Self Propagated LulzSec Leader 'Aush0k' Arrested By Australian Federal Police

Self Propagated LulzSec Leader 'Aush0k' Arrested in Sydney By Australian Federal Police (AFP)

Many of us knew Hector Xavier Monsegur widely known as 'Sabu' as the leader of infamous international hacker group LulzSec and Antisec. But this idea will surely be changed when you will hear the histrionic story, which came to light when a 24 old Australian proclaimed himself as the leader of notorious hacker collective group Lulz Security also known as LulzSec. The man, known online as Aush0k, is a senior Australian IT professional who works for the local arm of an international IT company. Police say he was in a "position of trust" within the company and had access to information on government clients which Aush0k manipulated and misused. According to Australian Federal Police a special investigation began less than two weeks ago when investigators found a government website had been compromised. The man has been charged with two counts of unauthorized modification of data to cause impairment and one count of unauthorized access to a restricted computer system. He faces a maximum of 12 years in jail. AFP Commander Glen McEwen says the man posted in online forums frequented by other members of LulzSec that he was the group's leader. "There was no denials of his claims of being the leader," added McEwen. The man was charged and appeared in court on the very day of his arrest. And he will face Woy Woy Local Court again on May 15. 

While talking about this dramatic story of proclaimed LulzSec leader Aush0k, we would love to remind you the decent history when the leader of Anonymous affiliated LulzSec "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers. As soon as the FBI gathered all the sensational information from Sabu, immediately we have seen the arrest of almost all the key members of LulzSec including Ryan Cleary, Jake Davis, Jeremy Hammond, Raynaldo Rivera, Cody Kretsinger and so on. And today we have seen the arrest of another LulzSec leader and key man, and this arrest is the first one done by the AFP. Earlier the arrest of Sabu proved very handy for the law and enforcement, may be this time also Aush0k's arrest can show them few more directions and can open few closed doors of investigation. So till time wait and stay tuned with VOGH for the updates on this story, also all the other cyber updates. 

-Source (ABC News)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Self Propagated LulzSec Leader 'Aush0k' Arrested By Australian Federal Police"https://www.voiceofgreyhat.com/2013/05/LulzSec-Leader-Aush0k-Arrested-By-AFP.html</a>

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

The rising amount of cyber crime has already put the world of security under a serious threat. Since last five years we have seen many devastating cyber attack which have broken almost every security measure. In short, today the entire cyber space is posing a serious risk. To get rid of this situation many developed countries have already started taking required counter measure. Cyber awareness program, campaigns are going in almost every part of the world. Such steps and countermeasures were mainly limited to government and corporate, but now as we are sitting at the edge of cyber threat, so the security system should be more enhanced. While looking at the current status OXFORD University have came forward, and they are going to open a cyber hub to tackle these ongoing cyber challenges. Acceding to the official website of Oxford Mail - OXFORD University will get £1 million of investment in the next two years to fund a center to tackle cyber crime. Funding for the Government’s Global Center for Cyber Security Capacity Building has been announced by Foreign Secretary William Hague, who pledged £500,000 a year for at least the next two years. It will be based at the home of the Oxford Martin School, with the aim of combating activists and terrorists who are posing a growing threat to our national security and economy.

The school’s director, Ian Goldin, Oxford University Professor of Globalisation and Development, said: “The whole purpose is to address critical challenges of the future. The international scale of the challenge requires new research and connections with the business world, which is part of the school’s mandate.” The centre will be based at the Old Indian Institute, a former university library building, on the corner of Broad Street and Catte Street, which is currently being refurbished. Prof Goldin, whose new book Divided Nations explores the risks brought about by rapid globalization and technological leaps like the internet, said keeping up with criminals will be far from easy. He said: “We are in a race, or struggle, between people who want to keep systems safe and secure and those who – for whatever reasons that may be commercial, nationalist or anarchical – want to undermine the system. That won’t end. 

According to some legitimate sources it has been confirmed that the new center will be a beacon of expertise and put the UK at the forefront of cyber policy development. It will operate from Broad Street from September. The two-year funding will help pay for an additional 12 specialists. Sadie Creese will head the new center as professor of cyber security.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime"https://www.voiceofgreyhat.com/2013/05/OxfordUniversity-Will-Get-1M-to-Tackle-Cybercrime.html</a>

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked By Syrian Electronic Army [#twithackery]

Yet again CBS one of the major commercial broadcasting television network of United States faced cyber attack. First it was hacker collective Anonymous who targeted CBS and managed to hack the TV network of CBS in January last year. The attack was done under the banner of Operation Megaupload. And now CBS have fallen victim of what it called twithackery, where hacker managed to gain temporary access of popular twitter accounts and broadcast fake tweets. This Sunday such twithackery targeted and compromised several twitter account of CBS. Infamous hacker community going by the name of Syrian Electronic Army claimed to have hijacked the twitter accounts of CBS, the list of the hijacked accounts include "60 Minutes" and "48 Hours" which is maintained by CBS news program. Later it has been reported that another twitter account @CBSDenver has also been hacked, during this ongoing cyber attack. CBS acknowledged the whole phenomena and later a CBS spokeswoman confirmed that the accounts had been compromised. "PLEASE NOTE: Our Twitter account was compromised earlier today. We are working with Twitter to resolve." - said the CBS spokesman. Another message from CBS said, "A message that was posted earlier to this account was not written or sent by @60Minutes or its staff."

Here is the list of those fake tweets came from the hijacked accounts of CBS:- 

From @60Minutes account we got the following message -

• "The US government is hiding the real culprit of the Boston bombing"
• "The US government is sponsoring a coup in Venezuela and a terrorist war in Syria"
• "Your duty is to protect your nation from the parasites that have taken your government"
• "Obama wants to destroy the Syrian and American people. We must stop this beast" 

Other messages claimed: "Syrian Electronic Army Was Here via @SyrianCyberArmy" and suggested the action was in response to the suspension of the @Official_SEA account. Tweets sent out on the @48Hours account reportedly included: "General Dempsey calls for #Obama's arrest under new anti-terror laws #48hours" As soon as the issue get spotted, CBS regain those hijacked accounts and immediately deleted those rouge messages. Later the two accounts @60Minutes and @48Hours has been suspended. 

While talking about twitter hacking, widely known as #twithackery; we would like to remind you the following names, WWE champion John Cena, Star Rita Ora, Justin Bieber, Teyana Taylor,American pop singer Kesha, NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik, Mahesh Bhatt, Huffington Post; these are the famous names who have fallen victim to twithackery before CBS. 

-Source (BBC & Reuters)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked"https://www.voiceofgreyhat.com/2013/04/CBS-News-Twitter-Hacked.html</a>

Controversial Cyber Security Bill CISPA Passed Again By The US House

Controversial Cyber Security Bill CISPA Passed Again By The US House

Couple of months ago we reported that the White House is planning for an executive cyber security order, from some official sources it has also come to know that the U.S. President Mr. Barack Obama has a special plan to re-introduce the Cyber Intelligence Sharing and Protection Act (CISPA). Today that deceleration get executed as the US House of Representatives has passed the controversial Cyber Information Sharing and Protection Act. This is the second time when CISPA have been passed by the White House, first it was rejected by the Senator while saying that the bill did not do enough to protect privacy. But yet again with the initiative of Obama and a substantial majority of politicians in the House backed the bill. Though there is a huge chance of getting rejected. According to some relevant sources it has been came to light that, this time also CISPA could fail again in the Senate after threats from President Obama to veto it over privacy concerns. Sources are saying that the main reason of re-introducing CISPA is the the President Barack Obama expressed concerns that it could pose a privacy risk. The White House wants amendments so more is done to ensure the minimum amount of data is handed over in investigations.  The law is passing through the US legislative system as American federal agencies warn that malicious hackers, motivated by money or acting on behalf of foreign governments, such as China, are one of the biggest threats facing the nation.  "If you want to take a shot across China's bow, this is the answer," said Mike Rogers, the Republican politician who co-wrote CISPA and chairs the House Intelligence Committee. 

On the other hand CISPA has also secured the backing of several technology firms, including the CTIA wireless industry group, as well as the TechNet computer industry lobby group, which has Google, Apple and Yahoo as members. By contrast, some other big names like Mozilla, Reddit has been vocal in its opposition to the bill. In the beginning the social networking giant Facebook supported CISPA but later they took back its support. The American Civil Liberties Union has also opposed CISPA, saying the bill was "fatally flawed". The Electronic Frontier Foundation (EFF), Reporters Without Borders and the American Library Association have all voiced similar worries.

-Source (BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Controversial Cyber Security Bill CISPA Passed Again By The US House"https://www.voiceofgreyhat.com/2013/04/Controversial-Cyber-Security-Bill-CISPA-Passed-Again.html</a>

LulzSec Hacker Cody Kretsinger Sentenced 1 Year Imprisonment For Sony Breach

LulzSec Hacker Cody Kretsinger Sentenced 1 Year Imprisonment For Security Breach of Sony Pictures Entertainment  

Infamous LulzSec hacker Cody Kretsinger who pleaded guilty last year in front of Federal Court of California for taking part in an extensive computer breach of Sony Pictures Entertainment server has faced judgement. 25 year aged Kretsinger who is also known as "Recursion" was one of the key member of Lulz Security, widely known to us as LulzSec, an offshoot of the international hacking group Anonymous. According to federal prosecutors, Cody Kretsinger has been sentenced to one year in prison in  Los Angeles. This court rule has been followed by home detention. Kretsinger, was also been ordered by a U.S. district judge in Los Angeles to perform 1,000 hours of community service after his release from prison, said Thom Mrozek, spokesman for the U.S. Attorney's Office in Los Angeles. Although prosecutors refused to say whether the hacker was co-operating with authorities in return for a softer sentence. 

During last year's plea hearing, Kretsinger told a federal judge that he gained access to the Sony Pictures website and gave the information he found there to other members of LulzSec, who posted it on the group's website and Twitter. "I joined LulzSec, your honor, at which point we gained access to the Sony Pictures website," said Kretsinger in the federal court. Prosecutors said Kretsinger and other LulzSec hackers, including those known as "Sabu" and "Topiary," stole the personal information of thousands of people after launching an "SQL injection" attack on the website; ultimately caused the unit of Sony Corp more than $600,000 in finical damage, along with that the attack caused bad impact and loss of faith for Sony Corporation and it's customers across the globe. 

While talking about this story, we would like to recap the decent history - where the arrest followed by guilty pleading of all the key members of LulzSec including  Ryan Cleary, Jake Davis, Jeremy Hammond, Raynaldo Rivera & Cody Kretsinger came a month after court documents revealed that Anonymous leader "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers.

-Source (Reuters & Yahoo) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">LulzSec Hacker Cody Kretsinger Sentenced 1 Year Imprisonment For Sony Breach"https://www.voiceofgreyhat.com/2013/04/Cody-Kretsinger-Get-1-Year-Imprisonment-For-Sony-Breach.html</a>

VOGH Exclusive: Xbox Live Outage Caused For Networking Misconfiguration, Not Hacker Attack

Microsoft Said Xbox Live Outage Caused For Networking Misconfiguration During Routine Maintenance, Not Hacker Attack 

Xbox Live -one of the world's most popular and usually very reliable gaming network which rarely has unexpected outages, nor does Microsoft ever take it down for any extended period of time. But accident occurs, and it happened in last Sunday. The software giant and the developer of Xbox - Microsoft has reported a significant Xbox Live outage, rendering the service unavailable since earlier last 13th afternoon, smack in the middle of the peak weekend usage period. The outage is preventing users from signing in to Xbox Live, blocking access to the online services normally available through the console. While acknowledging the issue, on their official Xbox Live Status page Microsoft said “There is still an issue members are having signing in to Xbox LIVE, we greatly appreciate you sticking it out with us while we work as hard as we can to get this problem fixed. Keep checking back here every 30 minutes for another update on our progress.” This update came from Microsoft at 3:30 Pacific time on 13th of April. As soon as this story get spotted, several hikes rises. Among this buzz, it was a few unnamed hacker who took credit of the Xbox outage, while declaring that a cyber attack. Another buzz which just got spread so quickly, was that the outage of Xbox Live network has been caused by hacker collective Anonymous.  Here we must have to say that those buzz have some solid reasons as couple of months ago Windows Azure faced an organized cyber attack which effected the service of Azure storage, Xbox Live and 52 other. And that outage or in other word service interruption stays for 12 long hours. But unlike earlier, this time the issue get resolved immediately. Within one hour all the service get restored and came back to its normal order. On the same Xbox Live Status page Microsoft said “If you were one of the members who was having issues signing in to Xbox LIVE, good news! This issue has been fixed! Thank you so much for your patience during this time, feel free to go enjoy your favorite games and content!”

So far we have discussed about the story of the outage and it's restoration. Now we will talk about the cause of this interruption. As I have said earlier that the rumor of hacker's attack was there which was claiming responsibility of the Xbox Live outage. But in reality it was not due to cyber attack but some internal network problems. In their official respond of the situation and those buzz Microsoft completely dines all those rumors and said  "The Xbox Live service outage on 13 April resulted from networking misconfiguration during routine maintenance and was in no way related to false claims of hacking the service." 

While talking about Xbox outage, we would like to remind you that - another world famous gaming console 'PlayStation' had fallen victim to cyber attacks. It was Anonymous who hit Sony PSN and caused massive outage, data leak and many other devastating damages. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">VOGH Exclusive: Xbox Live Outage Caused For Networking Misconfiguration, Not Hacker Attack "https://www.voiceofgreyhat.com/2013/04/Xbox-Live-Outage-Exclusive-Report.html</a>

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update Advisory

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update (CPU) Advisory

The Oracle Corporation has released what it called a critical patch update for its Web-based Java programming language. Java SE software that fixes at least 42 security flaws in the widely-installed program and associated browser plugin. The Java update also introduces new features designed to alert users about the security risks of running certain Java content. The April patch, which targets 42 vulnerabilities, 19 of which have a severity rating of 10 (highest possible threat level) includes a majority of vulnerabilities that are currently being exploited. Among those 42 new security fixes across Java SE products of which 2 are applicable to server deployments of Java.  According to Oracle, “39 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.” Along with the fixes, Oracle changed the default setting of Java SE. Java applets will no longer run in a Web browser unless they have been digitally signed until a warning prompt is acknowledged. It has also extended how users will be alerted of other Java-related security issues. According to renowned security expert and blogger Brian Krebs - Java 7 Update 21 also introduces some new security warnings and message prompts for users who keep the program plugged into a Web browser (on installation and updating, Java adds itself as an active browser plugin). Oracle said the messages that will be presented depend upon different risk factors, such as using old versions of Java or running applet code that is not signed from a trusted Certificate Authority. Apps that present a lower risk display a simple informational message. This includes an option to prevent showing similar messages for apps from the same publisher in the future. Java applications considered to be higher risk — such as those that use an untrusted or expired certificate — will be accompanied by a prompt with a yellow exclamation point in a yellow warning triangle.

Affected Product Releases and Versions:-

Java SE	Patch Availability
JDK and JRE 7 Update 17 and earlier	Java SE
JDK and JRE 6 Update 43 and earlier	Java SE
JDK and JRE 5.0 Update 41 and earlier	Java SE
JavaFX 2.2.7 and earlier	JavaFX

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. As Java has been run by millions of devices and users across the globe, so we urge all of our readers to install and apply the security fixes to avoid any kind of threats. Note that - Oracle said that this week's security updates don't take care of all known flaws, they do address all known vulnerabilities currently being exploited in the wild. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update Advisory"https://www.voiceofgreyhat.com/2013/04/42-Java-Holes-Fixed-By-Oracle-CPU.html</a>