Hackers Exploiting Old Ruby on Rails Vulnerability (CVE-2013-0156)To Compromise Web Servers & Create IRC Botnet
A critical vulnerability on Ruby on Rails spotted in January this year which was deemed “critical” at the same time yet again found in the wild. The vulnerability known as CVE-2013-0156 that affected versions 3.0.20 and 2.3.16 again rises it's hand. Though a security patch was released by the Rails developers. But as we all know that many server administrator used to be unaware of these events have not patched their systems. As a result hackers and cyber criminals are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a dangerous botnet. This major security issue was first discovered by a security consultant Mr. Jeff Jarmoc of research firm Matasano Security. In his blog Jarmoc said "It’s pretty surprising that it’s taken this long to surface in the wild, but less surprising that people are still running vulnerable installations of Rails. It also appears to be affecting some web hosts." According to his blog post -the exploit that's currently being used by attackers adds a custom cron job -- a scheduled task on Linux machines that executes a sequence of commands. Those commands download a malicious C source file from a remote server, compile it locally and execute it. The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server and joins a predefined channel where it waits for commands from the attackers. A pre-compiled version of the malware is also downloaded in case the compilation procedure fails on the compromised systems.
"Functionality is limited, but includes the ability to download and execute files as commanded, as well as changing servers," Jarmoc said. "There's no authentication performed, so an enterprising individual could hijack these bots fairly easily by joining the IRC server and issuing the appropriate commands." But the matter of relief is that Jarmoc concluded while saying "this is a pretty straightforward skiddy exploit of a vulnerability that has been publicly known, and warned about, for months."
But still administrators who have not yet patched their Rails version should immediately should update the Ruby on Rails installations on their servers to at least versions 3.2.11, 3.1.10, 3.0.19 or 2.3.15 which contain the patch for this vulnerability. However, the best course of action is probably to update to the latest available Rails versions, depending on the branch used, since other critical vulnerabilities have been addressed since then.
Brief About RoR:- Ruby on Rails is a popular framework for developing Web applications based on the Ruby programming language and is used by major websites including Hulu, GroupOn, GitHub and Scribd.
DDoS Attack From Anonymous Cost PayPal£3.5 Million of Damage
The distributed denial of service attack (DDoS) from hacktivist Anonymous has cost PayPal more than €4.3 million. The attack which was named Operation Payback were initially aimed at companies that opposed internet piracy, but switched to companies like Mastercard, Visa and PayPal after they refused to process payments to WikiLeaks. After that attack PayPal -the global leader in online money transfer and payments has paid around £3.5 million defend and arm itself against such kind distributed denial-of-service (DDoS) attacks. In a report BBC said that more than one hundred skilled employees from eBay, PayPal's parent company, spent almost three weeks working on DDoS-attack-related issues and that PayPal had bought software and hardware to defend itself against further attacks. In all, the total cost of this work came to £3.5 million. This details have been revealed in a court case at Southwark Crown Court where a defendant, Christopher Weatherhead (studying at Northampton University when who allegedly took part in the campaign), is facing charges of conspiring to impair the operation of computers. He has pleaded not guilty to conspiring to impair the operation of computers between 1 August 2010 and 22 January 2011.
Sandip Patel, prosecuting, said the group caused PayPal "enormous economic harm". Mr Patel said they used distributed denial of service, or DDoS, which flooded the targets computers with enormous amounts of online requests. Target websites would crash and users would be directed to a page displaying the message: "You've tried to bite the Anonymous hand. You angered the hive and now you are being stung."
Mr Patel said: "This case, simply put, is about hackers who used the internet to attack and disable computer systems - colloquially described as cyber-attackers or vandals." He said Mr Weatherhead, who used the online name Nerdo, posted plans on an Internet Relay Chat (IRC) channel encouraging an attack on PayPal.
He said PayPal was the victim of a series of attacks "which caused considerable damage to its reputation and loss of trade".
Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor
Whonix, which is earlier called TorBOX or aos; now been reintroduced with a new style. This time we got a complete anonymous general purpose Operating System based on Virtual Box, DebianGNU/Linux and Tor. According to the project wiki page - in Whonix IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two virtual machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.
We request our reader to See Security for a more comprehensive description, security features and threat model. You can even go through with full change log and also download the source code from github.
Key Features:-
Adobe Flash anonymously
browse the web anonymously
Anonymous IRC
Anonymous Publishing
Anonymous E-Mail with Mozilla Thunderbird and TorBirdy
Add a proxy behind Tor (Tor -> proxy)
Based on Debian GNU/Linux.
Based on the Tor anonymity network.
Based on Virtual Box.
Can torify almost any application.
Can torify any operating system
Can torify Windows.
Chat anonymously.
Circumvent Censorship.
DNSSEC over Tor
Encrypted DNS
Full IP/DNS protocol leak protection.
Hide the fact that you are using Tor/Whonix
Isolating Proxy
Java anonymously
Javascript anonymously
Location/IP hidden servers
Prevents anyone from learning your IP.
Prevents anyone from learning your physical location.
Private obfuscated bridges supported.
Protects your privacy.
Protocol-Leak-Protection and Fingerprinting-Protection
Secure And Distributed Time Synchronization Mechanism
Security by Isolation
Stream isolation to prevent identity correlation through circuit sharing
Virtual Machine Images
VPN/Tunnel Support
Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.
Transparent Proxy
Tunnel Freenet through Tor
Tunnel i2p through Tor
Tunnel JonDonym through Tor
Tunnel Proxy through Tor
Tunnel Retroshare through Tor
Tunnel SSH through Tor
Tunnel UDP over Tor
Tunnel VPN through Tor
To Download Whonix-0.4.5 Click Here. Before download please note that Whonix is produced independently from the Tor anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.
GoDaddy Outage Was Not Beacuse of Hacker Attack But Technical Difficulties
GoDaddy -the website which is widely known as a DNS and hosting provider remained down for most of time on 10th September came back online in the 10th evening. As expected thousands of other web sites reportedly went offline as their hosting provider GoDaddy experienced massive service disruptions. GoDaddy, which claims to be the world's biggest web hosting company, confirmed the problems on its official Twitter account but has not yet stated the cause of the disruptions. A hacker code named "Anonymous Own3r" on Twitter took responsibility of the outage. The attack came on behalf of the hacker collective group 'Anonymous' as a protest against GoDaddy's support of the SOPA act. The hacker stated the reason of the outage is a massive denial of service (DDoS) attack which was generated from an IRC-Botnet. A tweet from the @AnonOpsLegion account: "#TangoDown -- http://www.godaddy.com/ | by@AnonymousOwn3r" was the initial public promotion of the outage, leading some to believe that the Anonymous online activist collective was behind the disruption. However, the AnonymousOwn3r account clarified in various tweets that: "it's not Anonymous coletive [sic] the attack is coming just from me." But this claim was later disputed by posts from the @YourAnonNews account which is known to be one of the legitimate twitter source of Anon.
After completing the investigation of the outage, GoDaddy released a press note where they have clearly said that the outage was not because of DDoS attack but internal technical difficulties. According to Scott Wagner Go Daddy CEO -
"GoDaddy.com and many of our customers experienced intermittent service outages starting shortly after 10 a.m. PDT. Service was fully restored by 4 p.m. PDT. The service outage was not caused by external influences. It was not a "hack" and it was not a denial of service attack (DDoS). We have determined the service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
At no time was any customer data at risk or were any of our systems compromised. Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level our customers expect from us and the level we expect of ourselves. We have let our customers down and we know it. We take our business and our customers' businesses very seriously. We apologize to our customers for these events and thank them for their patience."
KDE 4.9 Released With Improved Stability & Performance
Earlier in January we got KDE 4.8, so after eight moths of wait now the KDE Developers team has announced its latest set of releases, providing major updates to KDE Plasma Workspaces, KDE Applications, and the KDE Platform. Version 4.9 provides many new features, along with improved stability and performance. This release is dedicated to the memory of KDE contributor Claire Lotion. Claire's vibrant personality and enthusiasm were an inspiration to many in many opensource community, and her pioneering work on the format. The KDE Quality Team was set up earlier this year with a goal to improve the general levels of quality and stability in KDE software. Special attention was given to identifying and fixing regressions from previous releases. This was a top priority because it ensures improvement with each release. As a result of the efforts of the KDE Quality Team, the 4.9 Releases are the best ever.
One particular bugfix deserves special attention. An Okular bug reported in 2007 had gotten nearly 1100 votes; it was important to many users. They complained about making annotations and not being able to save or print them. With the assistance of many commenters and people on the Okular IRC channel, Fabio D’Urso implemented a solution that allows Okular PDF document annotations to be saved and printed. The fix required some work on KDE libraries and attention to overall design to ensure that non-PDF documents worked right.
The most notable include:-
The Dolphin file manager includes back and forward buttons, inline file renaming, and the ability to show metadata like ratings, tags, image size, file size, date, and more. You can also sort files by these metadata properties, which is awesome. It also includes a better Places panel, improved search, and better integration with the Terminal.
The Konsole terminal now includes the ability to change directory when you drag and drop a folder into the window, detach tabs by dragging them out of the window, and more.
Activities, the feature that helps you separate your work from your play, is now a bit more powerful, letting you link certain files to each workspace. You can also encrypt certain activities for more private work.
The KWin window manager now has better performance all around, as well as a few improvements here and there with certain effects like Wobby Windows.
We just past few weeks of Fedora 17 arrival, now the developers at the Fedora Project proudly announced that the stable version of the ARM edition of the Fedora 17 (Beefy Miracle) operating system is now available for download. Fedora 17 ARM is available as prebuilt images for various platforms including the Trimslice, Beagleboard xM, Pandaboard, Kirkwood Plugs, Highbank and iMX-based systems. An image is also provided for the Versatile Express platform which can be emulated by QEMU. The prebuilt images with kernels that can be written directly to SD Card, USB, or SATA drive and booted without any additional steps or configuration. Additionally, separate kernels and tar balls are provided for those who wish to roll their own images.
Paul Whalen of Red Hat is inviting enthusiast to test the release. He writes on the mailing list, "We invite you to download the Fedora 17 GA release and provide your valuable input to the Fedora ARM team. Please join us on the IRC in #fedora-arm on Freenode or send feedback and comments to the ARM mailing list." Detailed information about Fedora 17 ARM can be found on the project wiki page.
FBI Used LulzSec To Track & Spy on Wikileaks Founder Julian Assange
After the inside story of Anonymous former leader Hector Xavier Monsegur aka "Sabu" case get revealed, the world came to know that Sabu was working as an under cover agent of FBI which lead a series of arrest for several key members of hacker collective Anonymous & LulzSec. Now we got another twist which came from a new book written by Parmy Olson, the London bureau chief for Forbes Magazine, saying that FBI used an agent inside the LulzSec hacker group to track and spy on Wikileaks founder Julian Assange. According to the book, an associate of WikiLeaks contacted LulzSec spokesman Topiary on June 16 hours after the assault on the CIA. The two would eventually converse over an Internet Relay Chat channel that was reported to be witnessed by Assange, who confirmed his identity by providing a video to the hacker in real time during their chat. For a few weeks, writes Olson, Assange and/or his associate returned to the LulzSec IRC channel “four or five more times,” during which others occasionally engaged in conversation with both sides. During at least one of those conversations, Assange’s contact at WikiLeaks offered LulzSec a spreadsheet of classified government data contained in a file named RSA 128, which she says was heavily encrypted and needed the manpower of black hat hacktivists to decode.
According to an exclusive report of RT - Aside from a few unsealed court documents, details about the now-defunct hacktivism group LulzSec remains few and far between. One journalist is saying she got inside the organization though — along with Julian Assange.
“We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency” is an upcoming book from Parmy Olson, the London bureau chief for Forbes Magazine. And although her alleged account has not yet hit the shelves, a lengthy excerpt has been leaked to the Web — and its contents suggest that that the world’s once most powerful hacking collective was in correspondence with WikiLeaks founder Julian Assange after he allegedly reached out to the organization for assistance. The US government says that they had already infiltrated LulzSec by then, though, meaning that WikiLeak’s plea to the hacking collective was actually being offered to an FBI mole.
According to Olson, the June 2011 attack on the public website of the US Central Intelligence Agency by LulzSec caught the attention of Assange, who was residing in the countryside manor of an English journalist while on house arrest.Once he saw that a LulzSec-led invasion had crippled CIA.gov, Assange allegedly sent out two tweets from the WikiLeaks Twitter account, only to delete the micomessages shortly after:
"WikiLeaks supporters, LulzSec, take down CIA . . . who has a task force into WikiLeaks," read one."CIA finally learns the real meaning of WTF” reads the other.
Assange “didn't want to be publicly associated with what were clearly black hat hackers” writes Olson, speaking of computer compromisers who target network for perhaps no real intention other than mischief making. “Instead, he decided it was time to quietly reach out to the audacious new group that was grabbing the spotlight,” she says. Olson says that one of those hackers aware the newfangled relationship was Hector Xavier Monsegur, who spearheaded LulzSec by serving as a leader of sorts under the handle Sabu. Perhaps unbeknownst to all engaged in the IRC chats, however, was that Sabu had been arrested on June 7 and, according to the federal government, began immediately working as an FBI informant.
"Since literally the day he was arrested, the defendant has been cooperating with the government proactively," Assistant US Attorney James Pastore said at a secret bail hearing on August 5 2011, according to a transcript released this March after his arrest was made public.
While details of Sabu’s escapades under the direct influence of the FBI are obviously being kept confidential, federal attorneys have said that the hacker more or less masterminded the group under their command until LulzSec dissolved on June 25; Jake Davis — Topiary — was arrested in the UK on August 1. If Olson’s allegations add up, that could mean that the FBI’s top-secret informant, Sabu, was speaking directly with America’s cyber-enemy number one: Julian Assange.
On Wednesday this week, the UK Supreme Court agreed to extradite Assange to Sweden, where he is facing a lawsuit unrelated to his involvement with WikiLeaks. Once there, however, the United States may be able to more easily fight to have him sent stateside to be charged with aiding the enemy — the crime being pegged to alleged WikiLeaks contributor Bradley Manning, who now faces life in prison for that involvement. The uncertainty of who exactly conversed with whom might be near impossible to confirm given the widespread anonymity of hacktivists tied with LulzSec and Anonymous alike, but if Olson’s account adds up, the FBI’s inside man may very well have come close to working with Assange. On his part, Topiary claims that he never received the RSA 128 file.
The Federal Bureau of Investigation raided the apartment of Barrett Brown, the unofficial “spokesperson” for the hacker collective Anonymous. The warrants allowed the Feds to search for records relating to Anonymous, LulzSec, HBGary, Infragard, Endgame Systems, IRC chats, Twitter, Brown’s website Echelon2.org and and Pastebin records, amongst other things. Basically, anything on any data-storing device owned by Brown. In a pastebin note Brown himself posted this thing.
Brown, of course, is not a hacker, but as a visible proponent of Anonymous, he’s an easy target for the Feds. In his Pastebin statement, however, Brown hit back at the federal government, independent security firms and big business in very interesting way—he brought up the corporate-government anti-hacking axis Team Themis. For anyone well-versed in the Greek pantheon of gods, you will remember Themis is the female goddess of law, justice and social control. It’s not for nothing that Team Themis would choose the goddess’s name for their vigilante form of justice, by which private entities—security firms and businesses—have launched an extra-judicial campaign against their enemies.
According to Brown's note - "With the assistance of the law firm Hunton & Williams, [Team Themis] went about collecting potential clients, including two institutions which desired to go on the offensive against certain activist groups. One of these institutions, the Chamber of Commerce, provided them with the names of various individuals believed to be involved with groups that opposed their policies, and asked them to come up with a plan by which to discredit them." Full statement of Brown can be found here.
We would also like to give you reminder that the last operation of FBI was the arrest of Higinio O. Ochoa III, a member of Anon affiliated 'CabinCr3w'.
AnonymousMember John Anthony Borell Charged For Hacking into Utah Police & Salt Lake City Police Dept
FBI successfully tracked the #OpPiggyBank of Anonymous where two hackers from Anonymous named CabinCr3w & ItsKahuna took responsibility of hacking into the database of the Salt Lake City PD and exposed confidential information such as Full name of the Employ, Address, Phone Number, email-id, password hash and so on. According to a report of Huffington Post - An Ohio man linked to the hacker collective "Anonymous" pleaded not guilty Monday to charges of breaching the websites of the Utah Chiefs of Police Association and the Salt Lake City Police Department. John Anthony Borell III took credit for the attacks on Twitter, said FBI officials, who subpoenaed the direct messages the suspect traded with Salt Lake City reporters. The FBI traced Borell's Twitter account to a workplace computer. "That didn't hurt the investigation, of course, when people make comments like that," FBI agent David Johnson said Monday. Borell appeared with a public defender at federal court in Salt Lake City after being released from a halfway house for the appearance. He faces 10 years in prison and a $250,000 fine if convicted on two counts of computer intrusion, prosecutors said. FBI agents say they don't know what motivated an Ohio man to tamper with the Utah police websites in January. Prosecutors say Borell intruded on the chiefs' website server Jan. 19, then broke into the police department's website Jan. 31. Salt Lake City police spent $33,000 to repair damage to their website and shore up security, and the hacker was able to access citizen's supposedly confidential crime tips and even some personal information on police officers, Johnson said. Borell was recently arrested after Federal Bureau of Investigations agents found him using Twitter and Internet Relay Chat logs. The investigation was spurred by two tips sent in to tips.fbi.gov and ic3.gov that stated Borell was a member of hacking collective Anonymous. It also provided a number of pseudonyms he was associated with including Kahuna, TehTiger, and anonJB.
The indictment states that Borell used the SQL Injection technique to access and take down the websites utahchiefs.org and slcpd.com (Salt Lake City Police Department). The FBI found Twitter direct messages and tweets in which Borell admitted to taking down the websites. Further proof of his identity was found when the FBI looked through chat logs in IRC. There, Borell explained that his father was an attorney and was advising him against talking to the FBI. Agents searched Ohio-based attorneys and found two local attorneys named “John Anthony Borell Esq.”
We would also like to give you reminder that another member of Anonymous affiliated CabinCr3w named Higinio O. Ochoa III, also get busted after he posted girlfriend's breast photo.
TeaMp0isoN Threatened Authorities After Leader's Arrest
Few days ago a hacker collective group named TeaMp0isoN took responsibility of hacking into British intelligence agency (MI6). Immediately after the attack MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6. But the story is not over yet. The official twitter account of TeaMp0isoN issued a warning that it will fight back against the arrest of its members.
The group linked to a Pastebin statement with a call for other hackers to unite in attacking law enforcement agencies.
Message of TeaMp0isoN:- "We've lost the first and most important member of our team; our founder, our brother, our family member. Most importantly we lost a fighter for freedom, a fighter against corruption. He strived for justice, and constantly fought against oppression and corruption, to help spread awareness on humanitarian causes, and now, he is no longer with us. Most of you think that this is end of TeaMp0isoN and that this is end of our fight. We're glad to shout: ################################# #_ITS NOT OVER, IT JUST STARTED_# #_ITS NOT OVER, WE ARE STRONGER_# #_ITS NOT OVER, WE ARE UNITED_ # #################################
I ask you, a fellow hacker, as a blackhat, to rise, to unite and to fight. For years the hacking scene for the most part has been misrepresented by skids, who have inevitably led to the copious amounts of faggotry and butthurt which currently pollutes the scene. Whitehats continue to lurk and grow, and nothing is preventing them from disclosing exploits. As a collective we have to stop this, to ascend out of the underground and show the world we are not fucking around, something which TriCk firmly believed in. We, as hackers, have to unite to revive the blackhat scene, for TriCk... and everything that we stand for. Do you support TeaMp0isoN? Help out via: irc.tsukihi.me #retaliation ----------------------------------------- root@TeaMp0isoN:~# rm -rf skids/* root@TeaMp0isoN:~# rm -rf whitehats/* root@TeaMp0isoN:~# rm -rf governments/* root@TeaMp0isoN:~# rm -rf justicesystem/* root@TeaMp0isoN:~# rm -rf police/* ----------------------------------------- ..."
Federal Judge Opened The Gate For 14 Anonymous Members To Use Twitter Freely
A Federal judge in San Jose, Calif. Has opened the gates for 14 alleged members of anonymous to continue using Twitter as one of the "principle tools through which the members of the Anonymous hacking group planned and coordinated their criminal activities," according to prosecutors opposing the decision. The first question came up in January as a motion from Vincent Kershaw, indicted along with 13 other alleged Anon members for attacking PayPal following the arrest of WikiLeaks founder Julian Assange.
Kershaw could have simply argued that preventing him from Tweeting about issues having nothing to do with his legal situation or the charges against him was a violation of his First Amendment right to free speech. Even in court, where current events, fashions and politics are supposed to be banished from legal decisions, requests go over much more easily when they hit the issues that are big today rather than when the Constitution was written.
Despite arguments that the dangerous, subversive hackers of Anonymous use the overly public Twitter to plan their misdeeds, Judge Paul Grewal ruled prosecutors hadn't sufficiently linked specific Twitter accounts to their assumption that every key-press by an Anonymous sympathizer was necessarily a felony or act of treason.
Therefore Kershaw and his fellow defendants are free to Tweet themselves or participate in Twitter Town Halls and other online events. They're not allowed to use IRC, however, which Anonymous actually does use to plan and coordinate its various activities, not to mention gossip about each other, engage in private flame wars that break out into public doxings, swap files, swap pictures and do all the other social things people do online, especially when their physical liberty is limited.
Kershaw is a 28-year-old foreman for a Colorado landscaping company, was arrested along with 15 others for a DDOS attack the DoJ charges they participated in and which was organized by Anonymous. He was released July 2 on a bond of $10,000 on condition he not access the Internet from any computer and that he allow a probation officer to verify he had not done so.
Anonymous-OS Alpha - First Operating System Released By #Anonymous
Earlier hacktivist Anonymous has released several DoS tool like LOIC, #refref, HOIC and so on but now we have all in one. Anonymous has officially released their first Operating system named Anonymous-OS. Basically its a live ubuntu-based distribution and created for educational purposes, to checking the security of web pages. In short Anonymous-OS can be regarded as a penetration testing distribution like BackBox, BackTrack and so on.
Preinstalled Apps on Anonymous-OS:-
- ParolaPass Password Generator
- Find Host IP
- Anonymous HOIC
- Ddosim
- Pyloris
- Slowloris
- TorsHammer
- Sqlmap
- Havij
- Sql Poison
- Admin Finder
- John the Ripper
- Hash Identifier
- Tor
- XChat IRC
- Pidgin
- Vidalia
- Polipo
- JonDo
- i2p
- Wireshark
- Zenmap
As expected in a sourceforge project page the OS is made available for download. For Additional information & to Download Anonymous-OS click Here.
Just after the official release of Red Hat Enterprise Linux (RHEL) 6.2 now free community clone CentOS immediately released Version 6.1. CentOS 6.1 offers almost all the non-proprietary portions of RHEL 6.1, including virtualization performance optimizations, enhanced development and monitoring tools, and YUM package management enhancements.
CentOS-6.1 is based on the upstream release EL 6.1 and includes packages from all variants. All upstream repositories have been combined into one, to make it easier for end users to work with.
There are some important changes to this release compared with the previous versions of CentOS, to know that you have to go through with the Release Note.
CentOS is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor. CentOS conforms fully with the upstream vendors redistribution policy and aims to be 100% binary compatible. (CentOS mainly changes packages to remove upstream vendor branding and artwork.) CentOS is free.
CentOS is developed by a small but growing team of core developers. In turn the core developers are supported by an active user community including system administrators, network administrators, enterprise users, managers, core Linux contributors and Linux enthusiasts from around the world.
CentOS has numerous advantages over some of the other clone projects including: an active and growing user community, quickly rebuilt, tested, and QA'ed errata packages, an extensive mirror network, developers who are contactable and responsive, multiple free support avenues including IRC Chat, Mailing Lists, Forums & Many more
SeaMonkey 2.6 Beta1 is now available for download on the SeaMonkey website. The SeaMonkey project is a community effort to develop the SeaMonkey all-in-one internet application suite (see below). Such a software suite was previously made popular by Netscape and Mozilla, and the SeaMonkey project continues to develop and deliver high-quality updates to this concept. Containing an Internet browser, email & newsgroup client with an included web feed reader, HTML editor, IRC chat and web development tools, SeaMonkey is sure to appeal to advanced users, web developers and corporate users.
Under the hood, SeaMonkey uses much of the same Mozilla source code which powers such successful siblings as Firefox, Thunderbird, Camino, Sunbird and Miro. Legal backing is provided by the Mozilla Foundation.
Hacktivist Anonymous has called #OpBlackout. Anon has threatened to fight the US government over alleged censorship of the internet. The group claims that the US government "is censoring the internet", employing ISP blocks, DNS blocks, search engine and web site censorship, and a variety of other methods to stifle freedom. Anonymous has called on the citizens of the US to stand up against their government in what it described as "not a call to arms, but a call to recognition and action". It also called on the people of other countries to "fight back", adding that their governments will most likely follow suit.
In a Press Release Anonymous Said:-
"Citizens of the United States, We are Anonymous.
This is an urgent emergency alert to all people of the United States. The day we've all been waiting for has unfortunately arrived. The United States is censoring the internet. Our blatant response is that we will not sit while our rights are taken away by the government we trusted them to preserve. This is not a call to arms, but a call to recognition and action! The United States government has mastered this corrupt way of giving us a false sense of freedom. We think we are free and can do what we want, but in reality we are very limited and restricted as to what we can do, how we can think, and even how our education is obtained. We have been so distracted by this mirage of freedom, that we have just become what we were trying to escape from. For too long, we have been idle as our brothers and sisters were arrested. During this time, the government has been scheming, plotting ways to increase censorship through means of I S P block aides, D N S blockings, search engine censorship, website censorship, and a variety of other methods that directly oppose the values and ideas of both Anonymous as well as the founding fathers of this country, who believed in free speech and press! The United States has often been used as an example of the ideal free country. When the one nation that is known for its freedom and rights start to abuse its own people, this is when you must fight back, because others are soon to follow. Do not think that just because you are not a United States citizen, that this does not apply to you. You cannot wait for your country to decide to do the same. You must stop it before it grows, before it becomes acceptable. You must destroy its foundation before it becomes too powerful. Has the U.S. government not learned from the past? Has it not seen the 2011 revolutions? Has it not seen that we oppose this wherever we find it and that we will continue to oppose it? Obviously the United States Government thinks they are exempt. This is not only an Anonymous collective call to action. What will a Distributed Denial of Service attack do? What's a website de face ment against the corrupted powers of the government? No. This is a call for a worldwide internet and physical protest against the powers that be. Spread this message everywhere. We will not stand for this! Tell your parents, your neighbors, your fellow workers, your school teachers, and anyone else you come in contact with. This affects anyone that desires the freedom to browse anonymously, speak freely without fear of retribution, or protest without fear of arrest. Go to every I R C network, every social network, every online community, and tell them of the atrocity that is about to be committed. If protest is not enough, the United States government shall see that we are truly legion and we shall come together as one force opposing this attempt to censor the internet once again, and in the process discourage any other government from continuing or trying.
We are Anonymous. We are Legion. We do not forgive censorship. We do not forget the denial of our free rights as human beings. To the United States government, you should've expected us.
Malware writers have derived a new Trojan for Mac OS X by porting an older Linux backdoor Trojan horse onto another platform. The newly discovered Tsunami Trojan is derived from an earlier Linux-infecting backdoor Trojan, called Kaiten, which phoned home from infected machines to an IRC channel for further instructions. Security firms are still in the process of analysing Tsunami but early speculation suggests it may be a DDoS attack tool.
"Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non-existent," said Graham Cluley
We fully expect to see cybercriminals continuing to target poorly protected Mac computers in the future. If the bad guys think they can make money out of infecting and compromising Macs, they will keep trying. My advice to Mac users is simple: don't be a soft target, protect yourself.
Mac Trojan authors have previously used Windows backdoor code but the Tsunami Trojan is the first case we've across, at least, where malware tricks from the world of *nix have been turned against Macs
Another Occupy Wall Street protest by Anonymous. Previously Anonymous Hacked IACP & Exposed 600 MB of Personal Data and this time the target was Oakland police. Members of the 'hacktivist' launched a DDOS attack that brought down the main web site of the Oakland Police Department for much of last night, cracked at least part of the security on an Oakland city government server and posted information on the names and data structure of Oakland city servers and the names, addresses and other personal data on Oakland police.
Members of the group have also put out the call for more hacked data and offered a $1,000 reward for specific data on the officer who fired the riot-control weapon that critically injured Iraq War veteran Scott Olsen. Olsen, a former Marine who participated in the protest Tuesday night, was apparently struck in the head by either a tear-gas canister or flash-bang grenade fired by Oakland riot police during a violent effort to drive OccupyOakland protesters off the streets.
In a Press Release Anon Said:-
"#OccupyOakland has come under attack from city police, who now appear to be calling in reinforcements from Palo Alto. A protester who did two tours in Iraq is in critical condition with fractured skull and brain injury after a cop shot him in the head with a "non-lethal" weapon. A crowd of protesters were deliberately hit with a flashbang while rendering first aid to an injured protester. Police claimed in a recent press release that "no injuries" have been reported so far.
These are among the most disturbing and criminal acts to be have been proven on the part of U.S. police since NYPD officers were outed as having routinely planted drugs on suspects earlier this month. The time has come to retaliate against Oakland police via all non-violent means, beginning with doxing of individual officers and particularly higher-ups involved in the department's conduct of late.
Those willing to assist in doxing should send any found materials to transistor@hushmail.com. To work with Anonymous, use an IRC client to join irc.anonops.li #anonops.
I'm offering a $1,000 reward, no questions asked, for the name of the officer who threw a flashbang at the injured Iraqi vet. "
To see the entire press release of Anonymous Click Here
For more information and to see the server details and other confidential information leaked by Anon Click Here.
Exposed Names, Addresses and other Personal data of Oakland Police are Here
On October 14, 1996, Matthias Ettrich posted a message to Usenet (comp.os.linux.misc), announcing "Programmers wanted!" for a "New Project: Kool Desktop Environment (KDE)". Now, 15 years later, Matthias’s dream of a "GUI for an ENDUSER" has been fully realized. And more. Sometime in the next 2 weeks, Plasma Active One will be released, extending Matthias's plan for a "modern interface" with a "common look & feel" to a range of enduser devices from desktop to mobile. KDE has grown beyond a Linux Desktop GUI to a global community of people. But it still has the same innovative spirit and a commitment to serving users of Free and Open Source Software.
KDE, the "K Desktop Environment", is celebrating its fifteenth birthday today, and the KDE community has announced a global party. The announcement includes suggestions for what to do – host a local party, test 15 bugs, hang out at #kde on freenode IRC – and a request to send plans and photos of the celebrations to 15@kde.org. KDE Spain has taken an alternative approach by holding four smaller parties on the evening of 14 October in Málaga, Castellón, Barcelona and Coruña.
For more information and to be a part of this celebration Click Here
& to download KDE latest version Click Here
Internal collision between Anonymous team, members are quitting Anon group, and the main caused described by them si Lulzsec and Antisec movement. An alleged member of Anonymous has apparently outed himself and quit. The UK-based hacker, who says his real name is Matthew, operated under the pseudonym “SparkyBlaze” during his time with Anonymous. As to his reasons for leaving the group, he points mainly to LulzSec, the AntiSec movement, and Anonymous’ leadership.
Mathew said :-
“When I started with Anon I thought I was helping people but over the past few months things inside anon have changed,” the hacker said in a statement posted to the Web. “I am mostly talking about AntiSec and LulzSec. They both go against what I stand for (and what anonymous says they stand for). Antisec has released gig after gig of innocent peoples information. For what? What did they do? Does anon have the right to remove the anonymity of innocent people? They are always talking about peoples right to remain anonymous so why are they removing that right?” To the Anonymous members he leaves behind, SparyBlaze adds, “You are not helping anyone.” He continues, “Think about the long run. Some thinking now can save you some large legal bills later. And yes i will be there when you get out of court to say: I told you so. There are other ways to help people, just don’t go to anon you are not hurting the governments you are hurting yourselves in the long run.”
To see Matthew's full statement and the reason why he is quitting cheek the following link where he has described everything.
So Over The Past Few Days I Have Been At A Cross road With Anonymous. Why? Because I Started To Think.
So When I Started With Anon I Thought I Was Helping People But Over The Past Few Months Things Inside Anon Have Changed. I Am Mostly Talking About AntiSec And LulzSec. They Both Go Against What I Stand For (And What Anonymous Says They Stand For). AntiSec Has Released Gig After Gig Of Innocent Peoples Information. For What? What Did They Do? Does Anon Have The Right To Remove The Anonymity Of Innocent People? They Are Always Talking About Peoples Right To Remain Anonymous So Why Are They Removing That Right?
Now I Could Talk for Hours On Why I Have Came To This Choice But I Don't Think Anyone Would Or Read It Or Care. So I Will Just Say Some Key Points:
They Are Removing Peoples Right To Anonymity, A Right Which They Claim To Protect And Uphold.
Sending Some Packets To A Server And Putting Info On-line Is Not Helping Or Solving Anything
Anonymous DOES Have A Leader Ship And They Don't Give 2 Fucks About Us. Think, When Anons Were Arrested For DDoSing Paypal A While Back Was There A Mass Free Anon Operation?. Did They Put-Out Press Releases And Start Donations For Them?. No They Did One TV Interview And Fed Them To The Lions But When TopIary Was Arrested They Started #FreeTopIary We All Know He Is A "Higher Up" In Anon And They Started A Op For Him. You Think Those Donations Are Going To Topiary? Why Start A Op For Him? Well I Think It Is Because Of 2 Things:
- Press (Anon Is The Biggest Fucking Media Whore I Have Ever Seen)
- TopIary Is A Anon Who They Give A Fuck About
Now You May Think I Am Mad But All The Proof Is There. I Am Not Saying People In Anon Are All Fags, Some Thing They Are Helping. But They Have Been Tricked Into Thinking It. Truth Is Anonymous Hasn't Brought Down Governments. The People Have. If You Was A Dictator you Wouldn't Give a Fuck About People Taking Down Your Site. You Would Give A Fuck About The People Rioting And Wanting You Dead.
Anonymous Has Prayed On Peoples Willingness To Help Others. And Most Of Them Are Kids Who Don't Understand What They Are Doing Can Fuck Up There Lives And The IRC Wont Help Them.
I Could Put More But I Don't See The Point.
A Message To The Governments:
If You Hate Anon, Don't Arrest The Kids. Arrest The Leaders. Without Them Everything Will Fall To Shit. All The Recruitment Will Stop And Then The People Will Start To Think And Understand That Anon Is Not Helping Anyone.
A Message To The Leaders Of Anon:
Fuck You Can't Wait Till You All Get Arrested :D
And If One Anon Sees The Truth Every Week Then Your Time Is Running Out
A Message To The Anon's:
Quit While You Still Can, You Are Not Helping Anyone And You Need To Think About The Long Run. Some Thinking Now Can Save You Some Large Legal Bills Later. And Yes I Will Be There When You Get Out Of Court To Say: I Told You So. There Are Other Ways To Help People, Just Don't Go To Anon You Are Not Hurting The Governments You Are Hurting Yourselves In The Long Run. And No I Am Not Saying I Agree With What The Governments Are Doing But I Also Do Not Agree With Anon.
You Cant Arrest A Idea But You Can Throw A Kid In Jail And Fuck Up Their Life.
Don't Do The Crime If You Can't Do The Time.
Ps:
I Am Not Saying Everything Anon Has Done Is Pointless Things Like Getting Internet To People When Governments Cut It Off I Support. I Am Just Saying Most Of It Isn't Helping Anyone And Is Just Getting Kids Arrested.
I Would Like to Thank People Like:
@th3j35t3r
@sambowne
@AnonTangoDown
@providesecurity
And Everyone Else Who Has Been Spreading The Truth About Anon.
Thanks
SparkyBlaze
For Proof That I Am Not Trolling:
My Name Is Matthew And I Live In The UK, Manchester And No I Wont Post My Address And Phone Numbers Because I Know I Will Have Pizzas And Prank Calls To My House (That In It's Self Is More Proof That You Are All Kids). If You Want To Know More Then By All Means Dox Me. Remove My Right To Remain Anonymous."
