Hacker Donates $11000 to Help Kurds in Rojava

A hacker going by the codename HackBack or Phineas Fisher, has donated $11000 in bitcoins to Rojava – a Kurdish region in northern Syria, located at the borders of IS (Daesh) controlled territory.On his twitter account, he described them as "one of the most inspiring revolutionary projects in the world today.

The hacker stated that the money comes from a heist but refused to reveal more details. He also revealed that a much bigger cyber-heist is been work on. The donation was done online though a campaign which the Rojava is running to get fun to feed its region.

Source:[Click Here!

Hacker Selling 117 Million LinkedIn Accounts On Darkweb

A hacker using the code name of Peace is selling 117 million LinkedIn user information on darkweb for 5 Bitcoins(around $2200/£1,500).LeakedSource, the paid search engine for hacked data managed to get a copy of the stolen data stated that there are around 167 million hacked account and 117 million have both emails and encrypted passwords.
LeakedSource commented about the password sasying,
"Passwords were stored in SHA1 with no salting. This is not what internet standards propose. Only 117m accounts have passwords and we suspect the remaining users registered using Facebook or some similarity."

Additionally, security researcher Troy Hunt Tweeted that as the passwords are encrypted with SHA-1, it will be easily cracked.

Source:[Click here!]

444 School Websites Shut Down By Teen Hacker

A 16 year old student has been charged with obstruction of justice for having launched DDoS attacks on 444 school websites in Japan. The incident took place in November 2015 and is considered to have made history in Japan for having targeted a local governmental organisation. According to the local police, the boy launched the attack to teach his educators a lesson.

"I hate how the teachers talk down to us and never let us express ourselves. So, I thought I would remind them of their own incompetence. It felt good to see them have problems. I did it several times,"

Police seized the boy's computer and some hacking book. He downloaded tools which sent large volumes of data to the Board of Education servers, causing it to be unreachable for about one hour. The boy also told the police that he wanted to join the hacking group Anonymous.

Japanese law punishes such crimes with a maximum of a three-year prison term or a fine of ¥500,000 (£3204, $4,598). Taking the boy's age into consideration, it is not sure that he will face the maximum sentence.

Source:[Click Here!]

Commercial Bank of Ceylon Hacked

Commercial Bank of Ceylon, Sri-Lanka published a notice stating that they were hacked.

"There was a hacking attack on our website and the Bank took immediate corrective steps. Our systems are fully secure and operational. The hacking attack was also immediately communicated to the relevant authorities. We confirm that no sensitive customer data were lost due to this intrusion. We are taking every measure to protect the privacy of our customers and have engaged external parties to review all our systems to ensure that no vulnerabilities exist. Commercial Bank of Ceylon PLC is committed to provide safe and reliable systems and is at the forefront of providing secure banking services."

No more details concerning when and how this happened. But recently, according to an article on Bank Info Security, published on May 13, 2016,  it is believed that a hacking group going by the name of Bozkurtlar hacking group posted data of the Commercial Bank of Ceylon online. Researchers said that the dumped files contains the entire content of the corporate website, 158276 files in 22901, which when uncompressed is about 6.97GB.

Commercial Bank of Ceylon Statement: [Click Here!]
Read More From Source: [Click Here!]

Nulled.io Database Leaked

The well known underground hacking forum Nulled.io suffered massive data breached on 6th May 2016. 500,000 members' email addresses, private messages, password and IP was leaked in a 1.3GB tar archive file. When expanded, the size of the data is 9.45 db.sql file and also contains over 5500 purchase record and 12,600 invoices of buying, selling and sharing of stolen credentials.

The breach was discovered by the security firm Risk Based Security. The firm was unable to track the hacker and stated "When services such as Nulled.IO are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names. By simply searching by email or IP addresses, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users."

Source:[Click Here!]

A Former Executive Suspected of Hacking the National Transport Authority (NTA) Database

A former top executive of the National Transport Authority (NTA) is suspected of hacking the database of the NTA. It is believed that the former employee was helped by insiders.

A source at the Ministry of Public Infrastructure told le Defi Media Newspaper:
"The police and the Cybercrime Unit are investigating to determine who are the people who could benefit from this hacking,". The same source also added that the accomplices of the former NTA executive will face sanctions and very soon the investigation will reveal the impact of the hack.

To mention, this hacking case was first revealed by the minister of Public infrastructure himself, Mr Nando Bodha, at the opening ceremony of a workshop on cybercrime, at the Westin Hotel, Balaclava, Monday, March 21 2016. He also mentioned that the alleged hacker was getting access to the database from his home (remotely), he modified the database and also made a copy of it.

 
 

Pornhub Launches Bug Bounty Program

In an article posted May 9, Pornhub has announced about the launching of its security bug bounty program via HackerOne platform. Independent researchers will be awarded between $50 to $25000 for their findings.

Like other major tech players have been doing as of late, we’re tapping some of the most talented security researchers as a proactive and precautionary measure – in addition to our dedicated developer and security teams -- to ensure not only the security of our site but that of our users, which is paramount to us,” said Corey Price, Vice President, Pornhub.

When reporting a vulnerability, the researcher must:
  • Be the first to report the vulnerability,
  • Send a clear textual description of the report along with steps to reproduce the vulnerability,
  • Include attachments such as screenshots or proof of concept code,
  • Disclose the vulnerability report directly and exclusively to Pornhub.

Pornhub also stated that their security team can take up to 30 days to respond to the report and will be taking up to 90 days to fix the vulnerability.

For more details about the program, [Click Here!]

Source:[Pornhub Post]

Complete Panama Papers Database Now Available Online

The Panama Papers scandal came into light last April when German newspaper Süddeutsche Zeitung and the International Consortium of Investigative Journalists (ICIJ) published a summary of their investigation into the 2.6TB of dump data of the activities of Mossack Fonseca.

These data covers nearly 40years of the law firm's activities, ending in 2015. Investigators claimed these data contained important information on important companies and people from more than 200 countries.

ICIJ launched a website where internet users can search for both individuals and companies and get neatly organized results. Details about each person is available, their connection to offshore institution, along with information on that shell corporation, current jurisdiction, incorporation details, and the searched person's role.

ICIJ Website: [Click Here!]

#OpIcarus: Anonymous Attacks More Banks

The operation launched by Anonymous is hitting more banks. Eight more financial institutions have suffered DDoS attack during the past few days.

Central Bank of Greece has been the first bank to be under DDoS attack, followed by the Central Bank of Cyprus. Attacks are coming from multiple Anonymous members and divisions including Ghost Squad Hackers. On the official Twitter account of OpIcarus, they have published about several bank which have been under attack, namely, Central Bank of the Dominican Republic, Guernsey Financial Services Commission, Dutch Central Bank and the Central Bank of Maldives.


Anonymous also published a video on YouTube explaining about OpIcarus

 
 
Transcript
 Greetings world, We are Anonymous.

It has been said that humanity is not an end in itself but rather a means to an end.
We have shown the World our strength to deny ignorance, overcome adversity, fight oppression and even the power to throw a wrench in the system that perpetuates it. We are enslaved within a matrix of institutions with the illusion that each stands alone, fighting for power, for profits, for the scraps on the table that represent humanities dwindling resources. In reality however, these institutions - the arms industries, banking and other financial institutions, government intelligence agencies and countless others, have formed what was once a clandestine coalition whose corruption, and avarice have become increasingly transparent due to WikiLeaks and to the efforts of Anonymous. This coalition seeks the preservation and the perpetuation of the powers that be, and this octopus operates through the tentacles of the IMF, the Federal Reserve, and the World Bank, masterminded by think-tanks such as the Bilderberg group, and the Council on Foreign Relations.

The puppets of the powers that be include the president of the United States and his cabinet, and through them they are able to repress the freedom of information, and with it the free and open exchange of ideas which are fundamental to the existence and operations of Anonymous, and the ability to see beyond the veil of secrecy from which the powers that be stand behind.
But where does the power behind the throne lie? Within the global financial system, centered within the New York Stock Exchange, and Bank of England.

They feel secure in their ivory tower built on the broken backs of laborers of the world for what are their subjects, but human... All too human... In humanity lies the restraints of pity and mercy driven by fear. But we are not merely human. Anonymous is something much more for we possess neither fear nor mercy. It is time to show the world the true power and the true face of the faceless, the nameless and the ghosts of society.

Like Icarus, the powers that be have flown too close to the sun, and the time has come to set the wings of their empire ablaze, and watch the system their power relies on come to a grinding halt and come crashing down around them. We must strike at the heart of their empire by once again throw a wrench into the machine, but this time we face a much bigger target - the global financial system.
This time our target is the Global Banking Cartel as a whole.

This is a call to arms, brothers, who for too long have stood for nothing but have criticized everything.
Stand now, behind the banner of free men against the tyrannical matrix of institutions that oppose us. In the beginning some people may stand to lose something from this, but the powers that be stand to lose much more.

For more information check the description of this video.

We are anonymous.
We are legion.
We do not forgive.
We do not forget.
Operation Icarus, engaged.
Expect us.

Google Brings HTTPS to All BlogSpot Domain Blogs

In a blog post published on the 3rd May, Google has announced that it has rolled out HTTPS for all BlogSpot, even for those having a private domain. Launched in September last year, this feature was an option which users could turn on. But now the feature is set by default.
Another option has been added, one that says "HTTPS Redirect". If this feature is turned on, automatically all visitors will be redirected to the HTTPS URL instead of the old insecure HTTP link.

Google also stated that mixed content may cause some of the blog's functionality no to work with the HTTPS version. This is usually caused by incompatible templates, gadgets, or post contents and they are working on these issues but there are some setting that blog owners only will be able to do so that these works.

Source:[Google Security Blog]

Fake Google Chrome Update Delivering Malware

Security researchers from Zscaler came across a malware posing as Google Chrome update which fools user into lowering their smartphone defenses so that they can steal credit card details.

When the APK file is executed after downloading, the fake Google chrome update asks for administrative right. As most users will think this is from Google, they will grant the permission. Once the malware is given such permission, it will start its malicious behavior by first registering the device with a C&C server, then check antivirus installed on the phone and terminate their process. The malware can monitor SMS and call on the infected device and can also steal SMS by sending it to the C&C server.

The most dangerous thing the malware does is, stealing credit card credentials. Each time the user of the infected device opens Google Play Store app, a popup appears asking the user to enter his/her credit card details. If by mistake the user enters the details, this is sent via SMS to a phone number in Russia (+7926XXXX135).

We advise our readers to update their applications only through Google Play Store.

Source:[Zscaler]

#OpAfrica: 1TB of Kenya's Ministry of Foreign Affairs’ Document Leaked By Anonymous

Anonymous hackers in Kenya leaked data of the Kenyan Ministry of Foreign Affairs online. This is part of the operation called OpAfrica which started some months back. The data dump, which consists of PDF and Docx files, contained no sensitive information of employee’s details or credentials. The operation OpAfrica was started to fight against government corruption, child abuse and child labour in African countries. According to a document posted on ghostbin, OpAfrica will not stop here and the hackers listed a series of other government which they are targeting, namely,

Government of Burundi
Government of Togo
Government of Kenya
Government of Burkina Faso
Government of Central African Republic
Government of Ethiopia (repeat, but was overlooked during phase 1)
Government of Somalia
Government of Algeria
Government of South Africa



More can be read from the Ghostbin document:  [Click Here!]

Qatar National Bank Suffers Data Breach

1.4GB of data has been stolen from the Qatar National Bank. The data containing contain files such as QNB customer accounts, passwords, PINs, payment card data, home addresses, emails, and other PII (Personally Identifiable Data) data has been dumped online by an unknown hacker on the Cryptome website.
Several security firms and journalists, who have analysed the data have confirm the validity of the data. These dumped data contain enough information to commit financial fraud by using the name of the affected clients. The bank has not issued any official statement and stated that they do not comment on speculation. They also added that there is no financial impact on its customers.

The data dumped also contained intelligence information and internal bank documents. Data on Qatar's Royal Family, the Qatari Ministry of Defence, and various intelligence agencies from Qatar (Mukhabarat), the UK (MI6), France and Poland can be found in the a folder named as SPY. Details on Al-Jazeera reporters were included.

French Defense Ministry Website Hacked By Anonymous

Anonymous hackers have penetrated into a web portal of the French Defense Ministry Website and leaked the database online. The motivation of this cyber-attack is to protest against the country's intensive foreign arms trade operations.
A smaller site, the Centre d'Identification des Materiels de la Defense, has published a communique stating that the portal was under maintenance after the incident was published by Anonymous. The database leaked contains sensitive data such as FTP client usernames, website accounts, PHP sessions and information on army suppliers and partners.
Along with these leaks, Anonymous also provided links to press articles regarding France's weapons industry and its lucrative arms trade sector.

Link to leaked database has not been provided for security reasons.

Link to Article 1
Link to Article 2

OpAfrica: Anonymous leaks Details of South African Government Employees

Anonymous hackers hacked V-Report, a job portal website, and leaked information of South African Government employees. The data leaked contains full name, email and ID number.This was carried out under and operation dubbed as OpAfrica which was launched at the start of February 2016. Anonymous hacktivists are trying to raise awareness against child labour, for which the government has not taken any action.

"We had information about +33.000 Job Seekers. But we just prefer to publish government officers data."

Anonymous also released a video one week ago

Anonymous Operation Africa #OpAfrica from @AnonymousVideo on Vimeo.

Anonymous hackers have also leaked data which they acquired after hacking the South African Government Communication and Information System (GCIS). These consist of real name, username, hashed passwords and phone numbers.

Link to database document has not been provided for security reasons.

Hacker Leaked Details of 9000 DHS and 20000 FBI Employees

A hacker using the codename DotGovs has released details of 9,000 US Department of Homeland Security (DHS) and 20000 FBI employees via his Twitter account. In an exclusive interview he had with Vice, the hacker gave detail how he breached the DHS computer system. The hacker stated that he was able to get access to one email address of a DHS employee. From there, he tried to log into a DOJ web portal but that did not work. He phoned the person in charge.

“So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said that's fine—just use our one.”

The hacker posted a picture of the computer he had access to:


 After getting access to the portal, the hacker saw a portal containing around 1TB of data, he stole only around 200GB of them. After the interview with Vice, the hacker leaked the details of 9000 DHS employees on Twitter. After some time, he tweeted about the 20000 FBI employees details. These consists of names, telephone and fax numbers, department, state, email addresses and work titles. 
The hacker's last tweet goes as follows:

 Read More From Vice: [Click Here!]

MalwareBytes Launches Bug Bounty Program

MalwareBytes, a company that provide security products for Windows and Mac has launched its bug bounty program. The company is inviting security researchers to report vulnerabilities they find in their product and rewards will vary between $100 and $1000 per bugs, depending on its severity and exploitability. Adding to that, reporters will also be listed on Malwarebytes' Hall of Fame.
A detail of the program can be read [Click Here!]

Source: [MalwareBytes]

Mauritian Linux Expert Ish Sookun Released On Bail

After spending 10 days in detention, Ish Sookun, the Mauritian Linux expert has been granted bail on Tuesday 2nd February. He was apprehended in the context of the investigation into the anonymous e-mail which was sent to the Prime Minister's Office and which referred to terrorist attacks in Mauritius. He had to provide two sureties of Rs100, 000 and sign an acknowledgment of indebtedness of Rs500, 000.
Mr Sookun animated a press conference yesterday afternoon in the office of his barrister where he has challenge the police to bring evidence which shows he is the sender of the mail in question. He intend to claim compensation to the police.
 
 
Source: L'Express

Pastebin.com Suffered DDOS Attack


Pastebin.com, a website where people can store text online has been hit by DDOS attack in the night of 29th to 30th January. This was announced on pastebin official Tweeter and Facebook account. No more details were given concerning the attack.

We contacted pastebin to get more detail concerning the attack and will update the article as soon as we get a reply.

ISIS Hacker Appeared In US Court


Ardit Ferizi, 20, a Kosovo citizen suspected to have supplied ISIS's member, Junaid Hussain, with information on US servicemen has made his first appearance in a US Court on Wednesday. Magistrate Judge Ivan D. Davis charged him with unauthorized access to a computer, aggravated identity theft, and providing material support to a designated foreign terrorist group. If he is found guilty of all three offences, he may face up to 35 years of imprisonment.

The hacker was arrested in Malaysia last October and was detained there on a U.S. provisional arrest warrant. True identity of the hacker also made surface. He was a computer science student in Kuala Lumpur. He is the owner of the Twitter account @Th3Dir3ctorY and is the leader of the Kosova Hacker's Security (KHS) hacking group. He had in the past hacked several companies and government websites. Firizi also stole data from Greek mobile telecom firm OTE and IBM. He is believed to be the one who retrieved all the information about US servicemen. Hussain only published it for others to get access.

Junaid Hussain who was known by the name of Abu Hussain al-Britani, was a British citizen who joined ISIS. He was the leader of ISIS hacking division and was killed last year in a drone strike conducted by the US military.

Source: [Washington Post]

LulzSec Member Leaked Database Of Two Columbian Ministry Websites

LulzSec member going by the codename of Hanom1960 hacked Columbian Ministry of Education and Ministry of Information and Communications websites. The hacker leaked the database on ghostbin website. He also provided download links for each database in the same document. The document also contained the website administrator’s credentials, which are in plain text document. This was announced on the hacker's Twitter account.


HSBC UK Hit By DDOS Attack

Online banking services was unavailable for customers of HSBC UK this Friday morning. According to the several statements the bank published via their official Twitter account, they suffered a DDOS attack but successfully defended their system.

Another Tweet stated that HSBC is working with law enforcement to find the cyber criminal who conducted this attack.
According to their latest Tweet, IT guys of the bank are monitoring the situation closely. They are still seeing the DDOS attack but they are gradually recovering from it.

Cisco Patches Critical Vulnerability In Firewall Devices

Cisco has released a firmware update for its Wireless Network Security Firewall RV220W to patch a critical flaw that allows remote attackers to get administrative privileges on the device.
An unauthenticated attacker can send specially crafted http requests containing malicious SQL statements to the device and bypass the authentication to get administrative priviledge. This attack can be carried out only if the remote management feature is enable on the targeted device.

To read more about the vulnerability and what measures can be taken [Click Here]

#OpBoycottThailand : Anonymous Takes Down 20 Thai Prison Websites

In an operation dubbed as #OpBoycottThailand, members of hacking group Blink Hacker Group, who are affiliated with Anonymous, have taken down 20 Thai prison website. A 37minutes video has been released where Anonymous is accusing Thai police of faking evidence and torturing to get confession. Below is the video and full transcript where they explain their act.

Video:

 
 
Full Transcript and list of website [Click Here!]

Beware of New iPhone Crashing Bug

Pranksters are spreading a URL via social networks which direct people clicking on it to crashsafari.com. This particular website crashes your safari browser and if you're an iPhone user, it will be rebooted. This is not the first time that such a bug is discovered. In May 2015, users were crashing each other's phones by sending a specially crafted message via the iMessage app. This issue was fixed in iOS 8.3.1.

If a person visits the website from an Android or a desktop computer, the bug will only crash the browser, even if it is Chrome or Firefox. Crashsafari.com generates very long and increasing string of characters,all via JavaScript code, which overloads the text string in the address bar.

According to Google's statistics, over 400,000 users have already accessed the link,among which 325654 are iPhone users. [Click Here!]

POC:

Mauritian Linux Expert Ish Sookun Arrested

Ish Sookun, the young Mauritian Linux enthusiast has been arrested by the CCID of Mauritius on Saturday evening 23rd January 2016 in relation to an anonymous e-mail on terrorist threats sent to the Prime Minister’s Office. 20 police officers landed at his place around 16.45. During this operation, two laptops, one computer, some drives and a USB stick were seized. The police suspects that the e-mail comes from an Internet café operated by Mr Sookun situated at Curepipe. Mr Kishan Sooklall, the business partner who was operating the cyber cafe has also been arrested.

Both Mr Sookun and his business partner have been presented before the Bail and Remand Court Sunday 24th 2016 and were refused bail. They have been provisionally charged under the Prevention of Terrorism Act and will appear before the Curepipe Court tomorrow. Social workers, Dr Maharajah Madhewoo ,Eddy Sadien and many other member of the No to Biometric ID Card platform along with Mr Sookun's family were present at the Court. Ish retained the service of Mr Sanjeev Teeluckdharry and Mr Eriksson Moneeapillay.

Source: Local News

Apple Fixed Shared Cookie Vulnerability In iOS 9.2.1


Earlier this week, Apple pushed out iOS 9.2.1 which fixed a vulnerability which has been in the wild for nearly 3 years. This vulnerability was discovered by security researchers from Skycure, Yair Amit and Adi Sharabani.

When a user connects to a public network or a captive-enabled network, the iOS device displays a pop-up window that enable the user to use the embedded browser to login the network via HTTP.  The embedded browser shares the same cookie stored with Safari. If a user connect to a rogue network, these cookies, which contains credentials can be stolen by attackers.

The impact of this vulnerability:
  • Steal users’ (HTTP) cookies associated with a site of the attacker’s choice. By doing so, the attacker can then impersonate the victim’s identity on the chosen site.
  • Perform a session fixation attack, logging the user into an account controlled by the attacker–because of the shared Cookie Store, when the victims browse to the affected website via Mobile Safari, they will be logged into the attacker’s account instead of their own.
  • Perform a cache-poisoning attack on a website of the attacker’s choice (by returning an HTTP response with caching headers). This way, the attacker’s malicious JavaScript would be executed every time the victim connects to that website in the future via Mobile Safari.

We advise our readers to update their iOS as soon as possible.


Source:[Skycure]

W^X Security Feature Added to Firefox

Developers of Mozilla have added a security feature to Firefox aimed at protecting against buffer overflow and memory corruption. The security feature,W^X (Write XOR Execute), is present in the OpenBSD operating system and was added inside Firefox's JIT (Just-in-Time) code compiler.

This feature affects how code executed inside the browser interacts with the OS's memory. Starting with the latest Firefox 46 Nightly build, WebPages will either be allowed to write code to the memory or execute code in the memory, not both at the same time. By doing so, the W^X prevents some types of buffer overflow attacks and makes sure that when dynamic arbitrary codes are injected into the process execution stack, Firefox will crash. This will prevent it from blindly running these malicious codes.

This feature was added by Jan De Mooij and core can be read from his blog post [Click Here!]

Visitors

Free counters!

Receive all updates via Facebook. Just Click the Like Button Below...

Powered By MauriHackerS

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !