Showing posts sorted by date for query TriCk. Sort by relevance Show all posts
Showing posts sorted by date for query TriCk. Sort by relevance Show all posts

Hackers Sending Rogue 'Microsoft Services Agreement' Emails Exploiting Java Vulnerability

Posted by Avik Sarkar On 9/06/2012 04:31:00 pm

Hackers Sending Rogue 'Microsoft Services Agreement' Emails Exploiting Java Vulnerability

Cyber criminals are distributing mass on the internet while sending rogue email notifications about changes in Microsoft's Services Agreement to trick people into visiting malicious pages that use a recently circulated Java exploit to infect their computers with malwareOracle left a security flaw in one of the world’s most widely used programs unpatched for four months and then issues a half-baked fix, the company is practically inviting cyber criminals to exploit its users en mass. And as expected the invitation has been accepted.
The rogue email messages are copies of legitimate notifications that Microsoft sent out to users to announce changes to the company's Services Agreement that will take effect Oct. 19. "This email is a legitimate announcement regarding updates to the Microsoft Services Agreement and Communication Preferences," a Microsoft program manager for supporting mail technologies who identifies herself as Karla L, said on the Microsoft Answers website in response to a user inquiring about the authenticity of the email message.
However, she later acknowledged the existence of reports about malicious emails that use the same template. "If you received an email regarding the Microsoft Services Agreement update and you're reading your email through Hotmail or Outlook.com, the legitimate email should have a Green shield that indicates the message is from a Trusted Sender," she said. "If the email does not have a Green shield, you can mark the email as a Phishing scam." 
However, in the malicious versions of the emails, the correct links have been replaced with links to compromised websites that host attack pages from the Blackhole exploit toolkit. Blackhole is a tool used by cybercriminals to launch Web-based attacks that exploit vulnerabilities in browser plug-ins like Java, Adobe Reader or Flash Player, in order to install malware on the computers of users who visit compromised or malicious websites.
This type of attack is known as a drive-by download and is very effective because it requires no user interaction to achieve its goal. The malicious Java applet used in this attack is detected by only eight of the 42 anitivirus engines available on the VirusTotal file scanning service. The Zeus variant has a similarly low detection rate.
"We're receiving multiple reports of a phishing campaign using the template from a legitimate Microsoft email regarding Important Changes to Microsoft Services Agreement and Communication Preferences," Russ McRee, security incident handler at the SANS Internet Storm Center, said Saturday in a blog post.


-Source (Info World)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'BackDoor.Wirenet.1' Trojan Stealing Passwords From Mac & Linux Based Systems

Posted by Avik Sarkar On 9/04/2012 03:34:00 pm


'BackDoor.Wirenet.1' Trojan Stealing  Passwords From Mac & Linux Based Systems

A Russian Anti Virus software company named 'Dr Web' has spotted a piece of malware that unusually targeting Macs and Linux-based systems is causing a world of trouble for those in its path. The newly found mlaware dubbed 'BackDoor.Wirenet.1' apparently providing its masters with a backdoor into infected systems. It is also capable of stealing passwords stored in browsers like Chrome, Chromium, Firefox and Opera. Furthermore, it’s also able to obtain passwords from popular applications including SeaMonkey, Pidgin and Thunderbird. Even if you don’t use any of the above mentioned software, you’re still in danger as a keylogger is bundled in the payload. Wirenet.1 installs itself into the user's home directory using the name WIFIADAPT

There are some steps that can be taken right away if you think you could be infected. Dr. Web is quick to point out that their anti-virus software will keep you protected. Another option is to simply disable communication with the control server used by the code’s author. In this case, blocking communication with IP address 212.7.208.65 should do the trick.  

Earlier also Mac users faced such attacks when mac Trojan OSX.SabPub was spreading through Java exploits In 2011 we have also seen OSX/Revir-B trojan was installed behind a PDF, and giving hackers remote access to MAC computers, not only Revier-B also Linux Tsunami trojan Called "Kaiten"targeted Mac OS users in 2011. Also another malware named "Devil Robber" which was also make MAC users victim while stealing their personal information




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

Posted by Avik Sarkar On 8/31/2012 06:05:00 pm

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

We are very much familiar to see Malware has targeted men by enticing them to view videos or pictures of a sexually-oriented nature. But here the story is totally different, recently Antivirus firm Symantec has discovered discovered 'Android.Loozfon' a rare example of malware that targets female Android users.
According to the symantec official blog -A group of scammers is attempting to lure female Android users in Japan into downloading an app by sending emails stating how the recipient can easily make some money. The email includes a link to a site that appears to be designed to assist women to make money simply by sending emails. When a certain link on the site is clicked, Android.Loozfon is downloaded onto the device. Other links direct the user to a dating service site that likely attempts to charge money to use the service, which supposedly helps women meet rich men.



If this trick does not work, the criminal group has another trick up its sleeve. It also sends spam that states that the sender of the email can introduce the recipient to wealthy men. When the link included in the body of the email is clicked, the malware is automatically downloaded onto the device. The downloaded app is titled “Will you win?” in Japanese. It has nothing to do with earning extra income or wealthy men.

If the app is installed and launched, it counts down from two to zero and then states that the user has lost. The app is programmed to lose every time, although there is nothing to either lose or win. It steals contact details stored on the device as well as the phone number of the device, which is the main goal of the malware. The scammers are likely harvesting email addresses in order to send spam to the contacts they were able to steal to lure them to the dating service site and/or sell the data to another group of spammers.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Researchers Said Cars Equipped With Computers are Vulnerable to Hacking, Intel Investigating

Posted by Avik Sarkar On 8/27/2012 12:21:00 pm

Researchers Said Cars Equipped With Computers are Vulnerable to Hacking, Intel Investigating 

Security researchers have unveiled that cars equipped with electronic communications systems and computers are vulnerable to hacking and viruses, which could translate to crashes while on the road. According to a report of Reuters a special team employed by Intel is looking into software and hardware vulnerabilities in modern cars that could allow access to hackers to take control of vehicles. Barnaby Jack, a director of research at security consulting firm IOActive Labs, who became famous when he announced that he could make an ATM machine dispense money to anyone and to cause medical equipment to pump lethal doses of insulin to patients, is one of the members of the group.
Another research group demonstrated a simple method of infecting a car with a malware by using nothing but a CD. When the victim plays the CD,  the malware is activated and jumped from the CD to the computer system of the car. While infecting the car radio is not life threatening at all, the code executed after running the CD can gain access to other important systems of the car itself. Researchers also said that car viruses can be utilized for more subtle use. One example they mentioned was to use it to remotely listen on conversations inside the car. It’s like a Hollywood-style trick but could come in handy for use for government spying or corporate espionage. Modern automobiles are already considered “computers on wheels” by security experts and it’s only a matter of time before their vulnerabilities will be exploited widely. Today’s cars are filled with small computers known as electronic control units or ECUs that needs a very sophisticated set of codes to manage interconnected systems like brakes, engines, navigation, entertainment, and lighting. They are also employing technologies common to mobile devices such as Bluetooth headsets and cell phones, making them vulnerable to remote attacks widely known among black hats or criminal hackers.
Security experts fear that terrorists, criminals, and spies will turn their attention to embedded computers, which can be attacked using similar techniques as common computers. One particular issue for concern arises and that is how to fight the transfer of PC viruses that could affect the computers in a car when laptops and other devices are plugged into entertainment systems of cars??



-Source (The Droid Guy)










SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Alleged Anonymous Member Arrested By Hong Kong Police Over Facebook Threat

Posted by Avik Sarkar On 8/06/2012 07:43:00 pm

Alleged Anonymous Member Arrested By Hong Kong Police Over Facebook Threat

This Sunday Hong Kong police had arrested a 21-year-old man after he reportedly said on social networking site Facebook that he would hack several government websites. Police said the man, who was later released on bail, was held on suspicion of "access to a computer with criminal or dishonest intent" after he allegedly threatened to hack seven government websites between June and August this year. It has been found that the he man is a active member of the infamous hacker collective group Anonymous. The group is said to have 20 members in the semi-autonomous Chinese territory, which guarantees civil liberties not seen on the mainland, including freedom of speech. Though the police spokesman declined to confirm his link to Anonymous. The last posting on the "Anonymous HK" Facebook page on July 22 urged authorities to show "respect" to citizens.
It seems that the time is not going good for hacker collective Anonymous. Few days ago key members ofLulzsec and Anon get busted by FBIIt is reported that the arrests were made possible after turning the group’s "senior leader"Hector Xavier Monsegur aka "Sabu", 28, who is believed to be a cooperative witness after the FBI turned him last June. Earlier in this month Interpoll arrested 25 suspected Anonymous hacker as part of Operation Unmask. In February three Greek teenagers have been arrestedfor hacking into the Ministry of Justice website, also in January a 22 year aged student arrested in south-western Poland for allegedly hacking the prime minister's website and local authority said that he was a part of Hactivist Anonymous. We would also like to remind you the very decent past when few hackers from another hacker collective group named TeaMp0isoN get busted by MI6. Later the authority send the leader of TeaMp0isoN  named TriCK behind bars. So after reviewing all the scenario, one summary is coming out and that is, not only Federal Authorities but also Governments from several parts of the world are no longer showing any mercy to hackers. Stay tuned with VOGH for all the cyber security related stories. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Junaid Hussain aka "TriCk" -Former Leader of "TeaMp0isoN" Jailed

Posted by Avik Sarkar On 8/01/2012 02:10:00 am

Junaid Hussain aka "TriCk" -Former Leader of "TeaMp0isoN" Jailed For 6 Months

Former leader of infamous hacker collective group TeaMp0isoN named Junaid Hussain also known as "TriCk" was sentenced to six months in prison for accessing the Gmail email account of former special adviser of Tony Blair and publishing details from her contacts database. Earlier in this year MI6 arrested the TriCk along with few other active members of TeaMp0isoN  who ware directly involved behind the Denial of Service attack on MI6 hotline. Hussain had previously pled guilty to the conspiracy and computer charges which arose from the publication of phone numbers and email addresses of Members of Parliament and the House of Lords and a separate event which left the national anti-terror hotline "permanently engaged" for three days. Hussain has also confessed to taking part in and leading members of the hacker group to attack the UK national Anti-Terrorist Hotline with hundreds of hoax phone calls and involvement with hacktivist Anonymous in #OpRobinHood#OpCensorThis and few more. "Hussain's actions were foolish and irresponsible," said detective inspector Stewart Garrick of the Police Central E-crime Unit. "Today's sentencing emphasises the seriousness of his offence and should act as a deterrent to anyone else who feels that they can act in such a manner." 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Junaid Hussain aka "TriCk" -Former Leader of "TeaMp0isoN" Pleads Guilty

Posted by Avik Sarkar On 7/05/2012 05:19:00 pm

Junaid Hussain aka "TriCk" -TeaMp0isoN Leader Pleads Guilty at London's Southwark Crown Court

Earlier in this year MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6 hotline. Few days later some other members of this hacker group tried to threaten the Govt while saying "it will fight back against the arrest of its members." But now all these efforts seems worthless because the leader of infamous hacker collective group "TeaMp0isoN" has pleaded guilty to stealing the address book details and other private data from former British Prime Minister Tony Blair in June of last year. According to the sources Junaid Hussain, also known as "TriCk", has now admitted to hacking into a Gmail email account belonging an advisor to Blair by the name of Katy Kay. 
Hussain, 18, from Birmingham, said that he used an ID "Trick" to access the aide's account and steal confidential data including addresses, phone numbers and email addresses belonging to Blair, his wife, and sister-in-law Lyndsye Booth, as well as Members of Parliament (MPs) and Members of the House of Lords. Ben Cooper, Hussain's lawyer, told the court that the offences had just been a prank. After admitting to conspiracy and computer charges at London's Southwark Crown Court, Judge Peter Testar granted Hussain bail until sentencing later this month, advising him to be "under no illusions" that he may go to prison. Hussain has also confessed to taking part in and leading members of the hacker group to attack the UK national Anti-Terrorist Hotline with hundreds of hoax phone calls and involvement with hacktivist Anonymous in #OpRobinHood, #OpCensorThis and few more.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Drone Fleets Are Vulnerable to GPS Spoofing & Can Be Hijacked By Terrorist

Posted by Avik Sarkar On 6/30/2012 03:26:00 pm

Drone Fleets Are Vulnerable to GPS Spoofing & Can Be Hijacked By Terrorist

Spying drones have always gone through with several controversies along with a lots of technical & security issues. Yet again a team at the University of Texas has managed to find a vulnerability in drones that allows an attacker to gain control of the unmanned vehicle and change its course. Professor Todd Humphreys and the team spoof GPS receivers in order to take control of the drones
According to an exclusive report of Fox News - A small surveillance drone flies over an Austin stadium, diligently following a series of GPS waypoints that have been programmed into its flight computer. By all appearances, the mission is routine. Suddenly, the drone veers dramatically off course, careering eastward from its intended flight path. A few moments later, it is clear something is seriously wrong as the drone makes a hard right turn, streaking toward the south. Then, as if some phantom has given the drone a self-destruct order, it hurtles toward the ground. Just a few feet from certain catastrophe, a safety pilot with a radio control saves the drone from crashing into the field.

Last year we came to know that a stealthy key-logger has hit the U.S. Drone logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other war zones. Later Iran took responsibility of that cyber attack. But spoofers are a new problem for GPS-guided drones, allowing hackers to trick navigation systems with false information. Humphreys and the team have designed a device costing less than $1,000 that sends out a GPS signal stronger than the ones coming down from orbiting satellites. At first, the rogue signal mimics the official one in order to trick the drone, and once it’s accepted new commands can be sent to the UAV. US government says its aware of the potential dangers of spoofing, and officials from the FAA and Department of Homeland Security have seen Humphreys’ demonstration first hand. The Department of Homeland Security reportedly has a program in place to try and solve the problem of GPS interference, but it’s aimed at trying to deal with jammed signals, not spoofed ones.


-Source (FOX News, Slashgear)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Flame -The "Super Spy" Even On Offline Computers Turning Users into Data Mules

Posted by Avik Sarkar On 6/17/2012 02:48:00 am

Flame -The "Super Spy" Even On Offline Computers Turning Users into Data Mules

The program known as Flame has fascinated the cyber-security industry with its sophistication and versatility as a Swiss-Army knife of cyber-spying. Now researchers have discovered another unexpected tool in its data-stealing arsenal: You.
Malware analysts at the security firm Bitdefender say they’ve found a unique capability within Flame’s code that would potentially allow it to steal data even from computers that aren’t connected to the Internet or to other networked machines. Instead of simply uploading stolen data to a remote server as traditional spyware does, Flame can also move the target information–along with a copy of itself–onto a USB memory stick plugged into an infected machine, wait for an unwitting user to plug that storage device into an Internet-connected PC, infect the networked machine, copy the target data from the USB drive to the networked computer and finally siphon it to a faraway server.
Spreading itself over an infected USB device is hardly a new trick for malware. But Bitdefender’s researchers say they’ve never before seen a cyberespionage program that can also move its stolen digital booty onto the USB stick of an oblivious user and patiently wait for the opportunity to upload it to the malware’s controllers.
“It turns users into data mules,” says Bitdefender senior malware analyst Bogdan Botezatu. “Chances are, at some point, a user with an infected flash drive will plug it into a secure computer in a contained environment, and Flame will carry the target’s information from the protected environment to the outside world…It uses its ability to infect to ensure an escape route for the data. This is is somewhat revolutionary for a piece of malware.”
Flame was designed to use the same .lnk autorun vulnerability first exploited by the NSA-built Stuxnet malware to invisibly install itself on USB devices. To hide its trove of stolen data on the user’s device, Flame copies both itself and its data to a folder labelled with a single “.” symbol, which Windows fails to interpret as a folder name and thus renders as invisible to the user. “What we have here is a little hack/exploit performed on how the operating system is interpreting file names,” Bitdefender’s researchers wrote in a blog post on Flame last week.
When an infected USB is plugged into a networked machine, Flame checks that it can contact its command and control server through that computer. Then it moves its target data off the USB to the PC, compresses it, and sends it to the remote server via HTTPS, according to Bitdefender’s analysis. The researchers found that while Flame is capable of infecting networked PCs for the purpose of exfiltrating its data, the version they analyzed had rendered that infection capability inactive, perhaps to avoid the spyware spreading too far, so that only PCs already infected with Flame would be capable of acting as gateways back to the malware controller’s server. The fact that the spyware’s infection technique was turned off may be evidence that the “data mule” in the Flame operation may in fact have been aware of his or her role as an data smuggler.


Regardless, Botezatu says Flame’s USB-piggybacking trick fits with its profile as a highly sophisticated spying tool meant to steal a target’s most protected secrets–not just another cybercriminal keylogger designed to catch credit card numbers. “Most of the infrastructure it targets is highly contained, often without Internet access,” says Botezatu. “It’s natural for Flame to have a mechanism for moving data from one environment to another that doesn’t rely on Internet or network communications.” For additional details can be found here

-Source (Forbes)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

2 Norwegian Teen Hackers of "TeaMp0isoN" Arrested By British Police

Posted by Avik Sarkar On 5/12/2012 09:52:00 pm

2 Norwegian Teen Hackers of "TeaMp0isoN" Arrested By British Police (PCeU)

Earlier in last month MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6. Now two Norwegian teenagers, aged 18 and 19, have been arrested in connection with the distributed denial-of-service (DDoS) attack on the web site for the UK's Serious Organised Crime Agency (SOCA) and for swamping British intelligence agency (MI6) hotline with automated Skype calls. These two hackers ware the active members of hacker collective TeaMp0isoN and MLT. These two suspects are arrested in Newcastle on Wednesday evening, and is being questioned about offences under the Computer Misuse Act. Computer equipment has been seized for forensic analysis - and no doubt investigators are hoping that they may find digital clues which could help uncover other suspected hackers. Erik Moestue, a Norwegian prosecutor, said "We have arrested the two we think were most important in these attacks, but we still want to talk to more people". The offence that the two stand accused of carries a maximum jail sentence of six years. "The case is still under investigation," added Moestue, noting that "It is still too early to say anything about the motive for the actions"
The authorities, no doubt, will be hoping to confirm that they have arrested the correct man. Certainly, MLT's Twitter account has been silent since 6:27pm on Wednesday evening. According to the authorities these arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs who have made headlines in the last year or so. 
Earlier TeaMp0isoN was directly involved with Anonymous in #OpRobinHood #OpCensorThis. Also they have found SQL-i vulnerability on the Official NASA forum, and like this attack TeaMp0isoN also hacked English Defence League (EDL) ,T-Mobile USA, BlackBerry blog and many more





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Breached The Security System of Ministry of Defence (MoD)

Posted by Avik Sarkar On 5/09/2012 12:27:00 am

Hackers Breached The Security System of Ministry of Defence (MoD) 

Couple of days ago we have seen  Serious Organised Crime Agency (SOCA) had become the victim of denial of service attack. And now its the turn of MoD. The military's head of cyber-security has revealed that hackers have managed to breach some of the top secret systems within the Ministry of Defence (MoD). Major General Jonathan Shaw told - "The number of serious incidents is quite small, but it is there," he said. "And those are the ones we know about. The likelihood is there are problems in there we don't know about." Government computer systems come under daily attack, but though Shaw would not say how or by whom, this is the first admission that the MoD's own systems have been breached.
A former director of UK special forces, Shaw, 54, said he thought the military could learn a trick or two from firms such as Facebook. The company has a "white hat" programme in which hackers are paid rewards for informing them when they have found a security vulnerability.
Nine people in the UK have been paid a total of $11,000 for working with Facebook. Shaw said this was the kind of "waacky idea we need to bring in".
Shaw has spent the last year reviewing the MoD's approach to cyber-security, and the kind of cyber-capability the military will need in the future.
He says next year's MoD budget is expected to include new money for cyber-defence – an acknowledgment that even during a time of redundancies and squeezed budgets, this is now a priority.
The general said the MoD wasn't "doing badly … but we could do a hell of a lot better. We will get there, but we will have to do it fast. I think it was a surprise to people this year quite how vulnerable we are, which is why the measures have survived so long in the [budget] because people have become aware of the vulnerabilities and are taking them seriously." 
Shaw said the number of attacks was "still on an upward curve … and the pace of change is unrelenting". In his last interview before retiring, Shaw said the UK had to develop an array of its own cyber-weapons because it was impossible to create entirely secure computer systems.



-Source (Guardian)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Plugged Newly Found Zero-day Hole In Flash Player

Posted by Avik Sarkar On 5/08/2012 12:36:00 am

Adobe Plugged Newly Found Zero-day Hole In Flash Player

Adobe warned that hackers are exploiting a critical vulnerability in its popular Flash Player program, and issued an emergency update to patch the bug. The vulnerability allows an attacker to crash the player or take control of an affected system. Adobe says that there are reports of this vulnerability being exploited in the wild as part of targeted email-based attacks which trick the user into clicking on a malicious file. Adobe released security updates for Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x. These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.
There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only. 
Affected Software Version :- 
  • Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux operating systems
  • Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x
Adobe recommends users of Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux update to Adobe Flash Player 11.2.202.235. Flash Player installed with Google Chrome was updated automatically, so no user action is required. Users of Adobe Flash Player 11.1.115.7 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.8. Users of Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.9. For detailed information and to see the security bulletin of Adobe click here.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

TeaMp0isoN Threatened Authorities After Leader's Arrest

Posted by Avik Sarkar On 4/19/2012 06:01:00 pm

TeaMp0isoN Threatened Authorities After Leader's Arrest 

Few days ago a hacker collective group named TeaMp0isoN took responsibility of hacking into British intelligence agency (MI6). Immediately after the attack MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6. But the story is not over yet. The official twitter account of TeaMp0isoN issued a warning that it will fight back against the arrest of its members. 

The group linked to a Pastebin statement with a call for other hackers to unite in attacking law enforcement agencies. 

Message of TeaMp0isoN:- 
"We've lost the first and most important member of our team; our founder, our brother, our family member. Most importantly we lost a fighter for freedom, a fighter against corruption.
He strived for justice, and constantly fought against oppression and corruption, to help spread awareness on humanitarian causes, and now, he is no longer with us.
Most of you think that this is end of TeaMp0isoN and that this is end of our fight.
We're glad to shout:
#################################
#_ITS NOT OVER, IT JUST STARTED_#
#_ITS NOT OVER, WE ARE STRONGER_#
#_ITS NOT OVER, WE ARE UNITED_  #
#################################

I ask you, a fellow hacker, as a blackhat, to rise, to unite and to fight. For years the hacking scene for the most part has been misrepresented by skids, who have inevitably led to the copious amounts of faggotry and butthurt which currently pollutes the scene. Whitehats continue to lurk and grow, and nothing is preventing them from disclosing exploits.
As a collective we have to stop this, to ascend out of the underground and show the world we are not fucking around, something which TriCk firmly believed in. We, as hackers, have to unite to revive the blackhat scene, for TriCk... and everything that we stand for.
Do you support TeaMp0isoN? Help out via:
irc.tsukihi.me
#retaliation
-----------------------------------------
root@TeaMp0isoN:~# rm -rf skids/*
root@TeaMp0isoN:~# rm -rf whitehats/*
root@TeaMp0isoN:~# rm -rf governments/*
root@TeaMp0isoN:~# rm -rf justicesystem/*
root@TeaMp0isoN:~# rm -rf police/*
-----------------------------------------  ..."

Earlier TeaMp0isoN was directly involved with Anonymous in #OpRobinHood #OpCensorThis. Also they have found SQL-i vulnerability on the Official NASA forum, and like this attack TeaMp0isoN also hacked English Defence League (EDL) and exposed members personal data & many more.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Flashback.G Trojan Targeting Mac Users While Stealing Passwords

Posted by Avik Sarkar On 2/26/2012 10:44:00 pm

 Flashback.G Trojan Targeting Mac Users While Stealing Passwords
Remember earlier MAC Security Blog reported that the latest version, Flashback.D, has gotten a bit sneakier. First, it checks to see if the user is running Mac OS X in VMware Fusion. If so, it does not execute. It does this because many malware researchers test malware in virtual machines, rather than infect full installations, as it is easier to delete them and start over with clean copies. This means that security researchers analyzing and looking for this malware need to be running regular Macs.
 Yet again Mac users became the victim of another trojan. This new Trojan virus is capable of infecting their computers and stealing passwords to services such as Google, PayPal, online banking & so on. This virus is using a new installation method When a user visits a crafted web page, the new variant either tries to exploit two old security vulnerabilities or deploys a Java Applet which tries to trick the user into believing it has been certified by Apple. According to Mac Security Blog (Intego):- This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.
It is worth noting that Flashback.G will not install if VirusBarrier X6 is present, or if a number of other security programs are installed on the Mac in question. It does this to avoid detection. It seems that the malware writers feel it is best to avoid Macs where the malware might be detected, and focus on the many that aren’t protected.
Earlier also Mac users faced such attacks where OSX/Revir-B trojan was installed behind a PDF, and giving hackers remote access to MAC computers, not only Revier-B also Linux Tsunami trojan Called "Kaiten" targeted Mac OS users in 2011. Also another malware named "Devil Robber" which was also make MAC users victim while stealing their personal informations.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Zero-Day Vulnerability In Flash Patched By Adobe

Posted by Avik Sarkar On 2/19/2012 09:48:00 pm

Zero-Day Vulnerability In Flash Patched By Adobe 
Yet another Zero day vulnerability found in Adobe Flash Player. Earlier hackers found zero-day exploit in flash player which can allow an attacker to hack you web-cam remotely later Adobe patched that. Before releasing Flash Player 11 Adobe issued new privacy policy and security update but now it seems that those are of zero use. 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
Affected Version:- 
  • Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x

Later Adobe confirmed that and immediately released a patch to close the security hole. Through this security release Adobe also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only). Google's Chrome Web browser, which directly integrates Flash into its software (unlike competing browsers) also received an update to reflect Adobe's patch update. 
Recommendation From Adobe:-
Adobe recommends users of Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.62. Users of Adobe Flash Player 11.1.112.61 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.6. Users of Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.6. For further details click here.
Earlier in 2011 another Flash Player bug found in Blackberry OS & later fixed by the developer and also last year adobe closes serious security hole in Acrobat 9X & Adobe Reader.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Researcher Developing An Algorithm To Identify Most Exploitable Vulnerability Chains

Posted by Avik Sarkar On 1/31/2012 11:38:00 pm

Researcher Developing An Algorithm To Identify Most Exploitable Vulnerability Chains
Australian researcher mainly from Melbourne are looking to commercialise a search algorithm that analyses networks to identify the most easily exploitable vulnerability chains. The algorithm was developed by Swinburne University associate professor Hai Vu to help network operators prioritise how they protect networks that are unfortunately "never 100 percent secure”.
Vu said too many vulnerabilities typically occurred in software, operating systems and other networking components for it to be financially feasible to eliminate all of them. Hackers may exploit chains of such vulnerabilities to achieve malicious objectives, such as data theft or denial of service attacks, he warned.
While security professionals traditionally map out “attack trees” to determine vulnerability chains, the process grows increasingly difficult as the size of a network grows. Vu and his team proposed a method of ranking the most critical vulnerability chains in terms of the likelihood and severity of attacks. “The objective is to find the most vulnerable path,” Vu said. “What we’ve developed is very scalable.
“[The algorithm] is efficient because as it proceeds, it can eliminate vulnerabilities that it knows will not play a part in the path that has significant risk.” Vu acknowledged that the algorithm could be used by hackers to identify the most effective attack path; however, those hackers would need intimate knowledge of the network’s topology and components. The researchers have a provisional patent on the technology and are currently seeking venture capital to develop a prototype.
Vu expected the technology to appeal to operators of “highly secure networks” such as those in the military or run by internet service providers. Despite discussions with US vendor Skybox Security, defence contractor Thales and the Australian Department of Innovation, the team has yet to strike a commercial partnership.
Vu suggested that the search algorithm could be applied to social networks to identify persons of interest to defence organisations. Gartner security analyst Rob McMillan speculated that by quantifying risk, the technology could help security professionals build business cases and justify investments. Organisations could also use it to discuss and define the scope of penetration tests when commissioning external testers, he said. "There's definitely use for it, but it's too early to say [how effective a product may be]," McMillan said. "The trick is to turn it into a useful product ... The devil's going to be in the detail."


-Source (IT News Australia)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

PandaLabs Exclusive Report: Privacy Violations Will Be The Biggest Security Threat in 2012

Posted by Avik Sarkar On 12/17/2011 12:47:00 pm



Panda Security anti-malware laboratory, today announced its predictions for top security trends to watch for in the coming year. Cyber-espionage, along with privacy violations and social networking attacks facilitated by the increased use of mobile and tablet devices, will be the source of increased security threats over the coming months.
Cyber-espionage targeting companies and government agencies around the world will dominate corporate and national information security landscapes, with the integrity of classified and other protected information on the line. Trojans are expected to be the weapon of choice for hackers focused on these highly-sensitive targets.
According to Luis Corrons, technical director of PandaLabs, “We live in a world where all information is in digital form and is easily accessible if you know how. Today’s spies no longer need to infiltrate a building to steal information. As long as they have the necessary computer skills, they can wreak havoc and access even the best-kept secrets of organizations without ever leaving their homes.”
Consumers will continue to be targeted by cyber-criminals as they find ever more sophisticated ways to target social media sites for stealing personal data. Social engineering techniques exploiting users’ naïveté have become the weapon of choice for hackers targeting personally-identifiable information. “Social networking sites provide a space where users feel safe as they interact with friends and family. The problem is that attackers are creating malware that takes advantage of that false sense of security to spread their creations,” says Corrons. “It is very easy for cyber-criminals to trick users with generic messages like ‘Look, you’re on this video,’ for example. Sometimes, curiosity can be our own worst enemy.”

Summary of what PandaLabs predicts as the major security trends of 2012:-

  • Mobile Malware:- A year ago, PandaLabs predicted a surge in cyber attacks on mobile phones, and the fact that Android has become the number one mobile target for cyber-crooks in 2011 confirms that prediction. That trend will continue in 2012, with a new focus on mobile payment methods using Near-Field Communications (NFC) as these applications become increasingly popular.
  • Malware for Tablets:- Since tablets share the same operating system as smartphones, they are likely be targeted by the same malware. In addition, tablets might draw a special interest from cyber-crooks since people are using them for an increasing number of activities and are more likely to store sensitive data.
  • Mac Malware:- As the market share of Mac users continues to grow, the number of threats will grow as well. Fortunately, Mac users are now more aware that they are not immune to malware attacks and are increasingly using antivirus programs to protect themselves. The number of malware specimens for Mac will continue to grow in 2012, although still at a slower rate than for PCs.
  • PC Malware:- PC malware has grown exponentially over the past few years, and everything indicates that the trend will continue in 2012. Trojans, designed to sit silently on users’ computers, stealing information and transmitting it back to their handlers will continue to be cyber-crooks’ weapon of choice; 75 percent of new malware strains in 2011 were Trojans.
  • SMBs Under Attack:- Financial institutions are fairly well protected these days against malware. But smaller businesses are easier and cheaper targets to attack, and their customer databases can be a real treasure trove for hackers, particularly if credit card and other financial data is stored “in the clear”. Unfortunately, many small to medium-sized companies do not have dedicated security teams, which makes them much more vulnerable.
  • Windows 8:- While not scheduled until November 2012, the anticipated next version of Microsoft’s operating system will offer cyber-crooks new opportunities to create malicious software. Windows 8 will allow users to develop malware applications for virtually any device (PCs, tablets and smartphones) running this platform, although this will likely not take place until 2013.

Corrons concludes, “The malware game continues. As new technologies advance, cyber-crooks develop new modes of attack, often by simply adapting old techniques to the new platforms – which is an area software vendors need to pay attention to. In the end, though, it’s users’ false sense of security that is the hacker’s best friend.”


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

HP LaserJet Printers Have Serious Security Flaws Said Columbia University Researchers

Posted by Avik Sarkar On 12/02/2011 11:55:00 pm



Columbia University Researchers have discovered a vulnerability in some Hewlett-Packard (HP) LaserJet printer lines that could allow attackers to install a modified firmware to steal information, run attacks from within a network or cause physical damage to the printer.
Attacks can be carried out from different vectors. Printers that support a remote firmware update process could allow attackers to take control of a printer’s firmware over the Internet in less than a minute if the printer is not protected properly by a firewall. The researchers during a scan were able to find more than 40,000 devices that they said could be infected within minutes.


Local attacks are another possibility. The researchers were able to send print commands from Macintosh and Linux computer systems to trick the printer into reprogramming itself. It is not clear at the time of writing if Windows environments are safe or also affected by this.
Printers that the researchers analyzed do not verify the source of the firmware with the help of digital signatures. A HP spokesperson stated that all modern HP printers do require digitally signed firmware upgrades since 2009. Even worse for consumers and companies, there is no way of telling if a printer’s firmware has bee compromised short from physically disassembling the printer and analyzing its chipset output.
According to RedTape, HP is currently analyzing the claims made by the researchers. HP could release a firmware update of their own to resolve the vulnerability. Compromised printers however may have been programmed to block new firmware updates. That’s bad on the one hand as companies would have to throw away the printer in this case (or talk to HP to find a solution) and good in another as they have just identified a compromised printer in their network. The researchers have started analyzing printers manufactured by other companies recently but no results have been posted yet. They say it is likely that printers and other devices with Internet access are also vulnerable.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Flaws in Android 4.0 (ICS)

Posted by Avik Sarkar On 11/18/2011 08:04:00 pm


Facial reorganization to unlock can easily be bypassed with simple photo trick in Android 4.0 (Ice Cream Sandwich). Recently a blogger named "soyacincau" demonstrated about he vulnerability and showed how easily any one can bypass the facial reorganization. He took a photo of himself using another phone and held it up to the front facing camera on the Samsung Galaxy Nexus, the first smartphone to run Android 4.0, which was then unlocked. In ocotober a developer of CyanogenMod also concluded the same thing. 

Video Demonstrations:-



Later A Google spokesperson told that the feature is considered to be experimental and offers little security. According to the news site, the user interface for the Face Unlock feature also warns users that it is less secure than using a pattern, PIN or password, even going as far as saying "Someone who looks similar to you could unlock your phone". It is unclear if Google will add "Or a photograph of you" to the warning.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

ZoneAlarm Free Firewall 2012 !!

Posted by Avik Sarkar On 11/16/2011 07:35:00 pm

Several months after releasing 2012 product-line, Check Point has released an upgrade to its free firewall. This new version, i.e. ZoneAlarm free firewall 2012 comes with few new features and some much needed fixes.

Features of ZoneAlarm free firewall 2012:-
  • 2-Way Firewall - monitors inbound outbound traffic and kills malicious processes.
  • Full Stealth Mode - makes you invisible to hackers
  • DefenseNet - This community powered cloud-based service eliminates overwhelming alerts and pop ups.
  • Identity Theft Protection
  • New revamped interface makes it easy to customize settings etc.

2-Way Firewall (Inbound & Outbound):-
Stops Internet attacks at the front door and even catches thieves on their way out. Our 2-way firewall proactively protects against inbound and outbound attacks while making you invisible to hackers.

DefenseNet:-
Leverages real-time threat data from the community of millions of ZoneAlarm firewall users, providing quick response to breaking threats that protect your PC from the latest attacks.

Identity Theft Protection:-
Identity theft can happen to anyone, anywhere. ZoneAlarm delivers superior PC based protection and exclusive data encryption, and also offers offline identity protection services.
Anti-phishing / Site Status Toolbar:-
Blocks spyware distribution sites and fraudulent “phishing” websites that trick you into revealing personal data.

So, if you’ve tried ZoneAlarm Free Firewall previously and been less than impressed, perhaps now might be a good time to take another look. Reports are predominantly favorable; and with a brand new interface, faster boot times, less popup alerts and powerful features like DefenseNet, ZoneAlarm Free Firewall 2012 certainly sounds promising.

To Download ZoneAlarm Firewall Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search