Showing posts sorted by date for query NASA. Sort by relevance Show all posts
Showing posts sorted by date for query NASA. Sort by relevance Show all posts

NASA Sub-domain is Vulnerable Allowing Information Disclosure

Posted by Avik Sarkar On 2/18/2013 08:55:00 pm

NASA Sub-domain is Vulnerable Allowing Serious Information Disclosure

National Aeronautics and Space Administration, widely known as NASA used to fascinate the hackers to come and breach its security system. Many of our readers may be astonished after reading the above lines, but its a fact and history is the witness of that. So far NASA have been targeted several times, where hackers have figured out vulnerability and penetrated the digital security. Yet again same thing happened to NASA, when an ethical hacker from India going by the name of "Zero Cool" find out serious loopholes in one of the sub-domain of NASA, which could lead sensitive information disclosure. The hacker shared a vulnerability report with us, where he has shown that, exploiting the vulnerability one malicious attacker can easily extract lots of confidential data from NASA server, such as source code of various programs (used by NASA), current project information, future research paper, topological graph, license information, several executable files, .dll files, private application software & it's source codes, employ details and many more highly confidential or in other word "Top Secrete" data and files. For security and privacy purpose we are not disclosing those vulnerable links, but exclusively for VOGH readers we are sharing few images to justify the fact. 



This vulnerability report has already been submitted to NASA, and as expected they immediately reacted and promised to path those loopholes with immediate effect. While talking about the ethical hacker "Zero" we would like to remind you that, before this NASA vulnerability disclosure, he exposed several vulnerabilities among many major and high profile websites such as FacebookReebok,Indiagames, mtv, lapdonline, UNESCO, Toshiba, Discovery.com, Novell.comMicrosoft Store India, several Pakistani  and Bangladeshi Govt websites and many more.  




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Posted by Avik Sarkar On 12/19/2012 03:45:00 pm

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Infamous NASA hacker Gary McKinnon who broke into US government computer system, while hunting for evidence of UFOs and fought a long fight against extradition, has been told that he will now not face prosecution in the UK. After discussing the case with US Department of Justice and the police, The Crown Prosecution Service (CPS) has decided the appropriate jurisdiction for the McKinnon case to be heard is the US. According to Karen Todner, McKinnon's solicitor, the decision on Friday is an "interesting" one given that he was first arrested and questioned by UK police.

The reasons for that decision were:
  1. The harm occurred in the US - the activity was directed against the military infrastructure of the US;
  2. An investigation had already been launched in the US;
  3. There were a large number of witnesses, most of whom were located in the US;
  4. All of the physical evidence (with the exception of Mr McKinnon's computer) was located in the US;
  5. The US prosecutors were able to bring a case that reflected the full extent of Mr McKinnon's alleged criminality; and
  6. The bulk of the unused material was located in the US. Given the nature of the offences, this inevitably included highly sensitive information and the US courts were best placed to deal with any issues arising in relation to this material.

In a statement, the CPS's Director of Public Prosecutions (DPP), Kier Starmer QC, and Mark Rowley, Assistant Commissioner of the Metropolitan Police Service, said that they had convened a joint panel to discuss the issue and decide whether a new criminal investigation should take place. They decided that the original reasoning for the trial being held in the US still held, and looked into the possibility of holding the trial in the UK. This would have involved transferring witnesses and sensitive physical evidence to the UK. The panel consulted with the US Department of Justice as to whether this would be possible, given that they believed that "the prospects of a conviction against Mr McKinnon, which reflects the full extent of his alleged criminality, are not high".
According to the statement, the US authorities "indicated to us that they would be willing to co-operate with a prosecution in England and Wales if that would serve the interests of justice." However, the US authorities did not feel that transferring all the witnesses and evidence to the UK would be in that interest, given the panel's representations. The statement goes on to say: "That is a decision the US authorities are fully entitled to reach and we respect their decision." On that basis, the panel concluded that a new criminal investigation should not be started and the Assistant Commissioner accepted that advice.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#ProjectWhiteFox -Team GhostShell Hacked 1.6 Million Accounts of NASA, ESA, Pentagon & FBI

Posted by Avik Sarkar On 12/15/2012 04:14:00 pm

#ProjectWhiteFox -Team GhostShell Hacked 1.6 Million Accounts of NASA, ESA, Pentagon & FBI

After the devastating "Project Blackstar" now the hacktivist group calling them selves "Team GhostShell" announced another big hack, where the hackers have targeted several big organizations. This round of cyber attack was going under the banner of #ProjectWhiteFox, in which GhostShell has posted log-in details of 1.6 million accounts they claim are taken from a series of attacks on organizations including NASA, FBI, European Space Agency and Pentagon, as well as many companies that partner with these organizations. The Anonymous subsidiary group has posted the details on Pastebin, while describing the aim of the hack; as part of their #ProjectWhiteFox campaign to promote hacktivism and freedom of information on the internet. The hacker group claimed that the leaked information contained log-in names, passwords, email addresses, CV & several other sensitive information. In their release GhostShell said - "For those two factors we have prepared a juicy release of 1.6 million accounts/records from fields such as aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more."
GhostShell members also said that they have messaged security bosses about the insecurity a number of organizations they targeted during attacks throughout 2012, describing it as "an early Christmas present." 
In a Pastebin file, GhostShell features a list of 37 organizations and companies, including The European Space Agency, NASA’s Engineers: Center for Advanced Engineering, and a Defense Contractor for the Pentagon. GhostShell sets itself apart from other hacktivist groups by targeting more than just one company or organization, and then releasing the results of its attack all at once. This set of hacks is spread out across 456 links, many of which simply contain raw dump files uploaded to GitHub and mirrored on paste sites Slexy.org and PasteSite.com.
The uploaded files contain what appears to be user data that looks to have been obtained from the servers of the various firms (likely via SQL injection). The entries include IP addresses, names, logins, email addresses, passwords, phone numbers, and even home addresses. Email accounts include the big three (Gmail, Hotmail, and Yahoo), as well as many .gov accounts. There are also various documents and material related to partnerships between companies and government bodies, as well as sensitive information for the aforementioned industries. 
Furthermore, the group says it has sent an email to the ICS-CERT Security Operations Center, Homeland Security Information Network (HSIN), Lessons Learned and Information Sharing (LLIS), the FBI’s Washington Division and Seattle location, Flashpoint Intel Partners, Raytheon, and NASA. In it, they say to have detailed “another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA, etc.”
-Source (TNW)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Confirms Data Breach, Hacker Leaked More Than 150,000 Customer Details

Posted by Avik Sarkar On 11/21/2012 01:17:00 am

Adobe Confirms Data Breach, Hacker Leaked More Than 150,000 Customer Details 

Yet again Adobe, the American multinational computer software company had fallen victim of cyber attack. In September Adobe faced what it called a sophisticated cyber attack where hackers have breached Adobe server in order to compromise certificate to sign malware. As a move Adobe revoked those certificates on October 4th. After that massacre, here again one of Adobe's databases has been breached by a hacker and that it has temporarily taken offline the affected Connectusers.com website. The attacker who claimed responsibility for the attack, told that he used a SQL injection exploit in the breach. Adobe confirmed the breach and said that the hacker indeed managed to break into an Adobe server and copy the private credentials of approximately 150,000 users – including their names, email addresses and password hashes. Those affected accounts include Adobe customers, Adobe employees and partners along with U.S. military users including U.S. Air Force users, and users from Google, NASA, universities, and other companies. To prove the attack, the intruder, who goes by the name of "ViruS_HimA" and claims to be from Egypt, has released extracts from his haul on the Pastebin text hosting service. 
"It was an SQL Injection vulnerability -- somehow I was able to dump the database in less requests than normal people do," said ViruS_HimA. Users passwords for the Adobe Connect users site were stored and hashed with MD5, says the hacker, which made them "easy to crack" with freely available tools. And Adobe wasn't using WAFs on the servers, the hacker notes. "I just want to be clear that I'm not going against Adobe or any other company. I just want to see the biggest vendors safer than this," he told the press. "Every day we see attacks targeting big companies using Exploits in Adobe, Microsoft, etc. So why don't such companies take the right security procedures to protect them customers and even themselves?"
"Adobe is a very big company but they don't really take care of them security issues, When someone report vulnerability to them, It take 5-7 days for the notification that they've received your report!!" he wrote. "It even takes 3-4 months to patch the vulnerabilities!" 
While talking about such big cyber attacks, here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  Nvidia,BlizzardPhilips, Zynga, VMWare, & so on. For all the latest on cyber security and hacking related stories; stay tuned with VOGH


-Source (Dark Reading, The-H)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA Laptop Theft Puts Thousands of Employees & Contractors at Risk

Posted by Avik Sarkar On 11/21/2012 01:17:00 am

NASA Laptop Theft Puts Thousands of Employees & Contractors at Risk

So far NASA have been targeted several times, where hackers penetrated the digital security. But here comes a bit different type of breach. A laptop with data on thousands of employees and contractors has been stolen from a NASA employee's car. NASA issued serious warning and it it informing its employees that a laptop computer with personnel information such as social security numbers was stolen from a locked car two weeks ago, potentially putting thousands of workers and contractors at risk. The laptop, issued to an employee at NASA headquarters in Washington, was password protected but its disk was not fully encrypted, making it relatively easy to access the information stored in that hard disk. This security breach  may affect thousands of employees and contractors at NASA facilities around the United States.
NASA has contracted a specialist consulting firm to identify and contact persons affected by the data breach, saying that the process could take up to 60 days due to the large amount of data. NASA Administrator Charlie Bolden banned the removal of unencrypted laptops containing sensitive information from any NASA facility and ordered security software upgrades to be finished by December 21. NASA has now instructed its employees to use full disk encryption (FDE) to lock down hard drives on all devices that process critical data by this 21st December. The agency also warned employees about storing sensitive data on smart phones and mobile devices. The agency is offering employees free credit-monitoring services and other support.
The laptop theft is the latest in a string of NASA security breaches over the past few years. In March, a Kennedy Space Center worker's laptop that contained personal information on about 2,300 employees and students was stolen. A NASA inspector general report this year determined 48 NASA laptops and mobile computing devices were lost or stolen between April 2009 and April 2011, many containing sensitive data.



-Source (Reuters)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Two Romanian Hackers Pleaded Guilty on Credit Card Hack & Faced 7 Years Imprisonment

Posted by Avik Sarkar On 9/20/2012 03:43:00 pm

Two Romanian Hackers Pleaded Guilty on Credit Card Hack & Faced 7 Years Imprisonment  

According to the U.S. Department of Justice two Romanian hacker- Iulian Dolan & Cezar Butu have pleaded guilty to participating in a US$10 million scheme to hack into the computers of hundreds of Subway restaurants in the U.S. and steal payment card data. Iulian Dolan, 28, of Craiova, Romania, pleaded guilty Monday to one count of conspiracy to commit computer fraud and two counts of conspiracy to commit access device fraud, and Cezar Butu, 27, of Ploiesti, Romania, pleaded guilty to one count of conspiracy to commit access device fraud, the DOJ confirmed. Dolan and Butu were two of four Romanians charged in December in U.S. District Court for the District of New Hampshire with hacking Subway point-of-sale computers. In his plea agreement, Dolan has agreed to be sentenced to seven years, and Butu has agreed to be sentenced to 21 months in prison. The two men, in their guilty pleas, acknowledged participating in a Romanian-based conspiracy, lasting from 2009 to 2011, to hack into hundreds of U.S. point-of-sale (POS) computers. Co-conspirator Adrian-Tiberiu Oprea is in U.S. custody and awaiting trial in New Hampshire. The group used stolen payment card data to make unauthorized charges or to transfer funds from the cardholders' accounts, the scheme involved more than 146,000 compromised payment cards and more than $10 million in losses.  
During the conspiracy, Dolan remotely scanned the Internet to identify vulnerable POS systems in the U.S. with certain remote desktop software applications (RDAs) installed on them. Using these RDAs, Dolan logged onto the targeted POS systems over the Internet. The systems were often password-protected and Dolan attempted to crack the passwords to gain administrative access. 
He then installed keystroke logging software onto the POS systems and recorded all of the data that was keyed into or swiped through the POS systems, including customers' payment card data. Thus Dolan managed to steal payment card data belonging to approximately 6,000 cardholders. Dolan received $5,000 to $7,500 in cash and personal property from Oprea for his efforts.
In his plea agreement, Butu said he repeatedly asked Oprea to provide him with stolen payment card data and that Oprea provided him with instructions for how to access the website where Oprea had stored a portion of the stolen payment card data. Butu later attempted to use the stolen payment card data to make unauthorized charges on, or transfers of funds from, the accounts. He also attempted to sell, or otherwise transfer, the stolen payment card data to other co-conspirators. Butu acquired stolen payment card data from Oprea belonging to approximately 140 cardholders
While talking about Romanian Hackers then one name definitely comes in mind and that is Razvan Manole Cernaianu aka "TinKode" who get busted earlier in this year, on charges of hacking into Pentagon and NASA servers, stealing confidential data. Also last year another 26 year aged Romanian hacker faced imprisonment for hacking into NASA servers. 


-Source (CSO)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

A Tribute to The 10 Most Infamous Student Hackers of All Time

Posted by Avik Sarkar On 9/15/2012 04:01:00 pm

A Tribute to The 10 Most Infamous Student Hackers of All Time

Since last two years, we the VOGH team has been covering all the latest cyber security updates. But today lets do some thing different. One of our frequent reader and fan Katina Solomon has requested us to share a fantastic article. Everyday VOGH draws headlines of hackers around the world and their activities. While trying to maintain speed with time, we usually forgot our past. Today we will take you into the past, where we will discuss about those heroes, who are always been ill treated by the society & the system while revamping those heroes into cyber-criminals or infamous hackers. Its our question to our humanity "Did the system has done justice with them??" 
Hacking has always been inherently a young person’s game. The first usage of the word “hacker” was to describe pranksters meddling with the phones at MIT. Many hackers have cited boredom, a desire for change, or the thrill of going somewhere one is not supposed to go as their motivation for hacking, all of which could apply to scores of common activities on college campuses. While today’s hacking scene is dominated by large hacking groups like Anonymous and Masters of Deception, many of the greatest hacks ever have been pulled off by college, high school, and even middle school kids who rose to infamy armed only with a computer and the willingness to cross the bounds of legality.
  1. Sven Jaschan: In the words of one tech expert, “His name will always be associated with some of the biggest viruses in the history of the Internet.” The viruses: the Sasser and NetSky worms that infected millions of computers and have caused millions of dollars of damage since their release in 2004. The man behind the viruses proved to be not even a man at all, legally. Seventeen-year-old hacker Sven Jaschan, a student at a computer science school in Germany, claimed to have created the viruses to become a hero by developing a program that would eradicate the rampaging Mydoom and Bagle bugs. Instead he found himself the subject of a $250,000 bounty courtesy of Microsoft, for which some of his classmates turned him in.
  2. Jonathan James: In 2000, at the age of 16, James, or “C0mrade” as he was known in the hacker community, infamously became the first juvenile federally sentenced for hacking. The targets of his notorious hack jobs were a wing of the U.S. Department of Defense called the Defense Threat Reduction Agency, NASA, and the Marshall Space Flight Center in Huntsville, Ala. (By hacking the latter James gained the ability to control the A/C in the International Space Station.) All of these were pulled off “for fun” while James was still a student at Palmetto Senior High in Miami. Unfortunately, the fun ran out when James was tied into a massive identity theft investigation. Though insisting he was innocent, James took his own life, saying he had “no faith in the justice system.”
  3. Michael Calce: Yahoo. CNN. Ebay. Amazon. Dell.com. One by one in a matter of days, these huge websites crashed at the hands of 15-year-old Canadian high school student Michael Calce, aka “MafiaBoy.” Armed with a denial-of-service program he called “Rivolta” that overloaded servers he targeted, the young hacker wreaked $7.5 million in damages, according to court filings. Calce was caught when he fell victim to a common ailment of teenage boys: bragging. The cops were turned on to him when he began boasting in chat rooms about being responsible for the attacks. On Sept. 12, 2001, MafiaBoy was sentenced to a group facility for eight months on 56 counts of cybercrime.
  4. Kevin Mitnick: Before performing hacks that prompted the U.S. Department of Justice to declare him “the most wanted computer criminal in United States history,” Kevin Mitnick had already made a name for himself as a hacker in his school days, first at Monroe High School in LA and later at USC. On a dare, Mitnick connived an opening into the computer system of Digital Equipment Corporation, which some fellow hackers then used to steal proprietary source code from the company before ratting on him. While still on probation for that crime, Mitnick broke into the premises of Pacific Bell and had to go on the run from police in the aftermath, during which time he hacked dozens of systems, including those of IBM, Nokia, Motorola, and Fujitsu.
  5. Tim Berners-Lee: “Scandalous” is a synonym for “infamous,” and for this legendary computer scientist, knight of the British Empire, and inventor of the World Wide Web to have been a hacker in his school days is certainly a juicy factoid. During his time at Oxford in the mid-’70s, Sir Tim was banned from using university computers after he and a friend were caught hacking their way into restricted digital areas. Luckily by that time he already knew how to make his own computer out of a soldering iron, an old TV, and some spare parts. And also luckily for him, he will always be revered as the father of the Internet.
  6. Neal Patrick and the 414s: In the early ’80s, hacking was still a relatively foreign concept to most Americans. Few recognized the enormous power hackers could hijack with a few strokes on a keyboard, which explains why a young group of hackers known as the 414s (after a Milwaukee area code) were virtual celebrities after they hacked into the famous Los Alamos National Laboratory, the Memorial Sloan-Kettering Cancer Center, and elsewhere. While today hacking a lab where classified nuclear research is conducted could earn you a one-way ticket to Guantanamo, the 17-year-old ringleader and high school student Neal Patrick was on the cover of Newsweek. The group members got light sentences but prompted Congress to take a stronger role in cybercrime.
  7. Robert T. Morris: The first ever Internet worm, the Morris Worm derived its name from Cornell grad student Robert Tappan Morris. In 1988, Morris released the worm through MIT’s system to cover his tracks, which would seem to contradict his claims that he meant no harm with it. But that’s exactly what resulted: the worm spread out of control, infecting more than 6,000 computers connected to the ARPANET, the academic forerunner to the World Wide Web. The damages reached as high as an estimated $10 million, and Morris earned the ignominious distinction of being the first person prosecuted under the Computer Fraud and Abuse Act. Morris got community service but was apparently not considered too infamous to be offered his current job as a professor at MIT.
  8. George Hotz: To some, George Hotz (aka “geohot,” aka “million75,” aka “mil”) is a public menace, a threat to electronic businesses everywhere. To many, Hotz is a hero. The high-schooler shot to fame/infamy in 2007 at the tender age of 17 by giving the world its first hacked, or “jailbroken” iPhone. He traded it for a new sports car and three new iPhones, and the video of the hacking received millions of hits. Apple has had to grudgingly come to terms with jailbreaking, seeing as the courts have declared it legal, but Sony Corp. is definitely not OK with such tampering. When Hotz hacked his PlayStation 3 and published the how-to on the web, the company launched a vicious lawsuit against him. In turn, the hacker group Anonymous launched an attack on Sony, stealing millions of users’ personal info.
  9. Donncha O’Cearbhaill: According to the FBI, this 19-year-old freshman at Trinity College Dublin is one of the top five most wanted hackers in the world. Well, he was; now that he’s been arrested he’s not really “wanted” anymore. The Feds contend the young man is a VIP member of the Anonymous and LulzSec hacking groups that have already been mentioned and whose targets have included the FBI, the U.S. Senate, and Sony (in the Hotz backlash). It seems “Palladium” (O’Cearbhaill) took the liberty of listening in on a conference call between the FBI and several international police forces who were discussing their investigations of the hacking groups. He could be sentenced to up to 15 years in prison if convicted for that hack alone.
  10. Nicholas Allegra: Just as George Hotz moved on from the Apple hacking game, Brown University student Nicholas Allegra is also hanging up his jersey. “Comex,” as he is known to millions of rooted iPhone fans, created the simple-to-use Apple iOS jailbreaking program JailbreakMe in 2007 and has since released two newer versions of it. However, Comex seems to have gone over to the dark side, accepting an internship with the very company whose products he became famous exploiting. Still, Allegra’s hacking skills are so advanced (one author puts him five years ahead of the authors of the infamous Stuxnet worm that corrupted Iran’s nuclear facilities) and so many people availed themselves of his talents, he will forever live in hacking infamy.

We want to dedicate the above post to the legendary hacker, who left us -Jonathan James aka “C0mrade”. Also the post is a tribute to all the so called 'infamous hackers'. You are our heroes and inspiration, you will always be there in our soul. Team VOGH salutes you...... 


-Thank you Katina & Online Degrees




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

2 Norwegian Teen Hackers of "TeaMp0isoN" Arrested By British Police

Posted by Avik Sarkar On 5/12/2012 09:52:00 pm

2 Norwegian Teen Hackers of "TeaMp0isoN" Arrested By British Police (PCeU)

Earlier in last month MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6. Now two Norwegian teenagers, aged 18 and 19, have been arrested in connection with the distributed denial-of-service (DDoS) attack on the web site for the UK's Serious Organised Crime Agency (SOCA) and for swamping British intelligence agency (MI6) hotline with automated Skype calls. These two hackers ware the active members of hacker collective TeaMp0isoN and MLT. These two suspects are arrested in Newcastle on Wednesday evening, and is being questioned about offences under the Computer Misuse Act. Computer equipment has been seized for forensic analysis - and no doubt investigators are hoping that they may find digital clues which could help uncover other suspected hackers. Erik Moestue, a Norwegian prosecutor, said "We have arrested the two we think were most important in these attacks, but we still want to talk to more people". The offence that the two stand accused of carries a maximum jail sentence of six years. "The case is still under investigation," added Moestue, noting that "It is still too early to say anything about the motive for the actions"
The authorities, no doubt, will be hoping to confirm that they have arrested the correct man. Certainly, MLT's Twitter account has been silent since 6:27pm on Wednesday evening. According to the authorities these arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs who have made headlines in the last year or so. 
Earlier TeaMp0isoN was directly involved with Anonymous in #OpRobinHood #OpCensorThis. Also they have found SQL-i vulnerability on the Official NASA forum, and like this attack TeaMp0isoN also hacked English Defence League (EDL) ,T-Mobile USA, BlackBerry blog and many more





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'The Unknowns' Claimed to Breach NASA, European Space Agency, French & Bahrain Ministry of Defense, US Air Force

Posted by Avik Sarkar On 5/10/2012 04:02:00 pm

'The Unknowns' Claimed to Breach NASA, European Space Agency, French & Bahrain Ministry of Defense & Many More
A new group of hacker collective group calling themselves 'The Unknowns' had claimed to breach the security system of a range of government agencies, organizations & many high profile sites. According to a PasteBin release The Unknowns said that they hacked into ten different organizations and published documents and other data alleged to have originated from the servers. Among them there are NASA - Glenn Research Center, US military, US AIR FORCE, European Space Agency, Thai Royal Navy, Harvard, Renault Company, French ministry of Defense, Bahrain Ministry of Defense and Jordanian Yellow Pages
NASA has confirmed that an attack did take place on 20 April, but noted that no "sensitive or controlled information" was compromised. The ESA also admitted to having suffered an attack, which it said made use of SQL injection. 
The hacker group claims that their mission is not malicious, but rather to help. "Victims, we have released some of your documents and data, we probably harmed you a bit but that's not really our goal because if it was then all of your websites would be completely defaced but we know that within a week or two," said the groups post, "the vulnerabilities we found will be patched and that’s what we're looking for."  In other word they are pretending to be 'White Hat'.
If you dig the history you will find that previously NASA was hit many times by the hackers from different part of the world Such as Spamers targeted NASA, TeaMp0isoN hacked NASA official forum, Chinese Hackers hit NASA satellites, Indian hacker minhal stole secrete  information from NASA, Code Smasher has found CSRF vulnerability in the official website of Virtual Heliospheric Observeatory NASA and so on.
 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Threatened to Target British Surveillance Agency GCHQ

Posted by Avik Sarkar On 4/21/2012 11:16:00 pm

Anonymous Threatened to Target  British Surveillance agency GCHQ
Few weeks ago Anonymous performed massive denial of service attack to bring down British Prime Minister’s Office, Home Office & Ministry of Justice. In that attack they have declared that such scenario will be repeated on every Saturday. Here again hacker collective Anonymous threatened to continue cyber attacks on government websites again this weekend, this time they are specially focusing in on British surveillance agency GCHQ. A member of the group made a statement via Twitter (@Anon_central). The planned assault come after a recent spate of DoS attacks on UK government websites over the past few weekends. The attacks are part of the group’s “Operation Trial At Home”, which is protesting against the UK government’s extradition treaties with the US, which it sees as unfair.
“#Anonymous #OpTrialAtHome Plan #DDoS on GCHQ on Saturday 21st April at 8pm BST & 3pm EDT,” Anonymous said in a tweet. “@AnonAteam is asking all Anons to fire lazers at http://ghcq.gov.uk.” It said it supports three British citizens involved in extradition to the US: Gary McKinnon, wanted for seven counts of hacking NASA and Pentagon computers; Richard O’Dwyer, alleged to have infringed copyright in the US and Christopher Tappin, wanted in the US for alleged arm dealing. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

TeaMp0isoN Threatened Authorities After Leader's Arrest

Posted by Avik Sarkar On 4/19/2012 06:01:00 pm

TeaMp0isoN Threatened Authorities After Leader's Arrest 

Few days ago a hacker collective group named TeaMp0isoN took responsibility of hacking into British intelligence agency (MI6). Immediately after the attack MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6. But the story is not over yet. The official twitter account of TeaMp0isoN issued a warning that it will fight back against the arrest of its members. 

The group linked to a Pastebin statement with a call for other hackers to unite in attacking law enforcement agencies. 

Message of TeaMp0isoN:- 
"We've lost the first and most important member of our team; our founder, our brother, our family member. Most importantly we lost a fighter for freedom, a fighter against corruption.
He strived for justice, and constantly fought against oppression and corruption, to help spread awareness on humanitarian causes, and now, he is no longer with us.
Most of you think that this is end of TeaMp0isoN and that this is end of our fight.
We're glad to shout:
#################################
#_ITS NOT OVER, IT JUST STARTED_#
#_ITS NOT OVER, WE ARE STRONGER_#
#_ITS NOT OVER, WE ARE UNITED_  #
#################################

I ask you, a fellow hacker, as a blackhat, to rise, to unite and to fight. For years the hacking scene for the most part has been misrepresented by skids, who have inevitably led to the copious amounts of faggotry and butthurt which currently pollutes the scene. Whitehats continue to lurk and grow, and nothing is preventing them from disclosing exploits.
As a collective we have to stop this, to ascend out of the underground and show the world we are not fucking around, something which TriCk firmly believed in. We, as hackers, have to unite to revive the blackhat scene, for TriCk... and everything that we stand for.
Do you support TeaMp0isoN? Help out via:
irc.tsukihi.me
#retaliation
-----------------------------------------
root@TeaMp0isoN:~# rm -rf skids/*
root@TeaMp0isoN:~# rm -rf whitehats/*
root@TeaMp0isoN:~# rm -rf governments/*
root@TeaMp0isoN:~# rm -rf justicesystem/*
root@TeaMp0isoN:~# rm -rf police/*
-----------------------------------------  ..."

Earlier TeaMp0isoN was directly involved with Anonymous in #OpRobinHood #OpCensorThis. Also they have found SQL-i vulnerability on the Official NASA forum, and like this attack TeaMp0isoN also hacked English Defence League (EDL) and exposed members personal data & many more.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA Technical Reports Server, Encyclopedia Britannica & Dhaka Stock Exchange is Vulnerable

Posted by Avik Sarkar On 4/02/2012 03:18:00 am

NASA Technical Reports Server, Encyclopedia Britannica & Dhaka Stock Exchange is Vulnerable
A 15 years ethical hacker from India named Akshay code name "0z0n3" find out non-persistent cross site scripting vulnerability in three very high profile websites. Those are the official website of NASA Technical Reports Server (NTRS), Encyclopedia Britannica, & Dhaka Stock Exchange. Earlier he has found out XSS vulnerability in the official website of National Geographic. The vulnerability details have already been reported to the web-masters and immediately Dhaka Stock Exchange & Encyclopedia Britannica has fixed those security holes but the vulnerability status of NASA Technical Reports Server (A Sub-domain of NASA) is unpatched. To know the vulnerable link click here.  If you dig the history you will find that previously NASA was hit many times by the hackers from different part of the world Such as Spamers targeted NASA, TeaMp0isoN hacked NASA official forum, Chinese Hackers hit NASA satellites, Indian hacker minhal stole secrete  information from NASA, Code Smasher has found CSRF vulnerability in the official website of Virtual Heliospheric Observeatory NASA and so on. Though the vulnerability in Encyclopedia Britannica & DSE is fixed, still the below screen-shots will clarify the fact.  
-:Encyclopedia Britannica:-
-:Dhaka Stock Exchange:-





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Breached The NASA Jet Propulsion Lab

Posted by Avik Sarkar On 3/03/2012 01:43:00 am

Chinese Hackers Breached The NASA Jet Propulsion Lab 

Chinese hackers gained illegal access NASA Jet Propulsion Laboratory (JPL). According to the investigation report of the Inspector General- hackers from China have breached the NASA JPL earlier in November and stolen sensitive data. Not only data stealing they have breached the security system of JPL which allowed them to delete sensitive files, add user accounts to mission-critical systems, upload malware and many more. That report revealed scant details of an ongoing investigation into the incident against the Pasadena, Calif., lab, noting only that cyberattacks against the JPL involved Chinese-based Internet Protocol (IP) addresses. Paul K. Martin, NASA's inspector general, put his conclusions bluntly."The attackers had full functional control over these networks," he wrote.
If you dig the history you will find that previously NASA was hit many times by the hackers from different part of the world. Such as Spamers targeted NASA, TeaMp0isoN hacked NASA official forum, Chinese Hackers hit NASA satellites, Indian hacker minhal stole secrete  information from NASA and so on. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Vulnerability Found By BlitzSec & TeamHav0k In Ask.com & AOL.com

Posted by Avik Sarkar On 2/28/2012 06:38:00 pm

Vulnerability Found By BlitzSec & TeamHav0k In Ask.com & AOL.com
Hackers found serious security flaws in one of the world's best search engines AOL.com & Ask.com. A newly formed hacker group named BlitzSec has figure out that Advanced search area of Ask.com & a sub-domain that is toolbar.ask.com is vulnerable to XSS attack which can even lead to cookie catching attacks. In a pastebin release the hacker has disclosed all the vulnerabilities in details. Later the authority has patched the security issue but still the toolbar.ask.com is vulnerable. Earlier two Indian hackers named Minhal Mehdi & NotTy_rAj found XSS vulnerability on Ask.com.
Not only Ask but also AOL previously known as America Online (another very popular search engine) is vulnerable to cross site scripting attacks. This vulnerability has been disclosed by another hacker group named TeamHav0k. In a pastebin release the hacker has posted the vulnerable links. The vulnerabilities are still unpatched.  Earlier this group has found serious security flaws in many high profile sites like Huffingtonpost, EA, IGN, NYTimes, NASA, Sony, Adidas and many more.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA, Sony, Adidas, SPIKE TV & Few Other Govt Websites Are Vulnerable - Said "TeamHav0k"

Posted by Avik Sarkar On 2/20/2012 09:38:00 pm

NASA, Sony, Adidas, SPIKE TV & Few Other Govt Websites Are Vulnerable - Said "TeamHav0k"
Newly formed hacker group named "TeamHav0k" continues their Operation XSS #OPXSS. Like earlier they have found cross site scripting vulnerability in many high profile websites. This time NASA, adidas Official Store, SPIKE TV Official Site, Brighton& Hove City council,  Air Accident Investigation Branch [Govt of UK], Portal and Information Services of Tocantins [Govt of Brazil] became the victim. In a pastebin release the hacker group claimed that using the vulnerabilities an attacker can perform cookie stealing, XSS & XSSF Tunneling and such nasty things. Which indeed can create serious harm for those vulnerable sites. They have also found redirection vulnerability on the official website of Sony Global Headquarters later it was patched. 
Earlier TeamHav0k figure out XSS vulnerability in the official site Huffingtonpost, EA, IGN, NYTimes & many other. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search