Jeremy Hammond -Key Member of Anonymous Affiliated LulzSec Pleads Guilty To Stratfor Hack

Jeremy Hammond -Key Member of Anonymous Affiliated LulzSec Pleads Guilty To Stratfor Hack, Could Face 10 Years In Prison

Lulz Security widely known as LulzSec, the most dangerous hacker collective group who set their devastating hacking rampage for fifty days in which they have successfully penetrated almost all the so called top secure fields; has suddenly stopped their sail. But stopping crime never means that the criminal will be overlooked, the pending punishment will surely take place. And this applied from LulzSec also. Lat year we have seen leader of LulzSec and also also leader of infamous hacker collective group Anonymous code-named "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers. The arrest of Sabu subsequently helped law-enforcement officials to infiltrate Lulzsec, an offshoot of Anonymous, the loose hacking collective that has supported an ever-shifting variety of causes. The information provided by Sabu lead FBI to arrest all the key members of LulzSec including Ryan Cleary, Jake Davis, Raynaldo Rivera, Cody Kretsinger and so on. Among them there was Jeremy Hammond widely known as "Anarchaos" who was arrested by the federal authorities and been charged for the  breach of the security analysis company Stratfor. In December last year the bail application of Hammond was also been rejected by the the Court. So after several hearings finally the accused of security breach against global intelligence firm Stratfor,  Jeremy Hammond pleaded guilty in a Manhattan court to one count of computer fraud and abuse in response to charges that he hacked into the network of the privacy intelligence firm Stratfor, stealing millions of emails that eventually were given to WikiLeaks and published over the course of 2012. The plea agreement could carry a sentence of as much as 10 years in prison, as well as millions of dollars in restitution payments, though Hammond’s official sentence won’t be handed down until September. Hammond also told Judge Loretta A. Preska of Federal District Court in Manhattan that in 2011 and 2012 he had gained unauthorized access to Stratfor’s computer systems and several other groups, including the Federal Bureau of Investigation’s Virtual Academy, the public safety department in Arizona, and Vanguard Defense Industries, which makes drones. 

"Now that I have pleaded guilty, it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites," Hammond said in a statement on last Tuesday. 

A petition posted to Change.org by Hammond’s brother Jason Hammond asks the judge in Hammond’s case, Loretta Preska, to sentence him to time served, given that he’s already spent 15 months in lockup. “Jeremy did nothing for personal gain and everything in hopes of making the world a better place,” reads Hammond’s brother’s petition. “Jeremy is facing a maximum sentence of ten years, but the minimum is zero. He has been in jail since March 2012 awaiting trial and now sentencing. It’s time for him to come home.”

-Source (Forbes & Huffington Post)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Jeremy Hammond -Key Member of Anonymous Affiliated LulzSec Pleads Guilty To Stratfor Hack"https://www.voiceofgreyhat.com/2013/06/Jeremy-Hammond-Pleads-Guilty-To-Stratfor-Hack.html</a>

"We Steal Secrets: The Story of WikiLeaks" -Documentary Movie Based on WikiLeaks

"We Steal Secrets: The Story of WikiLeaks" -Documentary Movie Based on Julian Assange & WikiLeaks 

Millions of WikiLeaks fans will be happy when they will come to know that a documentary type movie is coming in this year which will be based on the true story or in other sense, based on the journey of WikiLeaks. As per sources several active projects are currently running on WikiLeaks such as a feature called “The Fifth Estate” which stars  Benedict Cumberbatch as Julian Assange. Other versions are planned as well, but the very first one which is out of the gate is the one we are talking about. The name of much waited coming movie is “We Steal Secrets: The Story of Wikileaks” which will be a documentary coming later this year from the insanely prolific filmmaker Alex Gibney. People like us who love the cyber space have already seen many movies based on hacking like Hackers, Takedown, The Matrix, Die Hard 4, The Italian Job, Anti Trust, Swordfish, The Girl With Dragon Tattoo, Reboot & so on. So the special expectation  will deferentially be on "We Steal Secrets" and the official trailer is saying so. 

According to IMDB, it has been confirmed that WikiLeaks founder Julian Assange himself is acting on the movie where another world famous hacker Adrian Lamo playing an important role in We Steal Secrets- a documentary that details the creation of Julian Assange's controversial website, which facilitated the largest security breach in U.S. history. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">"We Steal Secrets: The Story of WikiLeaks" -Documentary Movie Based on WikiLeaks"https://www.voiceofgreyhat.com/2013/03/We-Steal-Secrets-The-Story-of-WikiLeaks.html</a>

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai

Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai 

Yet again another infamous gang of cyber criminals who were behind the hack of more than $7 Million from exchange companies in Dubai get busted by the Dubai Police. The special Criminal Investigation Department (CID) of Dubai Police were behind these criminals for a long time, and after a certain period they successfully managed to track down and crack the cyber crime ring. Major General Khamis Matter Al Mazeina, acting chief of Dubai Police, said on last Sunday that a gang of Asians and Africans work with hackers in order to enter different websites and systems of different companies here in Dubai in order to transfer money inside and outside the country. “Cheques worth more than Dh6 billion have been found with the gang after their arrest,” he said. He also said that the gang was able to transfer more than Dh7 million from exchange companies in Dubai to their own accounts. From an exclusive report of Gulf News we came to know that the deputy director of the General Department of Criminal and Investigation for research, Colonel Salem Khalifa Al Rumaithi said the incident happened early this month when police received complaints about a scam and transfer of $2 million from a company’s account. “This was done through hacking the e-mails of this company by someone outside the UAE,” he said.

He said the hackers used to change the data of the transactions, billing, and then transfer the money into their accounts.

He said the first accused, an Asian identified as Kh. Q., used to receive the transferred funds. “He owns three luxury cars which he bought from the proceeds of such crimes,” he said. 

He said the role of the second suspect, another Asian identified as U.K., was to provide the gang with bank account numbers by creating fake companies on the internet and dealing with the victims’ accounts. “After the process of converting the money credited to the first accused U.K. used to take 3 per cent of the money and give the remaining to an African man who was the mastermind. According to Lt Colonel Saeed Al Hajeri, director of the electronic investigation department, the third suspect was identified as D.Q. from Africa.

“The role of this suspect was as a mediator between the gang members and manipulating the business processes and changing the bank accounts to any other account,” he said. The suspect admitted that he was part of the Dh4 billion scam and another Dh6 million scam.

Lt Col Al Hajeri said Dubai Police had taken the necessary measures to obtain sufficient information from the rest of the gang members who operate outside the country in African countries through Interpol. Brigadier Khalil Ebrahim Al Mansouri, director of CID, said the police team worked on arresting the gang quickly.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Gang of Cyber Criminals Arrested For Stealing $7 Million From Exchange Companies in Dubai"https://www.voiceofgreyhat.com/2013/03/Cybercriminals-Arrested-For-Stealing-7Million.html</a>

Twitter Hacked, More Than 250,000 User Data Compromised

Twitter Hacked, More Than 250,000 User Data Compromised

The social networking giant and the world famous micro blogging site Twitter again fallen victim of cyber attack. Last year we have seen that the tight security system if twitter have been compromised many times. Yet again in this year the San Francisco based social media giant who have more than 500 million registered users failed to protect them selves from hackers. On last Friday Twitter acknowledged that it had become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users. The micro blogging giant said in a blog posting that earlier this week it detected attempts to gain access to its user data. It shut down one attack moments after it was detected. According to reports usernames, email addresses, session tokens and encrypted/salted passwords for 250,000 users might have been accessed in what it described as a “sophisticated attack” 

"This attack was not the work of amateurs, and we do not believe it was an isolated incident,” said Bob Lord, Twitter’s director of information security. “The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked” Bob added. 

Jim Prosser, a Twitter spokesman, would not say how hackers infiltrated Twitter’s systems, but Twitter’s blog post said hackers had broken in through a well-publicized vulnerability in Oracle’s Java software. Last month, after a security researcher exposed a serious vulnerability in the software, though Oracle patched the security hole, but Homeland Security said the fix was not sufficient. The DHS issued a rare alert that warned users to disable Java on their computers. Prosser said Twitter was working with government and federal law enforcement to track down the source of the attacks. For now, he said the company had reset passwords for, and notified, every compromised user. The company encouraged users to practice good password hygiene, which typically means coming up with different passwords for different sites, and using long passwords that cannot be found in the dictionary.

Twitter said it “hashed” passwords — which involves mashing up users’ passwords with a mathematical algorithm — and “salted” those, meaning it appended random digits to the end of each hashed password to make it more difficult, but not impossible, for hackers to crack. Once cracked, passwords can be valuable on auction-like black market sites where a single password can fetch $20.

While talking about Twitter and cyber issues, I would like to remind you that in last year twitter faced several cyber attacks where more than 55,000 twitter account details was leaked, after this issue in the middle of last year the social networking giant faced massive denial of service which interrupted its services. Later a huge number of Twitter users across the globe received  emails warning that their account have been compromised and their passwords had been reset, and it was another security breach which affected twitter. Such big organization are not at all careless about security, so as twitter and it has been proved when they hired renowned white hat hacker Charlie Miller to boost up their security, but after this current massacre, it seems that twitter need to think more and emphasize a lot to make sure that their system is good enough to prevent cyber attacks. For all the hot cyber updates and reviews stay tuned with VOGH.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter Hacked, More Than 250,000 User Data Compromised"https://www.voiceofgreyhat.com/2013/02/Twitter-Hacked-250000-User-Data-Compromised.html</a>

WikiLeaks Tweet Revealed- Aaron Swartz Was an Ally & Possible Source of WikiLeaks

WikiLeaks Tweet Revealed- Aaron Swartz Was an Ally & Possible Source of WikiLeaks 

WikiLeaks, the organization who used to dig the truth and bring them in front, has disclosed a sensational matter while saying that the late internet activist and renowned hacker Aaron Swartz who committed suicide a few weeks ago was possibly an active worker and source for WikiLeaks. 

Over the weekend, in a series of tweets, WikiLeaks said that activist and hacker Swartz, who committed suicide earlier this month while awaiting trial on computer fraud charges, "assisted" the organization and "was in communication with Julian Assange, including during 2010 and 2011,"  

Unfortunately those tweets did not go so far as to name Swartz as a WikiLeaks source, only saying, "We have strong reasons to believe, but cannot prove, that" he was. 

WikiLeaks -globally famous for exposing classified classified and top secrete documents of several government said it decided to reveal these details in light of the US Secret Service's involvement in Swartz's  case. At the time of his death, Swartz was awaiting trial for allegedly harvesting millions of scholarly articles over the Massachusetts Institute of Technology's network. He was charged with computer fraud and other crimes in July 2011, and faced up to 35 years in prison. 

Although WikiLeaks doesn't elaborate on its decision, the organization has a policy of maintaining anonymity for its sources. "As far as we can ascertain, WikiLeaks has never revealed any of its sources," according to its website. "We cannot provide details about the security of our media organization or its anonymous drop box for sources because to do so would help those who would like to compromise the security of our organization and its sources."  But after these round of tweets we can say that Wikileaks may have broken its own rules of anonymity by doxxing (removing the anonymity) of Swartz as an ally and possible source. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">WikiLeaks Tweet Revealed- Aaron Swartz Was an Ally & Possible Source of WikiLeaks"https://www.voiceofgreyhat.com/2013/01/Aaron-Swartz-Possible-WikiLeaks-Source.html</a>

Yahoo Mail Hit By XSS Exploit Putting 400 Million Users At Risk

Yahoo Mail Hit By XSS Exploit Putting 400 Million Users At Risk

Yet again mistrust growing in between the large number of Yahoo users, as it has been continuously failed to protect its customers from cyber attack. Late in last year we have seen that the two major services of Yahoo get compromised, which affects millions of its registered users across the globe. First it was Yahoo Voice, which get hacked while putting 450K users at high risk. Then it was the time for Yahoo Mail, where few Egyptian hacker figured out serious XSS vulnerabilities in Yahoo Mailing service  that lets attackers steal cookies from Yahoo Webmail users. Later cyber criminals made product while exploring that loop holes, that so called product or widely known as exploit was made available at high price in underground market and forums. As expected Yahoo immediately patched these loopholes, but now it seems they did not learn lesson from the decent past. 

You all may be wondering! what happened? Again the security of Yahoo fallen victim in front of hackers.  Shahin Ramezany, a hacker and independent security researcher have figure out a DOM-Based XSS vulnerability in Yahoo Mail that is exploitable in all major browsers. Ramezany tweeted about this issue whihc links to an YouTube video, where he demonstrated the hack. Shahin Ramezany also claimed that the exploit have put more than 400 Million yahoo users at risk. 

As soon as this story get spotted, Yahoo immediately responds the matter, in their official release a Yahoo spokesman said "We’ve been looking into it and the US have now confirmed that they are investigating too. They will be in touch if there is a comment – otherwise I recommend that if users are concerned then they should change their passwords immediately." 

Later Yahoo said that thy have plugged the security hole. In their statement the spokesperson added, “At Yahoo! we take security very seriously and invest heavily in measures to protect our users and their data. We were recently informed of an online video that demonstrated a vulnerability. We confirm that the vulnerability has been fixed. In addition, we are investigating recent reports of increased abusive traffic and will work diligently to fix any vulnerabilities that are found. Concerned users are encouraged to change their passwords to a safe password that combines letters, numbers, and symbols.”

But this issue did not get completely resolved, as immediately after the fix release of Yahoo, Shahin Ramezany said that the fix is not good enough, and the Yahoo Mail exploit is still active. In his twitter he said "not effective enough and users are still [at] risk," since the proof-of-concept code can be easily tweaked to continue attacks. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Yahoo Mail Hit By XSS Exploit Putting 400 Million Users At Risk"https://www.voiceofgreyhat.com/2013/01/Yahoo-Mail-Hit-By-XSS-Exploit.html</a>

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Infamous NASA hacker Gary McKinnon who broke into US government computer system, while hunting for evidence of UFOs and fought a long fight against extradition, has been told that he will now not face prosecution in the UK. After discussing the case with US Department of Justice and the police, The Crown Prosecution Service (CPS) has decided the appropriate jurisdiction for the McKinnon case to be heard is the US. According to Karen Todner, McKinnon's solicitor, the decision on Friday is an "interesting" one given that he was first arrested and questioned by UK police.

The reasons for that decision were:

1. The harm occurred in the US - the activity was directed against the military infrastructure of the US;
2. An investigation had already been launched in the US;
3. There were a large number of witnesses, most of whom were located in the US;
4. All of the physical evidence (with the exception of Mr McKinnon's computer) was located in the US;
5. The US prosecutors were able to bring a case that reflected the full extent of Mr McKinnon's alleged criminality; and
6. The bulk of the unused material was located in the US. Given the nature of the offences, this inevitably included highly sensitive information and the US courts were best placed to deal with any issues arising in relation to this material.

In a statement, the CPS's Director of Public Prosecutions (DPP), Kier Starmer QC, and Mark Rowley, Assistant Commissioner of the Metropolitan Police Service, said that they had convened a joint panel to discuss the issue and decide whether a new criminal investigation should take place. They decided that the original reasoning for the trial being held in the US still held, and looked into the possibility of holding the trial in the UK. This would have involved transferring witnesses and sensitive physical evidence to the UK. The panel consulted with the US Department of Justice as to whether this would be possible, given that they believed that "the prospects of a conviction against Mr McKinnon, which reflects the full extent of his alleged criminality, are not high".

According to the statement, the US authorities "indicated to us that they would be willing to co-operate with a prosecution in England and Wales if that would serve the interests of justice." However, the US authorities did not feel that transferring all the witnesses and evidence to the UK would be in that interest, given the panel's representations. The statement goes on to say: "That is a decision the US authorities are fully entitled to reach and we respect their decision." On that basis, the panel concluded that a new criminal investigation should not be started and the Assistant Commissioner accepted that advice.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK"https://www.voiceofgreyhat.com/2012/12/Gary-McKinnon-Will-Not-Face-Prosecution-in-UK.html</a>

British Court Convicts Anonymous Hacker "Nerdo" For DDoS Attack Over WikiLeaks Funding

British Court Convicts Anonymous Hacker "Nerdo" For DDoS Attack Over WikiLeaks Funding

Another alleged Anonymous hacker faced cour rule. A British court has convicted a 22-year-old for allegedly being a ‘key figure’ behind Anonymous DDoS attack on PayPal in revenge for its freezing WikiLeaks payments. A 22-year-old British student Christopher Weatherhead, self described "hacktivist", going by the name of "Nerdo" was convicted by the jury on a count of conspiracy to impair computer operations. The conviction came after guilty pleas of three of Weatherhead's co-conspirators.

"Christopher Weatherhead is a cyber criminal who waged a sophisticated and orchestrated campaign of online attacks on the computer systems of several major companies," prosecutor for the CPS Organized Crime Division Russell Tyner said in a statement. "These were lawful companies with ordinary customers and hard working employees. This was not a victimless crime."

This court rule came as a part of its ongoing pursuit to strike back at hackers, U.K. courts have convicted a member of Anonymous for conspiracy.

That very cyber attack, for which Christopher Weatherhead has been charged was dubbed "Operation Payback" where Weatherhead and several other Anonymous members targeted those companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks. Recently in our report, we described that Operation Payback cost a massive damage, for PayPal it cost more than €4.3 million. According to CPS, those campaigns carried by the hacker cost the companies more than $5.6 million in additional staffing, software, and loss of sales. 

The student denied the accusation claiming he was merely an Anonymous chatroom operator and never took part in the attacks. The judge allegedly demanded that Weatherhead provide “as much information as possible” and threatened him with a jail term. The court ruling in Mr. Weatherhead's case will be announced later. 

-Source (Cnet)

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">British Court Convicts Anonymous Hacker "Nerdo" For DDoS Attack Over WikiLeaks Funding"https://www.voiceofgreyhat.com/2012/12/Court-Convicts-Anonymous-Hacker-Nerdo-For-DDoS-Attack.html</a>

Apple Hired Kristen Paget, Renowned Hacker & Former Security Expert of Microsoft

Apple Hired Kristen Paget, Renowned Hacker & Former Security Expert of Microsoft 

To become  the very best along with that to maintain and hold your position, you need to deliver your hundred percent even some times more than hundred percent, and this race continues. For that we have to gather the very best guy with as. The above fact took place again, when Apple hired a renowned computer security researcher who helped Microsoft to rid Windows Vista from glaring exploits. I think, you already started guessing, let me tell you that yes you are absolutely right. Kristen Paget formerly known as Chris Paget who was part of an elite team of security experts of Microsoft has now been hired by Apple to lend her expertise to securing the company's operating systems. Apple, slowly, has been trying to make inroads into the security community. This summer, an Apple engineer spoke at the Black Hat security conference for the first time. So it is a bit predictable that why Apple is looking for security experts. Paget's exact charge at Apple is still somewhat of a mystery, with company representatives declining to comment on the specifics of what she'll be working on. After leaving Microsoft and prior to her move to 1 Infinite Loop, Paget was employed by security firm Recursion Ventures. According to sources, this past July, she'd departed stating that she wished to focus on developing security-related hardware.  

According to a report by Wired - Paget’s work at Microsoft had been similarly secretive. She’d been forbidden from speaking about it for five years after her work there ended.

But in 2011, the NDA expired, and she spilled the beans on her Vista hacking at the Black Hat Las Vegas conference. In short: Microsoft’s security team had expected Vista to be pretty clean when Paget got her hands on it, but they were wrong.

“We prevented a lot of bugs from shipping on Vista,” Paget said, according to a recording of her talk. “I’m proud of the number of bugs we found and helped get fixed.” Paget and company’s bug-hunt was so successful, in fact, that it forced Microsoft to push back Vista’s ship date. When the work was done, the hackers received special T-shirts, signed by Microsoft Vice President of Windows Development Brian Valentine. They read: “I delayed Windows Vista.” 

Until this past summer, Paget had been chief hacker at Recursion Ventures, a company that specializes in hardware security. When she left in July, she said she was looking for a break from bug-finding, hoping to find a job that involved building “security-focused hardware.”

“I’ve done too much breaking of things, it’s time to create for a change,” she said on Twitter. She was hired in September as a core operating system security researcher at Apple, according to her Linkedin Profile. 

Paget made headlines in 2010 when she built her own cellphone-intercepting base station at the Defcon hacker conference. Back then, Paget was known as Chris. She switched genders last year.

While talking about hiring geniuses by giant firms, we would like to remind you that very recently Apple has hired search guru Bill Stasior to oversee Apple's Siri voice-activated personal assistant. Along with this, few months ago social networking giant Twitter had appointed famous whitehat hacker Charlie Miller, to boost up its security.  Also in late 2011 Nicholas Allegra, the world-famous hacker known as "Comex", creator of JailbreakMe.com comes was also hired by Apple.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Apple Hired Kristen Paget, Renowned Hacker & Former Security Expert of Microsoft"https://www.voiceofgreyhat.com/2012/12/Apple-Hired-Renowned-Hacker-Kristen-Paget.html</a>

Help! I Think My Child Might Be a Cyberbully (Special Article)

Help! I Think My Child Might Be a Cyberbully (Special Article)

Our society grows more and more connected. We have smart phones, computers, tablets, social media sites and other tools constantly creating new connections between people. This is generally a good thing, but there is a negative side to this enhanced communication—cyberbullying. Although bullying in the playground or classroom has been around since we started putting kids in schools, cyberbullying brings a new aspect to bullying. It is more difficult to stop because, in many cases, the bully is anonymous.

Cyberbullying Can Lead to Suicide

Cyberbullying is using the internet, cell phones or other devices to post pictures, text, videos or other information intended to hurt or embarrass another person. According to the National Crime Prevention Association, cyberbullying affects almost half of all American teens. Although many feel cyberbullying is not a big deal, the consequences can be severe. As evidenced by the amount of suicides—particularly of gay teens—in the last few years, cyberbullying can have a devastating effect on the victim and their family. Because of the nature of cyberbullying, it is difficult to tell if your child is involved—either as a victim or an aggressor.

Prevent Your Child From Becoming a Cyberbully

There are some simple ways to prevent your child from becoming a cyberbully. Be a model for them. Don’t use abusive language when referencing workmates, other parents or kids. Make sure the language you use around your child does not lead them to believe it is alright for them to use abusive language. Children look to their parents as guides for how to operate in the world. Make sure, as a guide, you're pleasant, kind and non-aggressive.

Keep an eye on your child’s social networking profile. See if they are getting involved in harassing other children. This could be a precursor to them becoming the primary bully themselves. If you do find evidence they are harassing others, do not let it stand. Talk to them about it. Explain the better, healthier ways to deal with their aggression or anger towards their friends and classmates. Make sure they understand that harassment is not an acceptable type of behavior. There are ways to assure your child's social network site can't be hacked.

Keep Your Child's Social Network From Being Hacked

Cyberbullying is not exclusive to hateful or aggressive comments or messages. Many kids have their social networking site hacked, and the hacker shares embarrassing information or posts things the actual user would not post. There is software to track the sites that have been accessed on your computer and that can help you to protect your child against identity theft. Utilize the tools available to make sure your child has not stolen another kid’s identity.

The best way to stop cyberbullying is to prevent your child from ever becoming one in the first place. Have open conversations about bullying and its effects on others. Show through example the best way to solve problems is not through threats and anger but through calm and reasoned action.

Special Article By 

Jennifer Stone

Guest Editor VOGH

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Help! I Think My Child Might Be a Cyberbully (Special Article)"https://www.voiceofgreyhat.com/2012/12/i-think-my-child-might-be-a-cyberbully.html</a>

Egyptian Hackers Selling Zero-day Exploit of Yahoo Mail For $700

Egyptian Hackers Selling Zero-day Exploit of Yahoo Mail For $700

Those people who wander in many underground hackers community, knows very well that several unethical equipment such as Botnet, Zero-day exploit, black hole exploit kit, malware, undisclosed vulnerabilities and so on were sold there for different prices. Those products were generally priced between $5-$500, but today I will talk about an expensive product, which listed itself top on the black market. I am talking about a new cross-site scripting exploit that enables attackers to steal cookies and access Yahoo email accounts. According to the blog post of Krebs on Security -A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits. The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a “cross-site scripting” (XSS) weakness in yahoo.com that lets attackers steal cookies from Yahoo! Webmail users. Such a flaw would let attackers send or read email from the victim’s account. In a typical XSS attack, an attacker sends a malicious link to an unsuspecting user; if the user clicks the link, the script is executed, and can access cookies, session tokens or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page. The hacker posted the following video to demonstrate the exploit for potential buyers. 

“I’m selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers,” wrote the vendor of this exploit, using the hacker handle ‘TheHell.’ “And you don’t need to bypass IE or Chrome xss filter as it do that itself because it’s stored xss. Prices around for such exploit is $1,100 – $1,500, while I offer it here for $700. Will sell only to trusted people cuz I don’t want it to be patched soon!” -said the hacker.  

In response Ramses Martinez, director of security at Yahoo!, said the challenge now is working out the exact yahoo.com URL that triggers the exploit, which is difficult to discern from watching the video. “Fixing it is easy, most XSS are corrected by simple code change,” Martinez said. “Once we figure out the offending URL we can have new code deployed in a few hours at most.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Egyptian Hackers Selling Zero-day Exploit of Yahoo Mail For $700"https://www.voiceofgreyhat.com/2012/11/Egyptian-Hacker-Selling-Zero-day-Exploit-of-Yahoo-Mail.html</a>

American Actress & Model Lindsay Lohan's Twitter Account Hacked

American Actress & Model Lindsay Lohan's Twitter Account Hacked

Now a days hacking of celebrities, singer, Media, high profile personalities' twitter has became a natural phenomena. Here again another twitter hacking, also known as #twithackery occurs. After John Cena, Justin Bieber, Teyana Taylor,American pop singer Kesha; now it was time for popular  American actress, fashion designer, model and recording artist Lindsay Morgan Lohan. A fake tweet was posted to the 26-year-old star's feed on the social-media site, leaving all of Lohan's 4.5 million followers a bit confused. According to sources Lindsay Lohan’s Twitter account was hacked on Tuesday with the tweet, 

“How does Hitler tie his shoes?” including a link to the answer on @oatmeal's blog. 

As soon as this tweet was spotted on the wild, immediate step has been taken from the side of Lindsay Lohan, and as expected that fake tweet has been deleted. So far the actress hasn’t expressed much concern for this slight security breach. 

But after regaining access on the twitter page Lindsay Lohan confirmed that her page indeed hacked while tweeting "my twitter was hacked, please ignore the last tweet."  as shown on the above picture. While talking  Lindsay Lohan twitter hacking, we also want to include the name of those celebrities  who have fallen victim to these nonstop #twithackery : NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik’s twitter, Mahesh Bhatt, Huffington Post & many more. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">American Actress & Model Lindsay Lohan's Twitter Account Hacked"https://www.voiceofgreyhat.com/2012/11/Lindsay-Lohan-Twitter-Account-Hacked.html</a>

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders 

The month of October has been declared by FBI as the National Cyber Security Awareness Month of 2012 , and in the last week of this month the cyber crime division of FBI has started a new program which will specially emphasis on hackers and intrusion. The main aim of this program is to focusing on hackers and to prevent cyber crime. Last month  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recentcyber crime trends and new twists to previously-existing cyber scams. Now the recent movement of FBI will surely inject fear into the heart & mind of hackers. According to FBI's official release - Early last year, hackers were discovered embedding malicious software in two million computers, opening a virtual door for criminals to rifle through users’ valuable personal and financial information. Last fall, an overseas crime ring was shut down after infecting four million computers, including half a million in the U.S. In recent months, some of the biggest companies and organizations in the U.S. have been working overtime to fend off continuous intrusion attacks aimed at their networks. The scope and enormity of the threat—not just to private industry but also to the country’s heavily networked critical infrastructure—was spelled out last month in Director Robert S. Mueller’s testimony to a Senate homeland security panel: “Computer intrusions and network attacks are the greatest cyber threat to our national security.”

To that end, the FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code. Agents are cultivating cyber-oriented relationships with the technical leads at financial, business, transportation, and other critical infrastructures on their beats. 

Today, investigators in the field can send their findings to specialists in the FBI Cyber Division’s Cyber Watch command at Headquarters, who can look for patterns or similarities in cases. The 24/7 post also shares the information with partner intelligence and law enforcement agencies—like the Departments of Defense and Homeland Security and the National Security Agency—on the FBI-led National Cyber Investigative Joint Task Force.

A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define “the attribution piece” of a cyber attack to help determine an appropriate response, said Richard McFeely, executive assistant director of the Bureau’s Criminal, Cyber, Response, and Services Branch. “The attribution piece is: who is conducting the attack or the exploitation and what is their motive,” McFeely explained. “In order to get to that, we’ve got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions.”

The Cyber Division’s main focus now is on cyber intrusions, working closely with the Bureau’s Counterterrorism and Counterintelligence Divisions.  “We are obviously concerned with terrorists using the Internet to conduct these types of attacks,” McFeely said. “As the lead domestic intelligence agency within the United States, it’s our job to make sure that businesses’ and the nation’s secrets don’t fall into the hands of adversaries.”

In the Coreflood case in early 2011, hackers enlisted a botnet—a network of infected computers—to do their dirty work. McFeely urged everyone connected to the Internet to be vigilant against computer viruses and malicious code, lest they become victims or unwitting pawns in a hacker or web-savvy terrorist’s malevolent scheme.

“It’s important that everybody understands that if you have a computer that is outward-facing—that it’s connected to the web—that your computer is at some point going to be under attack,” he said. “You need to be aware of the threat and you need to take it seriously.” 

To Listen the Podcast of FBI's "“The intrusions are occurring 24/7, 365 days a year.” Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders"https://www.voiceofgreyhat.com/2012/10/FBI-Focusing-on-Hackers-and-Intrusions.html</a>

Hacker Steals 3.6 Million South Carolina Social Security No & Also Exposed 387,000 Card Details

Hacker Steals 3.6 Million South Carolina Social Security Number & Also Exposed 387,000 Card Details

The year 2012 is going from bad to worse for the cyber space, as yet another big data breach happened which effected more than 4.7 million residents of South Carolina at risk of identity theft. Anyone who filed a South Carolina tax return in the past 14 years may have had their Social Security number stolen and has been urged by the state government to immediately enroll in consumer protection services. The U.S. Secret Service detected a security breach at the S.C. Department of Revenue on Oct. 10, but it took state officials 10 days to close the attacker’s access and another six days to inform the public that 3.6 million Social Security numbers had been compromised. The attack also exposed 387,000 credit and debit card numbers. The stolen data included other information people file with their tax returns such as names and addresses. Businesses’ taxpayer identification numbers also potentially have been comprised in the attack that is being described as one of the nation’s largest against a state agency. The hacker began accessing the Department of Revenue’s computer system in August, but wasn’t noticed by the Secret Service until October, giving him about two months to gather the data in what is one of the largest computer breaches in the US. Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data. Revenue director James Etter said none of the Social Security numbers were encrypted and about 16,000 credit card numbers were not encrypted.

“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” South Carolina Gov. Nikki Haley said during a news conference. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.” 

S.C. Inspector General Patrick Maley said nine agencies had been evaluated thus far, and some corrective action had been taken. There was no overarching security policy within state government, he said. No one at the Revenue Department or within the state’s information technology division has been disciplined over the latest attack.  

While this case of hacking was the largest in US history, it wasn’t the first. On March 30, 2012, officials in Utah discovered that one of their health department servers had been hacked. That time also a large number of Social Security numbers were stolen from the server – including those of children. Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: Adobe, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia, Blizzard and  Philips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hacker Steals 3.6 Million South Carolina Social Security No & Also Exposed 387,000 Card Details"https://www.voiceofgreyhat.com/2012/10/hacker-steals-36-million-south-carolina.html</a>