19 Indian Websites Defaced By Member of Bangladesh Grey Hat Hackers

Member of Bangladesh Grey Hat Hackers using the codename of V3N7UR3 defaced a total of 19 Indian websites during the weekend.The hacker uploaded the same deface page on each of the websites. At the time of publishing,all the websites were still holding the defacement page.This was posted on their official Facebook page.
List of Websites Defaced: [Click Here!]

Syrian Hacker Defaced Two United Nations Population Fund Websites

Syrian hacker using the codename Dr.SHA6H defaced two United Nations Population Fund Websites. On each website the hacker uploaded the same deface page on which a video of a wounded child was played. Below the video, the following message was written,
At the time of publishing, both websites were still holding the defacement page.
Websites Defaced:
http://www.unfpa.org.sv/
http://www.unfpa-mali.org/
Mirrors:

OpMaldives : Anonymous Hackers Want To Penetrate More Maldives Government Websites

On December 20, Anonymous published a video where they explained why they leaked more than 200,000 individuals ID Card numbers. They stated that this was done to show how insecure the Government Authorities are.They added that they will continue to penetrate into government websites to help in improving the security.These websites will not be damaged permanently and they will not harm the infrastructure of Maldives. Below is the video posted on YouTube along with the transcript.
Video
 Transcript
"In a recent press release by Maldives Police, they have singled out Anonymous Maldives as a threat to "citizens of the Maldives".
We have exposed more than a 200,000 thousand National ID Card details on our site "maldives.anonymous.lv" on December 2013. This was done in the interest of making the citizens of the Maldives aware that how insecure our Government Authorities are. We want to make it clear that this was done in no way to threaten any citizens rights. We do not wish to & will never terrorize our nation.
We have found traitors working in the Authorities who claims they are "IT/Security Experts". We call on the Election Comission to fire these traitors and secure our personal information. We will continue to penetrate into Government Websites just to help them improve their security. Sites we penetrate will not be permenantly damaged, nor we will harm the infrastructure of Maldives. We have simply shown how insecure our government is.
Police Authorities claimed that they have taken down our mirror site "maldives.anonymous.lv", but until now we still have our domain and it was never seized and cannot be. Our current mirror is "press.anonymous.lv" as a result of Government censoring our previous mirror "maldives.anonymous.lv". If you cut down one Anon, ten more will join us purely out of anger at your trampling of dissent.
Anonymous does not have leaders. We are not a group, we are not an organization. We are just an idea. We will respond to those who seek to threaten us, even if it's the Government. We understand that our participants have been concerned about the lies spread by Maldives Police Service in their press statement on 21st October 2013.
We are Anonymous.
We are legion.
We do not forgive.
We do not forget.
Expect us!
"

A Christmas Message From Edward Snowden

Edward Snowden, known all over the world today for disclosing secret documents of the NSA made a video on the occasion for Christmas where he talked about privacy. Below is the video and transcript. The video has been deleted on several occasion for copyright breach but we managed to get a copy of it on YouTube.
Video
  

Transcript
"Hi. A Merry Christmas.
I'm honored to have a chance to speak with you and your family this year.
Recently, we learned that our governments, working in concert, have created a system of worldwide mass surveillance, watching everything we do.
Great Britain's George Orwell warned us of the danger of this kind of information.
The types of collection in the book - microphones and video cameras, TVs that watch us - are nothing compared to what we have available today.
We have sensors in our pockets that track us everywhere we go.
Think about what this means for the privacy of the average person.
A child born today will grow up with no conception of privacy at all.
They'll never know what it means to have a private moment to themselves; an unrecorded, unanalyzed thought - and that's a problem, because privacy matters.
Privacy is what allows us to determine who we are and who we want to be.
The conversation occurring today will determine the amount of trust we can place, both in the technology that surrounds us, and the government that regulates it.
Together, we can find a better balance.
"

10 Chinese Sentenced For Hacking World of Warcraft Accounts

Last week, 10 Chinese men were sentenced for hacking and defrauding over 10,000 World of Warcraft accounts. One among them named Chen started buying compromised accounts for $1. He  then proceeded by selling the accumulated gold and gear for about $3 per account. Later he learned how to hijacked WOW accounts and he was hired by another man, Zhu. After receiving several complaints, an investigation was launched and Chen along with his group were arrested. They already stole over 11,500 accounts and earned around $10,800 in profit. Chen was sentenced to 2 years in prison and fined $8000. The others were fined $1000 and will spend less than two years in prison.
Source:[Click Here!]

180+ Websites Defaced By Indian Hacker ShOrTy420

Indian hacker using the codename of ShOrTy420 has defaced a total of 182 website. The hacker who is well known for mass defacement uploaded his usual defacement page on each of the websites where he provided his email address. At the time of publishing, all the websites were still holding the defacement page. A list of all the websites defaced has been provided.
List of Defaced Websites: http://pastebin.com/cfkzrWSL

Beware of Fake Tumblr Unlimited Posts Extension Malware

Last week, researchers from Malwarebytes discovered a malware called "Archive Poster" which is posing as tool that helps to remove posting limitation on Tumblr. The official archive poster team posted a warning message concerning this issue, saying " There is a user going around saying that there is a way to remove post limit. In fact, they are saying that this extension created it. Whatever you do, DO NOT download the file.There is no way to remove the post limit, and there never will be. We are not affiliated with anyone who claims they can."
This malware is designed to harvest usernames and passwords of users and sent to the phishers' server.  We advise our readers not to install anything which is not from an official source. 
A detailed explanation about the malware is available [Click Here!]

Jessica Simpson's Father Twitter Account Hacked

The verified Twitter account of Jessica Simpson' father, Joe Simpson, was hacked and around 40 messages accusing him of child molestation were posted in a very short delay.The hacker even posted "For those who are wondering...my account has not been hacked but as I said I would remove those tweets."
On the 17 of December 2013 Joe Simpson tweeted that he recovered his account. All the messages posted by the hacker were removed.
Source:[Click Here!]

9 British Websites Hacked By Pakistani Hacker

During the weekend, Pakistani hacker using the codename of Khan defaced 9 British websites. Among these, one is a government website (taith.gov.uk). The hacker uploaded the same deface page on each of the website. He stated the reason for this defacement on the page itself.At the time of publishing, all the websites were already restored. Mirrors of how they look during defacement has been provided below.
Message the hacker posted on the defacement page:
"You Dont See My last activiy when i hacked customs russia intelligence website
(http://zone-hc.com/archive/mirror/8669152_eng.customs.ru_mirror_.html)
today i am again with same message uk goverment deciding Ban Hijab for muslim womens what the hell is this! when your womens wear underware and come out of home beaches, road, you said this is freedom ? this is no problem ? but when our ladies , sisters , mothers wear hijab you said this is problem . so you call this justice ? i will fight for our right like a legend till i die .. We Want Freedom For Our Religion. You can kill us but cant kill our idea ! Your All database Deleted! ./#LogOut
"

Link to websites defaced ad mirrors:

Sub Domain Of National Informatics Center of India Defaced

Last week a sub domain of National Informatics Center of India was defaced by hackers of leets point crew. On the defaced page, they added the logo and picture of leets-point.net website. By the time of publishing, the website was unavailable. Mirror of the defaced page has been provided below.
Message posted on Defaced Page:
"[!]STAMPED BY ~~
[!] www.LeeTs-PoinT.net [!]
root@l337:~[#] uid=0(root) gid=0(root) groups=0(root)
Islam Zindabad , Long Live Muslims , Pakistan Zindabad
Security 0%
Need security???
Contact:~ http://www.leets-point.net
Love To: Dr@cul@ | HeeR | LeeT AttackeR | MerJani | Mj Mirza | D43m0n | TiGER-M@TE | BD XTOR | Sizzling Soul | Pakhtun~72 | Rotating Rotor | Ablaze Ever | m sajawal younas | sharif | DaN1 SpeeDy | Don | Dzhunter | Pk_Tracker | linux_maniac | c0d3-x-1337 | KiLLerMiNd | Kai-Haxor | Muhammad Bilal | Master Mind PCF | S.O.G | Nadan Shehxada | x33k A.K.A v1ruX 4u | Code Cracker | All Pakistani Haxors | All Muslim Haxors | All My Freinds | All BD GREY HAT HACKERS Team | & All LeeTs-PoinT.net Team Members
© UNDERGROUND HACKERs  2010 - 2014
"
Sub Domain Defaced:
http://www.iicdelhi.nic.in/CAProgramms.php?&user_id=0&pt=1&prgid=740
Mirror:

Sentenced For Hacking Medical School Application System

Bosung Shim, a 24 year old man of Rockville, MD, was sentenced to three months in prison, followed by seven months in community confinement and three years of supervised release, for unauthorized access of a protected computer.Adding to this, he was  required to pay $31,653.24 in restitution to the victim and forfeit the computer equipment used in the crime.
He pleaded guilty on October 4, 2013 to one count of computer intrusion. Shim admitted that between June 2011 and December 2012 he repeatedly tried to get unauthorized access to the computer systems of University of Michigan and the Association of American Medical Colleges (AAMC). For six months in 2012, he attempted to change his Medical College Admissions Test scores. When he realized he was unable to hack it, he hired other hackers to do this for him causing tens of thousands of dollars damage.The aspiring medical student is also said to have perpetrated related fraud against other organization, such as the National Institutes of Health.
Source:[Click Here!]

Anonymous Video Statement Regarding Situation In Central African Republic

On 11 December 2013, Anonymous published a video on YouTube in which they talked about the situation regarding Central African Republic.In the video, Anonymous said "We've taken note that an operation would not help this location, nor the taking down/defacement of government websites....We will do everything in our ability to give the people in the Central African Republic, or C.A.R CAR for short, every necessity. " Below is the video and the full transcript.
Video

Transcript
"Citizens of the globe, we are anonymous. We bring you this urgent message concerning the events in the Central African Republic to light.
We've taken note that an operation would not help this location, nor the taking down/defacement of government websites.
This battleground of a country is not in the brink of chaos, this country has now fallen into chaos.
We will do everything in our ability to give the people in the Central African Republic, or C.A.R CAR for short, every necessity. Water, food, aid supplies is scarce and is being a high necessity to the people.
As of right now, the location is overrun by bloodshed and war, French troops and possible US military soldiers have been deployed and dispatched in the area. We fear these, soldiers are not here to make way for a hopeful path for the people in the Republic. They are there for the sake of oil, minerals and other resources the country is rich on.
Photos and videos are not taken lightly around these parts and the people behind these heinous attacks will make pleasure to make these events, these battles, go unnoticed.
We are doing this for the sake of the people, we could care less about the politics behind it. When innocent, peaceful people get hurt, beaten, abused and tortured..
We act.
Anonymous, is watching.
We are anonymous
We are legion
We never forgive
We never forget

This event is highly under-reported, and anonymous, will not let this go by unnoticed."

Firefox 26 Fixes 14 Vulnerabilities

14 security holes have been patched in the Firefox 26. Among these patches, 5 of them are considered as critical.These are vulnerability that can be used to run attacker code and install software, requiring no user interaction beyond normal browsing, 3 are moderate vulnerabilities and 3 are categorised as high. The remaining are considered to be of low security: "Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs."
We advise our readers to update their Firefox to be more secured.
List of Security Holes addressed in Firefox 26
MFSA 2013-117 Mis-issued ANSSI/DCSSI certificate
MFSA 2013-116 JPEG information leak
MFSA 2013-115 GetElementIC typed array stubs can be generated outside observed typesets
MFSA 2013-114 Use-after-free in synthetic mouse movement
MFSA 2013-113 Trust settings for built-in roots ignored during EV certificate validation
MFSA 2013-112 Linux clipboard information disclosure though selection paste
MFSA 2013-111 Segmentation violation when replacing ordered list elements
MFSA 2013-110 Potential overflow in JavaScript binary search algorithms
MFSA 2013-109 Use-after-free during Table Editing
MFSA 2013-108 Use-after-free in event listeners
MFSA 2013-107 Sandbox restrictions not applied to nested object elements
MFSA 2013-106 Character encoding cross-origin XSS attack
MFSA 2013-105 Application Installation doorhanger persists on navigation
MFSA 2013-104 Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)

Source:[Click Here!]

Women Online Blackmailer Sentenced To 5years

In January, a 27 year old man, Karen “Gary” Kazaryan, was arrested on federal computer hacking charges.He was accused of hacking into several Facebook,Skype and email accounts of different women and blackmailing them. He sent a letter to the U.S. District Judge George H. King on Monday where he said “The lines between digital life and reality were blurred and out of control for me,” He also added that he put the blame of his actions on depression and the use of marijuana. He admitted hacking online accounts and blackmailing several women in sending him nude and semi nude pictures.He was sentenced for 5 years
Storyline
Once the hacker gained control of the victims accounts,he changed the password,thus, preventing the legitimate users from accessing their accounts. He then searched the emails account for naked or semi naked pictures,as well as files and important information like passwords and friends names.After doing so,he posed himself online as women and fooled the 'friends' in removing their clothes so that he can watch them, or asked them to take pictures of themselves and send it to him.When the victims realized that they were not talking to their so called friend,he would blackmailed them using the photos he already have possession of by making them stripped live for him on camera.
Kazaryan contacted the victims at several occasion asking them to expose their breast on Skype.When they did not comply to his demands,he posted the nude pictures on their respective Facebook pages.The authorities found around 3000 nude and semi-nude pictures on the hackers computer,some taken from their online accounts and other taken by the hacker himself on Skype.

Assistant U.S. Attorney Tracy Wilkison said: “The victims called it rape because it felt like rape,”
Source:[Click Here!]

Android Game Balloon Pop 2 Steals WhatsApp Conversations

Graham Cluley, a veteran of the anti-virus industry has published on his official website about an Android game,Balloon Pop 2, which steals WhatsApp conversation.Google removed the game Balloon Pop 2 from Google Play.The application secretly steals private WhatsApp conversations and upload them to a website.On the website, Balloon Pop 2 is advertised as a program which can back up WhatsApp conversations. No description of the game was given on the website and the people behind this can argue that they are only providing a service for backing up WhatsApp conversation. An attacker can install this application on a device and later on visit the website to see the conversation of the victim.The attacker has to enter the device number he/she targeted and get access to the private conversations.
Source:[Graham Cluley Website]

Beware of Fake Aureus University Recruitment and Liaison Services Email

Experts have discovered a phishing email circulating and pretending to be from Aureus University School of Medicine Admissions Office.The email contains link which leads to a fake website. Cyber criminals behind this scam have used real address and phone number of the university to get more victims.The email content goes as follows,
Hello,

I believe you are well ! Kindly View the
document I uploaded for you using Google
drive CLICK HERE and sign in securely
to view, It's very Important.

Thanks

Aureus University School of Medicine
Admissions Office

21-00 Route 208 South

Suite 220

Fairlawn, NJ 07410

Tel: 201-773-8880

When clicking on the link provided, victims are directed to a website identical to that of Google Drive where they are asked to enter their personal information.Once the information are entered,these are sent to the cybercriminals and the victim is redirected to the original Google Drive login page.

We advise our readers to ignore these kind of emails and always check if the websites you are being redirected to is secures(https).

Source:[Click Here!]

Edward Snowden Studied Advanced Hacking In Delhi

Edward Snowden, known all over the world today for disclosing secret documents of the NSA studied core Java programming and advanced ethical hacking in India at Koenig Solutions,in Moti Nagar, New Delhi in 2010.It is this training which helped him in obtaining the EC-Council Certified Security Analyst (ECSA) certification. He came to India from Japan on September 3 and left for the US on the 9.
Rohit Aggarwal, founder and CEO of Koenig Solutions said,"He paid over $2,000 towards his training fee, lodging and boarding,".
The technical manager in information security at the center,Sisir Pandey said, "Snowden was a certified ethical hacker and hence he chose a fast-track course. It didn't take him much time to figure out how to create exploit-attacks and hack wireless networks. He was able to interpret vulnerabilities and outcomes in security testing,"
Snowden exchanged many emails with the training center and it revealed that he had several IT Security certifications,namely, EC-Council's Certified Ethical Hacker (CEH),Microsoft Certified Solutions Experts (MCSE), Comptia Network+, Comptia Security+ and Project Management Professional (PMP).
"He kept to himself. He was unassuming and nothing out of the ordinary. He was focused on the curriculum. He would frequently visit the Haldirams restaurant next to our centre," said Hema Sharma,manager of Koenig Solutions.
Source:[The Times of India]

#OpAngola : Several Government Websites Taken Down By Anonymous

A total of 69 government websites have been taken down by Anonymous hackers in an anti-government protest.After the opposition leaders accused officials of being involved in the killing of political activist last year, Angolan started protesting on the street.Anonymous hackers joined the protest by launching DDOS attack on all the Angolan websites.All the websites listed in the list below are hardly available after this DDOS was launched.This has been published on the twitter account of an Anonymous hacker using the code name of AnOn_GyNiUs.

 List of websites attacked:[Click Here!]

706 Domains Seized By International Law Enforcement Agencies

10 foreign law enforcement agencies teamed with the  U.S. Immigration and Customs Enforcement's (ICE) Homeland Security Investigations (HSI) to seize domain names that were illegally selling counterfeit merchandise online. A total of 706 domain names were seized. Those were set up to dupe customers into buying counterfeit goods as part of the holiday shopping season. 297 domain names were seized by US authorities, 393 by European authorities and 16 sites were taken down by Hong Kong Customs.
ICE Acting Director John Sandweg said, "Working with our international partners on operations like this shows the true global impact of IP crime,".. "Counterfeiters take advantage of the holiday season and sell cheap fakes to unsuspecting consumers everywhere. Consumers need to protect themselves, their families, and their personal financial information from the criminal networks operating these bogus sites."
Rob Wainwright, director of Europol said, "This operation is another good example of how transatlantic law enforcement cooperation works. It sends a signal to criminals that they should not feel safe anywhere,".."Unfortunately the economic downturn has meant that disposable income has gone down, which may tempt more people to buy products for prices that are too good to be true. Consumers should realize that, by buying these products, they risk supporting organized crime."

The domain names seized are now in the custody of the respective governments who took part in these operations. Visitors trying to visit these websites will find a banner which notifies them about the seizure.
More can be read from source [Here!]

Beware of Fake Royal Mail Email Containing Trojan

Experts from MX Lab intercepted a new Trojan distributing mail title as “Mail – Lost / Missing package” which is being sent from a spoofed mail address “Royal Mail Group”.The mail contains the following message, 
Mail – Lost / Missing package – UK Customs and Border Protection

    Royal Mail has detained your package for some reason (for example, lack of a proper invoice, bill of sale, or other documentation, a possible trademark violation, or if the package requires a formal entry) the RM International Mail Branch holding it will notify you of the reason for detention (in writing) and how you can get it released.

    Please fulfil the documents attached.
The attachment stated in the email is a ZIP file and contains a PDF document of 107kb named as, "RoyalMail_Report-ID-37846378962513415238471238476218736487123684.pdf". This PDF hides a Trojan downloader and once it is on a system, it creates a new process,adds itself to the Windows registry so that it stays persistent and changes the firewall settings.It is also capable of stealing credentials from FTP clients,collects information to fingerprint the system, performs HTTP requests and starts servers listening on 0.0.0.0 on port 7748, 0.0.0.0 on port 6023 and 0.0.0.0 on port 0.
We advise our readers not to open files from untrusted emails and to update antivirus applications on your system.
Source:[Click Here!]

300 Websites Hacked By Indian Hacker Sn3aker

After defacing 70 websites last week, Indian hacker using the codename of Sn3aker defaced 300 websites this week. Among these, 3 of them are government websites.The hacker uploaded the same deface page on each of these websites.Sn3aker has been very active lately,before the last week attack on Thai websites, he defaced 10 Sri Lankan websites two weeks back.The full list of all the defaced websites has been provided below.
List of Defaced Website:[Click Here!]

Beware of PayPal Phishing Email "Account Access Limited"

An email claiming to be from PayPal is on circulation and is asking for account login and other personal information. The email contains a PayPal logo and gives impression of being genuine. Users who click on the link provided in the email are directed to a fake PayPal website which looks identical to the original one.Once there, users are asked to login using their mail address and password. After doing so,they are then sent to a second page and are asked to provide information like contact number, identity details and credit card numbers to verify and secure their account.These information are collected by cyber crook behind this scam and will surely use them to hijack PayPal accounts.
We advise our readers to be careful when receiving any mail relating to accounts verifications or where you have to provide personal information.Do check whether the websites are genuine and secured (https).
Source:[Click Here!]

Mauritius About To Sign The Budapest Convention on Cybercrime

According to the Minister of Information Technology and Communication (ICT ) Tassarajen Chedumbrum Pillay, the government of Mauritius will sign the agreement in about two weeks. This convention is the first international treaty that focuses on computer crimes and internet crimes by harmonizing certain national laws, in the view of improving investigative techniques and increase cooperation between different countries. It was written by the Council of Europe with the active participation of observers of the Canada, Japan and China. .
The ICT minister said: "The ' Computer Misuse and Cybercrime Act' rises in the Budapest Convention. But there was a gap because Mauritius had not signed the agreement. By signing, we will be informed of all developments in the context of cyber security . [ ... ] We are finalizing negotiations under the signature of the Budapest Convention , "
On Monday during a seminar on cyber security organised by Symantec, the regional management noted that the government has an e-services strategy and this is an opportunity for partnership.
Antonio Forzieri Cyber Security Practice Lead at Symantec said: "Hackers are very active on the internet and they earn a lot of money doing multiple types of attacks. These attacks are becoming increasingly aggressive and sophisticated. It is these types of attacks we advise our clients both in the private sector or government . We also provide defensive technologies , "
Source:[Defimedia]

What is the Budapest Convention on Cybercrime?
The Convention is the first international treaty on crimes committed via the Internet and other computer networks, dealing particularly with infringements of copyright, computer-related fraud, child pornography and violations of network security. It also contains a series of powers and procedures such as the search of computer networks and interception.
Its main objective, set out in the preamble, is to pursue a common criminal policy aimed at the protection of society against cybercrime, especially by adopting appropriate legislation and fostering international co-operation.
Detailed explanation about the Treaty is available on the official Council of Europe Website: [Click Here!]
Download a copy of the Treaty:[Click Here!]

80+ Websites Defaced By Indian Hackers

Indian hackers of the newly formed hacking group going by the name of Indian Cyber Rakshak defaced 82 more websites.The hackers uploaded the same deface page on all 82 website on which we could see the Indian flag. At the time of publishing, all the websites were still defaced.The hackers also provided link to their official Facebook fan page on the deface page they uploaded.
List of Defaced Websites:[Click Here!]

Anonymous Announces #Operation Throwback

Through a pastebin document, Anonymous has announced about an operation which they name as "Operation Throwback", which will be held on the 31st of October.They are planning to launch distributed-denial of service (DDoS) against a list of target which is viewable in their IRC.Below is the exact copy of the wording in the pastebin document.

"AnonOps -- Statement to the press and the people of the world.
#OperationThrowback
Greetings from Anonymous,
For years we have watched as a powerful government took careful aim at our liberties and our
freedom on this ever-changing digital landscape. In the past, we have taken action against
it many times, but we have been angered by the recent developments plaguing our sense of
security. The United States Government is consistently tarnishing its reputation on the inter-
national mind. Today we strike back.
We are launching Operation Throwback, a carefully planned and executed demonstration of the
power of the hive mind. We are encouraging a digital protest against the oppression the governments
of the western world are putting on us. Anonymous is reaching out to you, at this moment to
take a stand for what is right.
This operation seeks to launch distributed-denial of service (DDoS) attacks against a list
of targets viewable in our IRC network. Anonymous will be distributing necessary equipment,
intelligence and assistance to all those who wish to join our fleet. The DDoS attacks will be
a powerful show of force to take a careful stand in opposition to the crimes against freedom that
hold us down with each passing day.
The power of the hive mind will be overwhelming. It will not falter, fail or cease as long as
we are together. With you, we can be strong. It's time to prove that we are still here and we
have the motivation to strike back. The United States decided to shake our nest, and for that,
we will sting back.
Join our IRC network and channel:
irc.anonops.com/6697  || channel: #operationthrowback
Or use webchat: webchat.anonops.com/?channels=#operationthrowback
We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.
"

Link to Official Pastebin Document: [Click Here!]
Source

Indian Hacker Defaced Several .UK Websites

Indian hacker going by the codename of ShOrTy420 teamed up with two other Indian hackers, @@lu and Nemesis, and defaced a total of 49 websites. The same deface page was uploaded on each website.On the deface page, the hacker provided his email address and also greeted all Indian hackers. At the time of publishing, all the websites were still defaced. We noticed that among the 49 websites, 47 of them are .uk domains.Moreover,on Saturday,17 .us websites were defaced by the same team.
List of Defaced Websites:[Click Here!]

United Nations in Botswana Website Defaced Twice In A Day

Earlier during the day(25th October),  Bangladeshi hacker using the codename of Ablaze Ever, member of the BGHH defaced the website of the United Nations in Botswana (bw.one.un.org). On the deface page,we could read the following message,
"United Nation Hacked By Ablaze Ever
BD GREY HAT HACKERS
BD XTOR - Rotating Rotor - Cr4cK Br4iN - Murkho Manob - Red Core - Ashik Iqbal chy - Space Fighter - Crack Kid - Black Man - Reza Bghh - Sajid Chowdhury - Nike@l - Grey Doremon - Darkk Hex - Dr@cul@ - Sharif Bghh - Shopnopathik Aion
"

By the time of publishing, when visiting the website, we noticed that it was re-hacked by another hacker group calling themselves Fatal Error Crew. They uploaded text messages which goes as follows on the homepage,
"# Fatal Error Crew ~ Follow us: @FatalErrorSec # Elemento_pcx & s4r4d0 & sup3rm4n ! PWNED YOUR BOX!!!
# By sup3rm4n - 2013 ©
#Somos : Elemento_pcx & s4r4d0 & sup3rm4n
#Novo Twitter :@FatalErrorSec
#Hacking Just for Fun !!!!
# Made in Brazil
"

Mirror of First Defacement:[Click Here!]
Mirror of the second defacement is unavailable.

Sneaker India Discovered URL Redirection Vunlerability in Gophoto.it

Indian security researcher using the codename of Sneaker India recently discovered URL redirection vulnerability in GoPhoto website. He stated that he contacted them and until now,they did not respond back. GoPhoto.it provide services of viewing Facebook and Flickr images in larger format. The website has a global ranking of 5014 and is ranked 4350 in India. An example of the vulnerability is provided below.Sneaker India has been discovering vulnerability in several websites including Pakistani government website last year.
POC:

Mauritius Launches Online Child Sexual Abuse Reporting Portal

With the objective of making the cyberspace safer and protecting internet users from online child sexual abuse content, the ICT regulator along with the Internet Watch Foundation(IWF) launched a portal where individuals can report for any child sexual abuse content which they come across.
Once on the portal, any user,either experienced or amateur, can easily report for content they identified. Proper guidelines are given when you choose "WHERE DID YOU FIND IT?" . For all four options,they provided details on how to proceed with the reporting.
A workshop was carried out on the 22nd of October by the ICTA in collaboration with the Ministry of ICT and IWF. IWF works to eliminate online child sexual abuse images and videos. In the presence of Honourable Tassarajen Pillay Chedumbrum, the Minister of Information and Communication Technology of Mauritius, the ICTA and IWF signed a Memorandum of Understanding.This memorandum sets out the rules for the implementation of the portal. The Online Child Sexual Abuse Reporting Portal (OCSARP) is hosted at the ICTA and all technical investigations will be carried out by the IWF.
Link to the Online reporting page: [Click Here!]
More can be read from the ICTA website: [Click Here!]

#OpSerbia By New Hacker Group

Albania and Kosovo Hackers are planning to attack Serbian cyber space on the independence of  Albania, 28th of November. This was announced through their official Facebook fanpage.This operation was named #OpSerbia.An official video was posted on YouTube in which we can see war crimes being carried out. The hackers behind this operation have named their team as "Pentagon Security Team" and they also set out rules for the members which go as follows:
"Pentagon Rules Security Team
1: Always and always protect the interests of our people.
2: no strikes, against the Albanian pages, except when needed.
3: Do not interfere in the privacy of those who are not from our world (CYBERWORLD.)
4: Do not be blackmailed.
5: Do not attack friendly states pages.
6: Do not be RANDOM deface, deface just Objective.
7: no obscenities, insults, nënqmime, përqarje towards Albanians, even if they do them all.
8: To offer help to him who asks for help.
9: Being a nationalist, and work for your country at any place, time and manner."

Video Posted On their Fanpage:



Rules Set For the Members:

National Police of Paraguay Website Defaced

Hacker going by the codename of TuNoVaTo has defaced the official  website of the National Police of Paraguay. The hacker uploaded a deface page on which the following message was written,
 
"(-:{ HACKED BY TUNOVATO }:-)
Lo siento Admin tienes un fallo de seguridad...!!!
Mi Delito: La curiosidad...!!!
No me acuses por eso,  Simplemente es tu culpa y no la mia...!!!
Sovereignty is the right of the people to elect their government, its laws and it is respected ...!
 Capitalist Government Corrupt ...!
The Revolution has come to stay ...!
"

At the time of publishing,the website was already restored. Mirror of the website at the time of defacement was made by the hacker.
Websites:
http://www.policianacional.gov.py/
Mirror:

Beware Of Fake Dropbox Password Reset Email

Security experts from Appriver discovered a new phishing attack using the name of Dropbox to fooled users in resetting their password.In the email, we an see a sad computer face along with the following message, “Hi admin, You recently requested a link to reset your Dropbox password. The old one is now marked as ‘dangerous.’ Please follow the link to reset password.” Once the user click on 'Reset Password' button, he/she is directed to a fake Microsoft website where they can see the message ' We detected your browser is NOT up-to-date' .They are asked to download updates for their specific browser. The file which is downloaded is a Trojan and is hosted on dynamooblog.ru.
Source:[Click Here!]

19 Porn Websites Defaced By Member of United Bangladeshi Hackers

Hacker using the codename of Prappo Prince, who is a member of the hacking group United Bangladeshi Hackers, has defaced a total of 19 porn websites. The hacker uploaded the same defaced page on each of the website.At the time of publishing, all the websites were still defaced.
List of Defaced Websites: [Click Here!]

Indonesia overtook China As Source Of Internet Attacks

Screenshot from Akamai Report

According to the latest "The State of the Internet" report published on Wednesday, internet attack from Indonesia has nearly double in the second quarter of 2013.Akamai stated in the report that the they use "captures the source IP address of an observed attack and cannot determine attribution of an attacker.". This means that an attacker may change its IP address and is not always in the country where the attack is coming from.
The top 10 countries of Akamai Report is as follows:
  1. Indonesia
  2. China
  3. United States
  4. Taiwan
  5. Turkey
  6. India
  7. Russia
  8. Brazil
  9. Romania
  10. South Korea

A copy of the report can be downloaded [Click Here!]
Source:[Click Here!]

Tanzania ICT Policy Set For Review To Combat Cyber Crime

In his opening speech in Dar Es Salaam at the 7th Southern African Telecommunication Union(SATA)'s workshop, the Permanent Secretary in the Ministry of Communications, Science and Technology, Prof Patrick Makungu said 'There is a need to improve our capacities to ensure that governments and law enforcement officials remain ahead of existing cyber threats and in the pulse of emerging ones,'. As cyber attacks are getting more sophisticated and can cause severe harm to any country, he added, “Steps must be taken to improve our capacity to deal with cyber threats and cyber criminals or else they will cause irreparable damage to economies and countries,”.
Dr. Kamugisha Kazaura, the CEO of the Tanzania Telecommunications Company Limited (TTCL) on his part said that it is important for operators in the region work together to combat network fraud.
More can be read Dailynews.co.tz[Click Here!]

Canadian Accused Of DDOS Attack Now Charged With Hacking

Kevin Courtois, a 29 year old Canadian was arrested in February by the Canadian authorities for launching DDOS attack against the system of his former employee. Now,Kevin has been charged of hacking of four companies.He had access to those computers as he was in charge of maintenance. As such, he installed remote access tool that allowed him to gain unauthorized access to the company's information.
The four victim companies are, Waste Management Authority of the Mauricie materials, Portes et fenêtres JM Ferron, Assurancia Labonté Provencher Mauricie and Concepta Group .
Source:[Click Here!]

Indian Hackers Defaced 11 Pakistani Websites

Indian hackers from Indian Cyber Rakshak team defaced 11 Pakistani websites. At the time of publishing,10 of these websites were still holding the deface page, the one remaining was restored but was hacked again by Indian hackers on which they posted "Rehacked by Indians :o pawning it even more and saying restoring?" The hackers also provided their Facebook fan page on the deface page.
List of defaced Websites:[Click Here!]

35+ Websites Defaced By Malaysian Hacker Jack Riderr

Member of Johor Hacking Crew using the codename Jack Riderr defaced 38 websites. Several .eu and .pl domains were targeted. He uploaded the same animated deface page on each,where a series of pictures could be seen.At the time of publishing,all the websites were still holding the defaced page.
List of websites defaced:[Click Here!]

350+ Brazilian Websites Defaced By Bangladeshi Hacker

Member using the codename 'Black Tiger' of new Bangladeshi hacking group, United Bangladeshi Hackers(UBH), has defaced 350 Brazilian websites.The same animated deface page was uploaded on each of them which had the following message on it,
"Message for Admin :
Sorry Admin , Your Site Has Been Hacked System Is Low Please Patch Your System This Is Just A Warning If You Still Didn't Make a Protection of Your Server We Will Keep On Hacking it.
"
At the time of publishing, many of these were already restored.
List of defaced Websites with mirrors:[Click Here!]

Anonymous Venezuela Defaced Police and Military Websites

Several websites were defaced by Anonymous Venezuela.The hackers uploaded the same deface page on each of these websites.The deface page has an animated Anonymous logo followed by 'Anonymous Venezuela' and just below this, a series of twitter account.They also provided link to their official Facebook page.At the time of publishing,some of the websites were still defaced.Mirrors has been provided below.Websites defaced are those of the Bolivarian Military Technical Academy, Directorate General of Military Counterintelligence , Paez Hydrologic of the Ministry of the Environment, Municipal Police of Vargas and Aragua Police.
Websites Defaced:
http://etm.mil.ve/
www.atmb.mil.ve/
dgim.mil.ve
http://policiamunicipalvargas.gob.ve/
policiadearagua.gob.ve
hidropaez.gob.ve
Mirrors:

#OpMaryville Twitter Storm By Anonymous

On Monday 14th October, Anonymous posted a video on YouTube and two pastebin document to announce about their new operation called #OpMaryville. This operation took birth after the Maryville authorities dropped charges against two boys accused of molesting a 14 year old girl.
According to the first pastebin document, the objective of this operation is to raise awareness in social media and put pressure on an Attorney General to launch an investigation. Anonymous also provided instructions how to proceed with the operation.By now, the YouTube video has been viewed 64,436 times and the pastebin document reached a hits of 4,050.
Video
Pastebin Documents:

Four High Profile Mexican Websites Hacked By Brazilian Hackers

Members of Brazilian Cyber Army have been defacing 4 high profile Mexican websites on Saturday.They uploaded the same deface page on each websites.
Message of Deface Page:
"Hacked By Brazilian Cyber Army
We Are: NeoInvasor - _Trish - Unk Coder BCA - Netterz - Lampiao
A child dies of hunger every 10 seconds.
Meanwhile major powers try to see what
the best way to minimize clashes in Syria where
internal and external attacks leave thousands of dead and wounded.
How long will this last?
Fights over religion, greed and power do not take anyone anywhere.
Do not let your folly make more victims, especially children.
Greetz For: Wannabe, CoderzTeam, MSFc0der, Blk Prt, Elias, Jefrey, Black Devils Team, BMPoC Team, Richad, Sombra.. And,, For You.
"

Websites Defaced:
http://fuerzacivil.mx/
http://www.fuerzacivil.org.mx/
http://nuevoleon2030.nl.gob.mx/
http://profesionalizacion.nl.gob.mx/
http://reformapenalnuevoleon.gob.mx/

Mirrors:
http://zone-h.org/archive/notifier=Brazilian%20Cyber%20Army
http://zone-h.org/archive/published=0/notifier=Brazilian%20Cyber%20Army

Arrested For Blackmailing A Minor On Internet

On Saturday 12th October,the Cybercrime Unit of Mauritius arrested Nashvick Ramawootar,a 23 year old,unemployed man for threatening a minor girl of publishing compromising photos of her on the internet. Not able to withstand this pressure anymore, the girl attempted to commit suicide.It is through the social network Facebook that Mr Ramawootar has been threatening the minor repeatedly by telling her if she refused to give her money,he would be posting her compromising picture on Facebook.After interrogation,the young man admitted that he had been taking obscene picture of the girl and blackmailed her for money.He also added that he told the girl if she wouldn't give her money,he will be posting these pictures on Facebook.
He has been charged of  "breach of Information and Communication Technologies Authority ( ICTA) " and he is currently in police cell.
Source:[Click Here]

Anonymous Philippines Million Mask March 2013

Anonymous Philippines posted a video on YouTube on the 10th of October.Below is the video posted and the transcript.
Video
Transcript
"Greetings citizens of the Philippines. We are Anonymous.
We apologize for this inconvenience, but this is the only easiest way we could convey our message to you,
our dear brothers and sisters who are tired of this cruelty and this false democracy, tired of this government
and the politicians who only think about themselves.
The government, in many ways, has failed its Filipino citizens.
We have been deprived of things which they have promised to give; what our late heroes have promised us to give.
Let us remind the government that fairness, justice and freedom are more than words. They are perspectives.
A march is happening, a revolution. A way to speak, a way to be heard.
On the fifth day of November, 2013, we will try to be a part of the history.
But of course there are those who do not want us to speak, and those who have doubts.
You can sleep, sit, go on with your everyday routine just like a herd of sheep and watch as the government laugh at you.
But if you see what we see, if you feel as we feel, and if you would seek as we seek... then we ask you to stand beside us,
this fifth of November outside the gates of Supreme Court and let us march our way to freedom - a freedom from the shackles
of the Government.
You have been called; and by watching, you have been chosen.
To the "incorrupt" officials of the government, we are challenging you!
Join us!
The Corrupt - Fear us.
The Honest - Support us.
The Heroic - Join us.
We are Anonymous.
We are ONE.
The government, you are NONE.
We are legion.
On the 5th of November, Government - Hear and understand us, or EXPECT US!
"

Palestinian Hackers Attempted Hacking Avast

Palestinian hackers of KDSM Team who succeeded in defacing Avira, AVG and WhatsApp also tried to attack Avast website.This was posted on Avast blog where they stated they managed to take immediate steps to prevent the attack. 
AVAST CEO said: “We ourselves received a notification from Network Solutions saying our email had been changed. We knew we had not requested that so we immediately took action and changed our passwords, which protected us,
Source:[Click Here!]

Adobe Releases Security Updates

Adobe has released patches for security hole in windows version of Adobe Reader and Adobe Acrobat XI." These updates address a regression that occurred in version 11.0.04 affecting Javascript security controls.  Adobe Reader and Acrobat X (10.1.8) and earlier versions for Windows are not affected, and all versions of Adobe Reader and Acrobat for Macintosh are also not affected by this vulnerability." Adobe also recommends users to update its products to latest versions available.
Security update has also been released for RoboHelp 10 on Windows operating system. This vulnerability allowed attackers who successfully exploited it to run malicious code on the affected system.
Users can download the new released patches and read more about these vulnerabilities on Adobe official website.[Click Here!]
Adobe Releases Security Patches

AVG, Avira and WhatsApp Hacked By Palestinian Hackers


 
Hackers from a hacking group calling itself KDSM Team succeeded in defacing three high profile websites yesterday. Among these websites, two antivirus websites were defaced, AVG and Avira. WhatsApp mobile messaging service website as well was defaced.
Security expert discovered that all three use Network Solutions as DNS.
"It’s possible that the hackers managed to change the website’s DNS records, redirecting anyone who attempted to visit www.avg.com to a different IP address.” said a security expert,Graham Cluley.
By the time of publishing,all the websites were restored.

A spokeman from AVG said: "AVG can confirm today that it has had a select number of online properties defaced as a result of our DNS provider being compromised. A number of other companies appear to have been similarly targeted. The situation is being monitored and assessed. Customers are our priority and AVG is working hard to resume normal service levels to its customer base."
An Avira spokesperson said: "Today we have experienced a major disruption in our DNS service. It appears that several websites of Avira as well as other companies have been compromised by a group called KDMS. The websites of Avira have not been hacked, the attack happened at our internet service provider, Network Solutions."
Source:[Click Here!]

13 Anonymous Members Charged for Participating In Operation Payback

13 members of the hacking group Anonymous were indicted and accused of allegedly participating in a cyber attack in an operation called 'Operation Payback' .They are accused of conspiring to “to knowingly cause the transmission of a program, information, code, and command, and, as a result of such conduct, intentionally cause damage, and attempt to cause damage, without authorization, to a protected computer.
The hackers attack these websites by launching distributed denial of service using a tool known as LOIC. This operation payback was launched after the shutdown of The Pirate Bay and their first target was the Motion Picture Association of America (MPAA). The hackers later extended their attack to Bank of America and credit companies like Visa and MasterCard after as they refused to process payments for Wikileaks.


Visitors

Free counters!

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !