Posted by Avik Sarkar
On 12/31/2011 11:26:00 pm
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/31/2011 03:33:00 pm
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/31/2011 03:33:00 pm
More than 50 sites hacked by
Pak Cyber Combat Squad (PCCS). In the decent past they have hacked many websites among them
Sargam Musics,
bells.ac.in,
NATO & many more. The list of hacked sites & mirror links are available on a
pastebin release.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/30/2011 06:29:00 pm
We all are very much aware of Chinese hackers and their capabilities. All most in every where they have taken their control. We can also say that hackers from China is the most dangerous cyber threat in front of the world. But this time their cyber space get compromised by an unknown attacker. Also the hacker has stolen personal information of 46 Million user of china including their names, email ID, password etc. According to reports, the Chinese Software Developer Network (CSDN) was breached in the incident and its user database has been made available for public download. The database reportedly contains the emails and passwords of all its 46 million registered users. The Chinese Software Developer Network happens to be the most popular website in the country for programmers.
Mr. Wang, Co-founder, Chinalabs.com said
"I think this is a payback for the 'real name registration' system. A similar thing happened in South Korea when hackers leaked account passwords—when real name registration was imposed. Korea ended up scrapping those plans. So I think China may be facing a similar problem. With this real name registration, if authorities cannot guarantee the protection of the data, then the system can’t be implemented."
For now, websites are asking affected users to change their passwords. But analysts like the former president for Yahoo China, Xie Wen, said that won't solve the problem because China’s cyber security is low.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/30/2011 06:29:00 pm
Microsoft published
Security Advisory 2659883 to provide a workaround to help protect
ASP.NET customers from a publicly disclosed vulnerability that affects various Web platforms industry-wide. This vulnerability affects all versions of Microsoft .NET Framework and could allow for an unauthenticated d
enial of service attack on servers that serve ASP.NET pages. Sites that only serve static content or disallow dynamic content types listed in the mitigation factors below are not vulnerable.
The vulnerability exists due to the way that ASP.NET processes values in an ASP.NET form post causing a hash collision. It is possible for an attacker to send a small number of specially crafted posts to an ASP.NET server, causing performance to degrade significantly enough to cause a denial of service condition.
Andrew Storms, director of security operations said: "This isn’t your average DoS attack because it doesn’t take a botnet or a lot of coordination to take a web server down. Most DoS attacks rely on a huge number of small requests targeted at a specific web server to overwhelm it. In this case, a single request can consume a single core for 90 seconds. Queue up a few of these requests every few minutes and the site will be essentially knocked offline."
For More Information About This Vulnerability Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/30/2011 06:15:00 pm
Lynis is an auditing tool for Unix (specialists). It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
Official Change Log:-
- Profile option: ignore_home_dir
- TCP wrappers category added
- Tooling category added
- Initial extensions to support plugins in the future
- Test for unpurged Debian packages [PKGS-7346]
- Test for compiler permissions [HRDN-7222]
- Converted all dates to ISO format and updated copyright lines
- Correct suggestion for file integrity tool [FINT-4350]
- Added hint when RPM list is empty on DPKG based systems [PKGS-7308]
- Changed logging for /etc/security/limits.conf file [KRNL-5820]
- Fixed incorrect warning for single user mode [AUTH-9308]
- Improved output for stratum 16 time servers [TIME-3116]
- Added suggestion and screen output for kernel hardening [KRNL-6000]
- Screen layout optimalizations and log file improvements
- Improved list/layout of scan options
- Improved binary check for compilers
- Added configuration option in scan profile (show_tool_tips, default true)
To Download Lynis Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
Posted by Avik Sarkar
On 12/29/2011 03:45:00 pm
The hacktivist group Anonymous claimed this week that it took down a dozen
Egyptian government websites using distributed denial of service (
DDoS) attacks in retaliation for the government’s treatment of protestors. Egyptian protestors have been demonstrating in Cairo, demanding that the military government that took over after the ouster of President Hosni Mubarak move faster on democratic reforms. The Egyptian military police began a crack down on the protectors last weekend. In response, Anonymous said it launched DDoS attacks against
government websites, including the website of the president’s office and the bureau for tourism. The hacktivist group took responsibility for the attack on at least one Brazilian operations page, saying the attacks are in response to the treatment of protesters in Egypt.
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
