Feb 07 2012

Hacker Demanded $50,000 for not releasing Stolen Symantec Source Code

Norton Source CodeAccording to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton Antivirus source code.

Hackers associated with the group Anonymous known as the Lords of Dharamaja leaked what appears to be another 1.27 gigabytes of source code from Symantec Monday night, what they claim is the source code of the Symantec program PCAnywhere.

A 1.2GB file labeled “Symantec’s pcAnywhere Leaked Source Code” has been posted to The Pirate Bay.

The leak comes as little surprise: Symantec had previously revealed that the hackers had obtained 2006 versions of that code along with other Symantec products from the same time period, and warned users of PCAnywhere to disable its functionality until they patched the program earlier this month.

The emails between Symantec employee Sam Thomas and the hacker(s) Yamatough, began in January. Symantec confirmed in a statement that it had contacted law enforcement after confirming the theft of the code and that the email exchange was, in fact, part of a criminal investigation. The email thread ended yesterday with Yamatough threatening to immediately release the code.

Feb 06 2012

Joomscan – Joomla Security Scanner Updated to 611 Vulnerabilities Database

JoomscanJoomscan, Joomla Security Scanner is now updated to 611 vulnerabilities database.

In Joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update

Overview:
Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity. It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites. No web security scanner is dedicated only one CMS.

Features:

  • Exact version Probing
  • Common Joomla! based web application firewall detection
  • Searching known vulnerabilities of Joomla! and its components
  • Reporting to Text & HTML output
  • Immediate update capability via scanner or svn

Requirement:
Perl 5.6 or up

Download: joomscan-latest.zip

Feb 05 2012

Wifi Protector – Protect Your Android From Wi-Fi Sniffing Attacks

Android Wifi ProtectorDetects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle) Attack.

Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via MITM through ARP spoofing / ARP poisoning.

Features:
– Uses very few resources
– Uses no resources if Wi-Fi is disabled
– Nearly zero battery consumption
– Requires very few permissions. Requests only absolutely necessary permissions
– No configuration required, works off the shelf for novices
– Experts can change many settings to adapt the app to their needs
– Undetectable by the bad guy
– 100% silent and passive inside the network. Generates no noise
– Highly customizable notifications
– Plays ringtone on attack (optional)
– Vibrates in a given pattern on attack (optional)
– Easy to use one-click-interface as well as detailed network view for experts
– “Immunity” protects you without disabling Wi-Fi (root required)
– Can also disable Wi-Fi if you don’t have root access to your phone
– Logging of all spoofing attempts with details about the network and the attacker
– Works in complex wireless LANs, like vWLAN and WDS (please see FAQ)
– Detects networks already under attack
– Automatic countermeasures


Download:
https://market.android.com/details?id=com.gurkedev.wifiprotector

Feb 04 2012

Anonymous Hacks FBI and Records Conference Call

Anonymous HackersEarlier today, Anonymous released a confidential conference call between the FBI and law enforcement officers in the UK. The 16-minute call discusses ongoing investigations into hackers associated with Anonymous, AntiSec, and LulzSec.

From all appearances, Anonymous retrieved the sensitive access code information and a list of attendees from an FBI email account. The group released a roughly 15-minute-long recording of what appears to be a Jan. 17 conference call devoted to tracking and prosecuting members of the loose-knit hacking group.

The email, titled “Anon-Lulz International Coordination Call”, was published on pastebin earlier today. The email with details for accessing the call was sent to law enforcement officials in Britain, France, the Netherlands and others but the only people who identify themselves on the call are from the FBI and Scotland Yard.In a message on Twitter, Anonymous posted links to the audio recording and said the FBI “might be curious how we’re able to continuously read their internal comms for some time now.”

The initial link to the conference call was for an mp3 download, but it was also made available to stream on YouTube.

The FBI and Scotland Yard have now confirmed that their internal conference call describing their investigation into Anonymous hackers was illegally intercepted, as was the email containing the conference call details. The Metropolitan Police also confirmed it, saying:“We are aware of the video which relates to an FBI conference call involving a PCeU representative. The matter is being investigated by the FBI. We continue to carry out a full assessment. We are not prepared to discuss further.”

Karen Todner, a lawyer for Cleary, said that the recording could be “incredibly sensitive” and warned that such data breaches had the potential to derail the police’s work.“If they haven’t secured their email it could potentially prejudice the investigation,” she told. Following a spate of arrests across the world, the group and its various offshoots have focused their attention on law enforcement agencies in general and the FBI in particular.

Feb 02 2012

NASA and Pentagon Hacker – TinKode Arrested in Romania

Hacker TinKodeRomanian police have arrested a man believed to be TinKode, the notorious hacker responsible for several daring, high-profile cyberattacks, including last year’s breach of NASA’s servers, Royal Navy, The European Space Agency and MySQL.com. The 20-year-old man, named as Razvan Manole Cernaianu, allegedly attacked Pentagon and NASA computer systems, revealed security holes, and published information about SQL injection vulnerabilities he had discovered, the Romanian Directorate for Investigating Organized Crime and Terrorist (DIICOT) said in a press release.

He also posted a video on his blog demonstrating an attack he carried out against the U.S. government, and created and offered for sale a computer program used to hack Web sites. Through his exploits, Cernaianu blocked access to systems and seriously disabled their proper functioning, authorities said.

Currently, Cernăianu is being taken to Bucharest for questioning and he is charged with breaching a computing system without authorization, unauthorized transfer of data from a computing system, and the disruption of a computing system. Romanian authorities said the FBI and NASA took part in the investigation.