Anonymous hacks pedophile website - Operation Darknet returns

Anonymous hacks pedophile website, leaks admin and user account information. This week hacktivists associated with the international Internet collective known as Anonymous hacked into a child pornography website identified as Kindzazachan.

The successful hack is being billed as a return of Operation Darknet (#OpDarknetV2). Last October, working under Operation Darknet, Anonymous  hacked Lolita City, a darknet website used by pedophiles to trade in child pornography. At that time Anonymous released usernames and related information of more than 1,500 pedophiles trading in kiddie porn.
Anonymous announced the hack of child porn website Kindzazachan on May 11, by issuing a Pastebin release. The following is an excerpt from that release:

As our first official attack for #OpDarknetV2, we bring you something that we are sure you will enjoy. One of our members managed to find an SQL injection vuln on a pedophile onion website that goes by the name of Kindzazachan, he breached the servers, and now we bring you the leak of data from the website. We warned you pedos, we told you we were coming for you.

Anonymous announced the return of Operation Darknet via Pastebin earlier this month. The following is an excerpt from that announcement:

We anons were once again wandering through the darknet, and again found the pedophiles have grown stronger since our previous attacks... This is absolutely unacceptable, the disgusting content on over 40 child pornography sites grow larger and we will not sit back and watch, we will make a stand once again with the destruction of freedom hosting, lolita city, and any other website geared towards the trading of content with rape/pedophilia. Tor is not our target, only the sites hosting the child pornography are the targets. We shall return with
bear rugs. Chris Hansen is coming. Expect us.
#OpDarknetV2 engaged.

OpDarknetV2 and the hack on Kindzazachan is associated with a Twitter account identified as @PrOtOn_An0n.

Create Your Own Programming Language

 Want to create a programming language, but don't feel like going through one of those expensive and boring 1000 pages book? 

A 77 pages PDF detailing core concepts and applying them to a custom language (included: ePub & Mobi formats).

Proposed extensions to the language with solutions at the end of the book.

Full source code of three languages in Ruby & Java. Easy to extend and play with.

Explaining step by step how to extend the JVM language.

Join the thousands of coders who created their own language.

DOWNLOAD

 

CurationSoft

What will CurationSoft do for you?

Greatly reduce the time it takes to find, review, and include content from sources in blog posts and on social media. You will post more often, gather more search rankings and increase your following.

Easy To Use And Fast

By design, CurationSoft is simple to use. Search by keyword, choose your content, drag and drop, add your commentary and post. Results are generated lightning fast and you'll find it's actually fun to use CurationSoft. Stop dreading everyday sharing and posting.

Multiple Content Sources

Use CurationSoft to search blogs, Twitter, YouTube, Google News and Flickr for fantastic content your readers will love. CurationSoft covers all the buzz in your market. More sources like Wikipedia, Facebook and more are in development.

Save Hours Of Time

Drag and drop the hottest stuff in your niche! Fire up CurationSoft and get a full, exceptionally curated post done in a fraction of the time. Curated content is easier and makes your blog a hot destination of quality, filtered content.

Better Search Engine Rankings

CurationSoft builds back links and increases your search engine rankings. Because you are creating topic-based posts Google is more likely to consider your content more relevant and rank it higher.

Works Anywhere

You can "Drag and Drop" content from CurationSoft into any HTML text editor. Because of this, the software can be used on any platform, remote blogs, static & dynamic HTML pages and even forums that accept HTML. The options are endless.

Build Your Own Castle

CurationSoft is the first desktop based curation software that posts to your site. A quick look at nearly all of our competitors and you'll find that they are having you "build their castle". Meaning, the content you post is stored on their site and benefits them and not you.

We Care About Copyright

All the content CurationSoft returns is safe to use. Photos have the proper license, blog posts are sourced and linked to, YouTube videos are embedded which is compliant with their terms of service. We respect copyrights and don't want to get you into trouble.

Generate Backlinks

Each time you link to a blog in CurationSoft it generates a pingback. If the blog you are linking to accepts pingbacks, then you will receive a link from that blog. No more begging for back links or tedious commenting, just link to their site when they have an informative post.

Boxshot King

Create Stunning Graphics In Under 2 Minutes - Without Photoshop

• 44 designs to choose from
• NO software to download
• Works for both Mac and PC
• Extra graphics included
• Background textures included
• Upload your own designs
• NO outsourcing headaches.

DOWNLOAD

Fix Redirect Virus

 
"The Google / Search redirect virus is one of the most common viruses of 2010, 2011 & 2012, infecting millions of computers around the World. Designed by expert hackers, it is highly annoying and will continually redirect your web searches to fake or dangerous websites. The main reason why this virus is is one of the most damaging is that it cannot be removed with traditional antivirus programs. Instead, you need to use special methods or tools to get rid of it, which have remained a mystery until now.

FixRedirectVirus is the solution to remove the search redirect virus from your PC. Created by a computer technician with over 10 years experience, this working method removes the virus at its core - removing the infection from your PC & preventing it from returning. My simple program will explain exactly what the virus is and will then remove it automatically for you.

You can use my Google Redirect Virus removal product on any version of Windows and with any web browser. I have cracked the code for how the virus works, and you'll now be able to remove it from any Windows computer. You just need to install my step-by-step system and it will do the rest for you."

What Is The Google Redirect Virus
& Why Is It So Difficult To Remove?

The Google Redirect Virus is a "browser hijack" virus which will send your computer to bad websites when you are redirected online. When not infected, Windows will be able to send you to the correct website, but if you have the Google Redirect Virus, the virus will "inject" its own websites into the redirect process, leading your PC to send you to undesirable websites. This will happen for all redirects, not just search engine results... however, as most search engine results will redirect you, that's where most people see the issue.
Not many people know this, but when you click on a link on the search engine, it won't take you to the page you're looking for straight away. In fact, Google, Yahoo & Bing will all take you to a special link on Google.com / Yahoo.com / Bing.com in order to track your searches and other metrics. All search engines redirect your results, meaning that if you have the redirect virus, it's going to show when you search for something online.

The reason why this virus is difficult to remove is because it doesn't leave any "footprint" or "trace" on your system. Unlike typical virus infections (which will place a fake file or application onto your PC), the search redirect virus will just change the redirect settings for Windows and then disappear. This means that most antivirus programs are powerless to remove it.

DOWNLOAD

Smart PC Fixer

Fix Windows Errors & Optimize Your System 

No Blue Screen, No Lock up, No Errors, Less Garbage Files → More Smooth System Running. 

Features:

1. Scan & Clean

SmartPCFixer™ will help identify and fix Windows' invalid registry entries. By running Scan & Cleaner as part of scheduled maintenance, it will keep your PC from freezing or frequent crashes . Using it will reduce the probability of you getting a "blue screen", program not responding or lock up.

2. System Optimize

A set of tools is designed to provide the user's computer system with better optimization, which helps you manage startup items, desktop, browser objects, Internet, system service, Windows optimization, file extensions and so on. With these sophisticated utilities your system is tuned up to run at the optimal state.

3. IE Tools

Includes Internet BHO (Browser Helper Objects) manager and IE restorer, which detects and removes harmful BHO or malicious plug-ins restoring Internet Explorer to a 'healthy\' performing state.

4. System Fix

A Toolkit designed to scan, diagnose and your operating system. Using it results in better optimization, manages startup and desktop, assists you with maintaining browser objects, internet options, system service, and repairs file extensions. With this arsenal of powerful, sophisticated utilities your system is tuned to run at its optimal state. Included are Easy Repair Wizard, Error Utilities, File Association fixer, Register ActiveX, Shortcuts Fixer, Winsock2 Repair toolkit, Dll Fixer and more.

5. System Tools

This set of bonus System Tools includes 4 useful and effective utilities to enhance the usability and performance of your PC.

6. Backup

SmartPCFixer provides you with Registry Backup, System Backup, Favorites Backup and Folder Backup. In addition, the new built-in function of Restore Point enables you to create a system store point so you can recover your system to a previous state if you do not like the changes you have made. This ensures the safety of your system when you run the registry repair process.

DOWNLOAD

The Revolution from Cyber Terrorist attack to Indian Cyber Security

Cyber attack has put our lives in danger every second. The cyber attacks are becoming the root cause of the mishappenings around us every other day. As the next generation wars are increasing depending on robust and secure information systems networks, it is imperative for a country to invest in building a reliable infrastructure.

As the next generation wars are increasing depending on robust and secure information systems networks, it is imperative for a country to invest in building a reliable infrastructure. Increasing attacks on cyberspace in India has brought several professionals and experts from the Industry, in support with the last week, India’s Defense Minister, AK Antony, announced an additional $1.3 Billion will be invested in the project making the grand total to a $3.1 Billion. 

It is observed that many Electronic Notification is usually sent before a major terrorist attack, followed by defacement of government web sites such as Mumbai Terrorist attack. India is facing several cyber threats, reports claimed that government servers have been used in hacks against China and Delhi’s airport being being under a cyber attack. These reports are in addition to news of 112 compromised government websites during December 2011 to February 2012.

Another Event, “The Hackers Conference” is being organized at India Habitat Center, New Delhi. It is first ever gathering in India which is going to be attended by several Blackhat Hackers too along with Security Experts hence providing a unique interface and platform for open dialogue between hackers and security experts to bridge the existing gaps in security arena to make Internet safer and more secure.

The Hackers Conference will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from Government Intelligence Agencies will also speak on National Security Issues emerging from Scada Hacking.

In the Nut Shell, this is an event where we are making a small effort to unite together with the Indian Government to support a cause that will allow us to have a sound and peaceful environment.

Hack Facebook Password v.1

This advanced program will help you to hack facebook password of any account. All you need to know is their email address and you’ll be able to gain access to the users account. This program is to be used to recover and change your own facebook accounts password, to help a friend recover theirs with their permission, or for parents to keep an eye on their children’s accounts. If you use the hack facebook password  program for any purposes besides this, you are responsible for your own actions.

With that being said, the program hack facebook password is fairly simple to use. In the first text box you will insert the email address for the account or if you’re unable to figure that out, you can input the profile id which is usually like a 9 digit number sequence but can often be word or words set by the profile owner. You can find this number by looking at the URL when you visit the program.

After you’ve got the first text box filled, set the password in the next two boxes. I’m well aware that you could simply use the program again in order to change the password if you didn’t input it correctly; however, to make it a more practical program you’ll need to verify that you typed it correctly. Finally, hit the "change" button. This will begin the process of logging you in and changing the password. When it has completed the task, you will be notified with a message box informing you it has completed and that you can now log in.

Use the Hack Facebook Password program responsibly. You are responsible for your own actions. Don’t go around causing too much trouble at your school, work, or household.

Download it here!

How to uninstall BackTrack 3,4,5 from hard disk

We will show you how to easily uninstall your backtrack series (3,4,5) from your hard-disk when you are using it with another operating system like a Windows 7 or Windows XP.

  We need one bootable Windows 7 cd ( if you have dual booted with XP then use XP bootable )

Now put bootable DVD or pendrive in to your system and restart it.

Select repair Windows option or press R button keys when installation menu comes up

Choose command prompt and type:

^{Bootrec.exe /fixmbr}

This will load standard Windows boot menu and remove Ubuntu grub.

Now go to your Windows 7 orXP.

AFTER REPAIR : 

 

1.  Right click on My computer

2.  Select manage option ( manage option needs administration rights)

3.  Now click on Device manager, you can see your backtrack partition ( it won't contain name like C drive or D drive but you can verify with 76 gb of partition and 3 gb of partition )

4. Delete volume, Reboot your system and you are done.

5. Backtrack is now uninstalled from your computer

Cracking IDM

Using this hack you can register the Internet Download Manager (IDM) for free using you own credentials i.e register on your Name and email ID.
This hack also works for trail IDM that means download a trail IDM from there site and register the professional i.e. full version of IDM with your credentials for free using my hack.

Hack or crack IDM manually :

Step 1: Download the IDM trial or If you already have IDM installed Update it by going to Help—}} then to check for Updates.If you don’t wanna update your version, Just click on Registration.

Step2: When you click on registration, Now a new dialog(window) appears that is asking for Name, Last Name, Email Address and Serial Key.

Step3: Now Enter you name, last name, email address and in field of Serial Key enter any of the following Keys:

RLDGN-OV9WU-5W589-6VZH1
HUDWE-UO689-6D27B-YM28M
UK3DV-E0MNW-MLQYX-GENA1
398ND-QNAGY-CMMZU-ZPI39
GZLJY-X50S3-0S20D-NFRF9
W3J5U-8U66N-D0B9M-54SLM
EC0Q6-QN7UH-5S3JB-YZMEK
UVQW0-X54FE-QW35Q-SNZF5
FJJTJ-J0FLF-QCVBK-A287M

And click on ok to register.
Step4: After you click ok, it will show an error message that you have registered IDM using fake serial key and IDM will exit. Now here the hack starts.
Step5: Now Go to START => Then go to RUN and type the following text and click enter:

notepad %windir%\system32\drivers\etc\hosts

Step6: Now right click on hosts file and go to its properties, then go to security tab and then select your admin account, just below u will see an edit button (in front of change permissions), Now give the user full control and write and read rights and then click on apply and then click on Ok, now u will be able to edit the hosts file and save changes in it.

Detail Note about Granting Permission In Windows7:

For Windows 7 users, due to security reasons you will not be able to save hosts file.so follow this steps :
First of all go to C:/ drive then go to Windows Folder and then go to System32 folder and then go to Drivers folder and then go to Etc Folder, in the Etc folder you will see the hosts file.
Now right click on hosts file and go to its properties then go to Security tab select Users under Group or user names and click on edit button,Permission For Host Window will get open, in that window select Users account and grant permission in bellow section which is “Permission for SYSTEM” by clicking all checkbox under “Allow” Name and press Ok.Dnt click on any Deny check box.


Note : if  you have login through admin then skip this step6 .Its just for granting permission for editing file.


Step7: Now a notepad file appears something like this as shown below:

add code in the hosts file idm

Now copy the below lines of code and add to hosts file as shown above image box :

127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com

After adding these piece of code, save the notepad file. And exit from there.
Now start your Internet download manager, and now you IDM has been converted to full version and specially when you update next time, your registration will not expire.
That means it will remain full version for life time and you can update it without any problem in future.

Anonymous Hackers Targeting Russian government websites for Putin Inauguration

Anonymous hackers to launch cyber attacks on the websites of the Russian state agencies to support the opposition. In a YouTube video , Hackers said that the Russian government website will be subjected to DDOS attack on May 6, and on May 7 the same will happen with the prime minister’s site. “Join us! All it takes is a few simple actions to bring this rotten and corrupt system to its logical end.”

The hackers then posted instructions for everyone who would like to participate in attacks. Putin convincingly won a six-year presidential term in March despite a wave of protests following a December parliamentary poll the opposition said was tarnished by large-scale voting fraud in support of his party.

It said it would launch attacks on the Russian government website Government.ru at 1200 GMT on May 6 and on the prime minister's website Premier.gov.ru on May 7 at 0900 GMT. Anonymous demanded that the authorities were more resolute in the fight against corruption and opposed the moves restricting the freedom of expression on the internet. Moscow has called for a globally binding UN treaty on cyber security to crack down on web  crime.

RedKit Exploit Kit : New web malware exploitation pack

Trustwave researchers have spotted a new exploit kit called "RedKit Exploit Kit" that  being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits.

In actual, The new kit has no official name, so the researchers dubbed it 'Redkit' due to the red bordering used in the application's panel.

"Logging to the admin panel presents you with options which are typically used by other exploit kits. The panel allows you to check the statistics for incoming traffic, upload a payload executable and even scan this payload with no less than 37 different AV’s," Trustwave reports.

To deliver the malware, RedKit exploits two popular bugs:

1.) The Adobe Acrobat and Reader LibTIFF vulnerability (CVE-2010-0188).

2.) The Java AtomicReferenceArray vulnerability (CVE-2012-0507), lately used by the criminals behind the massive Flashback infection.

"As each malicious URL gets blocked by most security firms after 24 to 48 hours, the Redkit's author have provide a new API which will produce a fresh URL every hour, so that customer of this exploit kit can now set up an automated process for updating the traffic sources every hour or so to point to the new URL."

ISPA to launch cyber security code of practice in SA

South Africa’s Internet Service Providers’ Association (ISPA) has teamed with Australia’s Internet Industry Association to develop a new voluntary industry code of practice to improve cybersecurity for end users. Known as the ‘icode’, and developed in conjunction with Australia’s Internet Industry Association, the code will provide a consistent approach for South African ISPs to help inform, educate and protect their customers in relation to cyber security.

"The increasing threat of zombied computers - computers which have been essentially hijacked and are under the control of criminals or other third parties - presents a real risk to users. Identity theft, fraud, and increases in spam are all possible consequences of compromised computers."

 

By following the code, ISPs will contribute to reducing the number of compromised computers in South Africa and enhance the overall security of the South African and international Internet.

The security code initiative was welcomed by the banking sector, which is intrinsically affected by malware and security breaches.South African Banking Risk Information Centre (Sabric) CEO Kalyani Pillay says the country's banks constantly review security measures to offer Internet users as safe an online banking experience as possible.

The icode is expected to contain four main elements:

- A notification/management system for compromised computers

- A standardised information resource for end users

- A comprehensive resource for ISPs to access the latest threat

information

- A reporting mechanism in cases of extreme threat back to national

security agencies to facilitate a national high level view of attack

status.

 

Android Malware and Corporate Networks Security

A new Android Trojan dubbed "NotCompatible" is being spread through compromised Web sites. This may directly affect Android tablets and smartphones, along with being a potential risk hazard to corporate networks and their security.

Kevin Mahaffrey is co-founder and CTO of a San Francisco based firm called Lookout Security. The main focus of the company is Android and during their investigations it was found there was a new malware out there. Called “NotCompatible” the Android malware is, according to Mahaffrey, a risk to corporate networks.

 

According to their report, a hacked Web site would contain a hidden iFrame at the bottom of the page. When the Android browser loads the page, it will attempt to load the file in the hidden iFrame. Upon loading the file, the browser would transfer control to the app loader, which would display an application installation screen, with the header com.Security.Update. An unsuspecting user might install the app, and thus infect their Android device.

Fortunately, the malware isn’t very stealthy. Mobile malware threats are not as widespread as those targeting PCs. Criminal hackers are experimenting with different business models for mobile devices, such as tricking users into subscribing to pay-text-message services that the criminals control.

Android app security holes have long been a concern because of the mobile operating system's more open architecture and the app market's less stringent standards for developers than others such as Apple's iOS or Research In Motion's BlackBerry OS.Earlier this year, Google said it was using a service called Bouncer that automatically polices its app market and takes down offenders before they strike.

Mahaffey, who studied Internet browsing data from Android gadgets to draw his conclusions, said an attacker could latch on to a business or government network if an employee whose Android device has been infected with NotCompatible accessed their corporate information via Wi-Fi.

With over 600 million Android devices in the world, the purveyors of malware will always be seeking ways to infect your Android device. The worst kind of update you can download to your machine is one that you didn’t ask for and don’t know where it comes from.

 

Social game Zynga's YoVille gets hacked

Matt Spencer has been an active player of "YoVille" since the Zynga-owned virtual world launched in 2008, but hasn't played the game in about three weeks. He post a complaint on the gaming company's forum that in late January, Spencer's "YoVille" account was compromised and he lost much of his collection of virtual items, including millions of virtual coins and a pair of sunglasses that have become a collectors' item.

Hackers infiltrate the social game affecting gameplay and stealing users' virtual goods, but private and sensitive data isn't compromised. Zynga is aware of the security problem and is addressing it, said Cadir Lee, the company's chief technology officer. The company first started to get reports about it "a few weeks ago," he said. The company investigated the issue and found that it was due to some "compromised administrative and moderation tools," he said. Zynga has since fixed the problem, he said.

Spencer was among numerous "YoVille" players who contacted this newspaper after seeing their virtual items disappear in recent weeks and months. To resolve this Zynga has returned all the virtual property that was stolen during the YoVille breach and has also banned some players.

People hacking games to get free stuff is a long-standing problem, said Lawrence Pingree, a security analyst at Gartner, a technology research firm. These days, hackers focus on scamming the game for free goods within it or to steal goods that they can sell to other players.Zynga itself is a past target. Last year, a British hacker admitted to stealing $12 million worth of poker chips from "Zynga Poker."

55,000 Twitter accounts compromised

Thousands of Twitter passwords were exposed this week and the site was looking into matter. According to a message posted on Twitter's Japanese blog, None of the recently leaked Twitter logins and passwords came from within the company.

Twitter has assured its users that their personal details are secure after a post by document sharing site Pastebin reportedly contained 55,000 accounts' login details. "We have confirmed that no one's information has been leaked from Twitter," the blog said, after apologizing to users for their concerns.

Twitter added that it has also taken measures to defend itself in case any of the unexamined data is actually correct. It also warned users to avoid "fishing" Web sites, which try to con login information out of unwary surfers, and to use strong passwords that are unique for separate sites.

So far, it is yet to be established who can be held responsible for the attack, although many media outlets have since credited it to the hacktivist collective Anonymous.

Anonymous: We Are Not Terrorists but Fearless Freedom Fighters

Black Ops 2 trailer that was released recently, portrays the Anonymous organization as the enemy of the United States, which has pissed them off greatly. Anonymous has responded to Activision’s marketing campaign for Call of Duty: Black Ops 2, which paints the hacktivist group as terrorists.

The video was uploaded by YouTube user ALEXIUS ANON, an account which was created only last week. It’s thus important to underline that official Anonymous channels of communication have not confirmed they will be targeting Activision. That being said, they are certainly aware of what the company did.

 

"This act will show you how serious our collective us and that we will protect any human who calls himself Anonymous," says the video's narrator, who wears a Guy Fawkes mask. Also, Activision CEO Eric Hirshberg has been doxed, and are threatening to cause a lot of damage to the company’s infrastructure.

This is what they posted:

Greetings fellow users. It has come to our attention that Activision entertainment company used our collective as a bad example to other players all over the world. Selected company presented us as a terrorist group with plans to hijack planes and others. This is our reply to the selected company Activision: We are not terrorists, we are fighters for freedom in every aspect of meaning. However, if you want to present us in that way we will need to take action against your company and online servers.

We will hijack military system and use valid date to control over the parameter. We will deface your online game servers and make damage of millions of dollars to your company. This act will show you how serious our collective us, and that we will protect any human who calls himself Anonymous. The time has come to expand our collective. It is time to take steps on streets, protest and other public actions in order to bring one step to mission and create a public team who will proceed with the mission.

Again this is the act of all of us who share the same idea and mission. To others, our message is continue to share data, links and other protest space. That is all steps to one great plan, a final mission that will free the system form potential threats. So you can see, we are all one team, Anonymous. We are legion. We do not forgive. We do not forget. Activision, expect us.

Human Rights organisation website Serves Gh0st RAT Trojan

According to the company’s Security Labs blog, Amnesty International’s United Kingdom website was compromised and hosting the potent Gh0st RAT Trojan earlier this week. Malicious Java code was planted on the site in a bid to push the Gh0st RAT Trojan onto vulnerable Windows machines. If successful, the attack plants malware onto machines that is capable of extracting the user's files, email, passwords and other sensitive personal information.

The vulnerability for the infection stemmed from a popular Java exploit, CVE-2012-050. Hackers exploited that hole and used it to inject the Amnesty International site’s script with malicious code. The Java hole was the same used by Flashback, the much buzzed-about Mac OS X Trojan in recent months.

The exploit code used in this attack appears to have been copied from Metasploit, an open source penetration testing framework popular among security professionals, Giuliani said.

The injected web code was removed after Websense alerted Amnesty to the issue.The attack bears all the hallmarks of a series of attacks that appear to be targeting pro-Tibet organisations and sympathisers, most likely by a group connected to China.

The Gh0st Trojan has been used by suspected Chinese hackers in several advanced persistent threat (APT) style attacks, most notably the ‘Nitro’ attacks against energy firms in 2011. Chinese involvement in the Amnesty International attack is suspected but unproven.

Websense detected over 100 other websites infected with the same malicious code as Amnesty International's U.K. website during the same time period, Carl Leonard, senior manager of Websense Security Labs, said.

North Las Vegas Police Department hacked by ZHC

The official website of North Las Vegas Police Department (NLVPD) - http://www.joinnlvpd.com/ defaced today by ZHC BlackOne HaXor - ZCompany Hacking Crew - [ZHC] and above shown black deface page with message displayed on Homepage.

Page indicates the cause of Hack  "Stop Nato Attacks on Pakistan!" ZHC is a Pakistani Hacking group defaced thousands of websites before against India and also this is second time that Las Vegas Police Department  website got hacked.

Mirror of hack can be seen here.

Security Alert: Wi-Fi Hotels used to Spread Malware

According to a report from the Internet Crime Complaint Center (IC3) – a partnership between the FBI and the National White Collar Crime Center (NW3C) - Hackers are targeting foreigners' laptops using hotel Wi-Fi, the Internet Crime Complaint Centre and FBI have warned.

The malware is spread through hotel Wi-Fi networks, posing as an update for a popular software product. The number of laptops getting infected with malicious software while using hotel Internet connections is on the rise.

 

“Analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travellers abroad through pop-up windows while establishing an internet connection in their hotel rooms,” the IC3 said.

The officials didn't explain what the malware actually did, but the FBI warned that anyone travelling overseas, and particularly on governmental or private-sector business, should take extra care when abroad and plan a pre-departure update schedule. “Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack,” the note said.

Updating your laptop before going abroad is also a good idea. Finally, when in doubt, it is better to spend some time going to the software vendor’s website to verify that the update is necessary.

 

Orion Browser Dumper v1.0 released

Jean-Pierre LESUEUR (DarkCoderSc) releases another Browser Forensic tool for Community called "Orion Browser Dumper v1.0".

This software is an advanced local browser history extractor (dumper), in less than few seconds (like for Browser Forensic Tool) it will extract the whole history content of most famous web browser, Actually Internet Explorer, Mozilla FireFox, Google Chrome, COMODO Dragon, Rockmelt and Opera.

You can download the tool from Official Website of DarkCommet.

17 year old Teenager arrested over TeamPoison hacking attacks

A teenage boy has been arrested on suspicion of being a member of "TeamPoison", a computer hacking group that has claimed responsibility for 1,400 offences including an attack on the phone system of Scotland Yard's counter-terrorism unit last month. These include attacks on the United Nations, the UK Anti-Terrorist Hotline, MI6 and RIM, as well as politicians including Nicolas Sarkozy and Tony Blair.

 

 

The boy, who police suspect used the hacker nickname 'MLT' and was a spokesman for TeamPoison, was interviewed at a local police station on offences under the Computer Misuse Act on Wednesday. The arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs who have made headlines in the last year or so.

TeamPoison’s highest-profile attack was mounted against Scotland Yard’s counter-terror hotline last month, has also claimed responsibility Distributed Denial of Service attacks against banks in collaboration with Anonymous, another “hacktivist” group with similar anti-corporate and anti-authority politics.

Pentagon boosts contractor cybersecurity program

The US Defense Department invited all of its eligible contractors on Friday to join a previously restricted information-sharing pact aimed at guarding sensitive Pentagon program data stored on private computer networks.

The Pentagon predicts that as many as 1,000 defense contractors may join a voluntary effort to share classified information on cyber threats under an expansion of a first-ever initiative to protect computer networks.

The effort, known as the Defense Industrial Base ("DIB") program, is a voluntary information-sharing program in which the Department of Defense shares "unclassified indicators and related, classified contextual information" about cyber-attacks and threats with defense contractors.

 

In exchange, defense contractors report known intrusions and can receive forensics analysis and damage assessments from the government after those attacks. In an optional part of the program, the DIB Enhanced Cybersecurity Services, the government shares additional classified threat and technical data with defense contractors and Internet service providers.

If the Pentagon’s effort proves successful in safeguarding defense contractors from cyber attacks, the administration may enlarge the program to companies in 15 other critical infrastructure categories through the Department of Homeland Security.

More than 2,000 companies qualify and the membership rolls will be expanded on a first-come, first-served basis, the official said.At the program's entry level, the Pentagon will give participants unclassified "indicators" and classified "contextual information," as well as suggested measures for addressing cyber threats.

Volunteer companies must sign a standardized bilateral framework pact that calls for sharing "to the greatest extent possible" for the clearest understanding of cyber threats, according to an interim final rule published Friday in the Federal Register.

Recently, the security of critical infrastructure companies was put into the spotlight again when reports surfaced about a series of cyber attacks targeting the natural gas industry.

“The increasing connectedness of infrastructure not only makes U.S. utility companies more vulnerable to cyber-security attacks but increases the cascading effect an attack can have on other infrastructure sectors and capabilities,” said Chris Petersen, CTO of LogRhythm.

“A fundamental challenge utilities face is that supervisory control and data acquisition (SCADA) systems were not designed to be secure. Much of the existing infrastructure was developed and implemented prior to the rise of the Internet. Security was most often thought of in the physical sense.”

 

The Hackers Conference 2012 Call For Papers #THC2012

We are extremely delighted to announce the Call for Papers for The Hackers Conference 2012. It is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most topical issues of the IT world.

Conference will be held in New Delhi, India and aims to get together industry, government, academia and underground hackers to share knowledge and leading-edge ideas about information security and everything related to it.

The following list contains major topics the conference will cover. Please consider submitting even if the subject of your research is not listed here.

Topics

• Cloud Security
• Wireless hacking
• GSM/VoIP Security
• Smartphone / Mobile Security
• Exploit development techniques
• Advance in reverse engineering
• National Security & Cyber Warfare
• New Vulnerabilities and Exploits/0-days
• Antivirus/Firewall/UTM Evasion Techniques
• New Web attacks and application hacking
• Mobile Application Security-Threats and Exploits
• Hardware hacking, embedded systems and other electronic devices
• Malware development and Analysis of Malicious Code / Viruses / Malware
• Security aspects in SCADA, industrial environments and "obscure" networks

Important Dates:

• CFP Opens: 1st May 2012
• 1st round of Speaker list Online: 1st June 2012
• CFP Closing Date: 1st July 2012
• Final speakers List online: 10th July 2012
• Conference Dates: 29th July 2012

Speaker Benefits:

• Free pass to the conference
• Accommodation during the Conference

Call for Papers is opens until 1st July 2012 so if you have interesting topics to present at The Hackers Conference you are welcome to submit!

Cyber Attacks on gas pipeline linked to China

The spear-phishing attacks laying siege to networks in the natural gas pipeline industry apparently are being carried out by the same group that hacked RSA security last year. The attacks, which have been occurring since late this past March, have targeted several of the country's natural gas pipeline companies.

According to U.S. officials, it's unclear if a foreign power is trying to map the gas systems or if hackers are attempting to harm the pipelines. A previous attack on the oil and gas sector seemed to originate in China.

 

DHS supplied the pipeline industry and its security experts with digital signatures, or "indicators of compromise" (IOCs). Those indicators included computer file names, computer IP addresses, domain names, and other key information associated with the cyberspies, which companies could use to check their networks for signs they’ve been infiltrated.

DHS officials and a spokesman have acknowledged they are working with the FBI to find out who may be behind the intrusions and malicious emails. The Monitor reports that some investigators now believe that the campaign is tied to another attack last year against cybersecurity company RSA, which the head of the National Security Agency told Congress could be traced back to China.

The group responsible for the RSA attacks has also been linked to several previous hacking incidents around the globe.Politico reports that these recent attacks, combined with the devastating 2010 natural gas pipeline explosion in California, illustrate the potential dangers of the rapidly expanding gas pipeline network.

The oil and gas sector has been targeted before. In February 2011 the computer security firm McAfee discovered a computer intrusion labeled "Night Dragon" that was traced to China. As part of that attack, individuals tried to obtain sensitive data and financial documents from the oil and gas companies about bids and future drilling exploration projects.

 

BitCoin hacked, More than 18,000 Bitcoins Stolen

Bitcoinica, a Bitcoin exchange started by a 17-year old teenager Zhou Tong, has been shut down for security investigations. It’s believed that at least 18,000 BTC ($90,000 or 68,000 EUR) have been stolen.

News of the hack was posted this morning by Bitcoinica's founder, Zhou Tong:

"Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

Suspicious transaction:

{

"account" : "",

"address" : "182tGyiczhXSSCTciVujNRkkMw1zQxUVhp",

"category" : "send",

"amount" : -18547.66867623,

"fee" : 0.00000000,

"blockhash" : "00000000000003f6bfd3e2fcbf76091853b28be234b5473a67f89b9d5bee019c",

"blockindex" : 1,

"txid" : "7a22917744aa9ed740faf3068a2f895424ed816ed1a04012b47df7a493f056e8",

"time" : 1336738723

},

We have contacted Rackspace to suspend all our servers and lock down our accounts. All your trading and financial data is safe (as far as I know), apart from the Bitcoin loss. Thank you for your patience and understanding while we investigate this issue in detail."

Many criticized the site’s owners for keeping such amounts of currency on hosted systems instead of using offline transactions and disconnecting the wallets from the trading infrastructure, especially after the Linode incident.

Zhou maintains that apart from the Bitcoins, the database was also stolen but the passwords was salted and encrypted using bcrypt. Zhou mentions that the stolen bitcoins are likely to be reimbursed by Bitcoinica in USD. This isn’t the first time Bitcoinica’s been broken into few months ago Bitcoinica’s bitcoin wallet which stored the funds were stolen due to a breach in Bitcoinica’s then webhost Linode.