700+ Indian Websites Defaced By Members of Iraq Cyber Army

Members of Iraq Cyber Army defaced a total of 702 Indian websites on 30 May 2014. The hackers uploaded the same defacement page on each website where a logo of their group, their name and a link to their official Facebook page was published. At the time of publishing, all the websites were still holding the defacement page.
List to all defaced website:

AVAST Forum Goes Offline After Data Breach

Vince Steckler, the CEO of AVAST Software announced in a blog post that the AVAST forum was currently offline because it was hacked during the weekend. The attacker gained access to user nicknames, user names, email addresses and hashed (one-way encrypted) passwords. Mr Steckler also added that sophisticated attacker can decrypt these passwords and added that once the forum will be back online; all the users will have to change their passwords.

He highlighted the fact that the breach affects only the community-support forum. "No payment, license, or financial systems or other data was compromised."

The organization is rebuilding the forum and stated that once it is online again, it will be faster and more secure. It is not clear how the attacker breached the forum as it is hosted on a third-party software platform but they believe it is a recent attack and managed to detect it immediately.

"We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure."

Source:[Avast Blog]

Two Anonymous Members Arrested By Australian Federal Police

Australian Federal Police have arrested two men who they believe have been defacing and launching DDOS attack on Indonesian and Australian government websites. This was done last  November and was carried out using the name of Anonymous.

A 40-year-old Scarborough (Western Australia) man was charged with:
  • Aid the unauthorized modification of Melbourne IT Limited computer network located in Brisbane, Queensland to cause impairment, contrary to Section 477.2 of the Criminal Code Act 1995 pursuant to Section 11.2 of the Criminal Code Act 1995; and
  • Unauthorised modification of Indonesian Government web servers, to cause impairment, contrary to Section 477.2 of the Criminal Code Act 1995.

The other man who is 18 and from Penrith (New South Wales) was charged with:
  • Unauthorised modification of data to Netspeed ISP located in Canberra, ACT, to cause impairment, contrary to Section 477.2 of the Criminal Code Act 1995
  • Unauthorised access to and modification of restricted data belonging to the ACT Long Service Leave Board, Canberra, ACT, contrary to 478.1 of the Criminal Code Act 1995.

National Manager High Tech Crime Operations Tim Morris said that these attacks have big impact on government and business services. Several computers and hard disk were seized during a raid  in both houses.The police believe that this will take several months to go into all the items due to the amount of information stored in them.

More can be read from source: [Click Here!]

eBay Hacked, Requesting All Members To Change Passwords

Online sales giant eBay posted a message on its official blog stating that it has been hacked. EBay is requesting all its members to change their passwords.
In the statement, the company said that a database containing encrypted passwords and other non-financial data was compromised. Along with this, a small number of employee log-in credentials were compromised allowing unauthorized access to eBay’s corporate network.
EBay also added that they are working with law enforcement and leading security experts to investigate into this matter and are applying the best forensic tools and practices to protect their customers.

They added that they will be sending an email to all customers to request them to change their password as they do not have evidence whether PayPal accounts were accessed by the cyber criminals.

PayPal also publish a statement which goes as follows:
"Later today, eBay Inc. will be asking all eBay users to change their passwords due to a cyber attack that compromised an eBay database containing encrypted eBay passwords and other non-financial information. eBay will notify its user base directly within the next 24 hours with more details.

Extensive forensic research has shown no evidence of unauthorized access or compromise to personal or financial information for PayPal customers.  PayPal customer and financial data is encrypted and stored separately, and PayPal never shares financial information with merchants, including eBay.

In addition to asking users to reset passwords, eBay Inc. said it will also encourage any eBay user who used the same password on other sites to change those, too."

More can be read from official eBay blog post [Click Here!]

Several Chinese Websites Hacked By Anonymous Philippines

Nearly 200 Chinese websites were hacked by Philippine hackers on Monday. Among these, 145 were government websites and 45 were commercial websites. By the time of publishing, some of the websites were restored. This was announced on the official Anonymous Philippines Facebook page on May 18. Yesterday, they posted a message on the same page stating that the operation was successful.

Beware of Phishing Scam "Amazon Password Reset Request" Email

An email pretending to be from Amazon is claiming that the company has received a password reset request from and unknown device. As such, the recipient has to follow the verification procedure outlined in an attached file. This attached file contains a form in which the recipient has to fill in his/her Amazon account login credentials as well as credit card details and name and address information. Once submitted, these data is collected by cyber criminals and they can use these submitted data to hijack Amazon account or commit credit card fraud.
We advise our readers to be careful and not to submit any personal data to untrusted source. You can also report Amazon scam [Here!]

Several Indian Educational Websites Hacked and Defaced By Pakistani Hacker

After defacing Tata Motors website last week, Pakistani hacker using the codename "H4$N4!N H4XOR" has now hacked and deface 9 more websites. He uploaded the same defacement page of each website. By the time of publishing, all the websites were still having the defacement page hosted.
Educational Websites targeted:
  • National Institute of Technology, Durgapur
  • National Institute of Technology Calicut
  • Jawaharlal Nehru   Technological University Anantapur
  • National Brain Research Centre (NBRC)
  • Gujarat Ayurved University
  • Indian Institute of Science Education and Research Bhopal
  • Latha Mathavan Group of Institutions
  • YMCA University of Science and Technology, Faridabad
  • MES College of Engineering

List of websites with mirrors:[Click Here!]

Saudi Arabian Government Planning To Recruit Ethical Hackers

Saudi Arabian Ministry of Interior’s National Information Center is planning to recruit ethical hackers to help in protecting the country’s network. Dr. Zaidan Al-Enezi, external affairs coordinator at the center, said "These hackers will undergo training to transform their abilities into productive energy, and some hackers are proficient in hacking websites only and do not have the capability of hacking programmed networks,"

Hackers who have targeted government websites or systems will not be recruited. Al-Enezi pointed out that employing hackers is not 100% effective but still encourages government bodies and universities to employ ethical hackers (security experts) to protect their system."The center has the ability to track down the source of hacking attempts, and such information is then relayed to the Interpol, supported by evidence, so they may track down the culprits," he added.

Source:[Saudi Gazette]

Was The Mauritius National ID Card Website Vulnerable??

Nitin Sookun, a young Mauritian Linux enthusiast and blogger discovered vulnerability on the MNIC website recently. On his personal blog, he published about what he discovered.
According to the article, he came across this vulnerability while visiting the website for information regarding the deadline for the registration of the new ID Card. Not getting any information, he decided to click on the contact form to submit a query. He was surprised to see that the contact form was designed using Google Docs and on top right corner of the form, he discovered the option of "Request Edit Access". As the website was not protected with SSL and was requesting too much of personal information in the form, the young Mauritian decided to test the validity of the form first. He entered some dummy data and submitted the form. He received a notice that the query was recorded and on the same page, he had the option of seeing previous responses. Tempting to see what could that be, he clicked on the link and here was the surprise, every person who submitted queries had their private information listed there, name, national ID number, phone number, age, email addresses and the queries/complaints they submitted.

By the time of publishing, the contact page was unavailable. Mr Sookun updated his article twice, first to mention about the patching of the flaw and secondly to publish about the HTML source code of the contact form.

Our readers can have a look at original article [Click Here!]

We only provide news relating to IT Security and hacking. We make no claim, promise, or guarantee about the accuracy, completeness, or adequacy of the contents of the original article, and expressly disclaim liability if ever there has been any unlawful act by the author of the original article.

3 Security Fixes Added in Chrome 34.0.1847.137

3 security vulnerabilities were fixed in the latest stable Google Chrome 34.0.1847.137. All three vulnerabilities as categorised as high severity.
Security experts who reported about these vulnerability were rewarded. Two of these bugs were detected using AddressSanitizer.
  • High CVE-2014-1740: Use-after-free in WebSockets. Credit to Collin Payne.[$2000]
  • High CVE-2014-1741: Integer overflow in DOM ranges. Credit to John Butler.[$1500]
  • High CVE-2014-1742: Use-after-free in editing. Credit to cloudfuzzer.[$1000]
We advise our readers to update to the latest version as soon as possible.
Source:[Click Here!]

SanDisk Announced Self-Encrypting Solid State Drive X300s

SanDisk Corporation has announced its company's very first self-encrypting solid state drive, which is compatible with TCG Opal 2.0 (PDF) and Microsoft Encrypted Hard Drive. The X300s will be available in two form factors, 2.5” 7mm and M.2 2280 single-sided, with capacities of 64GB, 128GB, 256GB, 512GB, and 1TB. The X300s also comes equipped with Wave System’s EMBASSY Security Center (ESC) as part of the upcoming SanDisk SSD Dashboard software suite.

Tarun Loomba, vice president of marketing, client storage solution at SanDisk said, "Wave's collaboration with SanDisk means that our customers will receive an immediate endpoint encryption solution for our new X300s SSD”.. "Wave's EMBASSY® Security Center (ESC) allows seamless deployment of data protection policies, which can also be centrally managed by cloud or server-based solutions from Wave Systems."

Wave CEO Bill Solms said "The SanDisk X300s SSD offers strong protection for companies' most sensitive data, and when combined with Wave's superior management capabilities, will deliver customers with a cost-effective, comprehensive solution right out of the box"

Full specification of the X300s SSD available [Here!]
Source:[Click Here!]

Beware of Phishing Scam “Your Photos Are being Used”

Security researchers from Malwarebytes are warning users of a phishing scam making the round title as "YOUR PHOTOS ARE BEING USED". This scam has been seen on social media site such as Tumblr and seems to be sent from one of the user's friend. When users click on the link in the message, they are directed to a Tumblr fake login page where the attackers have been using JavaScript codes to redirect the victim to a fake Facebook login page. They will have to enter their credential in order to see the pictures. By filling the login details and hitting enter, the user is actually sending his/her username and password to the attacker. We advise our readers to be careful as the Facebook page look legitimate. The only way to identify that this is a fake page is by looking at the URL.

Tata Motors Sub Domain Hacked By Pakistani Hacker

Pakistani hacker using the codename of "H4$N4!N H4XOR" has once again defaced a high profile website. Tata Motors, the largest Indian automotive manufacturing company website has fallen victim of the hacker. Sub domain 'connect.tatamotors.com' was defaced and the hacker wrote the following message on the defacement page,
"Pakistan Haxors Crew is here to remind you of your security. Our fight is not against any individual but the system as a whole. Should you choose to ignore security, it will reincarnate as your worst nightmare!
We just defaced your website to give you a chance to put your hands on it before others come and destroy it. Consider yourselves warned because consequences will follow."

At the time of publishing, the sub-domain website was unavailable, mirror of the defacement has been provided below.


Japanese Man Arrested For Possession Of Guns Created With 3D Printer[Video]

A 27 year old Japanese man, Yoshitomo Imura, was arrested for making handguns with a 3-D printer. The police said that two of the five guns recovered were capable of firing. No bullets were discovered at the Yoshitomo's home in Kawasaki, south Tokyo.
Imura who is an employee of Shonan Institute of Technology in Fujisawa, bought the commercial 3D printer online for ¥60,000.
I can’t complain about the arrest if the police regard them as real guns,” he reportedly said.
The police launched an investigation earlier this year after Imura posted a video online where he demonstrated about the guns which he claimed he made himself.


Beware of Phishing Scam "Google+ Fraudulent Verification Survey"

An email pretending to be from 'All Domain Mail Team' at Google+ is at the moment making the round, asking recipients to participate in a 'spam and fraudulent verification survey'. The email is not from Google and is tricking users into giving their Google account credentials. Somehow, there has been some mistake while writing this email, "if verification response is not gotten from you.." "you are a fraulent user.."
Naive and inexperience computer users can fall victims of this scam and follow the instruction given in the mail. The links given in the mail redirect users to a website requesting users to login with their Google email address and password. We advise our readers to be careful and do not sign in with your Google account on untrusted websites.
Source:[Click Here!]

France's Orange Telecom Hit by Data Breach

French leading telecommunication company, Orange has been hit again by hackers. Around 1.3million customers personal data have been stolen. The previous data breach was back in February of this year. This breach has been discovered on 18 April and hackers acquired names, email addresses, fixed line and mobile numbers, names of mobile and internet operators and the date of births of the customers. These stolen data can be used for phishing attack.
"A spokesman said the group had delayed announcing the latest breach to allow for the scale of the data theft to be assessed and to ensure that the security gaps which allowed it had been closed."


Free counters!


MauriHackerS - Providing Latest IT Security and Hacking News !