MyBB 1.6.4 is Now Available

Posted by Avik Sarkar On 8/09/2011 05:30:00 pm


MyBB 1.6.4 is now available from the MyBB website and is a feature update, security and maintenance release for the 1.6 series.

Security Updates:-

There are also 3 security updates for 1.6.4. Overall, they are low risk vulnerabilities as they all require administrator permissions – however, one of these is classed as high risk if a user manages to get into the Admin Control Panel (ACP).
As a result of this, it is recommended that only certain types of variables are used in templates that follow the MyBB Development Standards – although other types may be used it the templates are installed to the database through your plugin, Administrators will not be able to save templates with these variables in.
Theme Artists and Plugin Developers should take a close look at the new changes to see if their work will be affected by the new changes and update them accordingly.

Performance:-

In 1.6.4, there are a number of performance-related updates. These range from small code changes to caching thread prefixes. More information about these are available on 1.6.4′s page in the Wiki.

To know what is new in mybb 1.6.4 click here
To see the official report and for download of mybb 1.6.4 click here

-News Source (mybb)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Official NASA forum is Vulnerable to SQL-i, Said TeaMp0isoN

Posted by Avik Sarkar On 8/09/2011 05:22:00 pm


Well-known hackers group TeaMp0isoN found SQL-i vulnerability of the NASA forum. Actually it was a found through the Zero-day of vbulletin. TeaMp0isoN exposed very sensitive information like the Database info, admin user- name, email-id, password hash and so on.  

According to TeaMpOisoN:-

Admin Username: rkim
Email: Randolph.I.Kim@nasa.gov
Hashed Password: f8c139f15bbbb79a362c049590b24f0d:W\oFuA
Salt: {2p^:D?w~=pYxVayvmn;l7*

Admin Username: cmohnike
Email: MohnikCC@nv.doe.gov
Hashed Password: 6c6e2b5e36846c2aee99b1c6e1194f63
Salt: )~#FJj:zQ^52q:SF{&5MDCILiPi2S=


For More Info click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Zero-day Exploit in iOS Games Exposed by a Teenagers (10-Year Old Girl)

Posted by Avik Sarkar On 8/09/2011 04:16:00 pm


A 10-year-old California girl’s presentation at a hacker conference in Las Vegas is getting a lot of attention. The girl, who uses the pseudonym “CyFi,” revealed a zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of vulnerability Zero-day exploits are used or shared by attackers before the developer of the target software knows about the vulnerability. The girl first discovered the flaw earlier this year because she was bored with the pace of farm-style games.
While CyFi isn’t revealing which games are affected, most of them have time-dependent factors. She opened up the exploit by manually advancing a phone or tablet’s clock to force a game ahead in time. Some games block such a trick but the young hacker says she found ways to avoid those detections such as disconnecting the phone from Wi-Fi and making incremental clock adjustments.
CyFi’s presentation was part of DefCon Kids, a new offshoot of the annual hacker convention that features an area where kids can learn how to do things like open master locks, do certain kinds of hacks, code in scratch and communicate in code.
While her presentation at DefCon was her first public vulnerability disclosure, CyFi said she was only a little nervous. An artist, girl scout and downhill skier, she has spoken publically numerous times, usually at art galleries as a member of “The American Show,” an underground art collective based in San Francisco. According to her bio on the DefCon Kids Web site, CyFi has had her identity stolen twice.
Rosenblatt points out that the new DefCon Kids programming reflects that “members of the hacking community are getting older and raising families.”


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

North Korea's Army of Online Gaming Hackers

Posted by Avik Sarkar On 8/09/2011 04:16:00 pm


The North Korean leader Kim Jong-il has found a novel way of raising badly needed cash, according to the South Korean authorities: unleashing young hackers on South Korea’s immensely popular online gaming sites to find ways to rack up points convertible to cash.
Despite its decrepit economy, North Korea is believed to train an army of computer programmers and hackers. The police in Seoul said Thursday that four South Koreans and a Korean-Chinese had been arrested on charges of drawing on that army to organize a hacking squad of 30 young video gaming experts.
Working from Northern China, the police said, the squad created software that breached the servers for such popular South Korean online gaming sites as “Lineage” and “Dungeon and Fighter.” The breach allowed round-the-clock play by “factories” of dozens of unmanned computers.
Their accumulated gaming points were exchanged for cash at Web sites where human players are focused on acquiring enhancements for their online personas, or avatars. The gaming software was also sold, the police said; such factories, while illegal, are common in South Korea and China. 

The police in Seoul said Thursday that four South Koreans and a Korean-Chinese had been arrested on charges of drawing on that army to organize a hacking squad of 30 young video gaming experts.
Working from Northern China, the police said, the squad created software that breached the servers for such popular South Korean online gaming sites as "Lineage" and "Dungeon and Fighter." The breach allowed round-the-clock play by "factories" of dozens of unmanned computers.
Their accumulated gaming points were exchanged for cash at Web sites where human players are focused on acquiring enhancements for their online personas, or avatars. The gaming software was also sold, the police said; such factories, while illegal, are common in South Korea and China.

-News Source (cnet & nytimes)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

developer.nokia.com is Vulnerable to SQl-i, Said Zero

Posted by VOGH On 8/09/2011 04:16:00 pm


The official website of Nokia developer is vulnerable to SQl-i said Zero. He also hacked and exposed the credentials user-name, database info, login email-ids, passwords and so on.  

Database:-

database version:-5.0.45-log
database name:-dibo
database user:-diboadmin@jagamon.dmz

user information 

username : salt 
password : 698df1f11d93736f280e801db71f8d4e

For More Information Cheek the following Link:- 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Syrian Ministry of Defence Hacked & Defaced By Anonymous (#Op-Syria)

Posted by Avik Sarkar On 8/08/2011 05:44:00 pm


Famous Hacker group Anonymous declared #Op-Syria. They hacked and defaced the official website of  Syrian Ministry of Defence

To see the post on pastebin click here

To join the IRC chat room of #Op-Syria cheek the following link:-
http://irc.lc/AnonOps/opsyria

Anon released a video to give message about #Op-Syria:-



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

2 Websites Hacked by SeeKeR (Official Pak Cyber Army)

Posted by Avik Sarkar On 8/08/2011 04:54:00 pm

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search