Bangladesh Railway website hacked and defaced by d@RK hUNT3R (Indian Hacker).
Hacked Site:-
http://railway.gov.bd/
Mirror Link:-
http://deface.warez-h.org/attack/?id=38471
The Official Website Of Bangladesh Railway Defaced by d@RK hUNT3R
Bangladesh Railway website hacked and defaced by d@RK hUNT3R (Indian Hacker).
Hacked Site:-
http://railway.gov.bd/
Mirror Link:-
http://deface.warez-h.org/attack/?id=38471
Lulzsec Sabu Exposed 700 User Details of a Child Porn Site
Lulzsec Sabu hacked into a child pornography site and exposed credentials of 700 users. Apparently operating under the semi-defunct LulzSec banner, infamous hacker Sabu appears to have taken over a website forum alleged to to be trading in child porn.Over 7000 account log-in details for the site
http://www.densetsu.com/ were posted up on pastebin.
The Densetsu site itself now simply contains a list of file folders now marked as "owned by Sabu".
Sabu's Twitter feed has be unchracteristically quite of late, possibly because it seems likely he's been 'doxed' as a PR man for Portugal.
The Densetsu site itself now simply contains a list of file folders now marked as "owned by Sabu".
Sabu's Twitter feed has be unchracteristically quite of late, possibly because it seems likely he's been 'doxed' as a PR man for Portugal.
A statement on the pastebin post reads:
"virtual CP is wrong so we decided to take over the http://www.densetsu.com/ forum".
Serious Vulnerabilities Found By Deepanker Verma on Online Shopping Website
Serious Vulnerabilities Found By Deepanker Verma on shopping.indiatimes.com
Vulnerable Website:-
http://shopping.indiatimes.com/
According To the Hacker:-
"IndiaTimes shopping website has some serious XSS vulnerabilities which can lead to cookie stealing of users. And this may cause some serious loss to users. After going through some pages of the website, we (Shadab and me ) have found that the website is vulnerable to XSS injections and malicious scripts can be injected on the website."
Here are some screen shots submitted by the hacker to prove the vulnerability:-
XSS on the login Page
java-script Injection Vulnerability
Vulnerability on the product page
Cookie Stealing Vulnerability
iframe vulnerability
above screen shots are clearly saying that this website is truly vulnerable and has lots of loop holes, one black hat can also inject malicious codes and do marvellous harm
Official Website of Vaccinology Course 2011 India Hacked By ZHC
The India Vaccinology Course 2011's official website is hacked and defaced by ZHC Dropper Gen for Kashmir cause
Hacked Sites:-
http://indvac.org/
http://docs.indvac.org/
Mirror Links:-
http://www.zone-h.com/mirror/id/14823705
http://www.zone-h.com/mirror/id/14823655
Pen Tester is Saying: Mac OS X Lion's LDAP Server Is Vulnerable
New reports have shed light into the shocking ‘fact’ that the iPhone maker Apple Inc.’s latest version of the Mac OS X is plagued by some grave security risks, particularly for businesses which use it to communicate with a particular form of centralised network.
According to the reports, almost anyone who logs in to the Mac OS X 10.7, more popularly known as Lion, get instant access to restricted resources by typing in any random passwords with the help of the massively popular authentication technology LDAP.
LDAP (which stands for Lightweight Directory Access Protocol) servers, in simple words, are basically used for storing repositories of important enterprise data, mostly sensitive. Needless to say, for the same set of reasons, these servers more often than not, attract hackers who simply cannot resist the temptation of the forbidden ‘wealth’ contained by them.
“As pen testers, one of the first things we do is attack the LDAP server,” Rob Graham, CEO of auditing firm Errata Security, said in a statement, The Register reports.
“Once we own an LDAP server we own everything. I can walk up to any laptop (in an organization) and log into it,” he added.
The issue was reported on July 25th, still the OS was released without any resolution resolution for the issue. The previous update i.e. Apple's 10.7.1 update didn't have the fix either.
-News Source (IT Protocol)
3000+ Websites Hacked By Minhal Mehdi & NoTty_rAJ
More than 3000 websites hacked & defaced by Minhal Mehdi & NoTty_rAJ.
To see the hacked sites list click Here
Indian Defence Hacked By PCA
The official Website of Indian defence has been hacked and defaced by Pakistan Cyber Army (PCA). The Database also get dumped by the hackers. According to officials of PCA this attack took place while taking revenge of hacking the defence site of Pakistan. Game on & cyber war is on......
Hacked Site:-
http://www.indiandefence.com/pca.html
Here are some screen shots submitted by PCA:-
