VOGH- VOICE OF GREYHAT| Leading Resource of Cyber-Security,Hacking News

Debian Linux 7.0 Code Named 'Wheezy' Released & Available For Download

2013-05-09T16:30:00.000+05:30

Debian Linux 7.0 Code Named 'Wheezy' Released & Added Multiarch Support, Several Specific Tools

Once it was one of the most popular Linux distribution which have drawn the maximum attention, yes you are right I am talking about none other than Debian Linux. Now a days the craze of this flavor has became little fade but as the foundation for other, more popular Linux distributions, such as Mint, Ubuntu and few Pen Testing Distro, still the value of Debian exist. So the up-gradation and new release of this Linux flavor is still very much important. And today I will talk about the new release of Debian Linux version 7.0 code named 'Wheezy'. After many months of constant development, the developers at Debian project proudly announced the general availability of the next version of this major Linux which is Debian 7.0 aka 'Wheezy'. According to the release note - This new version of Debian includes various interesting features such as multiarch support, several specific tools to deploy private clouds, an improved installer, and a complete set of multimedia codecs and front-ends which remove the need for third-party repositories. Multiarch support, one of the main release goals for Wheezy, will allow Debian users to install packages from multiple architectures on the same machine. This means that you can now, for the first time, install both 32- and 64-bit software on the same machine and have all the relevant dependencies correctly resolved, automatically. The installation process has been greatly improved: Debian can now be installed using software speech, above all by visually impaired people who do not use a Braille device. Thanks to the combined efforts of a huge number of translators, the installation system is available in 73 languages, and more than a dozen of them are available for speech synthesis too. In addition, for the first time, Debian supports installation and booting using UEFI for new 64-bit PCs (amd64), although there is no support for Secure Boot yet.

This Release Includes Numerous Updated Software Packages, Such as:-

Apache 2.2.22
Asterisk 1.8.13.1
GIMP 2.8.2
An updated version of the GNOME desktop environment 3.4
GNU Compiler Collection 4.7.2
Icedove 10 (an unbranded version of Mozilla Thunderbird)
Iceweasel 10 (an unbranded version of Mozilla Firefox)
KDE Plasma Workspaces and KDE Applications 4.8.4
kFreeBSD kernel 8.3 and 9.0
LibreOffice 3.5.4
Linux 3.2
MySQL 5.5.30
Nagios 3.4.1
OpenJDK 6b27 and 7u3
Perl 5.14.2
PHP 5.4.4
PostgreSQL 9.1
Python 2.7.3 and 3.2.3
Samba 3.6.6
Tomcat 6.0.35 and 7.0.28
Xen Hypervisor 4.1.4
The Xfce 4.8 desktop environment
X.Org 7.7

Along with these more than other 36,000 ready-to-use software packages, built from nearly 17,500 source packages also included in Debian Linux 7.0. So after reading all those cool features, what you are waiting for lets download the installation image via bittorrent (the recommended method), jigdo, or HTTP.

E!Online Official Twitter Account Hijacked By Syrian Electronic Army (#twithackery)

2013-05-09T16:29:00.002+05:30

E!Online Official Twitter Account Hijacked By Syrian Electronic Army (#twithackery) Fake Tweet Claimed Justin Bieber is Gay

The massive ongoing twitter hijacking also known as twithackery carried by carried by the infamous pro-Assad group of hackers known as the Syrian Electronic Army targeted another high profile twitter account. After the successful hijack of three high profile twitter account of CBS news followed by the hack of BBC and the Associated Press twitter account, now Syrian Electronic Army aka SEA have caught another big fish that is E! Online -one of the leading resource of entertainment and celebrity gossip news. The official twitter account of E!Online that has over five million followers fallen victim to these dangerous hacker collective group. As per several legitimate sources this high valued twitter account was hacked on Saturday afternoon and subsequently posted several false tweets about a few celebrities, most specifically Justin Bieber. After the successful hijack, exactly like earlier the hacker group started tweeting false message. Among those One tweet read, “Exclusive: Justin Bieber to E!Online: I’m a gay,” followed by a shortlink. Another read, “Exclusive: Selena Gomez tells E! she will fully supporting Justin in his coming out” [sic], also followed by a shortlink. (Selena Gomez was Bieber’s girlfriend up until recently). And another made reference to Angelina Jolie blaming Jordan for “the Syrian refugees’ atrocious conditions.” Here is screen capture of those fake tweets:-

After this mishap security experts have figured out that many of those links associated with the above fake tweets redirecting users to malicious webpages. So users were urged not to click on the links. Not only the official twitter account, but also the hacking group also managed to infiltrate the E!’s text messaging system, sending hundreds of thousands of subscribers similar messages including an obscene message relating to President Barack Obama.

While talking about twitter hacking, widely known as #twithackery; we would like to remind you the following names, WWE champion John Cena, Star Rita Ora, Justin Bieber, Teyana Taylor,American pop singer Kesha, NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik, Mahesh Bhatt, Huffington Post & CBS; these are the famous names who have fallen victim to twithackery before E!Online. In the wake of all the recent cyberattacks on news organizations, Twitter has warned media accounts that they will continue to be targets of hackers, and has advised them to take all appropriate steps to further secure their Twitter accounts.

GFI LanGuard 2012 One Solution For vulnerability Scanning, Patch Management, Network & Software Audit

2013-05-09T16:28:00.003+05:30

GFI LanGuard 2012 One Solution For Vulnerability Scanning, Patch Management, Network & Software Auditing

Earlier we have talked about GFI LanGuard, but while looking at the rising cyber threats, security researcher continue to identify new, sophisticated malware threats, vulnerability and patch management are more critical than ever as a key component of a layered security approach. To get rid of all those security challenges, GFI Software announced the availability of GFI LanGuard 2012, in which the manufacturer claimed to provide network and system administrators with the ability to manage 100 percent of their patching needs through a single, intuitive and easy-to-use interface, without the need for other update tools. So lets take a roam of this fine product of GFI Software-

Enhanced Features of GFI LanGuard 2012 include:

Comprehensive Patch Management – Administrators can now manage 100 percent of their patching needs – both security and non-security updates – from a centralized console. No other update tools are necessary.
Strong Vulnerability Assessment for Network Devices – Network devices such as printers, routers and switches from manufacturers such as HP and Cisco, can now be detected and scanned for vulnerabilities. GFI LanGuard 2012 performs over 50,000 checks against operating systems, installed applications and device firmware for security flaws and misconfigurations. It also runs network audits that now detect mobile devices running iOS and Android operating systems.
Improved Scan and Remediation Performance – New Relay Agents receive patches and definition files directly from the GFI LanGuard server and distribute as appropriate – helping IT resources save time, manage network bandwidth and increase the number of devices that can be accommodated. This is particularly effective in multi-site and large networks.

GFI LanGuard 2012 combines vulnerability scanning, patch management, and network and software auditing into one solution that enables IT professionals to scan, detect, assess and correct potential security risks on their networks with minimal administrative effort. GFI LanGuard also enables administrators to inventory devices attached to their networks; receive change alerts, such as notification when a new application is installed; ensure antivirus applications are current and enabled; and strengthen compliance with industry regulations through automated patch management that defends against potential network vulnerabilities. With GFI LanGuard, IT administrators can manage more than 2,500 machines from a single console, it integrates with more than 1,500 security applications and includes keyword search functionality.

After going through the above brief description, many of you must be excited about this new product. For the kind information of our readers, yes indeed GFI LanGuard 2012 is one of the finest tool ever released in this domain. Detailed information LanGuard 2012 can be found here. Also a 30 day trail pack of GFI LanGuard 2012 has been made available for download.

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites

2013-05-05T15:11:00.000+05:30

Linux/Cdorked.A: One of The Most Sophisticated Apache Backdoor Targets Millions of Websites to Serve Blackhole Exploit

ESET one of the world renowned security firm headquartered in Bratislava have figured out what it called a malicious cyber rampage targeting millions of cPanel-based servers. Since last few months security experts have been tracking server level compromises that have been utilizing malicious Apache modules to inject malware into websites and redirecting some of its requests to the infamous Blackhole Exploit packs. On cPanel-based servers, instead of adding modules or modifying the Apache configuration, the attackers started to replace the Apache binary (httpd) with a malicious one. This new backdoor is very sophisticated and this new malware has been dubbed "Linux/Cdorked.A." Several analysis reveals that it is a sophisticated and stealthy backdoor meant to drive traffic to malicious websites. According to the official blog post of ESET - Linux/Cdorked.A is one of the most sophisticated Apache backdoor's we have seen so far. The backdoor leaves no traces of compromised hosts on the hard drive other than its modified httpd binary, thereby complicating forensics analysis. All of the information related to the backdoor is stored in shared memory. The configuration is pushed by the attacker through obfuscated HTTP requests that aren't logged in normal Apache logs. This means that no command and control information is stored anywhere on the system.

This malicious cyber rampage was first detected by another security firm named 'Sucuri' and later ESET published a detailed analysis of the issue. But still there are thoughtful matter as already thousands of websites get infected. The attack is particularly dangerous as Apache web servers are among the most well-known and widely-used in the world and are used by numerous companies. This means that a successful security breach can affect numerous different businesses across a diverse range of industries.

As this malware also known as Linux/Cdorked.A has already been spotted in the wild, so on behalf of cyber media, we urge all the concern system administrator, security analyst to take care of the above issue while to checking their servers and verify that they are not affected by this threat. Detailed instructions to perform this check are provided in the ESET blog.

Self Propagated LulzSec Leader 'Aush0k' Arrested By Australian Federal Police

2013-05-05T15:10:00.001+05:30

Self Propagated LulzSec Leader 'Aush0k' Arrested in Sydney By Australian Federal Police (AFP)

Many of us knew Hector Xavier Monsegur widely known as 'Sabu' as the leader of infamous international hacker group LulzSec and Antisec. But this idea will surely be changed when you will hear the histrionic story, which came to light when a 24 old Australian proclaimed himself as the leader of notorious hacker collective group Lulz Security also known as LulzSec. The man, known online as Aush0k, is a senior Australian IT professional who works for the local arm of an international IT company. Police say he was in a "position of trust" within the company and had access to information on government clients which Aush0k manipulated and misused. According to Australian Federal Police a special investigation began less than two weeks ago when investigators found a government website had been compromised. The man has been charged with two counts of unauthorized modification of data to cause impairment and one count of unauthorized access to a restricted computer system. He faces a maximum of 12 years in jail. AFP Commander Glen McEwen says the man posted in online forums frequented by other members of LulzSec that he was the group's leader. "There was no denials of his claims of being the leader," added McEwen. The man was charged and appeared in court on the very day of his arrest. And he will face Woy Woy Local Court again on May 15.

While talking about this dramatic story of proclaimed LulzSec leader Aush0k, we would love to remind you the decent history when the leader of Anonymous affiliated LulzSec "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers. As soon as the FBI gathered all the sensational information from Sabu, immediately we have seen the arrest of almost all the key members of LulzSec including Ryan Cleary, Jake Davis, Jeremy Hammond, Raynaldo Rivera, Cody Kretsinger and so on. And today we have seen the arrest of another LulzSec leader and key man, and this arrest is the first one done by the AFP. Earlier the arrest of Sabu proved very handy for the law and enforcement, may be this time also Aush0k's arrest can show them few more directions and can open few closed doors of investigation. So till time wait and stay tuned with VOGH for the updates on this story, also all the other cyber updates.

-Source (ABC News)

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

2013-05-05T15:10:00.000+05:30

Oxford University Will Get £1 Million of Investment in Next 2 Year to Tackle Cyber Crime

The rising amount of cyber crime has already put the world of security under a serious threat. Since last five years we have seen many devastating cyber attack which have broken almost every security measure. In short, today the entire cyber space is posing a serious risk. To get rid of this situation many developed countries have already started taking required counter measure. Cyber awareness program, campaigns are going in almost every part of the world. Such steps and countermeasures were mainly limited to government and corporate, but now as we are sitting at the edge of cyber threat, so the security system should be more enhanced. While looking at the current status OXFORD University have came forward, and they are going to open a cyber hub to tackle these ongoing cyber challenges. Acceding to the official website of Oxford Mail - OXFORD University will get £1 million of investment in the next two years to fund a center to tackle cyber crime. Funding for the Government’s Global Center for Cyber Security Capacity Building has been announced by Foreign Secretary William Hague, who pledged £500,000 a year for at least the next two years. It will be based at the home of the Oxford Martin School, with the aim of combating activists and terrorists who are posing a growing threat to our national security and economy.

The school’s director, Ian Goldin, Oxford University Professor of Globalisation and Development, said: “The whole purpose is to address critical challenges of the future. The international scale of the challenge requires new research and connections with the business world, which is part of the school’s mandate.” The centre will be based at the Old Indian Institute, a former university library building, on the corner of Broad Street and Catte Street, which is currently being refurbished. Prof Goldin, whose new book Divided Nations explores the risks brought about by rapid globalization and technological leaps like the internet, said keeping up with criminals will be far from easy. He said: “We are in a race, or struggle, between people who want to keep systems safe and secure and those who – for whatever reasons that may be commercial, nationalist or anarchical – want to undermine the system. That won’t end.

According to some legitimate sources it has been confirmed that the new center will be a beacon of expertise and put the UK at the forefront of cyber policy development. It will operate from Broad Street from September. The two-year funding will help pay for an additional 12 specialists. Sadie Creese will head the new center as professor of cyber security.

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked

2013-04-23T23:30:00.002+05:30

Several Twitter Accounts of CBS News (60Minutes, 48Hours & CBSDenver) Hacked By Syrian Electronic Army [#twithackery]

Yet again CBS one of the major commercial broadcasting television network of United States faced cyber attack. First it was hacker collective Anonymous who targeted CBS and managed to hack the TV network of CBS in January last year. The attack was done under the banner of Operation Megaupload. And now CBS have fallen victim of what it called twithackery, where hacker managed to gain temporary access of popular twitter accounts and broadcast fake tweets. This Sunday such twithackery targeted and compromised several twitter account of CBS. Infamous hacker community going by the name of Syrian Electronic Army claimed to have hijacked the twitter accounts of CBS, the list of the hijacked accounts include "60 Minutes" and "48 Hours" which is maintained by CBS news program. Later it has been reported that another twitter account @CBSDenver has also been hacked, during this ongoing cyber attack. CBS acknowledged the whole phenomena and later a CBS spokeswoman confirmed that the accounts had been compromised. "PLEASE NOTE: Our Twitter account was compromised earlier today. We are working with Twitter to resolve." - said the CBS spokesman. Another message from CBS said, "A message that was posted earlier to this account was not written or sent by @60Minutes or its staff."

Here is the list of those fake tweets came from the hijacked accounts of CBS:-

From @60Minutes account we got the following message -

"The US government is hiding the real culprit of the Boston bombing"
"The US government is sponsoring a coup in Venezuela and a terrorist war in Syria"
"Your duty is to protect your nation from the parasites that have taken your government"
"Obama wants to destroy the Syrian and American people. We must stop this beast"

Other messages claimed: "Syrian Electronic Army Was Here via @SyrianCyberArmy" and suggested the action was in response to the suspension of the @Official_SEA account. Tweets sent out on the @48Hours account reportedly included: "General Dempsey calls for #Obama's arrest under new anti-terror laws #48hours" As soon as the issue get spotted, CBS regain those hijacked accounts and immediately deleted those rouge messages. Later the two accounts @60Minutes and @48Hours has been suspended.

-Source (BBC & Reuters)

Controversial Cyber Security Bill CISPA Passed Again By The US House

2013-04-23T23:30:00.000+05:30

Controversial Cyber Security Bill CISPA Passed Again By The US House

Couple of months ago we reported that the White House is planning for an executive cyber security order, from some official sources it has also come to know that the U.S. President Mr. Barack Obama has a special plan to re-introduce the Cyber Intelligence Sharing and Protection Act (CISPA). Today that deceleration get executed as the US House of Representatives has passed the controversial Cyber Information Sharing and Protection Act. This is the second time when CISPA have been passed by the White House, first it was rejected by the Senator while saying that the bill did not do enough to protect privacy. But yet again with the initiative of Obama and a substantial majority of politicians in the House backed the bill. Though there is a huge chance of getting rejected. According to some relevant sources it has been came to light that, this time also CISPA could fail again in the Senate after threats from President Obama to veto it over privacy concerns. Sources are saying that the main reason of re-introducing CISPA is the the President Barack Obama expressed concerns that it could pose a privacy risk. The White House wants amendments so more is done to ensure the minimum amount of data is handed over in investigations. The law is passing through the US legislative system as American federal agencies warn that malicious hackers, motivated by money or acting on behalf of foreign governments, such as China, are one of the biggest threats facing the nation. "If you want to take a shot across China's bow, this is the answer," said Mike Rogers, the Republican politician who co-wrote CISPA and chairs the House Intelligence Committee.

On the other hand CISPA has also secured the backing of several technology firms, including the CTIA wireless industry group, as well as the TechNet computer industry lobby group, which has Google, Apple and Yahoo as members. By contrast, some other big names like Mozilla, Reddit has been vocal in its opposition to the bill. In the beginning the social networking giant Facebook supported CISPA but later they took back its support. The American Civil Liberties Union has also opposed CISPA, saying the bill was "fatally flawed". The Electronic Frontier Foundation (EFF), Reporters Without Borders and the American Library Association have all voiced similar worries.

-Source (BBC)

LulzSec Hacker Cody Kretsinger Sentenced 1 Year Imprisonment For Sony Breach

2013-04-20T17:03:00.000+05:30

LulzSec Hacker Cody Kretsinger Sentenced 1 Year Imprisonment For Security Breach of Sony Pictures Entertainment

Infamous LulzSec hacker Cody Kretsinger who pleaded guilty last year in front of Federal Court of California for taking part in an extensive computer breach of Sony Pictures Entertainment server has faced judgement. 25 year aged Kretsinger who is also known as "Recursion" was one of the key member of Lulz Security, widely known to us as LulzSec, an offshoot of the international hacking group Anonymous. According to federal prosecutors, Cody Kretsinger has been sentenced to one year in prison in Los Angeles. This court rule has been followed by home detention. Kretsinger, was also been ordered by a U.S. district judge in Los Angeles to perform 1,000 hours of community service after his release from prison, said Thom Mrozek, spokesman for the U.S. Attorney's Office in Los Angeles. Although prosecutors refused to say whether the hacker was co-operating with authorities in return for a softer sentence.

During last year's plea hearing, Kretsinger told a federal judge that he gained access to the Sony Pictures website and gave the information he found there to other members of LulzSec, who posted it on the group's website and Twitter. "I joined LulzSec, your honor, at which point we gained access to the Sony Pictures website," said Kretsinger in the federal court. Prosecutors said Kretsinger and other LulzSec hackers, including those known as "Sabu" and "Topiary," stole the personal information of thousands of people after launching an "SQL injection" attack on the website; ultimately caused the unit of Sony Corp more than $600,000 in finical damage, along with that the attack caused bad impact and loss of faith for Sony Corporation and it's customers across the globe.

While talking about this story, we would like to recap the decent history - where the arrest followed by guilty pleading of all the key members of LulzSec including Ryan Cleary, Jake Davis, Jeremy Hammond, Raynaldo Rivera & Cody Kretsinger came a month after court documents revealed that Anonymous leader "Sabu," whose real name is Hector Xavier Monsegur, turned traitor to his community and became FBI informer and provided all the information on fellow hackers.

-Source (Reuters & Yahoo)

VOGH Exclusive: Xbox Live Outage Caused For Networking Misconfiguration, Not Hacker Attack

2013-04-18T18:08:00.002+05:30

Microsoft Said Xbox Live Outage Caused For Networking Misconfiguration During Routine Maintenance, Not Hacker Attack

Xbox Live -one of the world's most popular and usually very reliable gaming network which rarely has unexpected outages, nor does Microsoft ever take it down for any extended period of time. But accident occurs, and it happened in last Sunday. The software giant and the developer of Xbox - Microsoft has reported a significant Xbox Live outage, rendering the service unavailable since earlier last 13th afternoon, smack in the middle of the peak weekend usage period. The outage is preventing users from signing in to Xbox Live, blocking access to the online services normally available through the console. While acknowledging the issue, on their official Xbox Live Status page Microsoft said “There is still an issue members are having signing in to Xbox LIVE, we greatly appreciate you sticking it out with us while we work as hard as we can to get this problem fixed. Keep checking back here every 30 minutes for another update on our progress.” This update came from Microsoft at 3:30 Pacific time on 13th of April. As soon as this story get spotted, several hikes rises. Among this buzz, it was a few unnamed hacker who took credit of the Xbox outage, while declaring that a cyber attack. Another buzz which just got spread so quickly, was that the outage of Xbox Live network has been caused by hacker collective Anonymous. Here we must have to say that those buzz have some solid reasons as couple of months ago Windows Azure faced an organized cyber attack which effected the service of Azure storage, Xbox Live and 52 other. And that outage or in other word service interruption stays for 12 long hours. But unlike earlier, this time the issue get resolved immediately. Within one hour all the service get restored and came back to its normal order. On the same Xbox Live Status page Microsoft said “If you were one of the members who was having issues signing in to Xbox LIVE, good news! This issue has been fixed! Thank you so much for your patience during this time, feel free to go enjoy your favorite games and content!”

So far we have discussed about the story of the outage and it's restoration. Now we will talk about the cause of this interruption. As I have said earlier that the rumor of hacker's attack was there which was claiming responsibility of the Xbox Live outage. But in reality it was not due to cyber attack but some internal network problems. In their official respond of the situation and those buzz Microsoft completely dines all those rumors and said "The Xbox Live service outage on 13 April resulted from networking misconfiguration during routine maintenance and was in no way related to false claims of hacking the service."

While talking about Xbox outage, we would like to remind you that - another world famous gaming console 'PlayStation' had fallen victim to cyber attacks. It was Anonymous who hit Sony PSN and caused massive outage, data leak and many other devastating damages.

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update Advisory

2013-04-18T18:08:00.000+05:30

42 Java Holes Fixed By Oracle in April 2013 Critical Patch Update (CPU) Advisory

The Oracle Corporation has released what it called a critical patch update for its Web-based Java programming language. Java SE software that fixes at least 42 security flaws in the widely-installed program and associated browser plugin. The Java update also introduces new features designed to alert users about the security risks of running certain Java content. The April patch, which targets 42 vulnerabilities, 19 of which have a severity rating of 10 (highest possible threat level) includes a majority of vulnerabilities that are currently being exploited. Among those 42 new security fixes across Java SE products of which 2 are applicable to server deployments of Java. According to Oracle, “39 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.” Along with the fixes, Oracle changed the default setting of Java SE. Java applets will no longer run in a Web browser unless they have been digitally signed until a warning prompt is acknowledged. It has also extended how users will be alerted of other Java-related security issues. According to renowned security expert and blogger Brian Krebs - Java 7 Update 21 also introduces some new security warnings and message prompts for users who keep the program plugged into a Web browser (on installation and updating, Java adds itself as an active browser plugin). Oracle said the messages that will be presented depend upon different risk factors, such as using old versions of Java or running applet code that is not signed from a trusted Certificate Authority. Apps that present a lower risk display a simple informational message. This includes an option to prevent showing similar messages for apps from the same publisher in the future. Java applications considered to be higher risk — such as those that use an untrusted or expired certificate — will be accompanied by a prompt with a yellow exclamation point in a yellow warning triangle.

Affected Product Releases and Versions:-

Java SE	Patch Availability
JDK and JRE 7 Update 17 and earlier	Java SE
JDK and JRE 6 Update 43 and earlier	Java SE
JDK and JRE 5.0 Update 41 and earlier	Java SE
JavaFX 2.2.7 and earlier	JavaFX

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. As Java has been run by millions of devices and users across the globe, so we urge all of our readers to install and apply the security fixes to avoid any kind of threats. Note that - Oracle said that this week's security updates don't take care of all known flaws, they do address all known vulnerabilities currently being exploited in the wild.

Pirate Bay Co-Founder Svartholm Warg Accused For Hacking, Fraud & Attempt to Steal Money From Bank

2013-04-18T18:07:00.002+05:30

Pirate Bay Co-Founder Svartholm Warg Accused For Hacking, Fraud & Attempt to Steal Money From Swedish Bank

The Pirate Bay also known as TPB is the most infamous website providing torrent files and magnet links to facilitate peer to peer file sharing. It is fact that many of us love the website, but it is also undeniable that if you are in the core team to run TPB then you are definitely sitting on the edge of legality. Many of you have already started terrifying! But I have the news which will not frighten you but surely will surely frighten Gottfrid Svartholm Warg, the co-founder of Pirate Bay. Gottfrid might get mercy if he could limited himself only into Pirate Bay, but in reality he did not and crossed all the lines. The 27-year-old’s Gottfrid widely known as 'Anakata' has been charged for hacking several Swedish companies and stealing their personal data. He and three others are also accused of attempting to make illegal online money transfers. Prosecutors claim Warg along with three others—hacked IBM mainframes belonging to tax firm Logica and the bank to transfer money from various bank accounts. In total, the four men reportedly attempted to transfer just over US$900,000. Warg has also been accused of hacking into the databases of several Swedish businesses and the government’s federal taxing agency.

In his statement prosecutor Henrik Olin said - "A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers (personnummer) of people with protected identities. I'd say that Svartholm Warg is the main person and brains behind the hacker attack. We've had a lot of theories but I can't find a motive in the evidence. What I can say is that we're talking about an incredibly technically advanced hack against a large server environment considered to have very high security and that can boost one's status in certain circles"

Three other people have been indicted along with Svartholm Warg. They are all charged with serious fraud, attempted aggravated fraud, and aiding attempted aggravated fraud. According to the indictment, authorities seized a computer and chat transcripts of Svartholm Warg and the other suspects. Olin claims that it is the biggest investigation into a data intrusion ever conducted in the country.

Here we want to remind you that Svartholm Warg, 27, was arrested in Cambodian and deported to Sweden in September last year due to an arrest warrant issued for him in relation to his conviction in the Pirate Bay trial. Since December, Svartholm Warg has been held in a prison in Mariefred in central Sweden where he is serving out a prison sentence related to his activities with The Pirate Bay.

-Source (The Local, RT)

Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael)

2013-04-11T01:44:00.004+05:30

VOGH Exclusive: Israel Hit By Demolishing Cyber Attack From Anonymous Caused $3 Billion Damage (#OpIsrael)

The past 7th April will be unforgettable for Israeli cyber space, yes it was no doubt the black day for Israel, when the World's largest hacker group "Anonymous" with help of several other hackers communities caused ruin while bringing down almost all the Israeli Government websites, along with more that 100,000 other important Israeli websites, 40,000 Facebook pages, 5,000 Twitter accounts and 30,000 bank accounts belonging to Israeli people. The hacker group not only demolished the cyber space of Israel, but also caused a loss of 3 billion USD. This never forgettable hacking rampage dubbed Operation Israel became the most devastating and venturesome hacking rampage ever happened to the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation widely known as #OpIsrael, where the hacker group vows to erase Israel from the Internet. And indeed the hacker group did that, According to several Israeli source, leading media outlets it has been confirmed that almost all the important sites owned by the Government of Israel have been either hacked and paralyzed. These sites include the site of the Israeli Police, Israeli Prime Minister, Bureau of Statistics, Israeli intelligence agency Mossad, Stock Market and the Israel Ministry of Defense and many more. Regardless of the amount of damage done, the scale of the attack is bound to be embarrassing for the Israeli government. This is the second time that Anonymous has successfully taken down Israeli government websites. The first #OpIsrael attack happened last November and affected Israeli cyber fence heavily. Like the last November, this time also the reaction of Israel Government was indifferent and unconcerned. Despite of what Anonymous's claims of massive damage to Israel, the country's cyber security officials say that the attack caused minimal damage. "So far it is as was expected, there is hardly any real damage," Yitzhak Ben Yisrael from the government's National Cyber Bureau told the press. "Anonymous doesn't have the skills to damage the country's vital infrastructure. And if that was its intention, then it wouldn't have announced the attack ahead of time. It wants to create noise in the media about issues that are close to its heart." This is more or less what Anonymous always does, often with varying levels of success.

PostgreSQL Fixed “Persistent Denial-of-Service” Vulnerability (CVE-2013-1899)

2013-04-11T01:44:00.001+05:30

PostgreSQL Fixed 'High-Exposure Security Vulnerability' Causing Denial-of-Service Attack (CVE-2013-1899)

Security researcher's have yet again figured out a serious security hole in one of most widely used object-relational database management system, PostgreSQL also known as Postgres. While manipulating the loophole an attacker can easily corrupt files and in some cases, can execute malicious code on underlying servers causing "persistent denial-of-service" attack. By corrupting the files an attacker can cause database server to crash and refuse to reboot. Affected servers could only be restarted by removing garbage text from the files or by restoring them from a backup. Versions 9.0, 9.1, and 9.2 are all vulnerable. As soon as this vulnerability get spotted, the developers at PostgreSQL immediately released updates while addressing a "high-exposure security vulnerability in versions 9.0 and later." The updates are available for 9.0, 9.1, and 9.2 branches, as well as 8.4. This updates also allow PostgreSQL to be built using Microsoft Visual Studio 2012. According to developers: "A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center." In addition to fixes for one major security issue, the updates also include four more minor security fixes, as well as fixes for other, non-security-related issues.

Some of these fixes include:

A security vulnerability that made contrib/pgcrypto-generated strings too easy to guess;
A vulnerability that would allow unprivileged users to interfere with backups;
Security issues involving the OS X and Linux installers;
Vaious issues with GiST indices;
An issue related to crash recovery; and
Memory and buffer leaks, among others.

The complete list of fixes and enhancements in each version can be found on the PostgreSQL release notes archive page. Also the patched PostgreSQL 9.2.4, 9.1.9, 9.0.13, and 8.4.17 are available now at download page. While talking about this fix, we would like to remind you that, late in last year another security vulnerability hit PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. The security holes associated with libxml2 and libxslt. Along with that a vulnerability in the built-in XML functionality, and a vulnerability in the XSLT functionality supplied by the optional XML2 extension.

-Source (Campus Technology & The-H)

'Scribd' World's Largest Document Sharing Website Admits Security Breach

2013-04-11T01:42:00.002+05:30

'Scribd' World's Largest Document Sharing Website Admits Security Breach

Scribd- San Francisco-based document sharing site have fallen victim of cyber attack. Such kind of massacre is no doubt very much shameful for one of the world largest document sharing website which have more than 100 million of registered user. Like other largest companies, Scribd acknowledged the attack. In their official security announcement the company said that the operations team of Scribd have discovered and blocked suspicious activity on Scribd's network that appears to have been a deliberate attempt to access the email addresses and passwords of registered Scribd users. But the matter of relief is that only the 1% of its registered users have been affected during the hack. Immediately after this intrusion get spotted Scribd security team have emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password. So, if you are a Scribd user and you did not receive such email from Scribd, then you are most likely unaffected. If you still wish to check, you can use this web tool to determine if your account was among those affected. From the official announcement of Scribd, we came to know that the inertial investigation have already take place, which indicates that no content, payment and sales-related data, or other information were accessed or compromised. It has been believed that the information accessed by the hackers was limited to general user information, which includes usernames, emails, and encrypted passwords. Even though this information was accessed, the passwords stored by Scribd are encrypted (in technical terms, they are salted and hashed). Most of the users were therefore unaffected by this; however, the analysis shows that a small percentage may have had their passwords compromised. In an abundance of caution, it has been highly recommended for those affected users to reset their password and to change their password on any other services they might have used it on.

At conclusion of the note, Scribd team did serious apology to its users while saying -"we would like to sincerely apologize for our failure to live up to our users' expectations in this instance. We’re incredibly disappointed that this happened and are committed to doing everything we can to prevent this from happening again. We will work harder than ever to ensure that we deserve the trust that our users place in us."

While talking about big cyber attacks against large companies we would like to remind you in the last year we have been a slew of attacks against the following sites: Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo, Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe, Twitter New York Times, Apple and so on.

#OpIsrael Continues: KHS & MLA Hacked Several Israeli Govt Websites & Leaked Sensitive Data

2013-04-07T17:20:00.001+05:30

Muslim Liberation Army (MLA) & Kosova Hacker Security (KHS) Joins Operation Isreal & Hacked Several Israeli Govt Websites & Leaked Sensitive Data

Operation Israel the devastating hacking rampage continues and becoming more and more venturesome for the Israeli cyber space. In the last week of March, it was dangerous hacker collective group Anonymous who called the operation also dubbed #OpIsrael, where the hacker group vows to erase Israel from the Internet. And as expected this is happening, the first quake came from Turkey-based Marxist hacker group named RedHack and Anonymous, where they targeted Israeli intelligence agency Mossad and breached personal data of 35K officials. Operation Israel, was not among those typical rampage of Anonymous, here Anon called other hackers from different part of of the spectrum to join. First it was RedHack who responded, and now the Muslim Liberation Army lead by Pakistani hacker Hitcher, along with Kosova Hacker's Security & few other Albanian hacker's community joined #OpIsrael.

Yesterday it was Hitcher from Muslim Liberation Army (MLA) who targeted Israel’s Ministry of National Infrastructures (MNI). The hacker managed to breach the server of Israel Ministry and defaced several website belongs to Israel Ministry of Infrastructures. The attack took place at yesterday late night, but still at the time of writing the news, several Israel MNI websites are not performing. Not only MNI, as per sources several other high profile and Israeli government sites have also been taken down in this round attack. While covering this hack of Hitcher, we must have to recap the previous hack of Pakistan hackers who are constantly against Israel (for Gaza issue) causing massive cyber attack against leading IT industry of Israel and other high profile Israeli sites. Just a couple of months ago, the world seen what it call the black day in the history if Israeli cyber space where another Pak hackers community hacked the main domain controller of Israel, which causes a massive hack against almost all the big Israeli sites such as government, MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel & many more.

During the hacking rampage, Hitcher delivered the following message -

“We are outraged at the Palestine present condition and the Illegal occupation of Palestinian Land By the Zionist Israelis. This attack is in response to the Injustice against the Palestinian people. Occupied Palestinian land under the guise of residential settlements are being increased. Palestinians are deprived of their basic human rights. International Aid workers are stopped from providing any humanitarian assistance to the people. The International community and media is not allowed to bring facts to world as due to strict restrictions”

On the other hand, Kosova Hacker's Security along with few other Albanian hacker's community performed, what it called a demolishing cyber attack, that caused huge damage to the Israeli cyber space. During the attack Kosova Hacker's Security also known as KHS hit several important Israeli government & commercial websites such as Civil Aviation Authority, Israel Police, Ministry of Health and many more. KHS caused damage to those websites, not by doing defacement by causing data leak. KHS hacked and exposed thousands of sensitive data, including full name, email-id, passwords and other confidential information of those said Israeli websites. All those leaked data have been made available by the hackers in a website called pentagoncrew.com All those hacks have been performed under the banner of Operation Israel also dubbed #OpIsrael for the cause of Gaza. For instance, here we can recap the hack of Kosova Hackers Security (KHS) where they hacked and exposed personal data of 35,000 Israeli people.

At conclusion, we want to say that, at the time when Anonymous first called Operation Israel, Israeli government presumed that they have taken the threat very seriously and from the government end it has been stated that they will take almost every steps to avoid any kind of disaster. Now after observing the above scenario it is clear that Israel Government have completely failed to protect their cyber space, in spite of having precaution. Also another thing get spot light, that is different hackers community have already came under a single shade in order to hit Israel against Gaza & Palestine issue. Today is the historical 7th April, I mean the day which Anonymous promised to erase Israel from the Internet. So the clock is running, lets see what more is about to come. for the time stay tuned with VOGH to get all the latest update on this story and also other cyber issues.

Hcon Security Testing Framework (HconSTF) v0.5 Codename 'Prime' Released

2013-04-07T17:20:00.000+05:30

Hcon Security Testing Framework (HconSTF) v0.5 Codename 'Prime' Released

Previously we have discussed couple of times about HconSTF - a browser based security testing framework. Earlier in last year we got HconSTF version 0.4, now after almost 14 month, the author of Hcon, Mr. Ashish Mistry (Information Security Researcher) has proudly released the version 0.5 of HconSTF code named "Prime." No doubt that Hcon has already became a very popular and widely used browser based pen testing framework. Not only in hackers community but also several security experts and infosec researcher's prefers Hcon as one of their all time favorite pentesing tool as HconSTF is very flexible and very handy multipurpose tool for any IT Security Professionals, Web Bug bounty Hunters, Web Developers or any one interested in IT security. As expected this version of Hcon, came with enhanced features and more functionality, so lets take a glance of HconSTF v0.5 -

HconSTF is semi-automated but you still need your brain to work it out. It can be use in all kind of security testing stages, it has tools for conducting tasks like,

Web Penetration Testing
Web Exploits Development
Web Malware Analysis
Open Source Intelligence ( Cyber Spying & Doxing )
and much more with lots of hidden features

HconSTF v0.5 in Brief:-

Based on Firefox 17.0.1
Designed in Process based methodology
Less in size (40mb packed-80mb extracted), consumes less memory
More than 165+ search plugins
New IDB 0.1 release integrated
Underlined Logging for each and every request
More NEW scanners for DomXSS, Reflected XSS
New reporting features like note taking, url logging for easy report making
Smart searchbox - just select and it will copy it and just change search engine to search
Integrated Tor, AdvoR, I2p and more proxies
New Grease monkey scripts (18 scripts)

To Download HconSTF v0.5 Click Here [Download Type- Portable (no need to install , run from usb drive or any memory card) Platform : Windows XP , Vista , 7 both x32 & x64]

Angelina Jolie & Lady Gaga Became Victim of Ongoing Celebrity Hacking

2013-04-05T18:31:00.001+05:30

Angelina Jolie & Lady Gaga Became Victim of Ongoing Celebrity Hacking

Now a days it has became a fascination for cyber criminals to target and hack celebrities and public figures. Earlier we have seen similar scenario many a time. Last month an unnamed hacker released personal details of many public figure, national leaders, celebrities. The hacked data dubbed "The Secret Files" by the hackers contains personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) was made public by those hackers on a website. Now we have past just a couple of weeks, yet again the same massacre took place, the hackers returned to the Internet after a brief hiatus and immediately hit six more.

Angelina Jolie who played a key role in one of the most fine hacking movie named "Hackers" herself became victim to hackers in real life, as well as Jolie; Lady Gaga, NRA advocate Wayne LaPierre, Dennis Rodman, Michael Vick, Secret Service Director Julia Pierson and Robert De Niro.

Like earlier, this time also the nature of the hack was similar to the previous the hackers have posted what they claim to be the social security numbers, mortgage amounts, credit card info, car loans, banking and other info for the celebs listed on their site. Last time, the website; where the hacker have posted those hacked credentials; were shutdown by the authorities. But it's now back up and running with a new domain extension (.re) that suggests it's based out of the French island of Réunion located off the coast of Madagascar -said TMZ in an exclusive report. Again also the same style were followed by the hacker group and leaving the very same message saying - "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve."

According to sources - Jolie's page (prepared by the hacker) includes what is said to be her social security number as well as her credit report, which can be downloaded. There are addresses listed as well, but they are all business addresses, likely for her lawyer and other people she employs. The same information for Lady Gaga and Johansson is also available. However, Johansson's page also features a photo of her which became public through a previous hacking incident. The FBI has already started investigation, but so far no arrest have been made. In 2011 another high profile hack taken place, where the hacker targeted several celebrities like Scarlett Johansson & few more; while leaking nude photos. Later FBI carried out a special operation named 'Hackerazzi' which put a full stop in that issue and also FBI arrested the master mind named Christopher Chaney was sentenced to imprisonment after pleading guilty.

(#OpFreeKorea) Anonymous Breached Uriminzokkiri, Stolen 15k User Data & Hijacked Twitter, Flickr Account

2013-04-05T18:31:00.000+05:30

Anonymous Breached Uriminzokkiri.com, Stolen 15K User Data & Hijacked Twitter, Flickr Account (#OpFreeKorea)

Anonymous the most organized and infamous hacktivist group of the world have targeted the cyber fence of North Korea, and the hacking campaign started with the hack of propaganda site Uriminzokkiri.com. The attack had been executed in different steps, first the hacker group calling them selves 'Anonymous Korea' managed to gain access inside Uriminzokkiri and claimed to have stolen more than 15,000 user data (including the names, email addresses, passwords and dates of birth & many more) and later they defaced the website. Uriminzokkiri's main site was offline till Thursday morning. Not only the data breach and defacement, Anonymous affiliated hackers continued their chariots of cyber attack, which then hit the official twitter and Flickr account belongs to Uriminzokkiri. Both the twitter feed and flickr photos have been replaced by the hacker group with anti-North Korea messages. In their message Anonymous boldly demanded that Kim Jong-Un resign and installs free democracy in North Korea while saying Kim Jong as "threatening world peace." Meanwhile Uriminzokkiri's official Twitter account picture had been changed to show two mask-wearing dancers, alongside the legend "Tango Down" and links to hacked companion sites as follows: Hacked uriminzokkiri.com, uriminzokkiri.com/itv, ryugyongclip.com

Notably the hackers posted a cartoon wanted poster of Kim Jong Un – "aka Nuke Nuke Mickey Lover" – with a list of his alleged crimes, including "threatening world peace with ICBMs and nuclear weapons," "wasting money while his people starve to death," and "concentration camps and the worst human rights violation in the world."

The entire cyber attack was done under the banner of Operation Free Korea also dubbed #OpFreeKorea. Hackers from Anonymous vows the North Korean government while claiming to have access to the country’s local intranets, mail servers and web servers. Anonymous hackers claimed to have taken five of the country’s websites offline over the weekend. "We are inside your local intranets, we are inside your mail servers, we are inside your web servers." said the twitter feed of Anonymous Korea. From one of the relevant source of Anonymous it is confirmed that the next activity for the Anonymous #OpFreeKorea campaign is slated as happening on April 19.

#OpFreeKorea Press Release of Anonymous:-

Hello, citizens of the world.
We are Anonymous
North Korean government is increasingly becoming a threat to peace and freedom.
Don't misunderstand us: As well we disagree with the USA government too - these guys are crooks,
USA is a threat to world peace too, and direct democracy (or any kind of democracy) doesn't exist
there. The American government is a target and enemy of Anonymous as well!
This is not about country vs country - This is about we, the people, the 99% (of USA and of North
Korea) vs oppressing and violent regimes (like USA gov. and N.K. gov)!
We, the people, are gathering together because we are stronger now and we won't fight your wars
anymore, we won't eat your shit anymore!!!
We demand:
- N.K. government to stop making nukes and nuke-threats
- Kim Jong-un to resign
- it's time to install a free direct democracy in North Korea
- uncensored internet access for all the citizens!

Brief About Uriminzokkiri: Uriminzokkiri ("Our Nation") is based in China, but publishes news and propaganda from North Korea's state media and is considered one of Pyongyang's primary online mouthpieces.

Julian Assange's Wikileaks Party Started it's Official Website & Opens Membership

2013-04-03T01:47:00.003+05:30

Julian Assange's Wikileaks Party Started it's Official Website & Opens Membership

Earlier this year we came to know about the WikiLeaks Party where we have seen Julian Assange in a different avatar who have taken the first step toward a Senate run in the Australian state of Victoria. The electoral enrollment application was submitted to the Australian Electoral Commission in February. Assange's father Mr. John Shipton said Julian Assange's enrollment was ''a first step'' in a political campaign that would focus on ''the democratic requirement of truthfulness from government''. The party, not yet registered with the Australian Electoral Commission, has an initial 10-member national council comprised of close associates of Mr. Assange and pro-WikiLeaks activists. But as per the rules of Electoral Commission the party must have to 500 members to officially register with them, in order to do that WLParty have started its official website that is wikileaksparty.org.au and opened online membership form. The official twitter account of WikiLekas urges its followers to to join the WikiLeaks Party, though the website is still under testing and expecting to be final in between seven days as shown in the picture below.

For the fans of WikiLekas, who eager to join the party must know that, they must have to fill out at least 8 fields of personal information including full name, address, phone number, residential suburb & so on. Along with these, the members must have to agree the terms of the party constitution as published on the party website and they have to pay amount of $20 as shown the picture below.

But the WikiLeaks founder has been living at the Ecuadorian Embassy in London since June 2102 — eluding Swedish authorities, who have an outstanding arrest warrant for him in connection to a sexual assault investigation. If elected Australian Senator, Assange might still not be able to be physically present at the Australian senate as he might still be trapped in London’s Ecuadorean embassy. British authorities have vowed to detain him if he steps foot outside of the embassy in light of the European Arrest Warrant issued against him.

-Source (WL Party & RT)

Facebook Hacker Cup 2013: Petr Mitrichev Won The Competition Followed By Jakub Pachocki & Marcin Smulewicz

2013-03-31T15:21:00.000+05:30

Facebook Hacker Cup 2013: Petr Mitrichev Won The Competition Followed By Jakub Pachocki & Marcin Smulewicz

Now a days leading organizations offers bug bounty and other competitions by which hackers from different part of the world will participate and find out security holes, in order to make more secure product and enhance cyber security. While talking about hackers competition then the name of "Hacker Cup" organized by the social networking giant Facebook will surely be an important one. Like last last two years, this year also Facebook called Hacker Cup 2013 in February and after completing several exciting rounds finally we have the winners of this year's championship. Last year it was Roman Andreev of Russia who won the Hacker Cup with a heavy and prestigious trophy and a check for $5,000. Just like last year, this time also thousand of hackers across the globe participated in the competition and after completing the breathtaking championship three lucky winners been rewarded by Facebook for the outstanding performance. And the winners of Hacker Cup 2013 are Petr Mitrichev, in second place we have Jakub Pachocki and third place it was Marcin Smulewicz. The social networking giant congratulated all the competitors who taken part in Hacker Cup for a great showing and performance. This year winner Petr Mitrichev solved all the four problems (Archiver, Colored Trees, Minesweeping, Teleports) in a due time and honored with the highly coveted Hacker Cup Trophy and an amount of $10,000. Here are some key moments of this year Hacker Cup:-

(Hacker Cup 2103 Finalist)

(Competition is on)

(The Prestigious Trophy)

(Electric Moment)

(Hacker Cup 2103 Award)

(Petr Mitrichev Hacker Cup Winner)

Brief About Facebook Hacker Cup:-

Hacking is core to how we build at Facebook. Whether we’re building a prototype for a major product like Timeline at a Hackathon, creating a smarter search algorithm, or tearing down walls at our new headquarters, we’re always hacking to find better ways to solve problems. Programmers from around the world will be judged on accuracy and speed as they race to solve algorithmic problems to advance through up to five rounds of programming challenges. This is the chance to compete against the world’s best programmers for awesome prizes and the title of World Champion.

As expected Facebook promises to continue this event every year so keep your eye out for signups to open to be the Hacker Cup 2014. So stay tuned with VOGH, for all the upcoming updates on cyber security.

Jadavpur University Official Website is Vulnerable to Sql Injection

2013-03-31T15:20:00.002+05:30

Jadavpur University Official Website is Vulnerable to Sql Injection

An ethical hacker from India named Chirag Singh have figured out serious loopholes in the official website of Jadavpur University -one of the most renowned and prestigious university of India. Chirag find blind Sql injection vulnerability which can be exploited by malicious purpose in order to harm the website and gain access. From the vulnerability report submitted by the hacker, it has been found that the web-server of Jadavpur University is using Red Hat Enterprise Linux 5 (Tikanga) where the web application technologies are Apache 2.2.3 and PHP 5.1.6; along with the back-end database is PostgreSQL. The hackers also managed to dump 11 database with more than 215 tables as shown in the picture below

This issue has already been reported to the concern person and the webmaster of Jadavpur University, and due to security and privacy we are not exposing and mention the vulnerable link and dumped database.

Anonymous & RedHack Breached Israeli Intelligence Agency 'Mossad' Leaked Personal Data of 35K Officials

2013-03-30T02:18:00.000+05:30

Anonymous & RedHack Breached Israeli Intelligence Agency 'Mossad' Claimed to Have Personal Data of 35K Officials (#OpIsrael)

A week ago infamous hacker collective group Anonymous called for Operation Israel (#OpIsrael) second phase, where they vows to engage massive cyber attack against Israeli cyberspace in order to interrupt all the necessary service, which the hacker called a complete outage. The main phase of attack was planned at 7th April, but now it looks that those hacker collectives changed their strategy, or may be they can't wait till April, and as result anti-Israel hacking collective affiliated with Anonymous managed to breach several Israeli government servers, causing a big data leak of more than 35,000 Israeli government officials, including politicians, military leaders, and police officers. The hack was done under the banner of #OpIsrael, and from the twitter feed of Anonymous, the hacker group took responsibility of the cyber attack. A comprehensive spreadsheet purporting to include the information of all 35,000 Israeli officials was published by the website Cryptome, though it did not independently verify the information. The coalition of hackers appears to have ties to the Iranian government, Pakistan, Syria, Egypt, and the terror group Hezbollah, according to a report published by Cryptome.

In our last report on this story we covered that, the attack will be organized as Anon ask other hackers and other underground communities to join the campaign. As expected, it happens; RedHack, a Turkey-based Marxist hacker group responded to Anonymous and they claimed to breach Israeli intelligence agency known as 'Mossad.' RedHack claimed to gain access inside Mossad's server; which lead them release personal information including phone numbers, emails and addresses of Mossad officials. "Yes, we realize we are sailing in dangerous water but we like swimming,” said hackers of RedHack. From a report of RT we came to know that not only data breach but also hackers performed massive denial of service attack against Mossad. In spite of RedHack’s claims, some argue that the names and information do not belong to Mossad officers or informants.

“Whatever they stole, it probably wasn’t secure details of top Israeli brass, either from the army or the Mossad,” internet researcher Dr. Tal Pavel told the media. “There is no doubt that they got some identification information about Israelis, but the claims that they hacked the Mossad site and got a list of Mossad agents is most likely psychological warfare, and not a hack into an important database,” Pavel added.

Whether those leaks are not that classified, whether those data does not belongs to Mossad, but one thing is clear and that is in-spite of having precaution, Israel government yet again failed to protect themselves from massive attack which caused a massacre. And from this story it is also predictable that hackers around the globe came under one shade or one unity, in order to target Israel over Gaza issue. As 7th April is still a week away from today so lets wait for the time, and stay tuned with VOGH to get all the latest update on this story and also other cyber issues.

"We Steal Secrets: The Story of WikiLeaks" -Documentary Movie Based on WikiLeaks

2013-03-30T02:17:00.000+05:30

"We Steal Secrets: The Story of WikiLeaks" -Documentary Movie Based on Julian Assange & WikiLeaks

Millions of WikiLeaks fans will be happy when they will come to know that a documentary type movie is coming in this year which will be based on the true story or in other sense, based on the journey of WikiLeaks. As per sources several active projects are currently running on WikiLeaks such as a feature called “The Fifth Estate” which stars Benedict Cumberbatch as Julian Assange. Other versions are planned as well, but the very first one which is out of the gate is the one we are talking about. The name of much waited coming movie is “We Steal Secrets: The Story of Wikileaks” which will be a documentary coming later this year from the insanely prolific filmmaker Alex Gibney. People like us who love the cyber space have already seen many movies based on hacking like Hackers, Takedown, The Matrix, Die Hard 4, The Italian Job, Anti Trust, Swordfish, The Girl With Dragon Tattoo, Reboot & so on. So the special expectation will deferentially be on "We Steal Secrets" and the official trailer is saying so.

According to IMDB, it has been confirmed that WikiLeaks founder Julian Assange himself is acting on the movie where another world famous hacker Adrian Lamo playing an important role in We Steal Secrets- a documentary that details the creation of Julian Assange's controversial website, which facilitated the largest security breach in U.S. history.

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)

2013-03-20T04:10:00.000+05:30

Anonymous Threatens Israel to Erase From The Internet (#OpIsrael)

Infamous hacker collective group Anonymous along with some organized hacker communities together started a massive rampage against Israeli cyber space. The hacker group threatened Israel government while planning to engage a massive cyber-attack on Israel, saying that, they will "erase" the country from the Internet. From some legitimate sources it has been confirmed that the hackers are planning to execute the attack on 7th of April. One of the twitter account of Anonymous also confirmed the date and timing, while saying "Hacktivists Starting Cyber Attack against Israel on 7th of April." Also twitter feed of Anonymous invited numerous hackers communities around the world to join up for the cyber rampage dubbed Operation Israel Phase 2 (#OpIsrael). On the other hand Israel government took the threat seriously and taking almost every steps to avoid any kind of disaster. Ofir Ben Avi, director of online group Accessible Government of Israel told the media -“It’s something being organized online over the past few days. What distinguishes this plan when compared to previous attacks is that it really seems to be organized by Anonymous-affiliated groups from around the world in what looks like a joining of forces”

As you all might know that past experience of Israel while dealing hackers was not at all sweet. In case of Anonymous then we would like to remind you that, this would be the second attack on Israel by the group, as they launched the first “OpIsrael” in November 2012 in response to Israel’s attack on the Gaza Strip. If you dig the recent past you will come to know that not only Anonymous, but also hackers from different part of the world targeted Israeli cyber space and caused big damages. For instance we can recap the hack of Kosova Hackers Security (KHS) where they hacked and exposed personal data of 35,000 Israeli people. Here we must have to name the hackers from Pakistan who are constantly against Israel causing massive cyber attack against leading IT industry of Israel and other high profile Israeli sites. Just a couple of months ago, the world seen what it call the black day in the history if Israeli cyber space where another Pak hackers community hacked the main domain controller of Israel, which causes a massive hack against almost all the big Israeli sites such as government, MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel & many more. Here we can also take the name of Indian hacker Godzilla & Arabian hacker community (Group-XP) who also harassed and harmed the Israeli cyber space very very badly. After observing all the scenario mentioned above, it is expected to watch some sensational fight between hackers and Israeli government. So lets wait for the time, and stay tuned with VOGH to get all the latest update on this story and also other cyber issues.