XSS Found ON Google Sub domain

This Is Actually a small time pass by me finding Xss On some reputed sites ..so yes
Xss Is found on this site may be some one else would have else found it some time back but i m raveling it now ..:)

google.nyu.edu/

3,993 Global Rank
1,525 Rank in US

Stay Alert Keep Visiting Darksite

Read More

Platform Independent Virus Can Attack Any Os Mac,Windows, Linux

Security researchers working for F-Secure have found a web exploit that detects the operating system of the computer and drops a different trojan to match.The attack was first seen on a Columbian transport website which had been hacked by a third party. This malware is known as GetShell.A and requires users to approve a Java applet installation.

It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform. The malicious files developed for each type of OS connect to the same Command & Control server that F-Secure has localized at IP address 186.87.69.249.


Karmina Aquino, a senior analyst with F-Secure said "All three files for the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux and Windows, respectively."

On upcoming 29th July 2012 Security Researchers Sina Hatef Matbue and Arash Shirkhorshidi going to Present "Graviton Malware" , which is Cross Platform Malware in 'The Hackers Conference 2012' . The purpose of 'graviton' is to become an artificial creature which can move between world of windows, world of apples, and world of empire penguins, etc. and remain stealth.

The Windows one sends the following information back to the remote attacker's CPU details, Disk details, Memory usage, OS version, and user name. The Trojan can also download a file and execute it, or open a shell to receive commands. 'Graviton' is a combination of pure 'C' and 'asm'.

Read More

Yahoo Voice Sign in Hacked 450K Users Passwords Leaked By "D33s Company"

More than 450,000 usernames and unencrypted passwords appear to have been stolen from Yahoo Voice, a user-contribution services on Yahoo's network, and posted online

Username and unencrypted passwords posted online after hack attack on Yahoo Voice network. The most interesting thing in this hack is that hacker use simple SQL union all queries to get dump of yahoo database.

It is not known whether the attacks are linked. Both Formspring and Android Forums encrypted the passwords that they stored, although that is not a guarantee that they cannot be cracked.

However the Yahoo attack is potentially the most serious. Yahoo bought Associated Content for $100m (£64.5m) in May 2010, and then set it up as Yahoo Voices, allowing user-generated content to be posted online.

Yahoo claims to have more than 600,000 contributors – which would include many of the data dump if it is verified. The Guardian could not verify whether any of the accounts were still active.

The last entries in the data dump appear to be linked to IDs which were created in 2006 – which could mean that the listing discovered by the hacker, or hackers, is an old one that is no longer in use.

Security experts said that the most worrying aspect of the attack was that the passwords for the accounts were not encrypted – meaning that any hacker could scoop up the emails and immediately start using them against other services, including Yahoo Mail.

That potentially puts far more at risk than just the Yahoo Voices accounts if they are still active.

Writing at the Trusted Security site, David Kennedy noted that: "The passwords [were linked to] a wide variety of email addresses including those from yahoo.com, gmail.com, [and] aol.com," and that they seem to have been extracted using an SQL injection attack – an increasingly common form of hacking attack in which flaws in the database and web software are exploited to get administrator-level access to the contents and structure of a database.

The page containing the Yahoo Voice addresses has all the details of the structure of the database that holds the details, as well as the usernames and passwords.

The Yahoo Voice hack has been claimed by a group or individual calling themselves "the D33Ds Company"

Read More

Islamic Anonymous Hacker post hundreds of Israeli email addresses and passwords

Anonymous Arab Hacker post hundreds of Israeli email addresses and passwords

Islamic Anonymous hackers on Sunday revealed hundreds of Israeli email addresses and their passwords on the website of Anonymous Arab. Most of the addresses and passwords listed are active accounts. It is yet unclear what website was hacked to obtain the information published on the website of Anonymous Arab. Roni Bachar, the manager of the cyber-attack department at Avnet, said in a statement, "There was apparently penetration of an Israeli site which cannot be determined at this stage, a site that requires identification by email address and a password, as is usual at forum, content and commercial sites." Bachar added that he doesn't believe that Facebook itself was hacked, "since the attack revealed only a small number of addresses, about 300, and passwords were determined through estimates and guesses of the brute force type." There are what look like numerous identity card numbers and phone numbers on the list that were apparently being used as passwords.Calling some of the numbers revealed that some were the account holders' old phone numbers (such as numbers belonging to the users' parents.

Read More

Wikileaks Founder Julian Assange Got Extradition Letter From British Police

Julian Assange may be holed up at the Ecuadorian embassy in London where he is seeking political asylum, but that hasn't stopped British law enforcement officials from serving him a letter of extradition. According to reports, the letter, penned by none other than Scotland Yard, demanded the 40-year-old Assange visit a police station "at a time of our choosing." "This is standard procedure in extradition cases and is the first step in the removal process," a Scotland Yard spokesperson told the press. "He remains in breach of his bail conditions and failure to surrender would be a further breach of those conditions and he is liable to arrest."
 Assange entered the Ecuadorian embassy in London on June 19 after all attempts to fight extradition to Sweden - where the WikiLeaks founder faces charges of sexual assault - failed. Assange, who denies the accusations, is concerned that extradition to Sweden could ultimately lead to his eventual transfer to the United States. Then earlier in this year hacktivist Anonymous stood against the extradition of the Wikileaks founder He denies the accusations but has lost a string of appeals in British courts to avoid being handed over to Sweden’s judiciary for questioning. Assange says his chief fear is that this would lead to further extradition to the United States, where he could face trial for Wikileaks’ actions. He was under house arrest with an order to present himself daily to the nearest police station when he broke bail and took refuge in the Ecuadorean Embassy. The customary dry statement from Scotland Yard announced that authorities had issued “a surrender notice upon a 40-year-old man that requires him to attend a police station at date and time of our choosing. This is standard practice in extradition cases and is the first step in the removal process.” The statement added he was in breach of bail conditions and would be subject to arrest if he failed to surrender. On Sunday, Ecuadorean Ambassador Anna Alban flew to her homeland to brief the government there on Assange’s situation. Assange is supported by WikiLeaks fans from all over the world who in the past appeared at Assange’s every public appearance with banners saying “Free Assange, Free Bradley Manning,” the latter a reference to the U.S. Army analyst who awaits trial in the United States on charges of releasing the original discs with the official documents published by WikiLeaks. “There is a strong likelihood that once in Sweden, he would be imprisoned and ... likely extradited to the United States," they stated, adding: "Were he charged and found guilty under the Espionage Act, Assange could face the death penalty.”

Read More

Junaid Hussain aka "TriCk" -Former Leader of "TeaMp0isoN" Pleads Guilty

Earlier in this year MI6 arrested the leader of TeaMp0isoN code named "TriCk" along with few other active members who ware directly involved behind the Denial of Service attack on MI6 hotline. Few days later some other members of this hacker group tried to threaten the Govt while saying "it will fight back against the arrest of its members." But now all these efforts seems worthless because the leader of infamous hacker collective group "TeaMp0isoN" has pleaded guilty to stealing the address book details and other private data from former British Prime Minister Tony Blair in June of last year. According to the sources Junaid Hussain, also known as "TriCk", has now admitted to hacking into a Gmail email account belonging an advisor to Blair by the name of Katy Kay. Hussain, 18, from Birmingham, said that he used an ID "Trick" to access the aide's account and steal confidential data including addresses, phone numbers and email addresses belonging to Blair, his wife, and sister-in-law Lyndsye Booth, as well as Members of Parliament (MPs) and Members of the House of Lords. Ben Cooper, Hussain's lawyer, told the court that the offences had just been a prank. After admitting to conspiracy and computer charges at London's Southwark Crown Court, Judge Peter Testar granted Hussain bail until sentencing later this month, advising him to be "under no illusions" that he may go to prison. Hussain has also confessed to taking part in and leading members of the hacker group to attack the UK national Anti-Terrorist Hotline with hundreds of hoax phone calls and involvement with hacktivist Anonymous in #OpRobinHood, #OpCensorThis and few more.

Read More

Indian Navy Computers hacked by Chinese Hackers

Chinese hackers allegedly plant bug via flash drives on India navy's computers, which relayed sensitive data to China IP addresses. The sniffing tool was found in the naval computers exactly as INS Arihant, India’s first nuclear missile submarine, was in trials at the targeted facility in Visakhaptnam. The virus had reportedly created a hidden folder, collected specific files and documents based on certain "key words" it had been programmed to identify. It remained hidden on the pen drives until they were put in computers connected to the internet, after which the bug quietly sent files to the specific IP addresses. Officials of the Indian Navy stated for The Indian Express that “an inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hackers worldwide.” So far, India has arrested six officers for procedural lapses which led to the breach. It is not clear if any of them will later face spying charges. The Naval headquarters in New Delhi is looking into the case closely, since several other sensitive projects are also being undertaken at the Eastern Naval Command situated at Visakhapatnam besides the Arihant trial. The extent of loss however, is still undergoing investigations, and it was premature at this stage to comment on the sensitivity of the compromised data, officials noted.These kind of incidence gives a clear shot of self hyped cyber security strategies implemented by government. Such confidential headquarters have physical security layers as well, like no or disabled USB ports. It seems proper measures were not taken here by the authorities.

Read More

"The Syria Files" By WikiLeaks Containing 2.5 Million Emails of Syrian Politicians, Govt, Ministries & Companies

The WikiLeaks website said on Thursday it had begun publishing more than 2.5 million e-mails from Syrian politicians, government ministries and companies dating back to 2006. This leak named "The Syria Files" which contain 2.5 million emails from 680 Syria-related entities and domain names “including those of the Ministries of Presidential Affairs, Foreign Affairs, Finance, Information, Transport and Culture.” According to WikiLeaks, the file dump will be “embarrassing to Syria, but it is also embarrassing to Syria’s opponents.” The Syria Files come mere days after Human Rights Watch revealed that the Syrian government was operating at least 27 torture chambers around the country and using 20 torture techniques against Syrian dissidents. WikiLeaks founder Julian Assange said “The material is embarrassing to Syria, but it is also embarrassing to Syria’s opponents. It helps us not merely to criticise one group or another, but to understand their interests, actions and thoughts. It is only through understanding this conflict that we can hope to resolve it.” WikiLeaks said the emails, which it has called "The Syria Files", would shine a light on the inner workings of the Syrian government and economy, and "also reveal how the West and Western companies say one thing and do another". We would also like to give you reminder that earlier in this year we got Spy Files & GI Files (Global Intelligence Files & Five Million E-mails From Stratfor) According to Wikileaks Release :- "The database comprises 2,434,899 emails from the 680 domains. There are 678,752 different email addresses that have sent emails and 1,082,447 different recipients. There are a number of different languages in the set, including around 400,000 emails in Arabic and 68,000 emails in Russian. The data is more than eight times the size of ’Cablegate’ in terms of number of documents, and more than 100 times the size in terms of data. Around 42,000 emails were infected with viruses or trojans. To solve these complexities, WikiLeaks built a general-purpose, multi-language political data-mining system which can handle massive data sets like those represented by the Syria Files..."

Read More

6.5 Million of LinkedIn Passwords Stolen By Cyber Criminals

Very popular social networking site LinkedIn are currently running through a massive cyber attacks. It has been allegedly reported that more than six million passwords belonging to LinkedIn users have been compromised among them more than 300,000 passwords has already been cracked and published as plain text. A file containing 6,458,020 SHA-1 unsalted password hashes has been posted on the internet, and hackers are working together to crack them. LinkedIn has confirmed that it is investigating the incident. In the meantime, several reputable sources have said that they have found their LinkedIn passwords in that list; it can therefore be assumed that the social network's operator actually does have a problem. Pages are already appearing on the internet that prompt you to enter your password to verify whether you are affected; these are phishing sites. It is also expected that there will be waves of spam email soon which will call for you to change your password with a link to a LinkedIn-impersonating phishing site. Instead of following these links, either enter the LinkedIn URL yourself (linkedin.com) or use a stored bookmark to visit the social network and change your password.

Read More

DNSChanger Malware : Thousands May Lose Net Access On July 9th July

Thousands May Lose Net Access On July 9th July

The warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website.

Thousands of Canadians could be among the hundreds of thousands of people around the world who might lose Internet access on July 9.That's the day the FBI will shut down all the "clean servers" it set up to combat a massive hacking operation.

Last November the FBI arrested and charged six Estonian men behind the malware as part of Operation Ghost Click. These hackers were able to make a fortune off their project, raking in millions for ads placed on their fraudulent websites.On the eve of the arrests, the FBI hired Paul Vixie, chairman of the Internet Systems Consortium (ISC) to install two temporary Internet servers that would prevent infected users from losing access to the Internet once the DNSChanger botnet was shut down.

DNS (Domain Name System) is a core Internet technology used to convert human readable domain names suchasfacebook.com into an IP address such as 10.181.211.1, which a computer understands.

It's estimated that there is still around 277,00 infections worldwide, despite a massive clean up operation. If you're concerned about your own PC, or family members, then there's a DNS checker website or more information over at the DNS Changer Working Group.

Running the temporary servers for eight months has cost the FBI $87,000. Both Facebook and Google created their own warning messages that showed up if someone using either site appeared to have an infected computer. Facebook users would get a message that says, "Your computer or network might be infected," along with a link that users can click for more information.Google users got a similar message, displayed at the top of a Google search results page. It also provides information on correcting the problem.

Ensure that the DNS Servers are not within the following range of Internet Protocols
(IPs):

- 85.255.112.0 through 85.255.127.255
- 67.210.0.0 through 67.210.15.255
- 93.188.160.0 through 93.188.167.255
- 77.67.83.0 through 77.67.83.255
- 213.109.64.0 through 213.109.79.255
- 64.28.176.0 through 64.28.191.255

Check Whether your PC is infected??

To know whether your computer is infected,click this link

http://www.dns-ok.us/

Must Check Your PC For DNS Malware If its = Green Then You Are safe
Source :http://www.fbi.gov/news/stories/2011/november/malware_110911

If DNSChanger is detected, users may use software from McAfee, Kaspersky Labs, Microsoft, Norton, or Trend Micro to clean the infection.

Don't forget to share :) Thank you

Read More

Rahul Tyagi to Work With Sunny Vaghela in TechDefence!!

A hot news for all hacking fans, we hve come to know from one of vry close person of Rahul Tyagi, that he may going to join TechDefence soon, one point is to be noted here that max people from this information security industry told us that Sunny Vaghela CTO TechDefence and Rahul Tyagi were having cold war for long time, it will be intresting to see who things gona work, but overall if its happened then for Indian Hacking fans , wikl be a great sight to see two big names in Security field working under one roof, and providing the best they have together. We tried to contact Rahul Tyagi on this but he said He do not want to comment on this news. so lets wait for a official tweet or Fb status from Rahul Tyagi or from TechDefence declaring official joining of Rahul Tyagi In TechDefence. Untill stay tuned to our blog.

Read More