Bells Act India (bells.ac.in) Hacked By Pak Cyber Combat Squad.
Hacked Site:-
Mirror Link:-
http://zone-h.com/mirror/id/14748433
bells.ac.in Hacked By Pak Cyber Combat Squad
Hacked Site:-
Mirror Link:-
http://zone-h.com/mirror/id/14748433
Back Track 5 R1 (Penetration Testing Distribution) Released
Back Track 5 R1 (Penetration Testing Distribution) released. According to the earlier press release BT development team said that BT5 R1 will be available on the 10th of this month but due to some security update and other reason they delay the time and finally released the Release 1 of BT5 on the 18th of August. In this edition 120 bugs has been fixed along with that 30 new tools are added in this version. Also BT team updated 70 tools in this edition of Back Track. The kernel was also updated to 2.6.39.4 and includes the relevant injection patches.
According to Back Track Team:-
"We’re finally ready to release BackTrack 5 R1. This release contains over 120 bug fixes, 30 new tools and 70 tool updates. We will be rolling out some howto’s on our wiki in the next few days, such as VMWare tool installation, alternate compat-wireless setups, etc. The kernel was updated to 2.6.39.4 and includes the relevant injection patches. As usual, please report bugs to us through our redmine ticket system for the fastest response. Don’t forget to also check our forums and wiki (will be updated in the next few days).
We are really happy with this release, and believe that as with every release, this is our best one yet. Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack.
We’ve released Gnome and KDE ISO images for 32 and 64 bit (no arm this release, sorry!), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.
We’ve released Gnome and KDE ISO images for 32 and 64 bit (no arm this release, sorry!), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.
Lastly, I would like to thank the whole BackTrack team for pulling off the late nights working on this release, as well as Offensive Security for funding all of this stuff. If you need real world Penetration Testing Training – head on over to Offensive-Security and get ready for a bumpy ride!..."
To Download Back Track Click Here
-News Source (Back Track)
Fake Facebook Profile of SP (Patna) Case, The Cyber Crime Cell Is Investigating
The Cyber Crime Cell of the Patna Police has sent letters to three centres of Google in the country to know the Internet Protocol (IP) address of the person who created the fake Facebook account of Patna City SP (Central), Shivdeep Lande, recently. These centres are in Chandigarh, Kolkata and Mumbai. DSP (law & order) L M Sharma, who heads the Cyber Crime Cell, said that it would take some time as Patna Police would have to wait for the reply of the centres. "We would have to wait till the IP address of the Facebook account creator is passed on to the Patna Police," the DSP said.
Meanwhile, Lande said, the address of the person who had created the fake website of the Patna high court recently, was traced to Kankarbagh. "But when the police team went there, it found that no youth of that name lived in the locality," he said.
"Another police team reached a particular cybercafe to inquire about the creation of the fake Facebook account, but the manager said that the staff never maintained a register of the customers," he said.
It may be mentioned here that a fake Facebook account of Lande was detected recently. The police official had earned the wrath of youths, including girls, as he had carried out raids at different cybercafes and restaurants in the city and detained over a dozen young couples. Dozens of boys and girls visited the site and listed themselves as Lande's friends.
In another case, a fake website of the Patna high court was created and several youths were duped in the name of jobs in the court.
Meanwhile, Lande said, the address of the person who had created the fake website of the Patna high court recently, was traced to Kankarbagh. "But when the police team went there, it found that no youth of that name lived in the locality," he said.
"Another police team reached a particular cybercafe to inquire about the creation of the fake Facebook account, but the manager said that the staff never maintained a register of the customers," he said.
It may be mentioned here that a fake Facebook account of Lande was detected recently. The police official had earned the wrath of youths, including girls, as he had carried out raids at different cybercafes and restaurants in the city and detained over a dozen young couples. Dozens of boys and girls visited the site and listed themselves as Lande's friends.
In another case, a fake website of the Patna high court was created and several youths were duped in the name of jobs in the court.
-News Source (TOI)
#Op-Bart Continues, This Time 100+ Officers Details Leaked By Anonymous
#Op-Bart continues, after hacking into the myBART.org website belonging to San Francisco's BART (Bay Area Rapid Transit) system Anonymous extracted more than 2,000 records containing names, user names, passwords (plain text), emails, phone numbers, addresses and zip codes.
But yet it is not over anon strikes again, and this time more than 100 officers personal data leaked.Including user-names, email address, password and other sensitive information.
To see the official statement of BART about this data-breach Click Here
Researchers Found Flaws On The IPv6 Handling System Of Windows 7
Researchers have found a flaw in the way Windows 7 handles IPv6, one of the key protocols underlying the internet, saying attackers could use the vulnerability to crash PCs.
The security firm Barracuda Labs said on Tuesday that someone would have to make a targeted denial-of-service attack to exploit the vulnerability, but exploitation could cause failure in a PC's network connectivity, applications and sound system.
Microsoft has acknowledged and reported the flaw, but has said it will not patch it in a security update, because exploiting the vulnerability requires local network access.
According to Barracuda Labs researcher Thomas Unterleitner, the vulnerability lies in the way Windows 7's remote procedure call (RPC) function handles malformed DHCPv6 requests — DHCP (Dynamic Host Configuration Protocol) being the automatic configuration protocol that lets servers allocate IP addresses to clients at start-up.
DHCPv6 is part of IPv6, the new version of the internet protocol that is being slowly rolled out. 128-bit IPv6 addressing can handle a vastly greater number of connected network devices than 32-bit IPv4, which was introduced in 1981 and is now running out of address space.
The security firm Barracuda Labs said on Tuesday that someone would have to make a targeted denial-of-service attack to exploit the vulnerability, but exploitation could cause failure in a PC's network connectivity, applications and sound system.
Microsoft has acknowledged and reported the flaw, but has said it will not patch it in a security update, because exploiting the vulnerability requires local network access.
According to Barracuda Labs researcher Thomas Unterleitner, the vulnerability lies in the way Windows 7's remote procedure call (RPC) function handles malformed DHCPv6 requests — DHCP (Dynamic Host Configuration Protocol) being the automatic configuration protocol that lets servers allocate IP addresses to clients at start-up.
DHCPv6 is part of IPv6, the new version of the internet protocol that is being slowly rolled out. 128-bit IPv6 addressing can handle a vastly greater number of connected network devices than 32-bit IPv4, which was introduced in 1981 and is now running out of address space.
Intercept DHCPv6 traffic:-
"To exploit this vulnerability, an attacker would need to intercept DHCPv6 traffic," Unterleitner wrote. "Once a DHCPv6 request has been intercepted, the corresponding reply would have to be modified to contain the malformed Domain Search List option. On reception of this malformed packet, RPC on the remote machine would fail. Exploiting this vulnerability would cause the RPC service to fail, losing any RPC-based services, as well as the potential loss of some COM functions."
Unterleitner told ZDNet UK on Wednesday that a successful attack would "crash the RPC service from the Windows operating system, and without this service Windows 'collapses' slowly — no sound, no IP and so on".
Unterleitner told ZDNet UK on Wednesday that a successful attack would "crash the RPC service from the Windows operating system, and without this service Windows 'collapses' slowly — no sound, no IP and so on".
Barracuda Labs confirmed the DHCPv6 vulnerability on both 32-bit and 64-bit versions of Windows 7 Ultimate with Service Pack 1, and said it was "very likely" that other versions of Windows 7, and possibly earlier versions of Windows, are also affected.
After the security researchers warned Microsoft of the flaw, the company replied in late July, saying it had replicated the vulnerability. However, Microsoft said that executing a man-in-the-middle attack or establishing a rogue DHCPv6 server to exploit the flaw would require local access, so the flaw would only be fixed in the next version of Windows.
Unterleitner said an incorrectly-configured or buggy Linux DHCP server could also trigger similar effects on the client PC, but the method described by Barracuda Labs is the easiest way for a "pinpoint denial-of-service" attack to compromise a client.
ZDNet UK has asked Microsoft for comment on the vulnerability, but had received none at the time of writing.
After the security researchers warned Microsoft of the flaw, the company replied in late July, saying it had replicated the vulnerability. However, Microsoft said that executing a man-in-the-middle attack or establishing a rogue DHCPv6 server to exploit the flaw would require local access, so the flaw would only be fixed in the next version of Windows.
Unterleitner said an incorrectly-configured or buggy Linux DHCP server could also trigger similar effects on the client PC, but the method described by Barracuda Labs is the easiest way for a "pinpoint denial-of-service" attack to compromise a client.
ZDNet UK has asked Microsoft for comment on the vulnerability, but had received none at the time of writing.
-News Source (ZDNet)
Pakbugs (Famous Pakistani Hackers forum) Database Hacked by Zero
Famous Pakistani Hackers forum Pakbugs database got hacked by Zero, he also revealed the admin credentials. Website:-
Admin information:-
username:-ZombiE_KsA
email:-zombie_ksa@yahoo.com
password:-f9ad0fa817c5c78fbd3776c94e7effc0
salt:-QQ/FG#p1[h)KDiwn;`V4V}PnDwC-8
Database Information:-
NSS Said : IE9 Blocks Virtually all Socially Engineered Malware, Rather Than Other Browsers
A study prepared by NSS Labs concludes that Microsoft's Internet Explorer 9 blocks virtually all socially engineered malware, far more than rival browsers.
The study was designed to examine one aspect of security: how a browser handled a malicious URL, such as one received in a posting on a social network or an email. The NSS goal was to find the browser which identified, warned, and/or blocked malicious URLs from being viewed by the user.
As it did in 2010, Microsoft's IE9 with Smart Screen URL detection and Application Reputation topped the field, blocking 99.2 percent of all malicious emails. Google's Chrome 12 finished far behind, blocking 13.2 percent of all malicious URLs. Apple's Safari 5 and Mozilla Firefox 4 tied at 7.4 percent, with Opera 11 finishing dead last at 6.1 percent.
The study was designed to examine one aspect of security: how a browser handled a malicious URL, such as one received in a posting on a social network or an email. The NSS goal was to find the browser which identified, warned, and/or blocked malicious URLs from being viewed by the user.
As it did in 2010, Microsoft's IE9 with Smart Screen URL detection and Application Reputation topped the field, blocking 99.2 percent of all malicious emails. Google's Chrome 12 finished far behind, blocking 13.2 percent of all malicious URLs. Apple's Safari 5 and Mozilla Firefox 4 tied at 7.4 percent, with Opera 11 finishing dead last at 6.1 percent.
The NSS Labs study showed that, globally, all of the browsers tested showed improvement over an NSS study performed last year, with two exceptions: Safari and Mozilla's Firefox. A year ago, Microsoft IE9 blocked 99 percent of the malicious URLs, followed by Chrome 6 (3%), Safari 5 (11%), Firefox 3.6.15 (19%), and Opera 10 (0%).
NSS attributed Microsoft's success to its Application Reputation technology, which has attempted to categorize applications across the Internet.
"The significance of Microsoft's new application reputation technology cannot be overstated," the NSS report found. "Application reputation is the first attempt by any vendor to create a definitive list of every application on the Internet. This new capability helps users discern malware, and potentially unsafe software from actual good software. The list is dynamically created and maintained, much the same way Google, (or Bing) is continuously building and maintaining a library of content for search purposes."
The NSS tests sliced the potential for malware along one specific axis, socially engineered malware, a distinction Google objected to during the 2010 tests. ""Google Chrome was built with security in mind from the beginning and emphasizes protection of users from drive-by downloads and plug-in vulnerabilities," a spokeswoman said then.
NSS also found that the combination of SmartScreen and Application Reputation means that IE9 blocked new malware in just over half and hour, while Safari 5 and Firefox 4 required 4.91 and 6.07 hours, on average, to detect a new malicious URL. Chrome 12 and Opera 11, by contrast, required 17.7 and 18.4 hours, respectively. Over time, as the malicious URLs changed in response to detection, the browsers maintained their level of protection fairly consistently, NSS found.
"Not only has the effectiveness of the technology improved, but so has the speed at which it is able to identify socially engineered malware," Roger Capriotta, director of Internet Explorer product marketing, wrote in a blog post Monday. "For our Windows customers, this means fewer infections and headaches for you."
In its report, NSS said its findings were independent, and that it had not received funding from any vendor.
-News Source (PC Mag)
