Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS

Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS -Said Dr41DeY

Couple of weeks ago, I have talked about the vulnerability of Cartoon Network official website, today I am going to speak about two more big fish who are posing serious security holes in their official websites. Lets not waste time while stretching the preface and come directly to the story -it's the hacker who has recently made his name for some big hacks, has back again. 

Many of you are right, I am talking about 'Dr41DeY' because he is the guy who found vulnerability in the official website of Skype Shop and National Geographic Channel Germany (Nat Geo). Both Nat Geo and Skype have non persistent cross site scripting vulnerability also known as XSS vulnerability in their website. We have already informed this issue to concerning authority and webmaster to avoid misfortune. As expected, while writing this Skype have taken this issue seriously and fixed their loopholes immediately. Still for proof- above I have shared the screenshots with our readers, as evidence of the XSS hole. But unlike Skype Shop, Nat Geo yet not responded, so the vulnerability still exist on their portal. Hopefully they will take appropriate steps with out doing more delay. For updates in this story and also other hot cyber issues, just stay tuned with VOGH.  Before concluding, I would like to remind you that- in 2012 an Indian hacker named Akshay has found XSS holes in the official website of National Geographic. Again after a year, Dr41DeY found another Nat GEO site vulnerable to XSS, that definitely arises a doubt about the security concern of one of the world's leading satellite television channel featuring documentaries with factual content involving nature, science, culture, and history, plus some reality and pseudo-scientific entertainment programming. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS"https://www.voiceofgreyhat.com/2013/12/skype-shop-nat-geo-vulnerable-to-xss.html</a>

Israeli Domain of MSN, Bing, Skype, Microsoft Store, BBC, CNN & Many More High Profile Israeli Sites Hacked

Israeli Domain of MSN, Bing, Skype, Microsoft Store, BBC, CNN & Many More High Profile Israeli Sites Hacked

More hackers taking part in the Israeli rampage dubbed Operation Israel. As soon as the story of bombing and air strike in Gaza get spotted on the social networks, we have seen immediate protest coming from almost every part of the world. In case of digital bombing, then it was first Anonymous who called Operation Israel, then hackers from different part of the world joined and contributed in this combined protest. So far we have seen along with Anon, Pakistani hacker Hitcher from Muslim Liberation Army, Indian hacker Godzilla, & Kosovo Hackers Security have played vital role in this rampage. But now the scenario is going from bad to worse for Israeli cyber space, as a group of Pakistani hackers hit a large number of high profile Israeli domain. Those big giants who have fallen victim in this round of cyber attack from Pakistan are MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel, Philips, Israeli Parliament, Citi Bank and few more. According to sources more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday. Attempts on defense related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.

Complete List:-

pm.parliament.co.il

www.skype.co.il 

www.cnn.co.il 

intelcore.co.il 

www.msn.org.il 

passport.org.il 

www.microsoftstore.co.il 

intelatom.co.il 

www.opel.co.il 

philips.co.il 

bing.co.il 

bbc.org.il 

pantene.co.il 

paypass.co.il 

amazonunbox.co.il 

windowslive.co.il 

windows.co.il 

www.nbcuni.co.il 

citibank.co.il 

blog.fanta.co.il 

blog.sprite.co.il 

sprite.org.il 

xbox360.co.il 

www.xboxfusion.co.il 

cocacola.co.il 

coke.co.il 

www.xboxignite.co.il 

www.intelappup.co.il 

www.intel.co.il 

live.co.il 

solarwinds.co.il 

live.org.il 

www.msn.co.il 

Both the screen shot of the deface page and Zone-H mirror is saying that four hackers from Pakistan named 1337, H4x0rL1f3, ZombiE_KsA & Invectus were behind this massive cyber attack. Though a post on popular hackers forum named Sec4ever we came to know that ZombiE_KsA denied his relation with this hack. As usual self claimed famous security news blog, The Hacker News, tried to do a publicity stunt, while morphing the original news. Chasing fake publicity and money, the ready made source of news, also known as The Hacker News forgot the importance of  the situation in Gaza.

According to the view of VOGH, it hardly matters who take part in this hack, but what matters is that, a few human stand for humanity & humanity is beyond any religion, any cast and any color. So far the world have seen an instance of cruelty and inhumane of Israeli army, where the people of Gaza have been tortured brutally. The peace loving people across the world have already stood against this relentless practice. And when Anonymous called Operation Israel, that protest became a digital bombing. We the entire VOGH team salute those people across the globe, who have actively taken part in this protest. Its our world, its our home, and all the people in it are our family, so its our foremost responsibility to take care those members and stand with them. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Israeli Domain of MSN, Bing, Skype, Microsoft Store, BBC, CNN & Many More High Profile Israeli Sites Hacked"https://www.voiceofgreyhat.com/2012/11/Israel-Under-Cyberattack-by-Pakistani-hackers.html</a>

End of Windows Live Messenger: Microsoft Replacing Live Messenger With Skype

End of Windows Live Messenger: Microsoft Replacing Live Messenger With Skype

In 2011 the Redmond based software giant Microsoft acquired Skype Communications for US$8.5 billion, later we have seen several ups and downs, along with compliment and criticism of this acquirement. But we have to remember that, it is Microsoft Corporation, who always have done the very best to make its product successful. In case of Skype the same ting happened. Microsoft announced Tuesday that it is retiring Windows Live Messenger & chat tool and replace it with Skype's messaging tool. Microsoft said Windows Live Messenger (WLM) would be turned off by March 2013 worldwide, with the exception of China. This move will allow consumers to use Skype's features such as chat on all platforms including iPad and Android tablets; send instant messages; make video calls; share their screen; join a group chat; and call contacts on their mobile or land lines. This announcement from Microsoft is made in an effort to make Skype the company's main instant messaging software. It reflects the firm's determination to focus its efforts on Skype. 

For the information of VOGH readers, WLM launched in 1999 when it was known as MSN Messenger. According to survey MSN had more than 330 million active users world wide. According to internet analysis firm Comscore, Windows Live Messenger (WLM) still had more than double the number of Skype's instant messenger facility at the start of this year in the US, and was second only in popularity to Yahoo Messenger. But the report suggested WLM's US audience had fallen to 8.3 million unique users, representing a 48% drop year-on-year. By contrast, the number of people using Skype to instant message each other grew over the period. Microsoft highlighted the fact that WLM was still more popular than Yahoo's product in most other territories, but nevertheless decided to call time on the service. To ease the changeover, Microsoft is offering a tool to migrate WLM messenger contacts over. In order to transition over to Skype, just download the latest version, then select the option to sign in with your Microsoft account on the sign in screen. You will then be asked if you’re already using Skype or are a new user. If you use Skype and Messenger already, you can merge your Skype and Messenger account into your Microsoft account. Skype says it will assist users over the coming months to smoothly transition over from Windows Live Messenger. The move is nothing too surprising — it seemed obvious that Microsoft wanted to take advantage of its acquisition of the popular IM and video chat client. So far, it looks like Microsoft is on the right track to do that.

For detailed information about this story Click Here

-Source (Skype, BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">End of Windows Live Messenger: Microsoft Replacing Live Messenger With Skype"https://www.voiceofgreyhat.com/2012/11/Microsoft-Replacing-Live-Messenger-With-Skype.html</a>

Reverse Engineered Source Code of Skype Allegedly Stolen & Exposed

Reverse Engineered Source Code of Skype Allegedly Stolen & Exposed 

After VMWare & Norton's Symantec now another big fish -Skype get caught among the list of those whose source code has been allegedly stolen. An Anonymous affiliated hacker named "57UN" also known as 'Stun' claims to have stolen the source code which he made public. From this leak several fact come in front, according to the hacker the Federal Authorities uses skype for surveillance, in his twitter the hacker said - "Oh and the FBI uses #Skype as a surveillance tool?! #Lulz?! Privacy my ass! Wake up people!..." He added "#Skype & privacy?! Yeah! Did you know that #Microsoft works with each and every government, for instance in #Tunisia!..." 

In his release on Pastebay Stun said- 

"AFTER MICROSOFT ACQUIRING SKYPE FOR 8.5 BILLION DOLLARS AND PROCEEDING TO ADD BACK DOORS FOR GOVERNMENT TO THE PROGRAM, THE SOFTWARE HAS BEEN HACKED AND IT'S SOURCE CODE RELEASED

Skype1.4_binaries

http://thepiratebay.se/torrent/6442887

SkypeKit_sdk+runtimes_370_412.zip

skypekit binaries for Windows and x86_Linux + SDK

http://thepiratebay.se/torrent/7190651/

skype55_59_deobfuscated_binaries (Windows)

http://thepiratebay.se/torrent/7238404/

http://twitter.com/57UN

#Anonymous #Antisec #PoliceState #SecurityState #OpenSource ..."

However, experts state that the source code published by the hacker is actually the one leaked some time ago by a researcher who reverse engineered the Windows binaries. According to security researcher Janne Ahlberg “I managed to get a copy of the file ‘skype55_59_deobfuscated’ from May. It is not Skype source code, but a reverse engineered version of the Windows binaries. The tool used in reverse engineering seems to be IDA disassembler/debugger” 

So far 3 torrent files being released which include a reversed engineered copy of the skype protocol, the source development kit(sdk) and needed runtime and de-obfuscated, unpacked Skype 5.5 and 5.9 binaries for Windows. 

-Source (Softpedia) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Reverse Engineered Source Code of Skype Allegedly Stolen & Exposed"https://www.voiceofgreyhat.com/2012/07/SkypeSourceCodeLeaked.html</a>