Hotmail.com compromised, mail servers of hotmail has been hacked by
Th3 Dir3ctorY & ThEta.Nu of Kosova Hacker's Security. This phenomena happens on the last night and still hotmail is down.
Hotmail.com Compromised, Mail Servers Hacked by Th3 Dir3ctorY & ThEta.Nu
17 Websites Hacked By Cool boy HaXoR
17 Websites hacked and defaced by Cool boy HaXoR of Paknet Mafia.
Hacked Sites:-
http://captainscabinrestaurant.com/
http://destinyfamilyoffaith.com/
http://diglinkengineering.com/
http://reachingbeyondtheclouds.com/
http://africaradios.co.uk/radio/
http://beijingbob.com/
http://www.collkensafari.com/
http://www.cobbfaithpartnership.org/
http://www.chiclaminas.com.mx/
http://cinnamoncreekoutfitters.com/
http://logoslogic.org/
http://www.protasco.com.my/
http://www.hotelvicepresident.com/
http://alrosegroupofcompanies.com/
http://houstonphenoms.com/joomla/
www.burnsforprosecutor.com
www.jameswburns.net
Mirror Links:-
http://www.zone-h.com/mirror/id/14872318
http://www.zone-h.com/mirror/id/14872317
http://www.zone-h.com/mirror/id/14872316
http://www.zone-h.com/mirror/id/14855090
http://www.zone-h.com/mirror/id/14850734
http://www.zone-h.com/mirror/id/14854331
http://www.zone-h.com/mirror/id/14854219
http://www.zone-h.com/mirror/id/14854180
http://www.zone-h.org/mirror/id/14847977
http://www.zone-h.com/mirror/id/14823822
http://www.zone-h.com/mirror/id/14877136
http://www.zone-h.com/mirror/id/14877920
http://www.zone-h.com/mirror/id/14877164
http://www.zone-h.com/mirror/id/14877904
http://www.zone-h.com/mirror/id/14877903
4 Anonymous & Lulzsce Member (Gibson, Rhodes, Christopher & A 17 Years Old Student)Released on Bail
The four men of Anon and Lulzsec– Peter David Gibson, 22, Ashley Rhodes, 26, Christopher Weatherhead, 20, and a 17-year-old student – were released on bail after the hearing at Westminster magistrates court on Wednesday morning. The group's bail conditions mean they are prohibited from using specific online nicknames on sites including Facebook and Twitter.
Gibson, from Hartlepool, is banned from using the name "Peter" on the internet. Weatherhead, from Northampton, is prohibited from using "Nerdo"; Rhodes, from Kennington, south London, cannot use "NikonElite", and the 17-year-old, from Chester, is also banned from using his online nickname. The four men are also banned using so-called "internet relay chat", the online forums where Anonymous members are alleged to have coordinated many of the attacks.
The four men are separately charged with conspiracy to carry out an unauthorised act in relation to a computer. They were arrested earlier this year by police investigating online attacks by the well known hacking groups Anonymous and LulzSec.
Rhodes, the oldest of the group who was arrested in September, appeared in court dressed in a grey waistcoat over a black shirt, with short dark hair.
Weatherhead, who was also arrested in September, wore a blue shirt under a short black jacket. Gibson has been on police bail since his arrest in April. He wore a smart grey suit, with a white open-necked shirt.
They will appear at Southwark crown court on 18 November for a plea and case management hearing.
Two other men, aged 24 and 20, have been released on bail following their arrest last week as part of the Metropolitan police investigation into Anonymous and LulzSec.
Gibson, from Hartlepool, is banned from using the name "Peter" on the internet. Weatherhead, from Northampton, is prohibited from using "Nerdo"; Rhodes, from Kennington, south London, cannot use "NikonElite", and the 17-year-old, from Chester, is also banned from using his online nickname. The four men are also banned using so-called "internet relay chat", the online forums where Anonymous members are alleged to have coordinated many of the attacks.
The four men are separately charged with conspiracy to carry out an unauthorised act in relation to a computer. They were arrested earlier this year by police investigating online attacks by the well known hacking groups Anonymous and LulzSec.
Rhodes, the oldest of the group who was arrested in September, appeared in court dressed in a grey waistcoat over a black shirt, with short dark hair.
Weatherhead, who was also arrested in September, wore a blue shirt under a short black jacket. Gibson has been on police bail since his arrest in April. He wore a smart grey suit, with a white open-necked shirt.
They will appear at Southwark crown court on 18 November for a plea and case management hearing.
Two other men, aged 24 and 20, have been released on bail following their arrest last week as part of the Metropolitan police investigation into Anonymous and LulzSec.
-News Source (Guardian & BGR)
Vulnerability Found by T​eam OpenFire on The Official Website of Ministry of Planning (Bangladesh Govt.)
Non persistent XSS vulnerability found by T​eam OpenFire. -Coded32 on the
official website of Bangladesh Planning Commission (Ministry of Planning Bangladesh Govt.)
Brief About Bangladesh Planning Commission:-
The Bangladesh Planning Commission had its roots in pre-independence Bangladesh. In the mid 1950s a Provincial Planning Board was established under the United Front Government of the then East Pakistan (present Bangladesh). It was an important agency for formulating investment programmes and for negotiating with the Central Government of Pakistan for an adequate share of the financial resources for the development of East Pakistan. The Planning Board undertook the task of appraising and evaluating East Pakistan development projects of a certain size. Later the Bangladesh Government in exile during the war of independent in 1971 established a Planning Cell, which was an embryonic start of the present Planning Commission. The Planning Cell established during the war of liberation was mainly concerned with formulating a programme of reconstruction and rehabilitation of the economy of post-independence Bangladesh.
Vulnerable Website:-
http://plancomm.gov.bd/
Vulnerable Link:-
http://plancomm.gov.bd/signin.asp?msg=%22Hacked+by+Coded32%3E%3Cscript%3Ealert%28%22Hacked+by+T%E2%80%8Beam+OpenFire.+-Coded32%22%29%3C%2Fscript%3E
HACKACTIVITY The Largest Hacker Conference on Central & Easter Europe
Another large Security conference and hackers meet is about to begin. The conferance named HACK-ACTIVITY which will be the largest Hacker Conference on Central & Easter Europe will took place on September 17 & 18th of 2011 in Millenairs /Hungary & Budapest. There will more than 50 speakers around the whole spectrum who will conduct the event, Hacktivity is also a part of Global Cyberlympics.
Brief About Hacktivity:-
The story of Hacktivity started in 2003 when a group of security experts were looking for a forum to meet and exchange experience. Since then each year the number of participants has doubled at the oldest independent Hungarian event.
Since 2010 Hacktivity has been a fully international event with all programmes held bilingually. In 2010 1,000 participants including official and alternative information security experts, students and teachers from universities and colleges offering IT degrees, professional organizations from the countries of three continents (Czech Republic, Slovakia, Poland, Romania, Serbia, France, Germany, Portugal, Korea, USA, Hungary) attended the two-day event. The conference received never-before-seen media coverage with television crews ranging from the state television of the People’s Republic of China through French television channel AFP to Al-Jazeera and almost a dozen other channels shooting on the conference location.
At the 4,000 sqm conference venue live demo presentations are held in 2 sections along with workshops, book presentations and games (Capture the Flag, Hack the Vendor, Wargame) to make the programme diverse. The professional day is completely free of marketing content. Candidates must apply to be among the speakers selected by the programme committee on the basis of professionalism, experience and leading knowledge. Our sponsors (whose number is continually on the rise) are present at the event in a unique way through stands, games and special entertainment programmes.
Since 2010 Hacktivity has been a fully international event with all programmes held bilingually. In 2010 1,000 participants including official and alternative information security experts, students and teachers from universities and colleges offering IT degrees, professional organizations from the countries of three continents (Czech Republic, Slovakia, Poland, Romania, Serbia, France, Germany, Portugal, Korea, USA, Hungary) attended the two-day event. The conference received never-before-seen media coverage with television crews ranging from the state television of the People’s Republic of China through French television channel AFP to Al-Jazeera and almost a dozen other channels shooting on the conference location.
At the 4,000 sqm conference venue live demo presentations are held in 2 sections along with workshops, book presentations and games (Capture the Flag, Hack the Vendor, Wargame) to make the programme diverse. The professional day is completely free of marketing content. Candidates must apply to be among the speakers selected by the programme committee on the basis of professionalism, experience and leading knowledge. Our sponsors (whose number is continually on the rise) are present at the event in a unique way through stands, games and special entertainment programmes.
To know more about the event click Here
DigiNotar Certificate Venerability Patched on Firefox 6.0.2
Firefox 6.0.2 has just come out, adding more protection to that provided by Firefox 6.0.1, which was necessitated by the mess caused by disgraced Dutch web security company DigiNotar.
Firefox 6.0.1 fixed Mozilla Foundation Security Advisory 2011-34, which simply pulled everything to do with DigiNotar from its list of trusted certificates. Loosely speaking, any certificate signed by DigitNotar, or any certificate signed by someone with a certificate signed by DigiNotar, and soad infinitum, was blown out of the water.Any website with a certificate bought through DigiNotar therefore become untrusted at once. As Mozilla quite bluntly explained in the 6.0.1 update, "sites using certificates issued by DigiNotar will need to seek another certificate vendor." And that's how it should be. A Certificate Authority isn't supposed to make mistakes of this sort - not at all, let alone to this extent.
However, Firefox 6.0.1 exempted from its blockade any certificates signed by the Dutch State itself using its STAAT DER NEDERLANDEN ROOT CA signing certificate. Although tainted by association with DigiNotar, the Dutch public service was apparently convinced that none of the certificates it had issued were affected by any signing irregularities at DigiNotar.
It turned out that the Dutch authorities had not one, but two, Certificate Authorities of its own, and its second root certificate - imaginatively named STAAT DER NEDELANDEN ROOT CA - G2 was not exempted in Firefox 6.0.1. This was reported as a bug, and Mozilla set about adding an additional exemption for certificates signed by this CA. This would have reduced the impact of the Firefox certificate blockade on the web services provided by the Dutch authorities.
In the interim, however, the Dutch government abandoned trust in any of its own certificates, so the Firefox bugfix changed from "exempt the government CA we left out last time" to "remove the exemption for the government CA we exempted last time."
Let's see whether this fiasco causes the Dutch authorities to reconsider modern public service buzzwords such as "cloud" and "outsourcing"!This sort of step - vigorously disowning everything tainted by DigiNotar - is aggressive but, in my opinion, necessary. Getting into a certification relationship with company X is like buying shares in company X. If the price goes down, all shareholders lose out simultaneously. If the company goes down, you go down with it.
Brief About DigiNotar :-
DigiNotar is the former Certificate Authority - or so-called "authority" - which managed to issue more than 500 bogus digital certificates in the name of major web properties such as Facebook, Twitter, Microsoft and Google; in the name of intelligence agencies such as the Mossad and the CIA; and even, it seems, in the name of other certifying authorities.To Download Firefox 6.0.2 Click Here
-News Source (Naked Security & Mozilla)
Obama Administration Is Implementing Tighter Penalties For Cybercrimes
The Obama administration is seeking tougher sentences for people who are found guilty of hacking or other digital offenses, two officials said Wednesday.
Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge Pablo Martinez said the maximum sentences for cyber crimes have failed to keep pace with the severity of the threats.
Martinez said hackers are often members of sophisticated criminal networks.
"Secret Service investigations have shown that complex and sophisticated electronic crimes are rarely perpetrated by a lone individual," Martinez said.
"Online criminals organize in networks, often with defined roles for participants, in order to manage and perpetuate ongoing criminal enterprises dedicated to stealing commercial data and selling it for profit," he said.
Baker and Martinez appeared before the Senate Judiciary Committee to discuss the portion of the White House's cybersecurity legislative proposal that calls for stiffer penalties for cyber crimes as part of an update to the Computer Fraud and Abuse Act (CFAA).
The administration argues the Racketeering Influenced and Corrupt Organizations Act should be updated to make CFAA offenses subject to its terms. That law is used to prosecute organized crime.
Baker said hacking has increasingly become a tool of choice for crimes like identity theft, extortion and corporate espionage.
"As computer technology has evolved, it has become a key tool of organized crime," Baker said. "Many of these criminal organizations are similarly tied to traditional Asian and Eastern European organized crime organizations."
The administration's proposal also calls for a national data breach standard to replace the current patchwork of state laws. Sen. Al Franken (D-Minn.) expressed concern that the proposed 60-day window for companies to notify customers their data has been breached would be too long, but Baker said the administration is willing to work with Congress on the issue. Sen. Richard Blumenthal (D-Conn.) shifted the conversation to the portion of the White House plan dealing with protecting critical private sector networks from outside attacks.
Baker said the White House plan does not include any criminal or civil provisions for forcing companies to comply with Department of Homeland Security cyber security standards. "The idea was to create a lighter touch ... to build incentives into the system," Baker said.
Experts have warned that without some sort of enforcement mechanism companies will not take the necessary security precautions. Blumenthal echoed that stance, suggesting the administration "consider some kind of stick as well as a carrot." Industry has argued that resources are the main limitation and argued for incentives such as liability protection for firms that experience attacks.
But Baker expressed agreement with Blumenthal and said the current range of incentives built into the system, such as the loss of investor trust, stock market value and privileged corporate data has not been enough to convince companies to take adequate security measures.
-News Source (The HILL, CCFA, HLS)
