Vulnerabilities Found in Google Plus, An Attacker Can Perform DDoS Attack Using Google's Bandwidth

Posted by Avik Sarkar On 8/30/2011 03:08:00 am


Hello hacker meet your new friend Google plus. Don't get panic. Now you can perform DDoS attack while using the bandwidth of Google.  A security expert has discovered certain flaws in Google’s server which can allow hackers to mount massive distributed denial of service (DDOS) attacks. Simone Quatrini, a penetration tester with Italy-based security firm AIR Sicurezza Informatica, revealed that vulnerabilities in Google’s server allow hackers to use the search engine as a proxy to retrieve content for them.
The security expert has developed a script which can allow it to use Google’s bandwidth to launch DDOS attacks on any website. Quatrini contacted Google about the flaw on August 10, but got no reply from the company. It was then that he decided to disclose the vulnerabilities to the public. Researcher and computer student Ryan Dewhurst had also alerted Google about the flaws, but also did not receive a reply. Quatrini claimed he was getting a bandwidth of 91Mbps even though his home server only receives bandwidth of 6Mbps.
“Is possible to request any file type, and G+ will download and show all the content. So, if you paralyse so many requests, is possible to DDoS any site with Google bandwidth. Is also possible to start the attack without be logged in G+,” Said Quatrini.
Here is video which will clarify you how to do DDoS while using Google's Bandwidth:-
To Download the DDoS Source Code click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

iPhone hacker Nicholas Allegra AKA Comex Hired By Apple

Posted by Avik Sarkar On 8/29/2011 05:46:00 pm


Apple just hired Nicholas Allegra, the world-famous hacker known as "Comex" who created JailbreakMe.com, the easiest way to "jailbreak" your iPhone.
Allegra posted on Twitter last night that he's starting an internship at Apple in two weeks.

Apple is no stranger to hiring members of the iPhone hacker community, but they seem to have hit the jackpot this time. Allegra is one of the most prolific and well known iPhone hackers.
JailbreakMe.com made the act of jailbreaking, which Apple hates, accessible to anyone who knows how to use the web browser on an iPhone. While Allegra has received mostly encouraging responses on Twitter, it's undoubtedly a huge blow to the iPhone hacking community at large. More than 175,000 people follow his Twitter account, which is more than many A-list celebrities can claim. In related news, in June Apple hired Peter Hajas, an iPhone hacker known for creating an elegant new notifications system for jailbroken iPhone.
If you can't beat em, hire em?

-News Source (Business Insider)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nokia developer Forum Hacked By pr0twctor & Later Nokia Decided To Shut Down Their Developer Forum Temporally

Posted by Avik Sarkar On 8/29/2011 05:46:00 pm


Nokia developer site  hacked and defaced by pr0twctor AKA mrNRG. After this phenomena Nokia decided to shut down their  developer forum temporally. 
Developers of apps for Nokia phones have been warned that their personal information may have been stolen by hackers, after a security breach on the official developer.nokia.com/community discussion forum.
The first warning that many Nokia developers would have had that something was amiss would have been when they visited the forum and instead of the usual chit-chat about technical issues, been taken to a third-party webpage containing an image of Homer Simpson

The web-page contained a message seemingly from those responsible for the hack:-
Owned by pr0tect0r AKA mrNRG
LOL. Worlds number 1 mobile company but not spending a dime for server security! FFS patch you security holes otherwise you will be just another antisec victim. No Dumping, No Leaking!
According to the Finnish telecoms giant, hackers exploited a SQL injection vulnerability in the forum software used on the Nokia Developers site to access databases containing members' email addresses and (in some cases) birth dates, and usernames for AIM, ICQ, MSN, Skype or Yahoo.
Passwords and credit card information is not believed to have been exposed - which is a relief for affected members and must be causing a sigh of relief inside Nokia.


-News Source (Naked Security)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Genesis Faith Ministries International Hacked & Defaced By ZHC

Posted by Avik Sarkar On 8/29/2011 04:00:00 pm


Genesis Faith Ministries International (Entity organized in the state of Washington) Hacked and Defaced By ZHC Unknown To Deliver The Mesage to Higher Authorities of US


Hacked Site:-
http://genesisfaithministries.org/

Mirror Link:-
http://www.zone-h.com/mirror/id/14819296

Message Of ZHC:-

"- Wake up American's! The Palestinians; Pakistani's; Muslims in general are not your enemy! Your enemy walks in the corridors of your administration.
-You ban the niqab, You kill innocent muslims in palestine, You torture innocent muslims in guantanamo bay, You rape & torture muslim women(aafia siddiqui), yet we are the terrorists.
-Stop killing innocent muslims, we are humans too, islam is a religion of peace, Stop demonising Islam."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Snort 2.9.1

Posted by Avik Sarkar On 8/29/2011 04:00:00 pm


Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.



Official Release Note of Snort 2.9.1:-
  • Protocol aware reassembly support for HTTP and DCE/RPC preprocessors. Updates to Stream5 allowing Snort to more intelligently inspect HTTP and DCE/RPC requests and responses. See README.stream5 subsection related to Protocol Aware Flushing (PAF).
  • SIP preprocessor to identify SIP call channels and provide rule access via new rule option keywords. Also includes new preprocessor rules for anomalies in the SIP communications. See the Snort Manual and README.sip for details.
  • POP3 & IMAP preprocessors to decode email attachments in Base64, Quoted Printable, and uuencode formats, and updates to SMTP preprocessor for decoding email attachments encoded as Quoted Printable and uuencode formats. See the Snort Manual, README.pop, README.imap, and README.SMTP for details.
  • Support for reading large pcap files.
  • Logging of HTTP URL (host and filename), SMTP attachment filenames and email recipients to unified2 when Snort generates events on related traffic.
  • IP Reputation preprocessor, allowing Snort to blacklist or whitelist packets based on their IP addresses. This preprocessor is still in an experimental state, so please report any issues to the Snort team. See README.reputation for more information.
To download Snort Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

24 Websites Hacked By Cool Boy Haxor

Posted by Avik Sarkar On 8/29/2011 04:00:00 pm


24 websites hacked by Cool Boy Haxor

Hacked Sites:-

http://www.sledfilm.com/
http://kobraki.com/
http://bendwx.com/
http://centraloregonopen.com/
http://chelseahansen.com/
http://nateblaylock.com/
http://nwxlist.com/
http://oregonh2o.com/
http://ryanhansen.com/
http://snogofers.com/
http://ymirace.com/
http://www.insanemustangs.com/
http://www.chicagolandmustang.com/
http://abogadaokc.com/
http://duiokc.com/
http://okcabogado.com/
http://familyokc.com/
http://employmentokc.com/
http://abogadookc.com/
http://immigrationokc.com/
http://okcabogada.com/
http://mazaherilegal.com/
http://mazaherilawfirm.com/
http://www.avychallenge.com/


Mirror Links:-

http://www.zone-h.com/mirror/id/14817139
http://www.zone-h.com/mirror/id/14817140
http://www.zone-h.com/mirror/id/14817141
http://www.zone-h.com/mirror/id/14817142
http://www.zone-h.com/mirror/id/14817143
http://www.zone-h.com/mirror/id/14817144
http://www.zone-h.com/mirror/id/14817145
http://www.zone-h.com/mirror/id/14817146
http://www.zone-h.com/mirror/id/14817147
http://www.zone-h.com/mirror/id/14817148
http://www.zone-h.com/mirror/id/14817149
http://www.zone-h.org/mirror/id/14817089
http://www.zone-h.com/mirror/id/14816951
http://www.zone-h.com/mirror/id/14816545
http://www.zone-h.com/mirror/id/14816546
http://www.zone-h.com/mirror/id/14816547
http://www.zone-h.com/mirror/id/14816548
http://www.zone-h.com/mirror/id/14816549
http://www.zone-h.com/mirror/id/14816550
http://www.zone-h.com/mirror/id/14816544
http://www.zone-h.com/mirror/id/14816551
http://www.zone-h.com/mirror/id/14816552
http://www.zone-h.com/mirror/id/14816552

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Darjeeling Police Department Hacked By w3bd3f4c3r & n3lla!s@mur4! (Team T!g3R)

Posted by Avik Sarkar On 8/29/2011 04:00:00 pm


Team T!g3R strikes again. This time the victim is Darjeeling Police Department. w3bd3f4c3r and n3lla!s@mur4! (2 members of Team T!g3R) hacked into the DB of the site.

Website:-
http://www.darjeelingpolice.org/

Defacement Link Where The Hackers Put Their Name on the Police officer List:-
http://www.darjeelingpolice.org/list_officer.php

Here are some Proofs Submitted By the Hackers:-


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search