25, 2012

The Department of Homeland Security is disputing a government memo
obtained by Nextgov.com that said a targeted attack on the computer
network of a railway company in the Northwest disrupted train service in
early December.

"Following more in-depth analysis, it appears that...

Posted by InfoSec News on Jan 25

Forwarded from: security curmudgeon <jericho (at) attrition.org>

: http://www.livemint.com/2012/01/24210113/The-digital-hacktivist.html

: The book offers little that is new or unique, ...

That summarizes his entire career, both in presentations and books.

: Fadia is not respected among hackers, who accuse him of being
: inexperienced and lacking depth of knowledge, and of making a quick buck
: out of information that is freely available...

Posted by InfoSec News on Jan 25


By Sebastian Murdoch-Gibson
News Writer
The Argus
January 24, 2012

Canadian authorities placed sub-lieutenant Jeffery Paul Delisle under
arrest last week for passing official military secrets to foreign
interests. Delisle is the first person to be charged under the Security
of Information Act, which superseded the Official Secrets Act shortly...
Pak Cyber Combat Squad Cr3w has struck at least a 100 websites leaving them with a common message, a birthday message to "nellam meher". In the past we have seen them do do attacks in the name of Opfreepalestine as well that left 60 sites defaced.


Posted by InfoSec News on Jan 25


By Lucian Constantin
IDG News Service
January 25, 2012

IT professionals believe that assessing the potential harm caused by
data breaches is more useful to mitigating the effects of such incidents
than notifying affected individuals, according to a survey published on
the day the European Union's proposed a...

Posted by InfoSec News on Jan 25


By Amber Corrin
Jan 24, 2012

New security standards expected to be approved soon would let devices
powered by the Android operating system use the Defense Department's
classified networks, according to an Army official.

DOD and National Institute of Standards and Technology are close to
approving the standards, according to Michael...

Posted by InfoSec News on Jan 25


By Shaun Nichols
26 Jan 2012

Symantec is advising customers to take their copies of PCAnywhere
offline as the company continues to struggle with the aftermath of a
major data breach.

The company has issued a whitepaper addressing new vulnerabilities
brought to light by a recently publicised attack which resulted in
attackers gaining access to...

Posted by InfoSec News on Jan 25


By Noah Shachtman
Danger Room
January 25, 2012

Newt Gingrich isn’t the only politician who’s freaked out by China and
Russia’s online spying. But the new Republican presidential frontrunner
may be the highest-profile political figure all but openly calling for
cyberwar with Moscow and Beijing.

“I think that we have to treat state-based covert activities as the...
Internet Storm Center Infocon Status