Home » Archives for April 2014
Today 37 year old Romanian arrested for attempting to hack into presidency site in an effort for gaining access to a restricted information and for stealing 62,000 credit cards.City News ( Report in Romanian ) reported that after the investigation they got to know that the person behind these attacks was Teodor Bors located in city of...
The Heartbleed bug crushed everyone’s faith in the secure web, but a world without the encryption software that Heartbleed exploited would be even worse. In fact, it’s time for the web to take a good hard look at a new idea: encryption everywhere.Most major websites use either the SSL or TLS protocol to protect your password or credit card...
Private crypto keys are accessible to Heartbleed hackers, new data shows. Cloudflare published preliminary findings that seemed to indicate that it would be difficult, if not impossible, to use Heartbleed to get the vital key that essentially unlocks the secure sockets layer padlock in millions of browsers. To be extra-sure, Cloudflare launched...
FireEye, a network and security analyst agency, has published a report in which it analyzes the 2013 0days exploits along with context around the threat these vulnerabilities pose to the corporate enterprise.The report also suggests preventive and remedial measures against 0day attacks. The report writes that 0day exploits today...
Security challenges are constantly evolving and "becoming more sophisticated and nefarious" and the ability of utilities to detect and stop penetration must constantly improve, the Public Utilities Regulatory Authority said in its report to Gov. Dannel P. Malloy, report about the hack of Connecticut.Electric, natural gas and major water companies...
A critical bug XXE vulnerability has been found by researchers which let researchers access the internal files of Google's production servers. Sounds surprising but it has been really found by hackers which let hackers read any internal files.As shown, the vulnerability was in Google Toolbar Button Gallery. Team of Researchers found a bug...
Mozilla announced Chris Beard as its new interim former chief marketing officer replacing Brendan Eich as he resigned last April. Bread has also taken the place of Eich on Mozilla corporation board.Brendan Eich , The former CEO and creator of JavaScript , He was forced to leave the job after 11 days of his job as it was revealed that...
Experts say the keyboard can create more disastrous results than a bomb or natural disaster. Cyber attacks what many fear are the new face of terrorism.In April 2011, tornadoes hit Alabama hard, wiping the power supply to millions of homes for days. Could the results of that natural disaster be recreated by man in the form of a cyber attack?For...
Social Engineering is a part of hacking technique which is easily be done. U.K.'s St. Aldhelm's Academy loses $1.7 Million when they receive a Phishing Email – a Spoo email from their bank which asked for the bank account details. The finance staff didn’t check for its authentication and gave all the details in reply to that e-mail....
Latest arrest in South Korea is against cyber-attack.The Chosun Ilbo reports that two teenagers and a university student were recently arrested for threatening to launch cyber attacks on the South Korean government on April 14, 2014.The three, surnamed Kang, 17, Bae, 14, and Woo, 23, posted a YouTube video on March 21, 2014, stating, "To...
When Heartbleed is the most common and popular vulnerability now-a-days, INTERNET SEARCH AND ADVERTISING HULK Google is considering giving websites that use strong encryption preferential placement on its search listings.Matt Cutts, Google senior engineer has hinted at this. Cutts was talking at the SMX West conference in San Jose, California,...
.jpg)
Nine people linked with 'Zeus' malware have been blamed for stealing million and infecting thousands of computers, federal officials announced on Friday as they declared the code "one of the most damaging pieces of financial malware that has ever been used."A blame in PDF File has been unsealed Friday charges nine people, most of them...
According to Tim Rains, director of Microsoft Trustworthy Computing Microsoft’s threat modeling tool updated with new features designed to offer organizations more flexibility and help them implement a secure development lifecycle."More and more of the customers I have been talking to have been leveraging threat modeling as a systematic way...
The Adobe PDF Reader - android version contains a security bug that could allow an attacker to compromise documents stored in reader and other files stored on the android's memory card.According to a security researcher the problem is because of few insecure Javascript interfaces. These Javascript interfaces allow an attacker to run...
Recently we got to know that a hacking group of Brazil named "Dk Brazil Hack Team" hacked their own country's government sites. After watching the record of their defacing at Zone-h, we got to know that this hacking group is mostly targeting Brazil Government. There might be many reasons for this attack, but this site is hacked for one reason...
Oracle has emitted its formal advice about Heartbleed, revealing it has 13 products that need a patch and 14 more “which may be vulnerable”. Oracle points out that all its cloud services should be Heartbleed-proof and that six of its products – including Oracle Linux 6 and Solaris 10.2 – were vulnerable but can be patched with existing updates.The...
For money or sometimes to tease hack of websites are done in this era of technology.A leading cosmetic surgery provider has been hacked by a computer hacker who may have accessed details of nearly 500,000 people considering procedures. The Harley Medical Group said it believed the cyber-attack was an attempt to extort money from the company...
Atleast four million android phones from U.S and tens of millions of android phones from world wide are vulnerable to the security flaw named "Heartbleed" which is now over-populated.According to Google's announcement, Every device which is running android "Jelly Bean" software which means Android 4.1.1 released in 2012 is vulnerable.Using...
"This is purely an attempt to get votes by playing the communal card ahead of the election" said by Gujarat Pradesh Congress Committee's President Arjun Modhwadia. These were his comments when news came about the hacking of BJP Junagadh website.According to the officials of BJP the website shows some anti-view of party which may harm the...
OpenSSL is considered as a certificate for security but what when OpenSSL itself have a bug. That’s the reason Yahoo mail’s passwords were exposed. Heartbleed is a bug which is the result of a mundane coding error in OpenSSL. OpenSSL is for implementing HTTPS encryption in websites, e-mail servers, and applications. The result of a missing...
As the Heartbleed bug has been over-rated as thousands of websites were vulnerable to the exploit. Heartbleed might be one of the most famous bugs which have been over-rated and the most famous exploit ever discovered till now but the researchers which found this exploit didn't revealed it to the world.In the days of discovery of the...
When Dropbox is already in pain, appointment of Condoleezza Rice to board has grown more pains, but this time the hubbub concerns privacy and PR versus performance issues.That appointee Dr. Condoleezza Rice, is both former Secretary of State and National Security Advisor.Dropbox also confirmed two other leadership hires at that time: the...
Students from Harward university have recently launched a new social website known as "Skamster". The website have its own customise script with cool features.website is going viral as at First day of launching it got more then 600+ Registered members.Website is being getting popular within hours as a result facebook ban its link on its...
An employee of Baltimore-based software consulting firm on a project for the University of Maryland (UMD) got raided by FBI because he hacked his own company where he was working. Helkowski mentioned about a vulnerability of system but was not getting serious. Because of being ignored he revenged UMD and hacked the system and made them sure...
VMware has released an update to its vSphere Client which reports a potential – but hard to target – man-in-the-middle vulnerability for the virtu-lization tool.The company said that users running vSphere Client 4.0, 4.1, 5.0, and 5.1 for Windows were vulnerable to a flaw that allows the client to download and install untrusted updates. Were...
.jpg)
Hackers stole the personal information of about 200,000 South Korean credit card users, making some fake credit cards and rack up fraudulent charges about $115,400.The Financial Supervisory Service said that several suspects had late last year hacked into firm card managing payment processing terminals and extracted datas such as numbers,...
Robin Seggelmann, a programmer based in Germany, submitted the code in an update submitted at 11:59pm on New Year's Eve, 2011. It was supposed to enable a function called "Heartbeat" in OpenSSL, the software package used by nearly half of all web servers to enable secure connections.He says the "Heartbleed" vulnerability to the open-source...
The Veterans of Foreign Wars recently began notifying their users that hackers hacked into VFW.org and hackers were able to see their users personal information. In February 2014 , Veterans of Foreign Wars bitterest was hacked by hackers and hackers planted a malicious code , when ever any visitor visited their website...
The company that helped uncover major online security breaches from China last year says exposing the hackers had the effect of shutting them down — at least temporarily.Last year, the New York Times reported on what it believed to be an elite Chinese military unit that had been sitting on its networks, quietly spying on it and countless...
Researchers earlier this month guessed heartbleed had infected two-thirds of all Web servers, and researchers at Sucuri reported Friday that just 2 percent of the top 1 million websites on the Internet remain infected and all of the top 1,000 sites have been patched against the OpenSSL vulnerability but Mandiant tracks a scary new attack...
It is believed that an attacker can't hack a facebook account which has enabled two-step authentication and other additional security check, even if he knows the username and password. But, not more! Vulnerabilities in android apps can make it possible.Cyber criminals have started to use Android Banking Trojan "iBanking" to bypass Facebook's...
This is nothing new that people are stealing identities and then stealing their money from banks and even from tax-refund too. This gave a major start in 2013. Identity thieves are getting more creative and bold in stealing billions in tax refunds from Internal Revenue Service now.A recent victim Laura Hankins knew something was wrong when...
A 19-year-old man is arrested and charged by Canadian police a who allegedly exploited the Heartbleed bug to steal personal data from the Canadian Revenue Agency's website.Stephen Arthuro Solis-Reyes, who allegedly grabbed 900 social insurance numbers (SINs) over a period of six hours, marks the first time that authorities have apprehended...
.jpg)
As governments all around the world are finding a peaceful solution for the political tension in Ukraine , the cyber-criminals could catch government with online attacks , warned Kaspersky Lab CEO Eugene Kaspersky."It is good news for the local IT projects, but the international projects will have less budgeted," says Kaspersky."When...
A federal appeals court Friday reversed and vacated the conviction and sentence of hacker and Internet troll Andrew "weev" Auernheimer.The case against Auernheimer, who has often been in solitary confinement for obtaining and disclosing personal data of about 140,000 iPad owners from a publicly available AT&T website, was seen as a test...
