Indonesian President website hacked by MJL007 from Jember Hacker Team

January 10, 2013, 8:34 am

≫ Next: Pakistan army website hacked by Human mind cracker

≪ Previous: Sony France site vulnerable to SQL Injection Vulnerability

The official website of Indonesian president,Susilo Bambang Yudhoyono , presidensby.info, has been hacked and defaced by an Indonesian Hacker group known as Jember Hacker Team(JHT) .

The site was defaced by a hacker called "MJL007" from the group with a small message reading "This is a payback From Jember Hacker Team".

Few hours after the site got breached, the Indonesian Government restored the website. At the time of writing, the website works fine.

Detik cited the Indonesian minister of communications and information, Tifatul Sembiring, as claiming that the hacker didn't really hack into the website diverting the IP address that is in the existing DNS soft layer in Texas.

The mirror of the defacement can be found here:
http://www.zone-h.org/mirror/id/18912807

↧

Pakistan army website hacked by Human mind cracker

January 12, 2013, 9:07 am

≫ Next: Defcon Kerala 2013 - Call for papers

≪ Previous: Indonesian President website hacked by MJL007 from Jember Hacker Team

The Tunisian hacker 'Human Mind Cracker' who discover critical vulnerability in high profile website.Again,this time he hacked into Pakistan Army website and he get into their Database. He discovered SQL Injection vulnerability in their website 'www.pakistanarmy.gov.pk' .

In an email sent to EHN,the hacker provided us the vunerable link as a proof for his hacking.And he also provided a link to the dump (www.heypasteit.com/clip/0N5T).

" The reason of the hack is just to break the security of that website...I was thinking that Pakistan has a good cyber army but lool also they have a lot of vulnerable websites" hacker said in the email.

The dump contains database details, password, email address, admin id and password.

The hacker always try to hack into governments and banks website to improve his skills and want to know if government mind about security in their website.And the hacker said that more governments websites will be hacked by him soon.

↧

Defcon Kerala 2013 - Call for papers

January 13, 2013, 5:41 am

≫ Next: Cyber War : 160 Serbia websites hacked by Anonghost

≪ Previous: Pakistan army website hacked by Human mind cracker

Defcon Kerala (DC0497) is a Defcon USA Registered group for promoting and demonstrating research and development in the field of Information Security. We are a group of Information Security Enthusiasts. Defcon Kerala is a platform for students, professionals, geeks, and nerds to present there technical research papers and show case their skills. Speakers are invited to present papers on various information security related research topics before the delegates and interact them.

Some Topics of Interest:

Disclosure of new Hacking Tools

New Vulnerabilities and Zero Day Exploits

Cyber Forensics

Lock picking & physical security exploitation

Web Application & Network Security

Antivirus/IDS/Firewall/filter evasion techniques

Social Engineering

Metasploit Framework

Web Browser Exploitation

Mobile Application Security and Exploitation

Wireless Security

Denial of Service Attacks

Hardware Hacking/ SCADA Hacking

Honeypots

Fuzzing Techniques

Open Source Security

Cyber Laws, Cyber warfare, Cyber Ethics

Anonymity in Internet

Carding and Black Market Analysis

NOTE: These are just some sample topics. You can send any topics related to Information Security.

Paper Submission Details

Please send your papers to this email

Follow the format given below:

=========================================================

Author Name:

Mobile:

Brief Biography:

Paper Title:

Paper Abstract:

Paper Outline:

Publishing/Disclosing any Tools/Vulnerabilities/Zero Days (YES/NO):

Any Additional Requirements:

=========================================================

NOTE: Paper should be submitted in PDF, DOC, DOCX, or ODF Format. Presentation should not exceed 25mins. If your paper is selected then you will be notified soon and you should register for a Speaker Pass.

Register

Buy your speaker pass for Defcon Kerala 2013 Meet

Please Register only after you get a notification by email that your paper is selected.

Click here => REGISTER

Important Dates

Call For Papers is open: 13th January 2013

Call For Paper submission Deadline: 1st April 2013

Defcon Kerala Meet 2013 Scheduled on: 21st April 2013

↧

Cyber War : 160 Serbia websites hacked by Anonghost

January 14, 2013, 3:18 am

≫ Next: Educational and other websites of india got hacked by Pakistan Hackers

≪ Previous: Defcon Kerala 2013 - Call for papers

The Mauritania hacker group AnonGhost claims that Anonymous Squad No.035 lost their Cyber war Against AnonGhost. The hackers defaced more than 150 Serbia websites.

"Anonymous Squad No.035 F**d bY AnonGhost XD !!!!!! they couldn't deface any website of Mauritania , they tried sql injection loool :v we traced the admin and we f***ed their websites country"

The hackers defaced educational websites including osbrankoradicevic.edu.rs, oskaradjordje.edu.rs,sepsab.edu.rs, vsov-gbr.edu.rs, petartasic.edu.rs and politehnicka.edu.rs

"To Anonymous Squad No. 035
Rememeber this, The Team you want to f**k with is AnonGhost and we just want to tell you one thing Lammer go watch cartoons ! and fuck offff :::Listen to justin bieber kidz it's good for education , hacking is dangerous for you :p iihihihihihihi " The hacker said in the defacement message.

The full list of hacked sites with mirror can be found here:
pastebin.com/rAa9Hp5F

↧

Educational and other websites of india got hacked by Pakistan Hackers

January 15, 2013, 5:15 pm

≫ Next: French Ministry of Defense hacked and database leaked by XTnR3v0LT

≪ Previous: Cyber War : 160 Serbia websites hacked by Anonghost

The Pakistani hacker called as H4$N4!N H4XOR from P4K!$T4N H4XOR$ CR3W has breached few Indian Educational and other websites.

The hacker defaced the affected sites with their group logo. There is no defacement in the Main page, hacker defaced 'contact us' and 'about us' pages.

Some affected Educational websites from Tamil Nadu are Meenakshi Ammal Teacher Training Institute (matti.edu.in/about_us.php), Arulmigu Meenakshi Ammal Public School(amaps.in/contact_us.php), Meenakshi Ammal Matriculation Higher Secondary School(mamhss.edu.in/about-us.php).

The hacker also hacked few other sites andboxes.shsdemo.in, bhardwajindustries.in , joboncall.in and techskills.net.in

At the time of publishing, I am still able to see the defacement page. It seems like the admin is not aware of this security breach.

↧

French Ministry of Defense hacked and database leaked by XTnR3v0LT

January 15, 2013, 5:47 pm

≫ Next: Sharecash vulnerable to Persistent Cross Site Scripting vulnerability

≪ Previous: Educational and other websites of india got hacked by Pakistan Hackers

The official website of French Ministry of Defense has been breached by a hacker named as XTnR3v0LT from XL3gi0n Hackers group.

The hacker leaked the database in pastebin. The hack is part of their operation called "OpLeak".

"opleak is AN operation created by xl3gi0n hackers IN which we leak more THAN 1000 database to show the world that they need more security."

The leak contains database details, login id, encrypted password. The leak includes the administrator id and password.

"to NATO member and all those who support the attack on Mali. we are against this so you must expect us. congratulation you are now on the list of our enemy

France/UAE/UK/US.... expect us ..the message is clear. stop war we stop attack keep fire, we keep hacking" The hacker said in the leak.

http://pastebin.com/YxiRKAR8

↧

Sharecash vulnerable to Persistent Cross Site Scripting vulnerability

January 16, 2013, 6:53 am

≫ Next: Sri Lankan National Security Media Centre hacked and defaced by Game Over

≪ Previous: French Ministry of Defense hacked and database leaked by XTnR3v0LT

Security Researcher, Rafay Baloch, the founder of Rafay Hacking Articles, has discovered a Cross Site scripting (XSS) Vulnerability in ShareCash website(sharecash.org). ShareCash is the highest paying Pay-Per-Download network around.

The vulnerability affects the "Manage Widget" page of ShareCash. The XSS vulnerability found to be stored one.

Stored XSS Vulnerability

Stored XSS is critical one since the script is being stored on the server and is being executed every time user visits the affected page.

In an Email Sent to EHN, Researcher provided the screenshot of the Proof-of-concept. From the POC, I come to know that the "Widget Name" is vulnerable to xss attack. It seems like the developer fails to validate the input.

Rafay claimed that he sent more than 10 emails to share cash to notify them about the vulnerability, but they failed to respond.

↧

Sri Lankan National Security Media Centre hacked and defaced by Game Over

January 16, 2013, 7:40 am

≫ Next: Bangladesh Post Office site hacked by Human Mind Cracker

≪ Previous: Sharecash vulnerable to Persistent Cross Site Scripting vulnerability

A Hacker with twitter handle "@ThisIsGame0ver" has hacked into the official website of Sri Lanka's Media Center for National Security.

The Media Centre for National Security (MCNS) was established for the specific purpose of disseminating all national security and defence-related information and data to the Media and the public from one co-coordinated centre.

The hack was announced in Twitter . As per the mirror of the defacement page, the security breach was occurred on 14th Jan.

The hacker defaced main page(nationalsecurity.lk) as well as uploaded a defacement page in uploads directory

At the time of writing, the defacement page has been removed from the main page, visitors are being presented with a message that says "We are currently performing site maintenance. we'll be back 100% in a bit. "

But We are still able to see the uploaded defacement page here : www.nationalsecurity.lk/MCNS/defence-security/news/plugins/spaw/uploads/index.html

The hacker also leaked the compromised database. The dump contains Sensitive information including admin username, password(plain-text format), MySQL username and password.

It also includes email address, username and plain-text format password of users.

http://218.62.32.76/releases/nationalsecurity.txt

↧

Bangladesh Post Office site hacked by Human Mind Cracker

January 16, 2013, 8:34 am

≫ Next: RED ! - A Hacker Movie about The RedHack hacktivist group

≪ Previous: Sri Lankan National Security Media Centre hacked and defaced by Game Over

A SQL Injection vulnerability has been discovered in official website of Bangladesh Post Office (bangladeshpost.gov.bd). The vulnerability was discovered by the Grey-hat hacker "Human Mind Cracker".

In an email sent to EHN, the hacker provided the vulnerable link and claimed that the site is vulnerable to lot of vulnerabilities.

The hacker breached the site by exploiting the SQL injection vulnerability and compromised the database.

Screenshot of Admin Panel

"I get into their database,and the most funniest thing is that The passwords is not encrypted with any hash, and this so bad for a website related to a government." the hacker said in the email.

The database dump(heypasteit.com/clip/0N9U) contains database details, username, plain-text format password. It also includes the admin username and password.

↧

RED ! - A Hacker Movie about The RedHack hacktivist group

January 17, 2013, 6:56 am

≫ Next: Reflected XSS Vulnerability in Adobe website

≪ Previous: Bangladesh Post Office site hacked by Human Mind Cracker

BSM-Independent Cinema Center has released the first teaser of the film " RED ! " - A Movie based on the RedHack hacktivist collective. The film is getting ready to meet its audience in Independent Cinema Center, on 15 February 2013.

The film “Red!” purporting to discuss its subject widely with the contributions of many experts examines RedHack and its activities that come to forefront in the subject of cyber activism in Turkey in different aspects.

The RedHack group is one of the famous and oldest Hacker group, founded in 1997. The group has been named a terrorist organization after hacking into the systems of several Turkish government agencies.

Despite the fact that authorities arrested some of their alleged members , the group is still going strong.

Earlier this month, the RedHack hackers leaked over 60k documents from Turkey’s Council of Higher Education, exposing numerous instances of corruption in the country’s educational system.

RED! Movie Teaser

↧

Reflected XSS Vulnerability in Adobe website

January 17, 2013, 9:38 am

≫ Next: Anonymous Argentina hackers attack INDEC website in Argentina

≪ Previous: RED ! - A Hacker Movie about The RedHack hacktivist group

A Security Researcher Ankit Bharathan (aka lonely-hacker) has discovered a Non-persistent Cross site scripting vulnerability in Adobe website.

The vulnerability resides in one of the adobe sub domain "dbln-speedtest.adobe.com"

The POC for the vulnerability:

http://dbln-speedtest.adobe.com/index.php?lang="><SCRIPT>alert("E Hacking News")</SCRIPT>

The Researcher claim to have discovered a path disclosure vulnerability in the same link and have 90+ open directory in Adobe.

Ankit notified Adobe about the vulnerability but they failed to respond for his mail.

Vulnerabilities in Adobe

↧

Anonymous Argentina hackers attack INDEC website in Argentina

January 17, 2013, 4:53 pm

≫ Next: Sri Lanka Rupavahini TV and One SriLanka sites hacked by Davy jones

≪ Previous: Reflected XSS Vulnerability in Adobe website

The Anonymous hacker collective from Argentina launched Distributed-denial-of-service(DDOS) attack against the INDEC national statistics website in protests of the recently released official inflation rate numbers.

"indec.gov.ar # TANGODOWN by # Anonymous They lie to the people but the people keeps his word # OUTSERVICE INDEC FRITANDOLO" The Hackers posted in Twitter.(Translated)

“We have left the INDEC out of service and it will remain like this for a while. Is this a joke? People can eat with $5.50 now, when it used to be $6?”, the tweet reads.

"indec.gov.ar controlled by # Anonymous Admins Messrs. happens both in super slow with $ 5.50 to buy # OpArgentina" The tweet reads.

"INDEC cont lying now say their site works xD oops.! Control is by # Anonymous # SinLideres We are the voice of the people we are Legion" The recent tweet from hacker reads.

According to hacker tweets, they have launched ddos attack against few other Government websites including Ministry of Economy and Finance of Argentina(mecon.gov.ar), Ministry of Defence(mindef.gov.ar).

At the time of writing , the INDEC websites is still down.

↧

Sri Lanka Rupavahini TV and One SriLanka sites hacked by Davy jones

January 20, 2013, 4:55 am

≫ Next: Sri Lanka Ports Authority(SLPA) website hacked by Davy Jones

≪ Previous: Anonymous Argentina hackers attack INDEC website in Argentina

One of the Famous Sri Lankan TV Channel Rupavahini's official website (rupavahini.lk) has been hacked by a hacker named as Davy Jones.

In a pastebin post(pastebin.com/4j5bP9Qn), the hacker claimed that he hacked Rupavahini tv channel database server and leaked the database.

The paste contains database details and few credentials stolen from the target server which includes administrator username, email id, and password hash with salt.

The hacker uploaded the dump of the database in mediafire and posted in the same paste. The dump contains the .CSV files that contain the same data posted in the pastebin.

The hacker also claimed to have hacked the website belong to "One SriLanka"(onesrilanka.tv). The hacker as extracted all data with 1000 email ids and passwords and posted in a Paste(pastebin.com/ynLPDxbP)

According to Intruder statement(, most of the passwords match to email login also. So malicious hacker can use those email addresses for sending mails to anyone.

The paste contains a mediafire download link that contains the dump compromised from the One SriLanka tv website. One of the .CSV files has the name, email address, username and hashed passwords.

Few days back, he also hacked into Sri Lanka Bureau of Foreign Employment website(slbfe.lk) and leaked the database(pastebin.com/V9ddGkrD). The leak contains few login credentials including the admin id and password.

↧

Sri Lanka Ports Authority(SLPA) website hacked by Davy Jones

January 21, 2013, 8:29 am

≫ Next: Algerian Bank CPA hacked by Tunisian Hacker

≪ Previous: Sri Lanka Rupavahini TV and One SriLanka sites hacked by Davy jones

A Hacker called himself as Davy Jones hacked into the official website of Sri Lanka Ports Authority (SLPA.lk) and uploaded the defacement page in the site.

Sri Lanka Ports Authority (also abbreviated SLPA) is a government agency responsible for the development and maintenance of all commercial ports in Sri Lanka.

The Defacement page

The main page is not affected by the defacement. The hacker simply uploaded a html file "deface3.html" in the upload folder of Admin(slpa.lk/admin/upload/deface3.html)

The hacker recently breached the two famous Sri Lankan Tv Channel websites namely Rupavahini TV and One SriLanka.

Recently a hacker with online handle "Game over" has defaced Sri Lankan National Security Media Centre website.

↧

Algerian Bank CPA hacked by Tunisian Hacker

January 21, 2013, 4:39 pm

≫ Next: SourceForge vulnerable to XSS injection

≪ Previous: Sri Lanka Ports Authority(SLPA) website hacked by Davy Jones

One of the Algerian Banks , Crédit populaire d'Algérie (CPA) Bank is found to be vulnerable to SQL Injection vulnerability. This critical vulnerability was discovered by a Grey-hat Tunisian Hacker "Human Mind Cracker" who usually targets Bank and Government sites.

In an email sent to EHN, the hacker provided the vulnerable link of the site(cpa-bank.dz).

" I reported to them the vulnerability before I hack into the database,2 days without reply or anything...After that I find that the email that they put it in the website for contact is INVALID mail.So I get into the database." The hacker said.

In a paste(heypasteit.com/clip/0NLX) , hacker dumped the compromised data to prove the severity level of vulnerability. It contains Username , passwords ,Email addresses, Phone number, Fax and Location.

↧

SourceForge vulnerable to XSS injection

January 22, 2013, 7:12 pm

≫ Next: Registration open for OWASP AppSec APAC 2013

≪ Previous: Algerian Bank CPA hacked by Tunisian Hacker

A security researcher WilyXem from spain has discovered Reflected cross site scripting vulnerability in SourceForge(sourceforge.net).

SourceForge is a web-based source code repository. It acts as a centralized location for software developers to control and manage free and open source software development.

The vulnerability exists in the job finding page of sourceforge. The developer fails to validate input coming frin the text box that allows user to search jobs.

This left the text field vulnerable to attack.

The poc code:
sourceforge.net/jobs?age=1&text=1%22%3E%3Cscript%3Ealert%28%22WilyXem%20==%20UnderC0de.org%22%29%3C/script%3E&zip=10003&submit=Search

↧

Registration open for OWASP AppSec APAC 2013

January 23, 2013, 7:59 am

≫ Next: Android malwares distributed via hacked legitimated websites

≪ Previous: SourceForge vulnerable to XSS injection

Registration is open for the OWASP AppSec APAC 2013 conference taking place in South Korea at the Hyatt Regency Jeju.

The event will be composed of 2 days of training (February 19-20), followed by 2 days of conference talks (February 21-22).

The Global AppSec APAC 2013 Conference will be a reunion of Information Security Asia-Pacific leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”.

The Day1(Feb 21) Conference Talks will include "What your CISO has not told you - Outbound security of cloud and enterprise web services", "Abusing, Exploiting and Pwning with Firefox Add-ons", HTML5, The Droid Exploitation Saga, Web Security - New Browser Security Technologies, Dissecting Smart Meters, Hacking Authentication Checks in Web Applications , Open Source Metasploit - The Elixir of Network Security.

The Day2(Feb 22) Conference talks will include "Putting Security within the SDLC via Application Threat Modeling", Securing data with a Data Encryption Infrastructure, Security Challenges of Hybrid Mobile Applications,Design Secure Web Applications, Growing sophistication of DDoS attacks, "Missile of Cyber-terrorism, the reality of APT and Countermeasures", A Call for Drastic Action: A Survey of Web Application Firewalls, PenTesting WebApps with Python, Using the Wisdom of the Crowd to Enhance Application Security.

The conference is also offering following IT Security Training courses:

Advanced Android and iOS Hands-on Exploitation Course (2 day class)
HACKED - The OWASP Top 10 (2 day class)
CISO training: Managing Web & Application Security for Senior Managers (1 day class)
HTML 5 (1 day class)
Approaching Secure Code – Where do I start? (1/2 day Developer class)

Please visit the website for more information on how to register for the event. Register NOW!

↧

Android malwares distributed via hacked legitimated websites

January 23, 2013, 5:22 pm

≫ Next: 3 charged for spreading Gozi virus and steal millions of dollars from banks

≪ Previous: Registration open for OWASP AppSec APAC 2013

Security Researchers from WebRoot has found that cyber criminals compromising the legitimate websites for spreading their malwares. One of the popular Bulgarian websites for branded watches has been compromised and redirects to malicious page.

The malicious page serves the premium rate SMS Android malware when user visits from their android devices.

The same cyber criminals also involved in few other campaigns. In one of the campaign, they lure Russian-speaking users into installing fake Adobe Flash player.

The other campaigns include fake Android browser as a social engineering theme and fake Google Play.

When the malicious app is being executed, the malware collects information such as IMEI, brand, operator, IMSI and sends it back to remote server.

↧

3 charged for spreading Gozi virus and steal millions of dollars from banks

January 23, 2013, 8:23 pm

≫ Next: Srilankan President Mahinda rajapaksha theatre Lotuspond site hacked

≪ Previous: Android malwares distributed via hacked legitimated websites

Three alleged cyber criminals from Russia, Romania and Latvia charged for spreading a computer virus called "Gazi" to more than a million computers worldwide and steal tens of millions of dollars.

Nikita Kuzmin, 25, Deniss Calovskis, 27, and Mihai Ionut Paunescu, 28, are accused of creating "one of the most financially destructive computer viruses in history."

Gozi virus was spread largely via PDF file attached with spam emails. Once user open the attachment, the malware infects the victim system.

The malware steals user names, passwords, and other security information

↧

Srilankan President Mahinda rajapaksha theatre Lotuspond site hacked

January 24, 2013, 7:13 pm

≫ Next: Google, YouTube, Gmail, Intel Turkmenistan Sites Hacked by Iranian Hackers

≪ Previous: 3 charged for spreading Gozi virus and steal millions of dollars from banks

The hacker with online handle "Davy jones" has claimed to have hacked the Srilankan President Mahinda rajapaksha theatre Lotuspond website(lotuspond.lk)

The hacker breached the database server and leaked the compromised data in pastebin(pastebin.com/zUZ29Lnd)

The dump contains database details, admin user name , email address and hashed password.

The hacker also claimed to have hacked few Tv channel database and extracted more than 8000 email ids and passwords.(pastebin.com/mHCTDRQW)

Recently, the same hacker breached the server of Sri lankan Port authority website and defaced it. He also hacked the two famous Sri Lankan Tv Channel websites namely Rupavahini TV and One SriLanka.

↧