Friday 28 March 2014
Labels:
Cyber News
Recently,A Pakistani hacker group going with the name "P4K-M4D-HUNT3R-Z" just hacked into the Punjab and Sind Bank Of India Official Website,
The hackers have left a page over there which shows that it was a Security Reminder as hacker don't have any wrong intentions regarding the website,
Hackers have just greeted there friends in the deface page with a message :
Read More
Punjab And Sind Bank of India Website Hacked by Pakistani Hacker Group
Recently,A Pakistani hacker group going with the name "P4K-M4D-HUNT3R-Z" just hacked into the Punjab and Sind Bank Of India Official Website,
The hackers have left a page over there which shows that it was a Security Reminder as hacker don't have any wrong intentions regarding the website,
Hackers have just greeted there friends in the deface page with a message :
"[#] YOur b0x gOt OwneD By | P4K-M4D-HUNT3R-Z
[#] Security Kiss It's Called Deep Love :D ! YOur WebseCurity Sucks
[#] I Was TryinG mY SkilLs On yOur WeBsite/seRVer :P
[#] And YOu knOw thE reSultS lOl :D
[#] FeeL thE pOweR Of A ScriPt kiDDie
[#] We aRE ReBel'S :)
[#] We aRE AkatSuki's
[#] Expect Us
Greets : "
The link of the hacked website is https://www.psbindia.com/x.html while the hacker have made mirror on zone-h,a popular hacktivism archive which can be found here http://zone-h.org/mirror/id/22108728
Labels:
Cyber News
Syrian Electronic Army Alias SEA claims to breached into the systems of United State Central Command (CENTCOM),the attack appears to be in response of US Intentions regarding to use cyber warfare on Syria.
Read More
Syrian Electronic Army Targets CENTCOM, Shows It Has Access to US Army Data
Syrian Electronic Army Alias SEA claims to breached into the systems of United State Central Command (CENTCOM),the attack appears to be in response of US Intentions regarding to use cyber warfare on Syria.
So far,the hackers have published few screenshots on there twitter account showing that they have access on Army Knowledge Online (AKO) servers,the AKO provides enterprise information services to the Army and Department of Defense customers,which provide classified and unclassified services to both,The image published by the SEA on Twitter shows that they have obtained information related to Department of Defense organizations, particularly Air Force operations.
The representatives on an Interview with The Tampa Tribune that "The hackers claims are totally bogus".
Bob Gourley, the former CTO of the Defense Intelligence Agency (DIA) and founder of Crucial Point LLC, has told The Tampa Tribune that the files shown in the screenshot published by the hacktivists appear to contain unclassified information.
Gourley says that if the SEA’s claims are true, they appear to have access to unclassified areas, not SIPRNet, the network used by the Department of Defense and the Department of State to transmit classified information. At this point, it would be more an embarrassment than a security concern.
However, the SEA argues that the screenshot it has published is only the beginning, claiming to have successfully penetrated “many central repositories.”
A lot more data will be published in the upcoming days, which, according to the pro-Assad hacktivists, will demonstrate that the breach is more serious than it appears at this point.
Labels:
Cyber News
Recently,very well known Hacker's group going with the name of AnonGhost hacked into the sub domain of Agricultural Research Organization of Israel (ARO),
Hackers in his post on a Social Network reflected the word "Warning for the 7th April #OpIsraelBirthday" seems like they are preparing something big for Israel as they have already launched successful uncountable Op's against Israel,this time the Damage will be massive,they always support "FREE PALESTINE"
The Hacked domains is http://app.agri.gov.il/default.htm and the hacker made a mirror/proof of its hack on a hacktivism archive http://aljyyosh.org/mirror.php?id=116727,
The severity of damage is unknown that what sort of access 'Hackers' have on the targeted server,
Hackers in there deface page wrote :
"Hi Israel !
We always here to Punish you as we did on the last Operation 7 April and we back again to celebrate it
Because We are the voice of Palestine and we will not remain silent!!
Muslims are everywhere - We will enter to Palestine soon :) remember this :D"
Read More
Agricultural Research Organization Israel website sub domain hacked by Anonghost
Recently,very well known Hacker's group going with the name of AnonGhost hacked into the sub domain of Agricultural Research Organization of Israel (ARO),
Hackers in his post on a Social Network reflected the word "Warning for the 7th April #OpIsraelBirthday" seems like they are preparing something big for Israel as they have already launched successful uncountable Op's against Israel,this time the Damage will be massive,they always support "FREE PALESTINE"
The Hacked domains is http://app.agri.gov.il/default.htm and the hacker made a mirror/proof of its hack on a hacktivism archive http://aljyyosh.org/mirror.php?id=116727,
The severity of damage is unknown that what sort of access 'Hackers' have on the targeted server,
Hackers in there deface page wrote :
"Hi Israel !
We always here to Punish you as we did on the last Operation 7 April and we back again to celebrate it
Because We are the voice of Palestine and we will not remain silent!!
Muslims are everywhere - We will enter to Palestine soon :) remember this :D"
Thursday 27 March 2014
Labels:
Cyber News
YouTube has been blocked in Turkey as a newly leaked recording of Turkey's Intelligence chief discussing possible military operations in Syria with the foreign minister and the deputy head of the armed forces.
Another leaked voice recording suggests that Prime Minister Tayyip Erdogan orchestrated the release of Baykal's (former Republican People's Party leader) sextape in 2010.
Erdogan also tried to block Twitter ahead of elections (with moderate success) and threatened to block Facebook. His ruling AKP party has been embroiled in a wide-ranging corruption scandal for months.
Read More
YouTube blocked in Turkey
YouTube has been blocked in Turkey as a newly leaked recording of Turkey's Intelligence chief discussing possible military operations in Syria with the foreign minister and the deputy head of the armed forces.
Another leaked voice recording suggests that Prime Minister Tayyip Erdogan orchestrated the release of Baykal's (former Republican People's Party leader) sextape in 2010.
Erdogan also tried to block Twitter ahead of elections (with moderate success) and threatened to block Facebook. His ruling AKP party has been embroiled in a wide-ranging corruption scandal for months.
Labels:
Cyber News
A Hacker using an on line moniker 'Seo' has been arrested for breaching into about Approx 25 Million accounts of NAVER,South Korea's largest web portal.
According to KoreanHerald,the hacker bought private information of 25 million people from an Anonymous Korean-Chinese in 2013.The hacker then used the same data to hack into NAVER accounts. The purchased data included names, Internet IDs (profiles), passwords and telephone/mobile numbers.
A computer programmer using on line moniker 'Hong' was also arrested for developing hacking programs including one that automatically enters emails and passwords to log in to NAVER.
The National Police Agency Of South Korea has decided to expend its investigation into 86 other peoples who have bought malicious computer programs developed by 'Hong'.
While,NAVER said :
"The company was not able to stop such attacks from outside sources. The best way to prevent such attacks would be changing the passwords on regular basis, so even if the accounts are compromised, the impact would be minimal."
Read More
Famous South Korean Search Portal NAVER Hacked
A Hacker using an on line moniker 'Seo' has been arrested for breaching into about Approx 25 Million accounts of NAVER,South Korea's largest web portal.
According to KoreanHerald,the hacker bought private information of 25 million people from an Anonymous Korean-Chinese in 2013.The hacker then used the same data to hack into NAVER accounts. The purchased data included names, Internet IDs (profiles), passwords and telephone/mobile numbers.
A computer programmer using on line moniker 'Hong' was also arrested for developing hacking programs including one that automatically enters emails and passwords to log in to NAVER.
The National Police Agency Of South Korea has decided to expend its investigation into 86 other peoples who have bought malicious computer programs developed by 'Hong'.
While,NAVER said :
"The company was not able to stop such attacks from outside sources. The best way to prevent such attacks would be changing the passwords on regular basis, so even if the accounts are compromised, the impact would be minimal."
Labels:
Vulnerability
Read More
Joomla Ajax ShoutBox 1.6 And Below Remote SQLi
Joomla Ajax ShoutBox module adds live chat functionality to your Joomla site. Your visitors can chat with each other right in website without refreshing their browsers. It's almost like chatting on an instant messenging network! And it's all powered by AJAX,Recently has been confirmed/reported to its vendor that it has a Remote SQLi vulnerability which will lead your Joomla based website to massive data leakage which includes your admin credentials as well,According to the Author of the exploit Ibrahim Raafat this vulnerability was found 4 Years Ago,File "helper.php" is vulnerable to SQL Injection more briefly parameter "jal_lastID" on line 115,the jal_lastID is requesting details without proper sanitization which led it to a SQLi,
EXAMPLE :
Exploit:
?mode=getshouts&jal_lastID=1337133713371337+union+select+column,2,3,4,5,6+from+table-- -
Example:
?mode=getshouts&jal_lastID=1337133713371337+union+select+group_concat(username,0x3a,password),1,1,1,1,1+from+jos_users-- -
?mode=getshouts&jal_lastID=1337133713371337+union+select+column,2,3,4,5,6+from+table-- -Example:?mode=getshouts&jal_lastID=1337133713371337+union+select+group_concat(username,0x3a,password),1,1,1,1,1+from+jos_users-- -While the Vendor showed Rapid Response on it and released a Patch ( 1.7 ) the same day 12 March 2014
Subscribe to:
Posts
(
Atom
)