Teen hacks an airline, makes £110,000 !...

Hi all, A 19 year old guy  identified by the surname Zhang  from Heilongjiang, North-East China committed fraud of approximately 1.1 million Yuan (£110,000) by hacking into an airline website and using the booking information he stole. Zhang illegally downloaded customer details for 1.6 million bookings, including flight details, names and phone numbers and then sent text messages to the customers saying that the flight was faulty and has been cancelled. Afterwards he has allegedly asked customers to re-book their flight and used the opportunity to gain a re-booking...

vBulletin Flaw exploited...

Hi all, Servers running vulnerable installations of the vBulletin forum software have been targeted in the wild by hackers. The security flaw was patched by the developer earlier this month. According to Symantec,since 5th November around 2,500 daily attempts to compromise servers by exploiting a serious vulnerability has been observed. The vulnerability has been patched by vBulletin on November 2. The flaw, which can be exploited for remote code execution, affects vBulletin 5 Connect, versions 5.1.4 through 5.1.9. All account passwords were reset after vBulletin released...

Polycom VVX-Series Business Media Phones...

Hello All, A couple of interesting observations have led to the discovery of vulnerability in the web administrative interface of a Polycom VVX600 IP phone running UC Software Version 5.1.3.1675.  The traffic has been proxied through BurpSuite, when something interesting has been noticed in the requests that the interface uses to display phone background images and ring tones to web users. The requests contained actual file names. The blog reads: “Anyone involved in web application security knows that it is dangerous to expose file operation arguments like file...

Cyber Bullying is So Nasty It’s Covere...

Hi all, Cyberbullying can be very disruptive and is an increasing concern. The internet can be a very nasty place sometimes. To help victims deal with this, the insurance company Chubb insurance is offering some customers in the United Kingdom benefits to help offset the costs of trolling.  Cyberbullying will be included as part of its personal insurance package with a cover of up to £50,000. Insurance holders can use this to get help from online experts for victims and counseling, or even covering lost income if the victim is off work for more than a week due to the...

“The Independent” news site’s blog...

Hi guys, The blog page of The Independent, one of the leading media sites in the United Kingdom was discovered to be compromised on the 8th December. It was putting millions of readers at the risk of getting infected with Ransomware. The affected website blog uses WordPress which is a popular blogging platform. The rest of The Independent site seems unaffected. A spokesperson for The Independent has stated that “an advert appearing on that blogsite may have included malware.” They have also added that the the affected site was a “legacy” system that was rarely...

Who stole the code?...

Hi folks, US authorities arrested Jiaqiang Xu, 29 former software engineer for IBM Corp in China for allegedly stealing proprietary source code from his former employer, prosecutors announced on Tuesday. In the federal court in White Plains, New York, he was charged with a criminal complaint with one count of theft of a trade secret. He was also  accused of trying to sell the stolen code to other companies. An undercover officer at  White Plains hotel has arrested him and has captured a recording of him saying he used the code to make software to sell to...

Internet Connectivity In Azerbaijan Was ...

Hi all, Almost all of Azerbaijan lost Internet connectivity for nearly 8 hours, last month due to a fire at Delta Telecom data center in the capital Baku. It has been reported that the outage affected services provided NTT, Telecom Italia, Telia, Level 3, Rostelecom and Transtelecom, and mobile network operator Azercell. The only way to access Internet services had been through local mobile operators Backcell and Azerfon. Consumers, businesses and government agencies across Azerbaijan suddenly lost their connections to the Internet. Banks were unable to make domestic...

UK Plans to Develop a National Cyber Cen...

Hi folks! A new National Cyber Center will be developed in 2016 to respond to cyber attacks in the UK. According to George Osborne, its chancellor the centre “will act as a single point of contact” for security experts in the country. Support and advice will be provided through the National Cyber Centre regarding cyber security. “Reporting to GCHQ will mean the centre can draw on the necessarily secret world-class expertise within this organization… But the centre will also have a strong public face and will work hand in hand with industry, academia and...

All DNScat2 Sessions Are Now Encrypted b...

Hello everybody! Now when you start a dnscat2 client, a key exchange with the server is performed by default and it uses a derived session key to encrypt all traffic. This prevents passive surveillance and IDS from seeing your traffic. But then it’s technically possible to launch a man-in-the-middle attack against dnscat2, but it’s unlikely. By default, all connections are encrypted, and the server will refuse to allow cleartext connections. If you start the server with–security=open (or run set security=open), then the client decides the security...

What Apps Does The ISIS Use? They Are No...

Hi folks! It was discovered recently that ISIS uses Telegram’s secure messaging for its terror campaigns but now researchers at the West Point military academy, have found out about other software they use. They have found an ISIS operational security guide which outlines recommended internet services and software, as well as the policies they’re supposed to follow. According to the findings, the guide requires Tor’s anonymity network to be used for browsing, Tails as their operating system and messaging services like Telegram, FireChat or iMessage....

« Previous Entries