Showing posts sorted by date for query cyber world. Sort by relevance Show all posts
Showing posts sorted by date for query cyber world. Sort by relevance Show all posts

The U.S. Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?

Posted by Avik Sarkar On 2/10/2014 07:32:00 pm

The Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?
During the summer of last year, there was a growing controversy surrounding the FDA’s request to hackers to expose holes in medical devices security, such as insulin devices and other wireless and computer connected home and hospital devices. Understandably, many hackers and security experts were not particularly keen to attempt or test the security of these devices, for fear of incorrect perception, and potential outcry. In December last year, the FDA was itself the target of an hacking operation, in particular the system used by pharmaceutical companies to input data on drug tests, results, clinical trials, and so on. Whether this was an attack by cyber thieves, as the FDA claims, or hacktivists remains to be seen. 

Corporate Theft or Exposing the Truth?
The FDA of course, was quick to denounce the attack as a cyber theft. The information reported to have been accessed included medical trial data, marketing information and strategy, and information about drug manufacturing. While on the surface, we could very well accept that this could be a simple case of corporate espionage, it is worth remembering that any company that wants drug approval in the US has to go through the FDA first. Is running the risk of potentially alienating the very body that approves your products a strategy that a multi billion dollar pharmaceutical company would really undertake? While it can’t be rules out as a possibility, unless the hackers come forward, it does seem unlikely. It’s also important to remember that there is a large amount of controversy surrounding the pharmaceutical industry all over the world, but especially in the states. Could hacktivists have been responsible for the attack? If so, what could be the causes for such as attack? As we will see, there may be more than we might initially think.

Practice and Method - How Big Pharma Operates
In the US alone, it is estimated that around 70% of the population takes prescription drugs. Given the amount of people in the US is estimated to be over 300 million, that is a staggering number. With such a large amount of people taking these drugs, addiction rates are rising rapidly - so much so, that currently prescription addicts are more common than illegal drug addicts. It is a very real problem that continues to be skirted around by the US regulators and administration. In fact, where as knowing the signs of heroin or crack cocaine addiction were important pieces of information for people who suspected they may have an addict among friends or family, the same is now true for widely available prescription drugs, and many Americans are being encouraged to learn more about the potential causes and signs of prescription drug abuse, by drug charities and non profit institutions.
At the center of this problem lies the pharmaceutical industry. Adverts for medications are common, and standard practice for getting new drugs to market includes rigging clinical trials to get the desired results in clever ways that do not outright break the law, invasive marketing schemes on family doctors and consumers, where doctors will often be offered ‘sweeteners’ such as free lunches, travel to events, or even help building their reputation as speakers at industry funded conferences. The FDA is also, despite being an independent regulatory body, often effectively ‘bought out’ by companies looking to get drugs to market fast. There is the additional problem that all drug test data is not available for public consumption, meaning academics and doctors are unable to view results of tests or trials for themselves. This has led to a number of large law suits in the US, and around the world, as well as in extreme cases, deaths directly related to withheld side affects of new drugs.

Coincidence or Calculated?
We might then speculate on the nature of the accessed data once again. Bearing in mind the nature of how the industry operates, and the information that was accessed, we could quite easily draw a link between the two, and surmise that the hack may well have been the work of a hacktivist movement. Of course, there is no way to prove whether this was the case or not, but given the ambitious actions of a number of groups over the last few years, it certainly can’t be ruled out.

Disclaimer:- At perfection Team VOGH felicitate Eve Halton for sharing this luminous article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. Eve, this time also you have done eminent job, we love you :)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VOGH Exclusive: URL Redirection Vulnerability Found In Facebook

Posted by Avik Sarkar On 1/02/2014 11:10:00 pm

VOGH Exclusive: URL Redirection Vulnerability Found In Facebook [The Vulnerability Still Active & Not Been Patched]
Facebook -the world's largest social networking site with registered users of more than one billion, is considered among one of the safest site of the cyber space. To maintain such reputation Facebook Inc has done all the required steps, that one could possibly take. Like other high profile and very popular websites, Facebook also stand as one of the hot target of almost every cyber criminals of the world. To get rid of this and make FB safe and secure, the company have introduced what it called 'Bug Bounty' offer; where you can submit vulnerabilities to FB and get rewarded. We have seen many security researchers and hackers across the globe has done this and get their award. But not every time, and today I will talk about that- few days ago a reader of VOGH, who also goes by the nick name of 'Dr41DeY' has figured out a URL redirection vulnerability in Facebook. One of the link in Facebook App which is apps.facebook.com is posing URL redirection vulnerability. The hacker has demonstrated how any one can use  the vulnerability  in order to manipulate millions of innocent Facebook users. Let see  

Before publishing this, one of our VOGH representative have talked with Facebook Security regarding this security vulnerability, but due to some reason FB might overlooked this issue. Finally after waiting for almost a week, we the Team VOGH decided to bring this in-front of our reader. Let briefly go through with the vulnerable link- 

https://apps.facebook.com/a.php?u=http://www.voiceofgreyhat.com&mac=AQLy7nyXi5NBt31j&__tn__=*B&eid=AQLpbizR7KEf3cyD0VTN7fNtv99fMZABDp2gdWhvL-MQocJIPy3w4hUG7_7hrmSMqDq7QLCI9k_0LbB95NEz_6GUDHGNgTDsGP_rX-VWRHxfg5a--VlnN1K9FdG3NAek8r2JPWENkb2Mu56EckbZCGXcPie27OnHxE-H7MBufQel0Pr-ZjpCWB6QF5xHeWsdKqyHzjK2woBGGrjk9Dlgnzcw3d9ZWPzrwbGpm6MSkpks3mqEphXnTP2Vd9UDQxIs68NnTaO35XIwKq5t3CSdb11iU_34gzjfLgvvDo_BYbgtrGe0Juc5CpRSwd5nImw9oPPvn6Za9rrxO_ivROtOGc2b2S3bYzNLWpbDwt3cFN2rJ3JElyIR0vjB4R859PpE9SrZx6AD3s_liikzPh30YLVb8XvPABk7r9MShk6OrVFPiAWZnEvPx49UzPDSF-nEl188rEPAi0KGJ4u1zb10hhzmHUCjH04SezDByUkyNituMb2lgiQz-Xlpgy_tkVYR-U7plDa38N9VzdAj_Bwefd7B85ykZCAy9ZQOt48Ql8KQeKfivk3sThZIkLwWPiju7R28Sw6bj09vS_Y28kFSqanGe9tYAPfKIe4zOzQt9-Q1CC_EwX3ypOlyQ2yXMiU3lwp7M9EriKHRFDsTgsuzzF-uvlpx3UrWh8M55-NX0ULjr4kxjAR5g_1wU-luUyn_Ot6Ly1_ZbBdahyb5uSmCDNvF5kMuIH8Gxvpql45dNffGzKau9oZGn6r1OmsG47JIGipznCVaZnWjXAakDnEMX6X8ZtI-M-db1olzbBpJdj5sZe-x2VM02S5XsXJWe_QLxFDOupjbz8I82HETHQ9PbzSIMsJboll4E3-f_JQFfdzwEguLa8SC_ImRahWBCwKNJeSlmRv91FqWpQaChe5-UyAoqcblvK4jPuRO3qC7o-qMTQ2jEJqqUW46koulOmgNJpMYXPgRxjNGcwjyTPS59Nr08zq6eCNd1aYLh2E4s5MYXBtVUTF8l0uhQ2wYSoR66xZsI2tK0DD1KiQHyTO1QieBwPtCN3eWgRzUTg3lM3ttkuwYKRPPLDvtUOPWmZhYUzUFcbfPM2kXdpqyGlrGx9-ErKGygYKATx2xzrTzktjgW4q0L5wfO3CSKAOCAoKfi_pfz-zIHSNE8ZAjZDtpbC_chgkvbHWJYYIs7pnE1riWJYORACjkkRr6nZoivC3z_g-8JBahghwy2C34kJYZJ6cBC8LKoB6KCTbj_F1tArQAzcSUij4vrJNUATzsdlO_ol6HwUQb8FjoWa38Bhtx81stxB328sgC9IGu1omPG0QeNJVhcJwh6HyEwtgycBLrlcdedaWbkwvnjv3F3BWuJIi763nBeYuAgNUaEUYHaXu_ZJzXW8fQ72nz_hddGT_GH50&sig=89099

Replace voiceofgreyhat.com with any of your favorite site, and the the said vulnerability will allow you to get redirected to that very website you want to from Facebook. This loophole is still active, and any one can test that with the above url, we thought the impact of this loophole is very serious, as any malicious attacker can misuse the trust-hod of Facebook's url in order to harm regular internet users, while redirecting them to any junk or malfunctional websites.

Disclaimer:- Earlier I told that the issue has already brought into the notice of Facebook Security, but they overlooked the whole issue, so being a responsible cyber media, we VOGH are disclosing this to people. If any one misuse this vulnerability, then Voiceofgreyhat will not at all be responsible for any kind of mishap.

Update:- May be doing more that what we call late repent, but finally the above disclosed vulnerability has been patched by Facebook security team. 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BBC Server Compromised! Russian Hackers Broke Into FTP & Tried to Sell Unauthorized Access

Posted by Avik Sarkar On 1/02/2014 11:09:00 pm

BBC Server Compromised! Russian Hackers Hacked Into FTP & Tried to Sell Unauthorized Access on The X-Mass Evening 
Earlier we have seen world renowned media houses like CNN, NBC, Fox News, Washington Post, NY Times, NDTV and so on have fallen victim to hackers and cyber criminals. Now it was the turn for world’s largest and oldest broadcaster -British Broadcasting Corporation, widely known to us as BBC. Sources revealed that cyber criminals have managed to breach the security system of BBC and secretly took over a computer server at the BBC and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. The attack was first identified by a cyber security firm named Hold Security LLC, in Milwaukee that monitors underground cyber crime forums in search of stolen information. However, it is still not clear whether the hacker stole any information or data or caused any damage to the site. In conversation with press Alex Holden, founder and Chief Information Security Officer of Hold Security told -"So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC.” So far the identity of hacker has not been confirmed, but the firm researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25. However, BBC's security team managed to secure the site on Saturday, claims a person close to clean up efforts. One of the BBC spokesman refused to comment on the issue, he said, “We do not comment on security issues.” On the other hand, Justin Clarke, a principal consultant for the cyber security firm Cylance, said that while "accessing that server establishes a foothold within BBC's network which may allow an attacker to pivot and gain further access to internal BBC resources.” So far Hold Security researchers have found no evidence the conversations led to a deal or that data was stolen from the BBC. But we all know that  ftp systems are typically used to manage the transfer of large data files over the Internet. That's why the chances of data breach cant not be denied at this time. For updates on this piece of news and other hot information of the cyber & tech world stay tuned with VOGH


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS

Posted by Avik Sarkar On 12/26/2013 09:06:00 pm

Skype Shop & National Geographic Germany (Nat Geo) Vulnerable to XSS -Said Dr41DeY
Couple of weeks ago, I have talked about the vulnerability of Cartoon Network official website, today I am going to speak about two more big fish who are posing serious security holes in their official websites. Lets not waste time while stretching the preface and come directly to the story -it's the hacker who has recently made his name for some big hacks, has back again. 
Many of you are right, I am talking about 'Dr41DeY' because he is the guy who found vulnerability in the official website of Skype Shop and National Geographic Channel Germany (Nat Geo). Both Nat Geo and Skype have non persistent cross site scripting vulnerability also known as XSS vulnerability in their website. We have already informed this issue to concerning authority and webmaster to avoid misfortune. As expected, while writing this Skype have taken this issue seriously and fixed their loopholes immediately. Still for proof- above I have shared the screenshots with our readers, as evidence of the XSS hole. But unlike Skype Shop, Nat Geo yet not responded, so the vulnerability still exist on their portal. Hopefully they will take appropriate steps with out doing more delay. For updates in this story and also other hot cyber issues, just stay tuned with VOGH.  Before concluding, I would like to remind you that- in 2012 an Indian hacker named Akshay has found XSS holes in the official website of National Geographic. Again after a year, Dr41DeY found another Nat GEO site vulnerable to XSS, that definitely arises a doubt about the security concern of one of the world's leading satellite television channel featuring documentaries with factual content involving nature, science, culture, and history, plus some reality and pseudo-scientific entertainment programming. 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Washington Post Server Breached! Chinese Hackers Apprehend For This Cyber Attack

Posted by Avik Sarkar On 12/20/2013 12:55:00 am

The Washington Post Server Hacked! Suspected That Chinese Hackers Are Behind This Cyber Attack 
Last week the story of Chinese eavesdropping on European ministries and diplomats at G20 summit draws the attention of the entire cyber world and made headlines. Yet again another breathtaking issue came in-front where also China found responsible for security breach that effected The Washington Post - the most widely circulated newspaper published in Washington, D.C. Sources reveled that hackers broke into The Washington Post’s servers and gained access to employee user names and passwordsMandiant, a cyber security contractor that monitors The Washington Post’s networks, said the intrusion was of relatively short duration. The extent of the loss of company data was not immediately clear, still the matter of relief is that the company passwords are stored in encrypted form, hackers in some cases have shown the ability to decode such information. although to avoid any further mishap Washington Post have planned to ask all employees to change their user names and passwords on the assumption that many or all of them may have been compromised. Officials at Washington Post said that they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to The Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers. Post officials found that this hack is more-recent than the 2011 one. They also said, began with an intrusion into a server used by The Post’s foreign staff but eventually spread to other company servers before being discovered. “This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti. 
China not only targeted Washington Post,  If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile news organization of U.S. including New York TimesNBC and so on. So far Chinese Government have not responded to this issue, also none of Chinese hacker community take the responsibility of this breach. For upcoming updates on this story stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cartoon Network (CN) Official Website is Vulnerable to XSS Attack

Posted by Avik Sarkar On 12/10/2013 02:26:00 am

XSS Vulnerability Found in Cartoon Network's (CN) Official Website By Dr41DeY 
After the successful breach of 'DY365 TV' yet again the hacker going by the name of Dr41DeY from Nigerian Cyber Army targeted another TV network. Guess what, this time he caught even a bigger fish. Unlike defacement or breach this time the hacker did something what it called ethical or can be categorized in white-hat list. Okey now without pulling the intro more longer lets directly come to the story -and that is the official website of Cartoon Network is vulnerable of cross site scripting attack also known as XSS attack. Cartoon Network mostly known as CN is the worlds leader in broadcasting  animated programming, ranging from action to animated comedy & many more. This satellite channel is the most preferred channel for the children and teenagers between the ages of 7 to 5 among the whole of the world. So it is quit indisputable that the official website of Cartoon Network (CN) is indeed a valuable website which have large number of traffic everyday. But it is unclear that being such a big and popular brand name, why CN committed such a massacre while leaving XSS vulnerability in their official portal. Dr41DeY shared with VOGH, that the search box in the home page of CN poses non persistent XSS vulnerability. The above screen shots was taken as a proof of the story. I on behalf of Team VOGH has already contacted CN authorities, and knocked them about this issue. Hopefully they will take appropriate steps with out doing any further delay. For updates in this story and also other hot cyber issues, just stay tuned with VOGH.  


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#OpKillingBay- Anonymous Threaten to Engage Cyber Attack Against Japan Govt Over Dolphin Hunt

Posted by Avik Sarkar On 11/19/2013 06:52:00 pm

#OpKillingBay- Anonymous Threaten to Engage Cyber Attack Against Japan Govt Over Dolphin Hunt

I am sure that many of you remember the famous Oscar winning documentary 'The Cove' where the atrocious practice of killing Dolphins have been highlighted. Now it seems that the internet activist have pick that issue very seriously as the world's largest community of international hackers and activist, widely known as Anonymous has rises his voice against a gruesome culture of Dolphin hunting in Japan. The Japanese government has received an online threat from dangerous hacker collective group Anonymous where they vows to engage massive cyber attack against Japan government if they did not stop this cruel practice of killing the rare spices of dolphin near Taiji, Wakayama Prefecture. According to Japanese officials, they have received this bullying message from Anonymous “STOP these slaughters IMMEDIATELY, or get ready to face the extent of our wrath.” In a pastebin release the hacker group has declared 22 high profile Japanese websites on their hit list, including those of the prime minister’s office, Taji, Wakayama Prefecture, the Ministry of Agriculture, Forestry and Fisheries, and the Ministry of Internal Affairs and Communications.


While following their consuetude, Anonymous has called this campaign Operation KillingBay dubbed #OpKillingBay, where the hacker promised to engage massive cyber attack, in order to damage the Japanese Cyber space. The government has taken this threat very seriously, while looking at the past history of Anonymous and their capabilities, Taiji government and the National Information Security Center have been sent immediate alert since the warning from Anonymous been received. To gain public attention on this very matter the internet activist has already started a project named Save Japan Dolphins, now this contribution of Anonymous will definitely enhance this protest. For updates on this story and also all the other cyber updates stay tuned with VOGH


-Source (JDP)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Customs Services of Ukraine Govt Hacked By Anonymous, 1 GB of Classified Data Stolen

Posted by Avik Sarkar On 11/18/2013 08:16:00 pm

Customs Services of Ukraine Government Hacked By Anonymous, 1 GB of Classified Data Stolen
Anonymous -the world largest hacker community, also known as the infamous hacktivist who is widely known for engaging massive cyber attack against several governments strikes again. This time the target was Ukraine Government. According to multiple relevant sources of Anonymous it has been confirmed that the hackers have launched what it called an organised attack against different servers belongs to Ukrainian Government. During this round of cyber attack the main target was the Customs department of Ukraine. In their press release Anonymous took responsibility of performing onerous attack on CUSTOMS.GOV.UA, and caused what it called a voluminous data leak from it. This is the server that is responsible for the Odessa customs and handling of goods in the region of the Danube and Black Sea. From the press release we came to know that voluble of the stolen data is almost of 1GB, which is pointing a finger of sensational information of illegal operations of oil and gas, corruption schemes, bribes, cargo operations and so on. 
Most of the information is reported on the site, concerning the former head of the State Customs Service of Ukraine Ihor Kaletnik , who left the post after being elected deputy to in 2012 by Communist Party of Ukraine. Now Kaletnyk is the Deputy Speaker

Official Release of Anonymous: -

"Ukraine GOV hacked. CUSTOMS of UKRAINE customs.gov.ua MASSIVE Docs leak.
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 
Greetings Our Fellow lulz. + 
Time to anchore Our ​​Marie Lulzize in an unstable Harbour + of Odessa in Ukraine. This Great Day We present you 1GB of raw + Data from one of the Servers of CUSTOMS.GOV.UA. To be pricise Ukraine Customs in + Black Sea and Danube - marine Customs. + Inside you Will Find lulz much related to Illegal Operations with + Oil and gas, corruption and Schemes Also much of good eddible Intel + All related to corruption in Ukraine Government controlled marine + Cargo Operations, Bribes and kickbacks gov. + Much of the Inside of the package is related to Ukraine + Former Chief Customs - Ihor Kaletnyk WHO is an active FSB operative + Russian enforcing rules of Engagement in Ukraine. + Also alot of Offshore moneylaundering by this persona and Other Government + Crooks. We undrstand that oil is money and money is power. + But They just do not Realize That one Day + shit happens and this shit pours from Big A Greedy right into Their throats.  + Sneak Peak of 64 Documents ..."

The hacker community has posted all the leaked information on an image archive and made that available for public. The 1 GB of the stolen data has also been made public in three different archive links

But on other hand the Ukrainian Government Officials denied the entire issue, according to the spokes man of government "Custom server can not be compromised. Therefore, as at customs.gov.ua a web server. Other documents, as far as I know, this server is not stored."  He also said that "Those documents that have posted allegedly crackers were not extracted from the server to the customs. In this I am 100%. Let me explain. Please note, most of the documents photographed, that is, it is done the person who had physical access to them, perhaps even temporary. Given that the documents from different regions of Ukraine, then they could meet only in the State Customs Service (MinDohodov) or law-enforcement agencies." 

While talking about this recent breach, we would like to remind you that couple of years ago, another infamous hacker community going by the name of Kosovo Hackers Security (KHS) targeted Ukraine govt. That time KHS have successfully penetrated the official website of Ukraine Police, Gazeta.ua (Ukraine Largest News Portal) and many more high profile sites. Now this hack of Anonymous is again another big attack which caused a serious damage to the Ukrainian cyber space. For updates on this hack and also all the other cyber updates stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Exploiting Old Ruby on Rails Vulnerability To Compromise Web Servers & Create Botnet

Posted by Avik Sarkar On 6/03/2013 09:06:00 pm

Hackers Exploiting Old Ruby on Rails Vulnerability (CVE-2013-0156) To Compromise Web Servers & Create IRC Botnet
A critical vulnerability on Ruby on Rails spotted in January this year which was deemed “critical” at the same time yet again found in the wild. The vulnerability known as CVE-2013-0156 that affected versions 3.0.20 and 2.3.16 again rises it's hand. Though a security patch was released by the Rails developers. But as we all know that many server administrator used to be unaware of these events have not patched their systems. As a result hackers and cyber criminals are actively exploiting a critical vulnerability in the Ruby on Rails Web application development framework in order to compromise Web servers and create a dangerous botnet. This major security issue was first discovered by a security consultant Mr. Jeff Jarmoc of research firm Matasano Security. In his blog Jarmoc said "It’s pretty surprising that it’s taken this long to surface in the wild, but less surprising that people are still running vulnerable installations of Rails. It also appears to be affecting some web hosts." According to his blog post -the exploit that's currently being used by attackers adds a custom cron job -- a scheduled task on Linux machines that executes a sequence of commands. Those commands download a malicious C source file from a remote server, compile it locally and execute it. The resulting malware is a bot that connects to an IRC (Internet Relay Chat) server and joins a predefined channel where it waits for commands from the attackers. A pre-compiled version of the malware is also downloaded in case the compilation procedure fails on the compromised systems.
"Functionality is limited, but includes the ability to download and execute files as commanded, as well as changing servers," Jarmoc said. "There's no authentication performed, so an enterprising individual could hijack these bots fairly easily by joining the IRC server and issuing the appropriate commands." But the matter of relief is that Jarmoc concluded while saying "this is a pretty straightforward skiddy exploit of a vulnerability that has been publicly known, and warned about, for months."

But still administrators who have not yet patched their Rails version should immediately should update the Ruby on Rails installations on their servers to at least versions 3.2.11, 3.1.10, 3.0.19 or 2.3.15 which contain the patch for this vulnerability. However, the best course of action is probably to update to the latest available Rails versions, depending on the branch used, since other critical vulnerabilities have been addressed since then. 

Brief About RoR:- Ruby on Rails is a popular framework for developing Web applications based on the Ruby programming language and is used by major websites including Hulu, GroupOn, GitHub and Scribd.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites

Posted by Avik Sarkar On 5/05/2013 03:11:00 pm

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites to Serve Blackhole Exploit

ESET one of the world renowned security firm headquartered in Bratislava have figured out what it called a malicious cyber rampage targeting millions of cPanel-based servers. Since last few months security experts have been tracking server level compromises that have been utilizing malicious Apache modules to inject malware into websites and  redirecting some of its requests to the infamous Blackhole Exploit packs. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and this new malware has been dubbed "Linux/Cdorked.A." Several analysis reveals that it is a sophisticated and stealthy backdoor meant to drive traffic to malicious websites. According to the official blog post of ESET - Linux/Cdorked.A is one of the most sophisticated Apache backdoor's we have seen so far. The backdoor leaves no traces of compromised hosts on the hard drive other than its modified httpd binary, thereby complicating forensics analysis. All of the information related to the backdoor is stored in shared memory. The configuration is pushed by the attacker through obfuscated HTTP requests that aren't logged in normal Apache logs. This means that no command and control information is stored anywhere on the system.
This malicious cyber rampage was first detected by another security firm named 'Sucuri' and later ESET published a detailed analysis of the issue. But still there are thoughtful matter as already thousands of websites get infected. The attack is particularly dangerous as Apache web servers are among the most well-known and widely-used in the world and are used by numerous companies. This means that a successful security breach can affect numerous different businesses across a diverse range of industries.
As this malware also known as Linux/Cdorked.A has already been spotted in the wild, so on behalf of cyber media, we urge all the concern system administrator, security analyst to take care of the above issue while to checking their servers and verify that they are not affected by this threat. Detailed instructions to perform this check are provided in the ESET blog.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

Posted by Avik Sarkar On 5/05/2013 03:10:00 pm

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

The rising amount of cyber crime has already put the world of security under a serious threat. Since last five years we have seen many devastating cyber attack which have broken almost every security measure. In short, today the entire cyber space is posing a serious risk. To get rid of this situation many developed countries have already started taking required counter measure. Cyber awareness program, campaigns are going in almost every part of the world. Such steps and countermeasures were mainly limited to government and corporate, but now as we are sitting at the edge of cyber threat, so the security system should be more enhanced. While looking at the current status OXFORD University have came forward, and they are going to open a cyber hub to tackle these ongoing cyber challenges. Acceding to the official website of Oxford Mail - OXFORD University will get £1 million of investment in the next two years to fund a center to tackle cyber crime. Funding for the Government’s Global Center for Cyber Security Capacity Building has been announced by Foreign Secretary William Hague, who pledged £500,000 a year for at least the next two years. It will be based at the home of the Oxford Martin School, with the aim of combating activists and terrorists who are posing a growing threat to our national security and economy.
The school’s director, Ian Goldin, Oxford University Professor of Globalisation and Development, said: “The whole purpose is to address critical challenges of the future. The international scale of the challenge requires new research and connections with the business world, which is part of the school’s mandate.” The centre will be based at the Old Indian Institute, a former university library building, on the corner of Broad Street and Catte Street, which is currently being refurbished. Prof Goldin, whose new book Divided Nations explores the risks brought about by rapid globalization and technological leaps like the internet, said keeping up with criminals will be far from easy. He said: “We are in a race, or struggle, between people who want to keep systems safe and secure and those who – for whatever reasons that may be commercial, nationalist or anarchical – want to undermine the system. That won’t end. 
According to some legitimate sources it has been confirmed that the new center will be a beacon of expertise and put the UK at the forefront of cyber policy development. It will operate from Broad Street from September. The two-year funding will help pay for an additional 12 specialists. Sadie Creese will head the new center as professor of cyber security.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VOGH Exclusive: Xbox Live Outage Caused For Networking Misconfiguration, Not Hacker Attack

Posted by Avik Sarkar On 4/18/2013 06:08:00 pm

Microsoft Said Xbox Live Outage Caused For Networking Misconfiguration During Routine Maintenance, Not Hacker Attack 

Xbox Live -one of the world's most popular and usually very reliable gaming network which rarely has unexpected outages, nor does Microsoft ever take it down for any extended period of time. But accident occurs, and it happened in last Sunday. The software giant and the developer of Xbox - Microsoft has reported a significant Xbox Live outage, rendering the service unavailable since earlier last 13th afternoon, smack in the middle of the peak weekend usage period. The outage is preventing users from signing in to Xbox Live, blocking access to the online services normally available through the console. While acknowledging the issue, on their official Xbox Live Status page Microsoft said “There is still an issue members are having signing in to Xbox LIVE, we greatly appreciate you sticking it out with us while we work as hard as we can to get this problem fixed. Keep checking back here every 30 minutes for another update on our progress.” This update came from Microsoft at 3:30 Pacific time on 13th of April. As soon as this story get spotted, several hikes rises. Among this buzz, it was a few unnamed hacker who took credit of the Xbox outage, while declaring that a cyber attack. Another buzz which just got spread so quickly, was that the outage of Xbox Live network has been caused by hacker collective Anonymous.  Here we must have to say that those buzz have some solid reasons as couple of months ago Windows Azure faced an organized cyber attack which effected the service of Azure storage, Xbox Live and 52 other. And that outage or in other word service interruption stays for 12 long hours. But unlike earlier, this time the issue get resolved immediately. Within one hour all the service get restored and came back to its normal order. On the same Xbox Live Status page Microsoft said “If you were one of the members who was having issues signing in to Xbox LIVE, good news! This issue has been fixed! Thank you so much for your patience during this time, feel free to go enjoy your favorite games and content!”
So far we have discussed about the story of the outage and it's restoration. Now we will talk about the cause of this interruption. As I have said earlier that the rumor of hacker's attack was there which was claiming responsibility of the Xbox Live outage. But in reality it was not due to cyber attack but some internal network problems. In their official respond of the situation and those buzz Microsoft completely dines all those rumors and said  "The Xbox Live service outage on 13 April resulted from networking misconfiguration during routine maintenance and was in no way related to false claims of hacking the service." 
While talking about Xbox outage, we would like to remind you that - another world famous gaming console 'PlayStation' had fallen victim to cyber attacks. It was Anonymous who hit Sony PSN and caused massive outage, data leak and many other devastating damages







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael)

Posted by Avik Sarkar On 4/11/2013 01:44:00 am

VOGH Exclusive: Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael) 

The past 7th April will be unforgettable for Israeli cyber space, yes it was no doubt the black day for Israel, when the World's largest hacker group "Anonymous" with help of several other hackers communities caused ruin while bringing down almost all the Israeli Government websites, along with more that 100,000 other important Israeli websites, 40,000 Facebook pages, 5,000 Twitter accounts and 30,000 bank accounts belonging to Israeli people. The hacker group not only demolished the cyber space of Israel, but also caused a loss of 3 billion USD. This never forgettable hacking rampage dubbed Operation Israel became the most devastating and venturesome hacking rampage ever happened to the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation widely known as #OpIsrael, where the hacker group vows to erase Israel from the Internet. And indeed the hacker group did that, According to several Israeli source, leading media outlets it has been confirmed that almost all the important sites owned by the Government of Israel have been  either hacked and paralyzed. These sites include the site of the Israeli Police, Israeli Prime Minister, Bureau of StatisticsIsraeli intelligence agency Mossad, Stock Market and the Israel Ministry of Defense and many more. Regardless of the amount of damage done, the scale of the attack is bound to be embarrassing for the Israeli government. This is the second time that Anonymous has successfully taken down Israeli government websites. The first #OpIsrael attack happened last November and affected Israeli cyber fence heavily. Like the last November, this time also the reaction of Israel Government was indifferent and unconcerned. Despite of what Anonymous's claims of massive damage to Israel, the country's cyber security officials say that the attack caused minimal damage. "So far it is as was expected, there is hardly any real damage," Yitzhak Ben Yisrael from the government's National Cyber Bureau told the press. "Anonymous doesn't have the skills to damage the country's vital infrastructure. And if that was its intention, then it wouldn't have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart." This is more or less what Anonymous always does, often with varying levels of success.







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Scribd' World's Largest Document Sharing Website Admits Security Breach

Posted by Avik Sarkar On 4/11/2013 01:42:00 am

'Scribd' World's Largest Document Sharing Website Admits Security Breach 

Scribd- San Francisco-based document sharing site have fallen victim of cyber attack. Such kind of massacre is no doubt very much shameful for one of the world largest document sharing website which have more than 100 million of registered user. Like other largest companies, Scribd acknowledged the attack. In their official security announcement the company said that the operations team of Scribd have discovered and blocked suspicious activity on Scribd's network that appears to have been a deliberate attempt to access the email addresses and passwords of registered Scribd users. But the matter of relief is that only the 1% of its registered users have been affected during the hack. Immediately after this intrusion get spotted Scribd security team have emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password.  So, if you are a Scribd user and you did not receive such email from Scribd, then you are most likely unaffected.  If you still wish to check, you can use this web tool to determine if your account was among those affected. From the official announcement of Scribd, we came to know that the inertial investigation have already take place, which indicates that no content, payment and sales-related data, or other information were accessed or compromised. It has been  believed that the information accessed by the hackers was limited to general user information, which includes usernames, emails, and encrypted passwords.  Even though this information was accessed, the passwords stored by Scribd are encrypted (in technical terms, they are salted and hashed). Most of the users were therefore unaffected by this; however, the analysis shows that a small percentage may have had their passwords compromised. In an abundance of caution, it has been highly recommended for those affected users to reset their password and to change their password on any other services they might have used it on. 
At conclusion of the note, Scribd team did serious apology to its users while saying -"we would like to sincerely apologize for our failure to live up to our users' expectations in this instance. We’re incredibly disappointed that this happened and are committed to doing everything we can to prevent this from happening again. We will work harder than ever to ensure that we deserve the trust that our users place in us." 
While talking about big cyber attacks against large companies we would like to remind you in the last year we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  Nvidia,BlizzardPhilipsZyngaVMWare, Adobe Twitter  New York Times, Apple and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

#OpIsrael Continues: KHS & MLA Hacked Several Israeli Govt Websites & Leaked Sensitive Data

Posted by Avik Sarkar On 4/07/2013 05:20:00 pm

Muslim Liberation Army (MLA) & Kosova Hacker Security (KHS) Joins Operation Isreal & Hacked Several Israeli Govt Websites & Leaked Sensitive Data

Operation Israel the devastating hacking rampage continues and becoming more and more venturesome for the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation also dubbed #OpIsrael, where the hacker group vows to erase Israel from the Internet. And as expected this is happening, the first quake came from Turkey-based Marxist hacker group named RedHack and Anonymous, where they targeted Israeli intelligence agency Mossad and breached personal data of 35K officials. Operation Israel, was not among those typical rampage of Anonymous, here Anon called other hackers from different part of of the spectrum to join. First it was RedHack who responded, and now the Muslim Liberation Army lead by Pakistani hacker Hitcher, along with Kosova Hacker's Security & few other Albanian hacker's community joined #OpIsrael
Yesterday it was Hitcher from Muslim Liberation Army (MLA) who targeted Israel’s Ministry of National Infrastructures (MNI). The hacker managed to breach the server of Israel Ministry and defaced several website belongs to Israel Ministry of Infrastructures. The attack took place at yesterday late night, but still at the time of writing the news, several Israel MNI websites are not performing. Not only MNI, as per sources several other high profile and Israeli government sites have also been taken down in this round attack. While covering this hack of Hitcher, we must have to recap the previous hack of  Pakistan hackers who are constantly against Israel (for Gaza issue) causing massive cyber attack against leading IT industry of Israel and other high profile Israeli sites. Just a couple of months ago, the world seen what it call the black day in the history if Israeli cyber space where another Pak hackers community hacked the main domain controller of Israel, which causes a massive hack against almost all the big Israeli sites such as government, MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel & many more. 


During the hacking rampage, Hitcher delivered the following message - 
“We are outraged at the Palestine present condition and the Illegal occupation of Palestinian Land By the Zionist Israelis. This attack is in response to the Injustice against the Palestinian people. Occupied Palestinian land under the guise of residential settlements are being increased. Palestinians are deprived of their basic human rights. International Aid workers are stopped from providing any humanitarian assistance to the people. The International community and media is not allowed to bring facts to world as due to strict restrictions” 

On the other hand, Kosova Hacker's Security along with few other Albanian hacker's community performed, what it called a demolishing cyber attack, that caused huge damage to the Israeli cyber space. During the attack Kosova Hacker's Security also known as KHS hit several important Israeli government & commercial websites such as  Civil Aviation Authority, Israel Police, Ministry of Health and many more. KHS caused damage to those websites, not by doing defacement by causing data leak. KHS hacked and exposed thousands of sensitive data, including full name, email-id, passwords and other confidential information of those said Israeli websites. All those leaked data have been made available by the hackers in a website called pentagoncrew.com All those hacks have been performed under the banner of Operation Israel also dubbed #OpIsrael for the cause of GazaFor instance, here we can recap the hack of Kosova Hackers Security (KHS) where they hacked and exposed personal data of 35,000 Israeli people. 

At conclusion, we want to say that, at the time when Anonymous first called Operation IsraelIsraeli government presumed that they have taken the threat very seriously and from the government end it has been  stated that they will take almost every steps to avoid any kind of disaster. Now after observing the above scenario it is clear that Israel Government have completely failed to protect their cyber space, in spite of having precaution. Also another thing get spot light, that is different hackers community have already came under a single shade in order to hit Israel against Gaza & Palestine issue. Today is the historical 7th April, I mean the day which Anonymous promised to erase Israel from the Internet. So the clock is running, lets see what more is about to come.  for the time stay tuned with VOGH to get all the latest update on this story and also other cyber issues. 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search