Showing posts sorted by date for query Friday. Sort by relevance Show all posts
Showing posts sorted by date for query Friday. Sort by relevance Show all posts

Stratfor Hacker Jeremy Hammond Sentenced to 120 Months in Prison

Posted by Avik Sarkar On 11/17/2013 06:30:00 pm

LulzSec Hacker Jeremy Hammond Sentenced to 120 Months in Prison For Stratfor Hack

Infamous hacker Jeremy Hammond convicted by the Judge for cyber-attacks on government agencies and businesses, including a global intelligence company. This 28 year old Chicago hacker who is also known as "Anarchaos" was arrested by the federal authorities and been charged for the  breach of the security analysis company Stratfor. In December last year the bail application of Hammond was also been rejected by the the U.S. District Judge Loretta Preska. On June this year Hammond pleaded guilty for his sin. In his statement he said "I have pleaded guilty, it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites." 
That guilty plea indeed worked out for him, as that time it was predicated that Hammond  might have to face 30 years in prison, but on Friday Judge Loretta Preska sentenced Hammond to 120 months in federal prison and three years of supervised release for illegally accessing computers systems of law enforcement agencies and government contractors. In an emotional proceeding that lasted more than 2 hours in a Manhattan federal court room on Friday, victims and relatives of Hammond railed against the FBI and shed tears on his behalf following the sentencing. One overwrought person claiming to be a victim was forcibly escorted from the court by officers. But Hammond likely knew the sentence was coming, his lawyer said. "When Jeremy took this plea with a 10-year maximum, I think he understood this was very likely the outcome," said Sarah Kunstler, Hammond's defense attorney outside of court house.
Chief U.S. District Judge Loretta A. Preska said Hammond's digital handiwork had compromised thousands of people's personal and financial data, including the unpublished phone numbers and addresses of law enforcement, who then received threats. Hammond tried unsuccessfully to argue that his actions were politically motivated, she said. Hammond pleaded guilty to a single charge with a 10-year maximum sentence. Still his lawyers are asking to reduce his punishment for a sentence of 20 months.
Hammond has been held without bail since his arrest in March on charges connected with last year's hacking of Strategic Forecasting, or Stratfor, an Austin, Texas-based international intelligence broker, by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective AnonymousProsecutors say the hack of Austin, Texas-based Strategic Forecasting resulted in the theft of 60,000 credit-card numbers and records for 860,000 clients. The government alleges that he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges. He is also accused of giving about five million internal emails to WikiLeaks, which were published under the name The Global Intelligence Files.


-Source (Fox News)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Aaron Swartz Will be Honored With Posthumous 'Freedom of Information' Award

Posted by Avik Sarkar On 3/15/2013 12:49:00 am

Aaron Swartz Will be Honored With Posthumous 'Freedom of Information' Award 

Well-known Internet activist and Reddit co-founder Aaron Swartz who committed suicide earlier this year causing a havoc temblor in the cyber domain. The reason behind his suicide was mainly disgrace, for which he would face a trail for an alleged cyber crime counts for downloading and publishing roughly 4 million academic journal articles from the database JSTOR. Before the day of his court trial; Swartz, a political activist and computer programmer, reportedly hanged himself last week in his Brooklyn apartment. After this mishap a massive protest came from several part of the world which really arises question against the law and order and the justice system. Along with this, the name of Swartz have been linked with many controversies like being linked with WikiLeaks and so on. What ever, today the entire world of activists will be pleased after hearing that Aaron Swartz is slated to receive posthumous recognition in Washington for his efforts promoting free access to taxpayer-funded research. The James Madison Freedom of Information Award is administered by the American Library Association, and recognizes "individuals who have championed, protected and promoted public access to government information and the public’s right to know national information." The award will be presented by Rep. Zoe Lofgren (D-CA), a strong advocate for digital rights in Congress who rallied in support of Swartz shortly after his suicide in January. Swartz had faced charges under the decades-old Computer Fraud and Abuse Act for downloading a large amount of academic research articles from the JSTOR database at MIT. But despite MIT dropping its own charges, the government pursued a criminal case against Swartz which some evidence suggests was politically motivated and subject to prosecutorial overreach. 
Lofgren, a Democratic congresswoman who represents Silicon Valley, will present the award to his family during a ceremony at Newseum's Knight Conference Center in Washington, D.C. Lofgren, who received the award last year for her efforts to ensure public access to government information, has introduced legislation to reform computer fraud laws linked to his death. The award will be accepted by Swartz's family this Friday at the Newseum in Washington, DC. 



-Source (The Verge & Cnet)










SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services

Posted by Avik Sarkar On 2/27/2013 08:17:00 pm

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services 

Windows Azure the cloud computing platform of Microsoft for building, deploying and managing applications and services through a global network of Microsoft-managed datacenters  faced an unwanted disaster due to organized cyber attack which interrupted its service world wide. While looking at the scenario the Redmond based software giant sincerely apologize for the interruption and any issues it has caused and declared that they will  refund Windows Azure customers impacted by the said outage last week caused by an expired SSL certificate. The Windows Azure Storage outage affected at least 52 services, including Xbox Live on Thursday night and Friday. 
In a blog post while describing the situation Microsoft said - "HTTP traffic was unaffected but the event impacted a number of Windows Azure services that are dependent on Storage.  We executed the repair steps to update the SSL certificate on the impacted clusters and availability was restored to >99% worldwide by 1:00 AM PST on February 23.  At 8:00 PM PST on February 23, we completed the restoration effort and confirmed full availability worldwide. Given the scope of the outage, we will proactively provide credits to impacted customers in accordance with our SLA. The credit will be reflected on a subsequent invoice.  Our teams are also working hard on a full root cause analysis (RCA), including steps to help prevent any future reoccurrence."






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Hacked By The Same Group Who Attacked Facebook

Posted by Avik Sarkar On 2/20/2013 06:52:00 pm

Apple Hacked, Macintosh Computers Infected  By The Same Group Who Attacked Facebook 

The month of February is not going good for cyber space, specially for giant organization. Last week the social networking giant Facebook fallen victim of a devastating cyber attack which did effected a number of  systems. Facebook admitted that it faced a "sophisticated attack" on computers where it has been found the attackers used a zero-day Java exploit to initiate the attack, but that no user data was compromised. The same thing happened to micro blogging site Twitter and New York Times. And now it was the turn for Apple. The California based multinational company acknowledged that recently their systems has been attacked by hackers who infected Macintosh computers of some employees. Like Facebook here also no data has been effected, "there was no evidence that any data left Apple." -said Apple. 
According to an exclusive report of Reuters -some unknown hackers infected the computers of some Apple workers when they visited a website for software developers that had been infected with malicious software. The malware had been designed to attack Mac computers. The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. The malware was also employed in attacks against Mac computers used by "other companies," Apple said, without elaborating on the scale of the assault. Experts are presuming that all these cyber attacks of February, that is Twitter, New York Times, Facebook & Lastly Apple Inc was originated from China, and executed by the same hacker group. On the other side few experts are also saying that the group responsible for the hack, has been identified as "Unit 61398" of the People's Liberation Army. But so far there is no proof. 
Apple also revealed that it plans to release a software tool later Tuesday that will protect customers against the same type of software that was used against its employees. 

Apple also provided a statement as follows:-
"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found..."




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Twitter Hacked, More Than 250,000 User Data Compromised

Posted by Avik Sarkar On 2/03/2013 01:55:00 am

Twitter Hacked, More Than 250,000 User Data Compromised

The social networking giant and the world famous micro blogging site Twitter again fallen victim of cyber attack. Last year we have seen that the tight security system if twitter have been compromised many times. Yet again in this year the San Francisco based social media giant who have more than 500 million registered users failed to protect them selves from hackers. On last Friday Twitter acknowledged that it had become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users. The micro blogging giant said in a blog posting that earlier this week it detected attempts to gain access to its user data. It shut down one attack moments after it was detected. According to reports usernames, email addresses, session tokens and encrypted/salted passwords for 250,000 users might have been accessed in what it described as a “sophisticated attack” 

"This attack was not the work of amateurs, and we do not believe it was an isolated incident,” said Bob Lord, Twitter’s director of information security. “The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked” Bob added. 

Jim Prosser, a Twitter spokesman, would not say how hackers infiltrated Twitter’s systems, but Twitter’s blog post said hackers had broken in through a well-publicized vulnerability in Oracle’s Java software. Last month, after a security researcher exposed a serious vulnerability in the software, though Oracle patched the security hole, but Homeland Security said the fix was not sufficient. The DHS issued a rare alert that warned users to disable Java on their computers. Prosser said Twitter was working with government and federal law enforcement to track down the source of the attacks. For now, he said the company had reset passwords for, and notified, every compromised user. The company encouraged users to practice good password hygiene, which typically means coming up with different passwords for different sites, and using long passwords that cannot be found in the dictionary.
Twitter said it “hashed” passwords — which involves mashing up users’ passwords with a mathematical algorithm — and “salted” those, meaning it appended random digits to the end of each hashed password to make it more difficult, but not impossible, for hackers to crack. Once cracked, passwords can be valuable on auction-like black market sites where a single password can fetch $20.

While talking about Twitter and cyber issues, I would like to remind you that in last year twitter faced several cyber attacks where more than 55,000 twitter account details was leaked, after this issue in the middle of last year the social networking giant faced massive denial of service which interrupted its services. Later a huge number of Twitter users across the globe received  emails warning that their account have been compromised and their passwords had been reset, and it was another security breach which affected twitter. Such big organization are not at all careless about security, so as twitter and it has been proved when they hired renowned white hat hacker Charlie Miller to boost up their security, but after this current massacre, it seems that twitter need to think more and emphasize a lot to make sure that their system is good enough to prevent cyber attacks. For all the hot cyber updates and reviews stay tuned with VOGH.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Posted by Avik Sarkar On 12/19/2012 03:45:00 pm

NASA & UFO Hacker Gary McKinnon Will Not Face Prosecution in UK

Infamous NASA hacker Gary McKinnon who broke into US government computer system, while hunting for evidence of UFOs and fought a long fight against extradition, has been told that he will now not face prosecution in the UK. After discussing the case with US Department of Justice and the police, The Crown Prosecution Service (CPS) has decided the appropriate jurisdiction for the McKinnon case to be heard is the US. According to Karen Todner, McKinnon's solicitor, the decision on Friday is an "interesting" one given that he was first arrested and questioned by UK police.

The reasons for that decision were:
  1. The harm occurred in the US - the activity was directed against the military infrastructure of the US;
  2. An investigation had already been launched in the US;
  3. There were a large number of witnesses, most of whom were located in the US;
  4. All of the physical evidence (with the exception of Mr McKinnon's computer) was located in the US;
  5. The US prosecutors were able to bring a case that reflected the full extent of Mr McKinnon's alleged criminality; and
  6. The bulk of the unused material was located in the US. Given the nature of the offences, this inevitably included highly sensitive information and the US courts were best placed to deal with any issues arising in relation to this material.

In a statement, the CPS's Director of Public Prosecutions (DPP), Kier Starmer QC, and Mark Rowley, Assistant Commissioner of the Metropolitan Police Service, said that they had convened a joint panel to discuss the issue and decide whether a new criminal investigation should take place. They decided that the original reasoning for the trial being held in the US still held, and looked into the possibility of holding the trial in the UK. This would have involved transferring witnesses and sensitive physical evidence to the UK. The panel consulted with the US Department of Justice as to whether this would be possible, given that they believed that "the prospects of a conviction against Mr McKinnon, which reflects the full extent of his alleged criminality, are not high".
According to the statement, the US authorities "indicated to us that they would be willing to co-operate with a prosecution in England and Wales if that would serve the interests of justice." However, the US authorities did not feel that transferring all the witnesses and evidence to the UK would be in that interest, given the panel's representations. The statement goes on to say: "That is a decision the US authorities are fully entitled to reach and we respect their decision." On that basis, the panel concluded that a new criminal investigation should not be started and the Assistant Commissioner accepted that advice.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LulZsec Hacker Jeremy Hammond Denied Bail & Have to Face 30 Years in Prison

Posted by Avik Sarkar On 12/02/2012 07:02:00 pm

LulZsec Hacker Jeremy Hammond Denied Bail & Have to Face 30 Years in Prison 

More trouble coming towards LulzSec, as the bail appeal of former LulzSec hacker Jeremy Hammond has been denied by the court. Hammond widely known as "Anarchaos" have to face a potential sentence of 30 years to life for alleged hacking crimes is probably enough to get the attention of most 27-year-olds. And that is what U.S. District Judge Loretta Preska told Hammond last week that he could face if he is convicted on all counts. Hammond, much better known in the world of hactivism by various online aliases including "Anarchaos," "sup_g," "burn," "yohoho," "POW," "tylerknowsthis," and "crediblethreat," has been held without bail since his arrest in March on charges connected with last year's hacking of Strategic Forecasting, or Stratfor, an Austin, Texas-based international intelligence broker, by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective Anonymous.
The three-count federal indictment, brought in the Southern District of New York, charged him with conspiracy to commit computer hacking, computer hacking and conspiracy to commit access device fraud. More specifically, the government alleges that starting last December, Hammond and others from AntiSec stole information from about 860,000 Stratfor subscribers, including emails, account information, and data from about 60,000 credit cards. The government alleges that he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges. He is also accused of giving about five million internal emails to WikiLeaks, which were published under the name The Global Intelligence Files.
Apparently unknown to Hammond, however, was that the then-leader of AntiSec, Hector Xavier Monsegur, a New York hacker known by the alias "Sabu," had been arrested the previous June and agreed to cooperate with the FBI. So, at least some of the Stratfor information Hammond uploaded was to a honey pot server maintained by the FBI. At a hearing last week, Hammond was denied bail, based on Judge Preska's determination that he was both a danger to the community and a flight risk. He had also recently been added to the Terrorist Watch List, said Sue Crabtree, a member of the Jeremy Hammond Solidarity Network and a spectator at his bail hearing. Crabtree said Hammond didn't even have a passport. The bail denial sparked another round of protest from Hammond's supporters. Anonymous published a message on Pastebin demanding that Preska recuse herself for conflict of interest. The group said her husband, Thomas J. Kavaler, was among Stratfor's clients, and therefore one of the alleged victims of the hack. Kavaler is a partner at Cahill Gordon & Reindel LLP in New York City.

"Judge Preska by proxy is a victim of the very crime she intends to judge Jeremy Hammond for," Anonymous wrote in a message posted last Friday. "Judge Preska has failed to disclose the fact that her husband is a client of Stratfor and recuse herself from Jeremy's case, therefore violating multiple Sections of Title 28 of the United States Code."
Beyond that, a writer identified only as "NA" on the website FreeHammond.com, argued that "Hacktivists are not criminals! Jeremy is alleged of a crime that has exposed the corruption and exploitation of the very State prosecuting him," and suggested entrapment by the FBI as well.
Renowned security expert Kevin Mitnick said it is possible that the government is trying to scare Hammond to get him to cooperate. Or, it could be designed to send a message to Anonymous members that what they view as sticking it to the man could yield some very serious consequences. Hammond is scheduled to go to trial sometime next year.



 -Source (CSO Online)







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ransomware Found on Hacked GoDaddy Sites, Infecting Thousand of Users

Posted by Avik Sarkar On 11/27/2012 12:33:00 am

Ransomware Found on Hacked GoDaddy Sites, Infecting Thousand of Users 

Users who have their websites hosted by GoDaddy again fallen victim of cyber attack. Researcher at ShopsLabs reported that cyber criminals have managed to hack the DNS records of GoDaddy hosted websites and thus they infected a large number of GoDaddy users with ransomwareFraser Howard, a Principal Virus Researcher of SophosLabs stated that the hackers behind these attacks are “exploiting DNS by hacking the DNS records of sites, adding one or more additional subdomains with corresponding DNS entries (A records) referencing malicious IP addresses. The legitimate hostname resolves to the legitimate IP address, but the added sub-domains resolve to rogue servers.” By doing so, the criminals are able to set-up URLs that seem legitimate, potentially sneaking through security filtering systems and duping Internet surfers into believing they are harmless, he explained in a Friday blog entry. In some instances, multiple subdomains were added to each user’s account, with each of them redirecting viewers to at least one malicious IP address.  
Go Daddy customers who wish to check they have not been affected by these attacks should check their DNS configuration according to the Go Daddy support page. 

As soon as the attack has been spotted in the wild, GoDaddy released a statement included below :-

"Go Daddy has detected a very small number of accounts have malicious DNS entries placed on their domain names. We have been identifying affected customers and reversing the malicious entries as we find them. Also, we're expiring the passwords of affected customers so the threat actors cannot continue to use the accounts to spread malware.
We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems.
Go Daddy highly recommends that US- and Canada-based customers enable 2-Step Authentication to help protect their accounts. Details on how to set up this feature are located at http://support.godaddy.com/help/article/7502/enabling-twostep-authentication.
If a customer suspects their account may have an issue, we encourage them to contact Go Daddy Customer Care or fill out the form at the following link: https://support.godaddy.com/support/?section=support. "
While talking about GoDaddy and cyber attack, then we would like to remind you that, this may not have been the first hacking attempt against Go Daddy this fall. Couple of months ago, a hacker from Anonymous claimed to have taken down the domain registry and web hosting company. However, one day after the attack, Go Daddy denied they had been targeted by cyber criminals. Last year in September several GoDaddy sites were compromised, there also the reason was a malware




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Israel Ministry of Justice & it Sub-domains Hit By Godziila Volcanimum

Posted by Avik Sarkar On 11/19/2012 02:17:00 am

Israel Ministry of Justice & it Sub-domains Hit By Godziila Volcanimum

After Anonymous & Hitcher it was the turn for Indian hackers. A young hacker code named "Godziila Volcanimum" joined the hack activity or in other word the Israeli rampage. During the attack he targeted several Israeli government websites including Israel Ministry of Justice and its ten to twelve sub-domains. According to the sources all those targeted websites were frozen by the hacker while sending massive traffic to generate load and interrupt the services. The attack was took place in the Friday evening and the hacker managed to violate the services for several hours. Several sources and medias confirmed that the official website of Israeli ministry of justice was remain down for more than a day. The list of all those targeted Ministry of Justice domain, which fallen victim to this round of cyber attack, can be found on a pastebin note; released by the hacker. In his press release Godziila Volcanimum said "Is killing innocent people a Justice?? Stop killing small kids and women's.. Don't cross your limit.. ./Peace is just what we want..." which clearly indicating that the motive of this cyber attack was driven by the cause of Gaza and to to show support for Palestine, which is currently under heavy fire. 

Update:- Now the server of Israeli Ministry of Justice has overcome the cyber attack. All those targeted websites have been restored and came back online, as expected they are functioning properly. So far the Israeli ministry have confirmed that more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday when Israel began its Gaza air strikes. 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous

Posted by Avik Sarkar On 10/20/2012 12:07:00 pm

HSBC Comeback Online After Prolonged DDoS Attack From Anonymous 

Massive attack against banking and financial sector continues, this time HSBC became the latest victim of cyber attack. The attack which interrupt the service for 10 hours long were mainly originated from Iran and Russia. After 'Izz ad-Din al Qassam Cyber Fighters' now it was the time for Fawkes Security, an offshoot of hacktivist group Anonymous, quickly took credit for the attack, acknowledging the take down in posts yesterday afternoon on Twitter and Pastebin The group claimed to have knocked HSBC’s main site, along with its US, UK and Canadian counterparts offline and on Friday,claimed it logged 20,000 debit card details from the site while it was down. 
According to HSBC newsroom- "On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world." But HSBC denied any sort of data loss. Fawkes Security claimed to have details of more than 20K cards, but in their release HSBC said "This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking." 
But now the whole situation is under control, websites belonging to British bank and financial services company HSBC are back online and working normally. According to an update posted on its website, HSBC restored all of its websites globally to full accessibility as of 3:00am UK time. 
New York Stock Exchange, Bank of America, Wells Fargo, US Bank and PNC was brought down by few hacker collective group as protest against the anti Islamic movie. After this attack the name of HSBC has also been enlisted with those poor victims (affected banks & finance sector) who suffered DDoS attack in last month.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WikiLeaks Launches Vote WikiLeaks 2012 Donation Campaign (Presidential Election Intervention)

Posted by Avik Sarkar On 10/07/2012 07:41:00 pm

WikiLeaks Launches Vote WikiLeaks 2012 Donation Campaign (Presidential Election Intervention)

While Barack Obama and Mitt Romney are both rising their chances for the 2012 election as their respective party’s candidates who stood  in the coming US president election. In the mean time  WikiLeaks has launched "Vote WikiLeaks: 2012 Donation Campaign". Through this campaign WikiLeaks has threatened the pentagon once again.  According to the press release of WikiLekas on last Friday - Pentagon spokesman George Little demanded WikiLeaks destroy its publications, including the Iraq War logs which revealed the killings of more than 100,000 civilians. Little said: “continued possession by WikiLeaks of classified information belonging to the United States government represents a continuing violation of law”. The Pentagon also again “warned Mr Assange and WikiLeaks” against “soliciting” material from U.S. military whistleblowers. In response, WikiLeaks has decided to intervene in the U.S. election campaign.
The United States government claims Mr Assange and the WikiLeaks organization are within its jurisdiction. In reply, we place the Obama administration within our jurisdiction. All American school children are taught that being subject to laws without representation is an injustice. This is the backbone of the American Revolution. We claim our representation and now initiate a campaign to transform Democratic and Republican votes into economic and political support for WikiLeaks and its First Amendment values. This election day, do not vote for the Republican or Democratic parties. Instead, cast the only vote that matters. Vote with your wallet – vote for WikiLeaks.
The Democratic Party promised to open government. But instead it is building a state within a state, placing nearly five million Americans under the national security clearance system. It has classified more documents than any previous administration, classifying even the process used to decide who will live and who will be killed. The U.S. administration hurtles towards dystopia: secret laws, secret processes, secret budgets, secret bailouts, secret killings, secret mass spying, secret drones and secret detention without charge. The collapse of the Soviet Union could have led to the withdrawal of the U.S. security state, but without moral competition from another system it has grown unchecked to influence almost every American policy. Four more years in the same direction cannot be tolerated.

Watch WikiLeaks’s Campaign Video below:-


You can donate to WikiLeaks using a variety of easy methods, including workarounds for Visa, MasterCard and PayPal. These donations go to fund WikiLeaks’ publishing and infrastructure costs and our legal costs to fight the financial blockade. For Detailed information about the campaign click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Posted by Avik Sarkar On 9/26/2012 01:36:00 am

Iran Accused of Carrying out Cyber Attacks Against US Banks Over Anti Islamic Movie Issue

Since last few days, the conspiracy with the 'Anti Islamic Movie' was the headline in every where. We have seen global violence and a mass protest mainly came from Muslim brotherhood. This protest was also touched the internet, and as expected Muslim hackers joined the movement, which cost many damages for the cyber fence. Thousands of websites became victim of cyber attack, and among them several US banks also faced huge disturbance. This protest takes a new direction when Govt of Iran announced the blockage of Google Inc's search engine and its email service. "Google and Gmail will be filtered throughout the country until further notice," an official identified only by his last name, Khoramabadi, said, without giving further details. The Iranian Students' News Agency (ISNA) said Google ban was connected to the anti-Islamic film posted on the company's YouTube site which has caused outrage throughout the Muslim world. 
This stand of Iran Govt created a controversy, which make them responsible for carrying out cyber attacks against US banks. According to NBC news report US National Security officials accused the Iranian government for engaging cyber attacks against US Banks mainly Bank of America. But when the ball goes to Iran's side then they completely denies the blame, while saying "We officially announce that we haven't had any attacks," This statement came from the Head of Iran's civil defense agency Gholam Reza Jalali when he was asked about the report. The western media reports alleged on Friday that Muslim hackers have repeatedly attacked Bank of America Corp, JPMorgan Chase & Co and Citigroup Inc over the past year as part of a broad cyber campaign targeting the United States. Security sources told Chicago Tribune and NBC News that the attacks on the three largest US banks originated in Iran, but it is not clear if they were launched by the state, groups working on behalf of the government, or "patriotic" citizens. 

Here we want to refresh your memory while digging up a story, when Iran Govt decided a permanent Internet ban in Iran, where Iran Government has announced its plans to establish a National Intranet within five months. The Iranian minister for Information and Communications Technology, announced the setting up of a national Intranet and the effective blockage of services like Google, Gmail, Google Plus, Yahoo and Hotmail, in line with Iran's plan for a "clean Internet." And that five months is almost over, so may be the blockage of Google came due to that reason, or may be not. We suggest our readers that, it will be better if you ask yourself, that whether Iran was indeed responsible for the cyber attack or not??!!


-Source (Reuters, NBC & FARS News Agency)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Releases iOS 6 With 200+ New Features & Mountain Lion 10.8.2 With Facebook Integration & Game Center

Posted by Avik Sarkar On 9/23/2012 12:05:00 am

Apple Releases iOS 6 With 200+ New Features & Mountain Lion 10.8.2 With Facebook Integration & Game Center

As expected, here comes double bang from Apple. Apple has also released  iOS 6 along with OS X Mountain Lion 10.8.2 and made available for public. In case of users of recent iPad, iPhone, and iPod touch models can obtain the update either by connecting their devices to iTunes and clicking the "Check for Update" button or checking for over-the-air updates on their devices. iOS 6 adds over 200 new features, including Apple's own Maps app, Facebook integration, Siri improvements, Apple's new Passbook digital wallet app, and more. iOS 6 is compatible with the third-generation iPad, iPad 2, iPhone 4S, iPhone 4, iPhone 3GS, and fourth-generation iPod touch. It will also ship on the iPhone 5, which launches on Friday, and on the fifth-generation iPod touch launching next month. The operating system arrives as the golden master build 10A403 for existing devices, and Apple has also posted a special 10A405 build for the iPhone 5 and a 10A406 build for the upcoming fifth-generation iPod touch.

With iOS Apple quietly pushed out 10.8.2, the second minor update to Mountain Lion since it was released in July. The update is currently available via the Software Update functionality in the Mac App Store. The update includes a number of enhancements, most notably Facebook integration and Game Center. It also includes support for several features integrating with iOS 6, such as Passbook passes and  iMessage/FaceTime access via phone number. 

This update is recommended for all OS X Mountain Lion users, and includes new features and fixes:
Facebook 
• Single sign on for Facebook
• Adds Facebook as an option when sharing links and photos
• See Facebook friends' contact information and profile pictures in Contacts
• Facebook notifications now appear in Notification Center



Game Center
• Share scores to Facebook, Twitter, Mail, or Messages
• Facebook friends are included in Game Center friend recommendations
• Added Facebook "Like" button for games
• Challenge friends to beat your score or achievement



Other new features
• Adds Power Nap support for MacBook Air (Late 2010)
• iMessages sent to your phone number now appear in Messages on your Mac
• You can now add passes to Passbook (on your iPhone or iPod touch) from Safari and Mail on your Mac
• FaceTime can now receive calls sent to your phone number
• New shared Reminders lists
• New sort options allow you to sort notes by title, the date you edited them, and when you created them
• Dictation now supports additional languages: Mandarin, Cantonese, Spanish, Korean, Canadian English, Canadian French, and Italian
• Dictionary app now includes a French definition dictionary
Sina Weibo profile photos can now be added to Contacts

* Requires iOS 6


General fixes
The OS X Mountain Lion v10.8.2 update also includes general operating system fixes that improve the stability, compatibility and security of your Mac, including the following fixes:


• Adds an option to discard the changes in the original document when choosing Save As 
• Unsent drafts are now opened automatically when launching Mail
• Receive Twitter notifications for mentions and replies from anyone
• URLs are shortened when sending tweets from Notification Center
• Notifications are disabled when AirPlay Mirroring is being used
• Adds SSL support for Google searches from the Smart Search Field in Safari
• Adds a new preference to have Safari launch with previously open webpages
• Resolves an issue that may cause the "Enable Autodiscover" checkbox to always remain checked
• Enables access to the Mac App Store when Parental Controls are enabled Support for @icloud.com email addresses
• Resolves a video issue with some VGA projectors when connected to certain Mac notebooks
• Addresses an issue that may prevent Active Directory accounts from being locked out
• Resolves an issue that may cause the policy banner to re-appear prior to logging in
• Improvements to SMB
• Addresses an issue with NIS users when auto-login is enabled
• Addresses an issue in which the Keychain may not be accessible
• Ability to pre-authenticate a FileVault protected system
• Addresses an issue that may cause Xsan to not automatically start after migrating from Mac OS X Snow Leopard 


Direct downloads of OS X 10.8.2 is also available through Apple's site form the following links-



-Source (Apple & MacRumors)                             




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability

Posted by Avik Sarkar On 9/20/2012 05:40:00 pm

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability 

Last few days the whole cyber world have gone through with so many drama of Internet Explorer's security bug, as researchers have unveiled four active exploits of a zero-day vulnerability in the browser. As expected the software giant Microsoft has released an emergency fix to get rid of these major security issues. Microsoft released a “fix it” tool for a critical security flaw in most versions of Internet Explorer 6, 7, 8 and 9  that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. "While we have only seen a few attempts to exploit this issue, impacting an extremely limited number of people, we are taking this proactive step to help ensure Internet Explorer customers are protected and able to safely browse online," said Yunsun Wee, director of Microsoft Trustworthy Computing in a statement. The zero-day in IE 6-9 is a use-after-free memory corruption vulnerability, similar to a buffer overflow, that would enable an attacker to remotely execute code on a compromised machine. The original exploit payload dropped the PoisonIvy remote access Trojan (RAT) via a corrupted Flash movie file. The latest payload discovered dropped the PlugX RAT via the same corrupted Flash movie, Blasco said. He also said the new exploits are the work of the Chinese hacker group Nitro, the same group behind a pair of Java zero-day exploits disclosed in August.

Blasco also said the new exploits appear to be targeting defense contractors in the United States and India.
Microsoft recommended several workarounds Tuesday morning before announcing its intention to send out a FixIt.
  • Setting Internet and local Internet security zone settings to high, which would block ActiveX Controls and Active Scripting in both zones
  • Configure IE to prompt the user before running Active Scripting, or disable Active Scripting in both zones
  • Use of Microsoft's Enhanced Mitigation Experience Toolkit provides mitigations as well, and would not impact website usability, as both of the first two options might.
Microsoft also said that IE running on Windows Server 2003, 2008 and 2008R2 runs in a restricted mode that mitigates the vulnerability. Outlook, Outlook Express and Windows Mail also open HTML messages in a restricted zone, mitigating the vulnerabilty but should a user click a link in a message, they could still be vulnerable to exploit.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October)

Posted by Avik Sarkar On 9/11/2012 12:06:00 am

Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October 26)


Adobe confirmed a serious security hole in Windows 8, hackers have been aiming at  Microsoft's Windows 8 PCs for several weeks as it is vulnerable to attack by exploits. Its very unfortunate for those who runs all the four (consumer previewdeveloper preview, release preview & enterprise) pre-release version of Windows 8, because the Redmond based software giant Microsoft said it will not patch the bug in Flash Player until what it called "GA," for "general availability." That would be Oct. 26, when Windows 8 hits retail and PCs powered by the new operating system go on sale. 
"We will update Flash in Windows 8 via Windows Update as needed," a spokeswoman said in a reply to questions. "The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe."
Microsoft, not Adobe, is responsible for patching Flash Player in Windows 8 because the company took a page from Google's playbook and integrated the popular media software with Internet Explorer 10 (IE10), the new operating system's browser. Last month, Adobe issued two updates for Flash Player that patched eight vulnerabilities, some of which were ranked as "1" by the company, its highest threat warning. One of the vulnerabilities, tagged as CVE-2012-1535, was patched Aug. 14, but had been exploited for an indeterminate time before that.
In fact, CVE-2012-1535 was one of four "zero-days," or unpatched vulnerabilities, exploited in a 16-week stretch by an elite hacker gang revealed by Symantec researchers on Friday. Microsoft has not updated the Flash in IE10 within Windows 8 to accommodate those two sets of patches, Adobe confirmed Friday. "Flash Player 11.3.372.94 does not incorporate the fixes released in APSB12-18 and APSB12-19," said Wiebke Lips, a spokeswoman for Adobe, referring to the Aug. 14 and Aug. 21 Flash updates.
Windows 8 RTM's IE10 identifies the integrated Flash Player as version 11.3.372.94, a more recent build than the one in Windows 8 Release Preview, but older than the most-up-to-date version for Windows, 11.4.402.265, which Adobe delivered on Aug. 21.

Adobe actually told some users about Windows 8's Flash situation two weeks ago. On an Adobe support forum, a company representative announced on Aug. 23 that there would be no Flash update for Windows 8 and IE10 until late October. "Since Windows 8 has not yet been released for general availability, the update channel is not active," said Chris Campbell, identified as an Adobe employee. "Once this goes live, you'll start getting updates to Flash Player."

-Source (Computer World)









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Agent's Laptop Hacked, 12 Million Apple UDID Stolen By Anonymous (#FFF)

Posted by Avik Sarkar On 9/04/2012 10:55:00 pm

FBI Agent's Laptop Hacked, 12 Million Apple UDID Stolen By Anonymous (#FFF)

#Antisec an Offshoot part of infamous hacker collective Anonymous claims to have stolen a file from an FBI laptop which contained more than 12 million unique Apple device indentity numbers. The hackers declares this hack as part of their Friday rampage (#FFF) though the breach did not took place on Friday
The data which hackers stole came from a laptop belonging to Supervisor Special Agent at the FBI, Christopher K. StanglStangl, who joined the FBI in 2003 after graduating from Monmouth University, has been with the agency for nine and a half years and won an award in 2010 for helping bust a cyber crime ring. He was also sucked into another Anonymous stunt earlier this year when at least one of their supporters breached an FBI conference call that had been discussing Anonymous and LulzSec. Stangl was listed among those invited into the call, in an e-mail that was posted on PastebinIn a video posted to Facebook in 2009 (and which will likely be getting a lot more views in the coming days), Stangl is shown wearing a dark suit and tie, speaking to the camera, and calling for “cyber security experts” to join the FBI.

According to the hacker :-

"During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose."

The data is just part of a larger database of 12,367,232 UDIDs, and personal information such as full names, cellphone numbers, addresses and zipcodes belonging to Apple customers. The data was allegedly stolen via exploiting a Java vulnerability. In a pastebin note, the hacker posted several download links of the hacked database. Several security experts have already stated that the stolen data is correct. For those you are not familiar with the term UDID -Each iOS device (iPhone, iPad, iPod touch) is assigned a unique alphanumeric number known as a UDID. This was previously used by app developers to track data usage for their apps, until Apple decided to reject any apps which sought to gain access to this number in the most recent official iOS update. As well as believing that the FBI was using these identifiers to track people, though AnticSec, in its missive on Pastebin, said it didn't agree with the idea of hardware coded identifiers anyway: "We always thought it (UDIDs) was a really bad idea. That hardware coded IDs for devices concept should be eradicated from any device on the market in the future." To read the full press release of #Antisec click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search