tag:blogger.com,1999:blog-81937130107808752122024-03-12T18:20:01.644-07:00MauriHackers - Mauritian Hackers SocietyMauritian Hackers Society
Providing Latest IT Security and Hacking NewsUnknownnoreply@blogger.comBlogger1052125tag:blogger.com,1999:blog-8193713010780875212.post-5061770043693903832018-03-15T14:31:00.000-07:002018-03-15T14:31:02.179-07:00The Mauritian Cybercrime Online Reporting System (MAUCORS) Launched<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-84ZRreZzRMI/Wqri8o6RbZI/AAAAAAAADkg/j50Z4dq1AI07G3iFMgVMeDQa7czm2AVmgCLcBGAs/s1600/MAUCORS.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="620" data-original-width="1250" height="315" src="https://1.bp.blogspot.com/-84ZRreZzRMI/Wqri8o6RbZI/AAAAAAAADkg/j50Z4dq1AI07G3iFMgVMeDQa7czm2AVmgCLcBGAs/s640/MAUCORS.JPG" width="640" /></a></div>
<br />
The Mauritian Cybercrime Online reporting System (MAUCORS) was launched today, Thursday, March 15, 2018 at The Meridien Hotel. With increase of cybercrime nowdays, the Ministry of Technology, Communication and Innovation found it necessary to have a centralised online reporting system so that the general public can report cybercrime incident. This will help CERT-MU to manage and respond to these complaints more easily and in a quicker way.<br />
<br />The user friendly portal also provide news and educational articles relating to cybercrime.<br />
<br />When reporting an incident, one shall provide some personal information such as name, email address, phone number, NIC number, etc. which will be used in accordance with the Data Protection Act 2017 of Mauritius. The information are required so as to<br />
<br />
<blockquote class="tr_bq">
<ol>
<li>To help us in identifying you while using the MAUCORS website;</li>
<li>To enable you to report an incident to the website;</li>
<li>Statistical Analysis</li>
<li>Improving our service</li>
<li>Requesting feedback from you</li>
</ol>
</blockquote>
After reporting an incident, a link will be sent to the person’s email address so that he/she can check the status of the report later.<br /><br />For more information or to report an incident, please visit the website:<br />MAUCORS: <a href="http://maucors.govmu.org/" target="_blank">maucors.govmu.org/</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-87575724255386265802017-09-29T20:49:00.000-07:002017-09-29T20:49:35.093-07:00The University of Mauritius Website Defaced By AnonPlus<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-ipod0stvUQs/Wc8TfQU4C9I/AAAAAAAADj4/2NmAqaSGmLQcA7akdOBGD_4FYrbFNxAdQCLcBGAs/s1600/AnonPlus_UOM.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="577" data-original-width="1084" height="212" src="https://4.bp.blogspot.com/-ipod0stvUQs/Wc8TfQU4C9I/AAAAAAAADj4/2NmAqaSGmLQcA7akdOBGD_4FYrbFNxAdQCLcBGAs/s400/AnonPlus_UOM.JPG" width="400" /></a></div>
<br />
A hacking group going by the name of AnonPlus has defaced the website of the University of Mauritius. The defacement page had the AnonPlus logo only. This was publish on the official Twitter account of AnonPlus. At the time of publishing, the website was unreachable<br />
<br />
.<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
University of Mauritius<a href="https://t.co/4oGOa7o5ef">https://t.co/4oGOa7o5ef</a><br /><br />admin access<br />User AnonPlus<br />Pass 12anonplus34<a href="https://twitter.com/hashtag/Hacked?src=hash&ref_src=twsrc%5Etfw">#Hacked</a><a href="https://twitter.com/hashtag/AnonPlus?src=hash&ref_src=twsrc%5Etfw">#AnonPlus</a> <a href="https://t.co/gMLaeyUm9j">pic.twitter.com/gMLaeyUm9j</a></div>
— anonplus (@AnonPlus_Info) <a href="https://twitter.com/AnonPlus_Info/status/913795238409457665?ref_src=twsrc%5Etfw">September 29, 2017</a></blockquote>
<br />
<div style="text-align: left;">
Source:[<a href="https://twitter.com/AnonPlus_Info" target="_blank">AnonPlus Twitter</a>] </div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-76329007829090469012017-06-28T02:26:00.000-07:002017-06-29T12:20:59.779-07:00Petya Ransomware Causing Massive Attack<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-JU1xtYlwirE/WVN1abw7hgI/AAAAAAAADjQ/EgBB3TgSIu4PXvoLMfq-_qq_qhFC_DGugCLcBGAs/s1600/Petya%2BRansomware.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="900" data-original-width="1200" height="480" src="https://2.bp.blogspot.com/-JU1xtYlwirE/WVN1abw7hgI/AAAAAAAADjQ/EgBB3TgSIu4PXvoLMfq-_qq_qhFC_DGugCLcBGAs/s640/Petya%2BRansomware.jpg" width="640" /></a></div>
Thousands of computers around the globe have been hit by a new ransomware called Petya. Similar to WannaCry, the new ransomware is using the Ethernal Blue exploit as one of it mean to propagate itself inside network. After infecting the computers, victims are asked to pay $300 in bitcoins to regain access to their machine.<br />
Several high profile firms have already been affected by the new ransomware. In Ukraine, the Ukraine’s central bank, the Kiev Boryspil Airport, Ukrenego electricity supplier, municipal metro, and state telecom have been attacked.<br />
<br />
The international logistics company MAERSK has announced on its twitter account it has fallen victim of Petya ransomware.<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
Cyber attack update 09:06 CEST <a href="https://t.co/kInQZz4Wyv">pic.twitter.com/kInQZz4Wyv</a></div>
— Maersk (@Maersk) <a href="https://twitter.com/Maersk/status/879966081611431936">June 28, 2017</a></blockquote>
<br />
<div style="text-align: left;">
Researchers from Hacker Fantastic have noticed that the encryption process takes place after the infected windows device is rebooted. If devices are not powered on again, files will not be encrypted.</div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
If machine reboots and you see this message, power off immediately! This is the encryption process. If you do not power on, files are fine. <a href="https://t.co/IqwzWdlrX6">pic.twitter.com/IqwzWdlrX6</a></div>
— Hacker Fantastic (@hackerfantastic) <a href="https://twitter.com/hackerfantastic/status/879775570766245888">June 27, 2017</a></blockquote>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-10845059080135299822017-06-17T23:23:00.000-07:002017-06-17T23:23:49.936-07:00University College London (UCL) Suffered a Major Ransomware Attack<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-el-RUmt1jmU/WUYblzdWO9I/AAAAAAAADi8/uPCSmkHVTSoWaXpQ7CzF7Xk9mR-LwDW2ACLcBGAs/s1600/University-College-London.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="476" data-original-width="887" height="340" src="https://2.bp.blogspot.com/-el-RUmt1jmU/WUYblzdWO9I/AAAAAAAADi8/uPCSmkHVTSoWaXpQ7CzF7Xk9mR-LwDW2ACLcBGAs/s640/University-College-London.JPG" width="640" /></a></div>
<br />
The University College London was hit by a major Ransomware attack on June 15 2017. The Ransomware infected personal and shared drives in the network and the UCL's information Security Team is working with the affected users to identify the exact source of the infection.<br />
According to press release of the University, this could be a zero-day attack as the virus did not show any suspicious activity.<br />
<br />
"<i>We are continuing to investigate the infection that is affecting UCL users. Our current hypothesis is that the malware infection occurred through users visiting a website that has been compromised rather than being spread via email attachments. However this remains unconfirmed at the moment.</i>"<br />
<br />
The security team later confirmed that the attack was not via email but by visiting infected website.<br />
"<i>We have continued to analyse the infection across the UCL filestore and the method of infection this is still ongoing. We have not seen any more users affected by the malware. We no longer think the infection came from an infected email but from users accessing a compromised website. Please be vigilant if you notice an unexpected popup or other unusual behaviour when you access a website close the browser and report it to Service Desk.</i>"<br />
<br />
At the time of writing, the Security team were still restoring the infected drives.<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
We are restoring access to some of the S: drives shares this afternoon and Monday. Check our service news page <a href="https://t.co/Uolwk81g1e">https://t.co/Uolwk81g1e</a></div>
— UCL ISD (@uclisd) <a href="https://twitter.com/uclisd/status/875713850607382528">June 16, 2017</a></blockquote>
<div style="text-align: left;">
Source: [<a href="http://www.ucl.ac.uk/isd/news/isd-news/jun2017/ucl-wide-ransomware-attack-14062017" target="_blank">UCL ISD News</a>] </div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script><center>
</center>
</center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-33386009263013833932017-05-24T11:32:00.000-07:002017-05-24T11:32:48.623-07:00Beware of Fake Wannacry Protection Apps on Google Play Store<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-msw3BM7YmQA/WSXQ618IDCI/AAAAAAAADio/2uvlFRQHbAgnY3AaMOOUKSbi3wajgLubQCLcB/s1600/Fake%2BWannacry%2BProtection%2BAndroid.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="503" data-original-width="1061" height="302" src="https://4.bp.blogspot.com/-msw3BM7YmQA/WSXQ618IDCI/AAAAAAAADio/2uvlFRQHbAgnY3AaMOOUKSbi3wajgLubQCLcB/s640/Fake%2BWannacry%2BProtection%2BAndroid.JPG" width="640" /></a></div>
<br />
Researchers from MacAfee came across a series of rogue apps on Google store posing as Wannacry protectors. Wannacry is a Ransomware which affects Windows operating system only. But, cybercriminals are taking advantage of the trending topic to trick Android users into installing fake Wannacry protectors on their devices.<br />
<br />These applications are loaded with ads and once installed, they advertise sponsored applications, encouraging users into installing them. These sponsored applications may contain other malware. We advise our readers to follow the tips provided by MacAfee before installing any application:<br />
<br /><b>Be careful what you download</b><br />
Don’t download anything for WannaCry protection unless it’s from a trusted security provider. More importantly, if the issue does not affect your type of operating system, don’t download anything you don’t need to.<br />
<br /><b>Read app reviews.</b><br />
Before you even download an app, make sure you head to the review section of an app store first. Take the time to read the reviews, and keep an eye out for ones that mention that the app is falsely advertised, or has had issues with security. When in doubt, avoid any app that seems remotely fishy.<br />
<br /><b>Use a comprehensive security solution.</b><br />
Whether the newest cyberattack is after your computer or your mobile devices, make sure you cover all of them with a comprehensive security solution.<br /><br />Source:[<a href="https://securingtomorrow.mcafee.com/consumer/consumer-threat-notices/fake-wannacry-protection-apps-hit-google-play-store/" target="_blank">McAfee</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-78111367363405757322017-05-15T04:33:00.001-07:002017-05-15T04:33:11.047-07:00WannaCry: The Global Ransomware Attack<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-XEDIZjIRprI/WRmQAAI1A8I/AAAAAAAADiQ/Su2ij4nUjvYyM3BMFh4BTHXl4rVgx1URACLcB/s1600/WannaCry_Ransomware.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="481" src="https://4.bp.blogspot.com/-XEDIZjIRprI/WRmQAAI1A8I/AAAAAAAADiQ/Su2ij4nUjvYyM3BMFh4BTHXl4rVgx1URACLcB/s640/WannaCry_Ransomware.png" width="640" /></a></div>
By now, the ransomware cyber-attack which started on Friday has infected more than 200 000 computers in 150 countries, and, as per security researchers, this number will continue to rise. The ransomware, which is known as Wannacry, mainly target old or unpatched Microsoft Windows operating system by locking the device. To unlock the device, the user must pay a ransom of $300. This piece of malware lock the computer by encrypting its hard disk, preventing users from getting access to their files. They are presented with a screen where steps of how to decrypt their device is published. Big companies such as British NHS, FedEx and Telefonica have fallen victims of the cyber-attack.<br />
<br />Hackers behind this attack has been using EthernalBlue, an exploit developed by the NSA to identified flaws in Microsoft SMB protocol, and which was leaked in the dark web by a hacking group called Shadow Brokers. Microsoft released an update to patch the vulnerability on its newer version in March. Many users and administrators have failed to apply the updates, making it easier for the ransomware to spread more quickly. As many small businesses and individuals are still using older version of operating system, Microsoft took an unusual step by releasing updates for Windows XP, Windows 8, and Windows Server 2003 so that all users can patch their system.<br />
<br />We advise our readers to apply the patch released by Microsoft as soon as possible and not to open any files received from an unknown source.<br />
<br />Microsoft Updates Catalogue [<a href="http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598" rel="nofollow" target="_blank">Click Here!</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-42846280990079826242017-05-12T10:40:00.000-07:002017-05-15T04:22:59.458-07:00Cybersecurity Seminar by BDO IT Consulting Ltd<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-z2weE8Kw-yc/WRXym1wl_4I/AAAAAAAADiA/gDr_jRbMpL4EZKPmbFPrupFGjGVYiARXwCLcB/s1600/BDO-Cybersecurity.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="334" src="https://2.bp.blogspot.com/-z2weE8Kw-yc/WRXym1wl_4I/AAAAAAAADiA/gDr_jRbMpL4EZKPmbFPrupFGjGVYiARXwCLcB/s640/BDO-Cybersecurity.jpg" width="640" /></a></div>
<br />
<div style="text-align: center;">
“<i>There are only two types of company: those that have been hacked, and those that will be.</i>”</div>
<br />
From anywhere and at any time, hackers can launch a cyber-attack on your organisation. Taking this into consideration, BDO IT Consulting Ltd is organising a full day cybersecurity seminar where, ideas, trends, technology and knowledge will be shared to keep you one step ahead of these attacks. <br />
The key topics which will be discussed in the first session are:<br />
• Hacking Humans<br />
• In and Out: Strategies for Preventing, Detecting and Mitigating Cyber Risk<br />
• Building Cyber Capacity: Market Opportunities and Challenges<br />
• Bridging the gap between prevention and incident response<br />
And the second session will be a three hours of live attack, where an expert ethical hacker from BDO South Africa Forensic and Cyber Lab will guide the audience through hacking methodologies. <br />
<br />
For more details and to register [<a href="http://www.bdo.mu/en-gb/events/featured-events/cyber-security-full-day-seminar" target="_blank">Click Here!</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-7539743694116751382017-02-25T02:49:00.000-08:002017-02-25T02:49:00.552-08:00Florida Man Pleads Guilty to Attempted Hacking of Clinton Foundation<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-ymehqcKJb2w/WI234hxCW0I/AAAAAAAADg0/IWVJGUZVoaA_CBsEam5BRiML9SGZj-9ngCPcB/s1600/Maurihackers-Display.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="425" src="https://1.bp.blogspot.com/-ymehqcKJb2w/WI234hxCW0I/AAAAAAAADg0/IWVJGUZVoaA_CBsEam5BRiML9SGZj-9ngCPcB/s640/Maurihackers-Display.jpg" width="640" /></a></div>
Timothy Sedlak, a 43 years old man from Florida pleaded guilty on Thursday for attempted hacking of the Clinton Foundation. Sedlak was arrested in 2015 and according to the prosecutors, he launched about 390,000 unsuccessful attempts on the charitable organization's computer network. The police also discovered files of child pornography on his computer and he was sentenced to 42years of imprisonment, separately, by Orlando court<br />
<br />Describing himself as a private investigator, Timothy stated that he was searching whether charities were used to fund Islamic militant groups.<br />
<br />During the proceeding, the prosecutors did not mention the name of the New York-based charitable organization but Reuters managed to get a copy of the filing on February 3.<br /><br />More can be read from Reuters <a href="http://www.reuters.com/article/us-usa-cyber-sedlak-idUSKBN16215F" rel="nofollow" target="_blank">Here!</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-60872324749946542032017-02-12T07:28:00.000-08:002017-02-12T07:28:11.639-08:00Hard-to-Detect Malware Attacking Enterprise Networks<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-uul0NmLpCUU/WKB-dp3YTWI/AAAAAAAADhE/VWOs7WyLDuQhde0bRqXhbvzfPho9sGoFQCLcB/s1600/HiddenMalwareKaspersky.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="406" src="https://1.bp.blogspot.com/-uul0NmLpCUU/WKB-dp3YTWI/AAAAAAAADhE/VWOs7WyLDuQhde0bRqXhbvzfPho9sGoFQCLcB/s640/HiddenMalwareKaspersky.png" width="640" /></a></div>
<br />
According to Kaspersky Lab's latest report, an "invisible" malware is spreading among banks, telecommunication companies and government agencies. This sophisticated worm uses legitimate system admin and security tools such as PowerShell, Metasploit and Mimikatz to inject malware into computer memory. <br /><br />This particular malware was first discovered by the security team of a bank. They found a copy of Meterpreter on the physical memory of Microsoft domain controller. Forensic analysis reported that the Meterpreter code was downloaded and injected by using PowerShell commands. It was discovered that the NETSH utility was used for tunneling traffic from the victim's computer to the attacker's server. To run malicious PowerShell scripts, the attackers grabbed credentials from Service accounts with administrative privileges by using Mimikatz.<br /><br />By now, over 140 enterprises in 40 countries have been affected by the new malware.<br /><br />Source:[<a href="https://securelist.com/blog/research/77403/fileless-attacks-against-enterprise-networks/" rel="nofollow" target="_blank">Securelist Blog</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-78853800890909465132017-01-29T01:38:00.000-08:002017-01-29T01:38:39.140-08:00Fined For Sending Embarrassing SMS<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-ymehqcKJb2w/WI234hxCW0I/AAAAAAAADgw/UqOIbrgAoUM7_v18owtKKV18mdwDum9GwCLcB/s1600/Maurihackers-Display.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="425" src="https://2.bp.blogspot.com/-ymehqcKJb2w/WI234hxCW0I/AAAAAAAADgw/UqOIbrgAoUM7_v18owtKKV18mdwDum9GwCLcB/s640/Maurihackers-Display.jpg" width="640" /></a></div>
<br />
A 24 years old driver has been fined Rs 75000 for sending five embarrassing SMS to a bank staff in 2010. He was found guilty of violating the telecommunication law of Mauritius by sending four SMS and making eight phone calls on May 1, 2010.<br />The plaintiff registered a statement on May 20, 2010 and stated that she was humiliated and demoralized by these SMS. She also added that she did not know the person who send her the messages and that it was a man who spoke to her on the other end of the line. She even had to change her phone number.<br />Following the judge order, the police were able to get the identity of the SIM card owner. The plaintiff later added that the defendant went to her work place to apologize and begged her to withdraw her complaint.<br />In court the defendant pleaded not guilty and maintained that he was not the one who sent these SMS. However, he was not convincing and could not provide explanation as the SIM card was registered on his name.<br />
<br />
<br />
<br />
<br />
We advise our readers not to register other people's SIM card on their name.<br /><br />Source: [<a href="http://defimedia.info/rs-75-000-damende-pour-des-sms-embarrassants" target="_blank">Defimedia</a>]<br />
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-59502347520133964792017-01-08T01:39:00.000-08:002017-01-08T01:39:49.691-08:00HR Targeted Ransomware Campaign<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-EcHmi9aWNeM/WHIGKfBsXVI/AAAAAAAADgE/W2YKG05F-9o-1HKcH_mKDnU5_k1EDU7JwCLcB/s1600/Ransomware.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://3.bp.blogspot.com/-EcHmi9aWNeM/WHIGKfBsXVI/AAAAAAAADgE/W2YKG05F-9o-1HKcH_mKDnU5_k1EDU7JwCLcB/s640/Ransomware.jpg" width="640" /></a></div>
<br />
<div style="text-align: center;">
Security researchers from Check Point came across a new Ransomware campaign targeting Human Resource departments. The attack start by an email pretending to be a job application. The email contains a brief message from the applicant and two attachments, a PDF file and an Excel document.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-NAjUzRXbcIU/WHIGX_Nv_0I/AAAAAAAADgI/OEvunJO67CYCypGCzG6EjmhK2mMYSDxZwCLcB/s1600/HR-Ransomware-1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="239" src="https://4.bp.blogspot.com/-NAjUzRXbcIU/WHIGX_Nv_0I/AAAAAAAADgI/OEvunJO67CYCypGCzG6EjmhK2mMYSDxZwCLcB/s320/HR-Ransomware-1.jpg" width="320" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
The PDF file is non malicious cover letter which trick the receiver into believing that the email is legitimate. The second document, is a macro-enable Excel file containing a picture of a flower with the word "Loading..." . A text asking the victim to enable the content can also be seen.</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-_8IlHlGRgQs/WHIGhxKI4qI/AAAAAAAADgM/xakOCAIAxjwAsfcTzoXHnVr5O0o6Ar3JQCEw/s1600/HR-Ransomware-2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="254" src="https://2.bp.blogspot.com/-_8IlHlGRgQs/WHIGhxKI4qI/AAAAAAAADgM/xakOCAIAxjwAsfcTzoXHnVr5O0o6Ar3JQCEw/s320/HR-Ransomware-2.jpg" width="320" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
As soon as the receiver enable the content, the macro in the excel document is executed and the encryption process of the files is started, preventing the user from accessing the files. Once encryption is completed, the victim is presented with a note: “YOUR_FILES_ARE_ENCRYPTED.TXT” . </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
The device is then automatically rebooted and a fake “chkdsk” screen is displayed while the disk is been encrypted.</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-whUs-i2F4Ng/WHIG06feGwI/AAAAAAAADgU/QFF4tLldLqcVHnNQyK8a8sz6T9CwoBGdwCLcB/s1600/HR-Ransomware-3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://2.bp.blogspot.com/-whUs-i2F4Ng/WHIG06feGwI/AAAAAAAADgU/QFF4tLldLqcVHnNQyK8a8sz6T9CwoBGdwCLcB/s320/HR-Ransomware-3.jpg" width="320" /> </a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
After disk encryption, the victim is presented with the below screen where steps to decrypt their disk has been given.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-DGWVJ57pfYw/WHIG6qV4D6I/AAAAAAAADgY/xl1tR50VO7ANJh-9MRamr47Gzle2kAs0QCLcB/s1600/HR-Ransomware-4.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="215" src="https://2.bp.blogspot.com/-DGWVJ57pfYw/WHIG6qV4D6I/AAAAAAAADgY/xl1tR50VO7ANJh-9MRamr47Gzle2kAs0QCLcB/s320/HR-Ransomware-4.jpg" width="320" /></a></div>
<br />We advise people from HR departments to remain alert. Make sure a robust anti-Ransomware software is running on your device. Scan all downloaded document before opening.<br /><br />Source: [<a href="http://blog.checkpoint.com/2017/01/03/looking-new-employee-beware-new-ransomware-campaign/" target="_blank">CheckPoint Blog</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-47106760372120226492017-01-07T00:33:00.001-08:002017-01-07T00:33:36.710-08:00Google Patches 95 Android Vulnerabilities<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-AOeZzvPqWL8/WHCnRXLfzEI/AAAAAAAADf0/Fq00WV6uIC4YuZWiOA9oMB2zb_EWwZ5EQCLcB/s1600/AndroidUpdate.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="350" src="https://3.bp.blogspot.com/-AOeZzvPqWL8/WHCnRXLfzEI/AAAAAAAADf0/Fq00WV6uIC4YuZWiOA9oMB2zb_EWwZ5EQCLcB/s640/AndroidUpdate.PNG" width="640" /></a></div>
Google's first Android Security Bulleting for 2017 addresses 95 vulnerabilities in the operating system, among which, 22 were rated Critical. This update is split into two, the 2017-01-01 security patch, which addresses 23 vulnerabilities and the 2017-01-05 security patch level addresses 72 bugs affecting drivers.<br />
<br />“<i>The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.</i>”<br /><br />
A full list of all the addressed vulnerabilities can be find from official source below.<br /><br />
We advise our readers to update their Android devices.<br /><br /><br />Source: [<a href="https://source.android.com/security/bulletin/2017-01-01.html" target="_blank">Android.com</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-7924134448066286862017-01-04T21:35:00.002-08:002017-01-04T21:35:41.988-08:00Denial-of-Service Malware Targeting Macs<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-QSG2yrWPpvU/WG3au52LFHI/AAAAAAAADfk/lGNoIEJe5LgQ1CWJ5iSZkZtVOpL-WuSvgCLcB/s1600/MacDosMalwareMail.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://3.bp.blogspot.com/-QSG2yrWPpvU/WG3au52LFHI/AAAAAAAADfk/lGNoIEJe5LgQ1CWJ5iSZkZtVOpL-WuSvgCLcB/s640/MacDosMalwareMail.png" width="640" /></a></div>
<br />
Security Company Malwarebytes has warned about a new malware which is targeting Macs. The Denial of Service malware hijacks Safari and Apple's Mail applications and automatically creates email drafts continuously until the Mac can no longer handle the task and crashes.<br />A link is been sent via email addresses dean.jones9875@gmail.com and amannn.2917@gmail.com. The malware is hosted on different sites such as safari-get[.]com, safari-get[.]net, safari-serverhost[.]com and safari-serverhost[.]net.<br />
<br />Mac users running macOS 10.12.2 (or later betas) are not affected, as Safari detects the attempt to open the Mail app and blocks the unwanted event.<br />
<br />We advise our readers not to open emails from these addresses and to immediately delete them.<br /><br />Source: [<a href="https://9to5mac.com/2017/01/04/malwarebytes-warns-of-denial-of-service-attacks-on-macs-but-blocked-by-latest-sierra-update/" target="_blank">9to5mac</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-63544228425951003882016-05-19T21:44:00.001-07:002016-05-19T21:44:10.988-07:00Hacker Donates $11000 to Help Kurds in Rojava<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-2T63GpweuYk/Vz6Vku4XsbI/AAAAAAAADec/Su0pwrq0Hso0HI4MJtcYqqrWKr-oSSkWACLcB/s1600/Anonymous-Face.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="348" src="https://4.bp.blogspot.com/-2T63GpweuYk/Vz6Vku4XsbI/AAAAAAAADec/Su0pwrq0Hso0HI4MJtcYqqrWKr-oSSkWACLcB/s640/Anonymous-Face.PNG" width="640" /></a></div>
A hacker going by the codename HackBack or Phineas Fisher, has donated $11000 in bitcoins to Rojava – a Kurdish region in northern Syria, located at the borders of IS (Daesh) controlled territory.On his twitter account, he described them as "<i>one of the most inspiring revolutionary projects in the world today.</i>" <br />
<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
Rojava is one of the most inspiring revolutionary projects in the world today. I just donated 10000€ in bitcoin <a href="https://t.co/2ubZctplSy">https://t.co/2ubZctplSy</a></div>
— Hack Back! (@GammaGroupPR) <a href="https://twitter.com/GammaGroupPR/status/728230300241760256">May 5, 2016</a></blockquote>
<div style="text-align: left;">
The hacker stated that the money comes from a heist but refused to reveal more details. He also revealed that a much bigger cyber-heist is been work on. The donation was done online though a campaign which the Rojava is running to get fun to feed its region.<br /><br />Source:[<a href="http://arstechnica.co.uk/security/2016/05/robin-hood-hacker-rojava-syria-bitcoin-donation/" target="_blank">Click Here!</a>] </div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-57182589385148989572016-05-18T22:17:00.004-07:002016-05-18T22:17:59.937-07:00Hacker Selling 117 Million LinkedIn Accounts On Darkweb<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-WCenUK4lX_o/Vz1MKOsj0FI/AAAAAAAADeM/MZtIoH6p2nIs7fmC2U80HSsD8tZy9T0wgCLcB/s1600/LinkedIn.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://1.bp.blogspot.com/-WCenUK4lX_o/Vz1MKOsj0FI/AAAAAAAADeM/MZtIoH6p2nIs7fmC2U80HSsD8tZy9T0wgCLcB/s640/LinkedIn.PNG" width="640" /></a></div>
A hacker using the code name of Peace is selling 117 million LinkedIn user information on darkweb for 5 Bitcoins(around $2200/£1,500).LeakedSource, the paid search engine for hacked data managed to get a copy of the stolen data stated that there are around 167 million hacked account and 117 million have both emails and encrypted passwords.<br />
LeakedSource commented about the password sasying,<br />
"Passwords were stored in SHA1 with no salting. This is not what internet standards propose. Only 117m accounts have passwords and we suspect the remaining users registered using Facebook or some similarity."<br />
<br />
Additionally, security researcher Troy Hunt Tweeted that as the passwords are encrypted with SHA-1, it will be easily cracked.<br />
<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
Things about the LinkedIn breach:<br />- Dates to 2012<br />- SHA1 with no salt (I believe it's changed since)<br />- Weak passwords will be easily cracked</div>
— Troy Hunt (@troyhunt) <a href="https://twitter.com/troyhunt/status/732869764759093248">May 18, 2016</a></blockquote>
<div style="text-align: left;">
Source:[<a href="http://motherboard.vice.com/en_uk/read/another-day-another-hack-117-million-linkedin-emails-and-password" target="_blank">Click here!</a>] </div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-86169378261820969412016-05-16T21:41:00.000-07:002016-05-16T21:41:19.466-07:00444 School Websites Shut Down By Teen Hacker<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-W1gZZU2bctw/T5eOeZcu0SI/AAAAAAAAAWw/fNKxrFlg_JgdgZ0Geb8H2EbvXbrXfkLMQCKgB/s1600/anonpaste.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://3.bp.blogspot.com/-W1gZZU2bctw/T5eOeZcu0SI/AAAAAAAAAWw/fNKxrFlg_JgdgZ0Geb8H2EbvXbrXfkLMQCKgB/s640/anonpaste.jpg" width="640" /></a></div>
A 16 year old student has been charged with obstruction of justice for having launched DDoS attacks on 444 school websites in Japan. The incident took place in November 2015 and is considered to have made history in Japan for having targeted a local governmental organisation. According to the local police, the boy launched the attack to teach his educators a lesson.<br /><br />"<i>I hate how the teachers talk down to us and never let us express ourselves. So, I thought I would remind them of their own incompetence. It felt good to see them have problems. I did it several times,</i>"<br /><br />Police seized the boy's computer and some hacking book. He downloaded tools which sent large volumes of data to the Board of Education servers, causing it to be unreachable for about one hour. The boy also told the police that he wanted to join the hacking group Anonymous.<br /><br />Japanese law punishes such crimes with a maximum of a three-year prison term or a fine of ¥500,000 (£3204, $4,598). Taking the boy's age into consideration, it is not sure that he will face the maximum sentence.<br /><br />Source:[<a href="http://www.japantoday.com/category/crime/view/junior-high-student-shuts-down-444-school-websites-to-remind-teachers-they-are-incompetent" target="_blank">Click Here!</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-4512820362050107422016-05-16T21:24:00.002-07:002016-05-16T21:24:33.994-07:00Commercial Bank of Ceylon Hacked<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-zTWmdGprj10/Vzqcj8yC1AI/AAAAAAAADd8/Cn6EmgWYem8jnk3nK3sjpYKTTpe96qE7ACLcB/s1600/Commercial%2BBank%2BOf%2BCeylon.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="332" src="https://3.bp.blogspot.com/-zTWmdGprj10/Vzqcj8yC1AI/AAAAAAAADd8/Cn6EmgWYem8jnk3nK3sjpYKTTpe96qE7ACLcB/s640/Commercial%2BBank%2BOf%2BCeylon.PNG" width="640" /></a></div>
Commercial Bank of Ceylon, Sri-Lanka published a notice stating that they were hacked.<br />
<br />"<i>There was a hacking attack on our website and the Bank took immediate corrective steps. Our systems are fully secure and operational. The hacking attack was also immediately communicated to the relevant authorities. We confirm that no sensitive customer data were lost due to this intrusion. We are taking every measure to protect the privacy of our customers and have engaged external parties to review all our systems to ensure that no vulnerabilities exist. Commercial Bank of Ceylon PLC is committed to provide safe and reliable systems and is at the forefront of providing secure banking services.</i>"<br /><br />No more details concerning when and how this happened. But recently, according to an article on Bank Info Security, published on May 13, 2016, it is believed that a hacking group going by the name of Bozkurtlar hacking group posted data of the Commercial Bank of Ceylon online. Researchers said that the dumped files contains the entire content of the corporate website, 158276 files in 22901, which when uncompressed is about 6.97GB.<br /><br />Commercial Bank of Ceylon Statement: [<a href="http://www.combank.net/newweb/info/524" target="_blank">Click Here!</a>]<br />
Read More From Source: [<a href="http://www.bankinfosecurity.com/commercial-bank-ceylon-apparently-hacked-a-9103" target="_blank">Click Here!</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-35201574387358041232016-05-15T21:24:00.001-07:002016-05-15T21:24:08.407-07:00Nulled.io Database Leaked<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-fNqKiyZt2xo/VzlLJR4OH0I/AAAAAAAADds/4CbS5xQ990cxvka7A0CVjwwkXikIsCc7QCLcB/s1600/Nulledio.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="288" src="https://4.bp.blogspot.com/-fNqKiyZt2xo/VzlLJR4OH0I/AAAAAAAADds/4CbS5xQ990cxvka7A0CVjwwkXikIsCc7QCLcB/s640/Nulledio.PNG" width="640" /></a></div>
The well known underground hacking forum Nulled.io suffered massive data breached on 6th May 2016. 500,000 members' email addresses, private messages, password and IP was leaked in a 1.3GB tar archive file. When expanded, the size of the data is 9.45 db.sql file and also contains over 5500 purchase record and 12,600 invoices of buying, selling and sharing of stolen credentials.<br /><br />
The breach was discovered by the security firm Risk Based Security. The firm was unable to track the hacker and stated "<i>When services such as Nulled.IO are compromised and data is leaked, often it exposes members who prefer to remain anonymous and hide behind screen names. By simply searching by email or IP addresses, it can become evident who might be behind various malicious deeds. As you can imagine, this can lead to significant problems for forum users.</i>"<br />
<br />
Source:[<a href="https://www.riskbasedsecurity.com/2016/05/nulled-io-shouldve-expected-the-unexpected/" target="_blank">Click Here!</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-20264613455388448022016-05-13T12:17:00.001-07:002016-05-13T12:17:42.244-07:00A Former Executive Suspected of Hacking the National Transport Authority (NTA) Database<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-Y4mEKLdEf_s/Uy7qJVnzA6I/AAAAAAAAC6s/FYP4EvtHuOEh-wt5XkV_98Oedsc1S3LBQCKgB/s1600/cybercrimemaurihackers.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="353" src="https://2.bp.blogspot.com/-Y4mEKLdEf_s/Uy7qJVnzA6I/AAAAAAAAC6s/FYP4EvtHuOEh-wt5XkV_98Oedsc1S3LBQCKgB/s640/cybercrimemaurihackers.jpg" width="640" /></a></div>
A former top executive of the National Transport Authority (NTA) is suspected of hacking the database of the NTA. It is believed that the former employee was helped by insiders.<br />
<br />
A source at the Ministry of Public Infrastructure told le Defi Media Newspaper:<br />
"<i>The police and the Cybercrime Unit are investigating to determine who are the people who could benefit from this hacking,</i>". The same source also added that the accomplices of the former NTA executive will face sanctions and very soon the investigation will reveal the impact of the hack.<br />
<br />
To mention, this hacking case was first revealed by the minister of Public infrastructure himself, Mr Nando Bodha, at the opening ceremony of a workshop on cybercrime, at the Westin Hotel, Balaclava, Monday, March 21 2016. He also mentioned that the alleged hacker was getting access to the database from his home (remotely), he modified the database and also made a copy of it.<br />
<br />
<center>
<iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/UCYcoVCLCqM" width="560"></iframe> </center>
<center>
</center>
<div style="text-align: left;">
Source: [<a href="http://defimedia.info/horsepowers-falsifies-un-ex-cadre-de-la-nta-soupconne-de-piratage-28736/" target="_blank">Le Defi Media Newspaper</a>]<br />Video Source: [<a href="http://www.lexpress.mu/article/278183/infrastructures-publiques-une-base-donnees-piratee" target="_blank">L'express Mauritius</a>]</div>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-76079345477488527472016-05-09T21:54:00.000-07:002016-05-09T21:54:16.437-07:00Complete Panama Papers Database Now Available Online<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-3cIlr4J3t2g/VzFov8b8YVI/AAAAAAAADdM/Vh1y0i3w-7kFo7aAyzLvZOGZdzdp3zqPwCLcB/s1600/panama-leaks.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="290" src="https://3.bp.blogspot.com/-3cIlr4J3t2g/VzFov8b8YVI/AAAAAAAADdM/Vh1y0i3w-7kFo7aAyzLvZOGZdzdp3zqPwCLcB/s640/panama-leaks.PNG" width="640" /></a></div>
The Panama Papers scandal came into light last April when German newspaper Süddeutsche Zeitung and the International Consortium of Investigative Journalists (ICIJ) published a summary of their investigation into the 2.6TB of dump data of the activities of Mossack Fonseca.<br /><br />These data covers nearly 40years of the law firm's activities, ending in 2015. Investigators claimed these data contained important information on important companies and people from more than 200 countries.<br /><br />ICIJ launched a website where internet users can search for both individuals and companies and get neatly organized results. Details about each person is available, their connection to offshore institution, along with information on that shell corporation, current jurisdiction, incorporation details, and the searched person's role.<br />
<br />
ICIJ Website: <a href="https://offshoreleaks.icij.org/" target="_blank">[Click Here!]</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-36816123309570799332016-05-04T01:50:00.001-07:002016-05-04T01:50:22.386-07:00Google Brings HTTPS to All BlogSpot Domain Blogs<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-UMBm5lyBsWg/Vym3mglS6sI/AAAAAAAADcs/EOiagGY7VsQrcleB98HKz0jfuY886KuywCLcB/s1600/HTTPS%2BRedirect.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="546" src="https://1.bp.blogspot.com/-UMBm5lyBsWg/Vym3mglS6sI/AAAAAAAADcs/EOiagGY7VsQrcleB98HKz0jfuY886KuywCLcB/s640/HTTPS%2BRedirect.png" width="640" /></a></div>
In a blog post published on the 3rd May, Google has announced that it has rolled out HTTPS for all BlogSpot, even for those having a private domain. Launched in September last year, this feature was an option which users could turn on. But now the feature is set by default.<br />Another option has been added, one that says "HTTPS Redirect". If this feature is turned on, automatically all visitors will be redirected to the HTTPS URL instead of the old insecure HTTP link.<br /><br />Google also stated that mixed content may cause some of the blog's functionality no to work with the HTTPS version. This is usually caused by incompatible templates, gadgets, or post contents and they are working on these issues but there are some setting that blog owners only will be able to do so that these works.<br /><br />Source:[<a href="https://security.googleblog.com/2016/05/bringing-https-to-all-blogspot-domain.html" target="_blank">Google Security Blog</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-1051518774146331192016-05-01T11:26:00.000-07:002016-05-01T11:26:42.324-07:00Fake Google Chrome Update Delivering Malware<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-rmht-4a289c/VyZJcG9wZgI/AAAAAAAADcU/XArvV_D3t8IAn92JgNcN5hRAA8EWL1CVACLcB/s1600/Fake-Google-Chrome-Update-Malware.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="346" src="https://1.bp.blogspot.com/-rmht-4a289c/VyZJcG9wZgI/AAAAAAAADcU/XArvV_D3t8IAn92JgNcN5hRAA8EWL1CVACLcB/s640/Fake-Google-Chrome-Update-Malware.JPG" width="640" /></a></div>
Security researchers from Zscaler came across a malware posing as Google Chrome update which fools user into lowering their smartphone defenses so that they can steal credit card details. <br /><br />When the APK file is executed after downloading, the fake Google chrome update asks for administrative right. As most users will think this is from Google, they will grant the permission. Once the malware is given such permission, it will start its malicious behavior by first registering the device with a C&C server, then check antivirus installed on the phone and terminate their process. The malware can monitor SMS and call on the infected device and can also steal SMS by sending it to the C&C server.<br /><br />The most dangerous thing the malware does is, stealing credit card credentials. Each time the user of the infected device opens Google Play Store app, a popup appears asking the user to enter his/her credit card details. If by mistake the user enters the details, this is sent via SMS to a phone number in Russia (+7926XXXX135). <br /><br />We advise our readers to update their applications only through Google Play Store.<br /><br />Source:[<a href="http://adf.ly/1Zzgrk" target="_blank">Zscaler</a>]Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-53965713123409106952016-02-22T23:43:00.001-08:002016-02-22T23:43:22.149-08:00French Defense Ministry Website Hacked By Anonymous<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-o0kPbjtDypg/VswLrP4v4fI/AAAAAAAADbo/ocMCXLH442E/s1600/CIMD%2BUnavailable.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="334" src="https://2.bp.blogspot.com/-o0kPbjtDypg/VswLrP4v4fI/AAAAAAAADbo/ocMCXLH442E/s640/CIMD%2BUnavailable.JPG" width="640" /></a></div>
Anonymous hackers have penetrated into a web portal of the French Defense Ministry Website and leaked the database online. The motivation of this cyber-attack is to protest against the country's intensive foreign arms trade operations.<br />A smaller site, the Centre d'Identification des Materiels de la Defense, has published a communique stating that the portal was under maintenance after the incident was published by Anonymous. The database leaked contains sensitive data such as FTP client usernames, website accounts, PHP sessions and information on army suppliers and partners.<br />Along with these leaks, Anonymous also provided links to press articles regarding France's weapons industry and its lucrative arms trade sector.<br />
<br />
Link to leaked database has not been provided for security reasons. <br />
<br />
<a href="https://www.wikileaks.org/hackingteam/emails/emailid/231550" target="_blank">Link to Article 1</a><br />
<a href="http://www.france24.com/en/20150503-arms-sales-becoming-france-new-el-dorado-but-what-cost-francois-hollande-saudi-arabia-rafale" target="_blank">Link to Article 2</a>Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-67582685862144861262016-02-08T23:59:00.002-08:002016-02-08T23:59:49.348-08:00Hacker Leaked Details of 9000 DHS and 20000 FBI Employees<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-vJo54taiZRc/VrmbcyNPCoI/AAAAAAAADbY/-A6IwaltfFc/s1600/DotGovs.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="308" src="https://1.bp.blogspot.com/-vJo54taiZRc/VrmbcyNPCoI/AAAAAAAADbY/-A6IwaltfFc/s640/DotGovs.JPG" width="640" /></a></div>
A hacker using the codename DotGovs has released details of 9,000 US Department of Homeland Security (DHS) and 20000 FBI employees via his Twitter account. In an exclusive interview he had with Vice, the hacker gave detail how he breached the DHS computer system. The hacker stated that he was able to get access to one email address of a DHS employee. From there, he tried to log into a DOJ web portal but that did not work. He phoned the person in charge.<br />
<br />
“So I called up, told them I was new and I didn't understand how to get past [the portal],” the hacker told Motherboard. “They asked if I had a token code, I said no, they said that's fine—just use our one.”<br />
<br />
The hacker posted a picture of the computer he had access to:<br />
<br />
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
how you like that huh <a href="https://twitter.com/TheJusticeDept">@TheJusticeDept</a><a href="https://twitter.com/hashtag/FreePalestine?src=hash">#FreePalestine</a> <a href="https://t.co/G37q6AWh23">pic.twitter.com/G37q6AWh23</a></div>
— penis (@DotGovs) <a href="https://twitter.com/DotGovs/status/696515436637196290">February 8, 2016</a></blockquote>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
After getting access to the portal, the hacker saw a portal containing around 1TB of data, he stole only around 200GB of them. After the interview with Vice, the hacker leaked the details of 9000 DHS employees on Twitter. After some time, he tweeted about the 20000 FBI employees details. These consists of names, telephone and fax numbers, department, state, email addresses and work titles. </div>
<div style="text-align: left;">
The hacker's last tweet goes as follows:</div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
<center>
<blockquote class="twitter-tweet" data-lang="en">
<div dir="ltr" lang="en">
FBI and DHS info is dropped and that's all we came to do, so now its time to go, bye folks!<a href="https://twitter.com/hashtag/FreePalestine?src=hash">#FreePalestine</a></div>
— penis (@DotGovs) <a href="https://twitter.com/DotGovs/status/696817967301001217">February 8, 2016</a></blockquote>
<br />
<div style="text-align: left;">
Read More From Vice: [<a href="http://motherboard.vice.com/read/hacker-plans-to-dump-alleged-details-of-20000-fbi-9000-dhs-employees" target="_blank">Click Here!</a>]</div>
<script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></center>
Unknownnoreply@blogger.comtag:blogger.com,1999:blog-8193713010780875212.post-56281897448232538462016-02-03T02:22:00.003-08:002016-02-03T02:22:59.704-08:00MalwareBytes Launches Bug Bounty Program<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-4e_6xCquIyA/VrHUrsSBzzI/AAAAAAAADbI/yshHZ6QbxiU/s1600/MalwareBytes.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="270" src="http://3.bp.blogspot.com/-4e_6xCquIyA/VrHUrsSBzzI/AAAAAAAADbI/yshHZ6QbxiU/s640/MalwareBytes.JPG" width="640" /></a></div>
MalwareBytes, a company that provide security products for Windows and Mac has launched its bug bounty program. The company is inviting security researchers to report vulnerabilities they find in their product and rewards will vary between $100 and $1000 per bugs, depending on its severity and exploitability. Adding to that, reporters will also be listed on Malwarebytes' Hall of Fame.<br />A detail of the program can be read [<a href="https://www.malwarebytes.org/secure/guidelines" target="_blank">Click Here!</a>]<br />
<br />
Source: [<a href="https://www.malwarebytes.org/secure/" target="_blank">MalwareBytes</a>]Unknownnoreply@blogger.com