Breaking News »

Latest Hacking News

Information of 4,000 students shared in accidental data breach

The personal information of 4,000 students who use the bus transportation system was put at risk by CPS, after they mistakenly sent out their personal information to five vendors who were seeking to do business with the district.

The 4,000 students who have been affected are a subset of 22,500 students who use the bus transportation system.

After learning of the data breach, the authorities have quickly taken measures to avoid a problem and have written confirmations from all vendors that all the sensitive information has been successfully dispose off.

The affected students and parents have also ben notified of the breach. Also, the employees of CPS have been instructed in handling personal information of people in a more sensitive and private manner.

The breach happened in March, when CPS accidentally gave the information to five vendors.

Bettys Tea Rooms firm’s website hacked


The Bettys Tea Rooms  firm’s website was hacked on Wednesday, affecting more than 120,000 customers.

In a statement released by the company, they apologized, and blamed "industry-wide software weakness" for the data breach.

The hackers gained access to the firm’s website database, and stole the personal details of the customers which includes their names, email addresses, postal addresses, encrypted passwords and telephone numbers.

"We would like to stress that your credit or debit card details have not been copied as this information is stored on a completely separate system managed by a certified third party. Bettys takes customer confidentiality extremely seriously and, whilst customer passwords were encrypted, it is important that you change your password as soon as possible by clicking this link or entering www.bettys.co.uk into your browser," Bettys said.

They also advised their customers to not to respond to any of the phone or email communication regarding their personal and financial information.

"To be clear, Bettys will never contact you and ask you to share any personal financial information," the tea shop chain said.

Gang of old ladies named 'Northern N00bz' is suspected to be behind the data breach. To take revenge for some disservice, they acquired  some coding skills. A full investigation is going on.

Astoria - Researchers develop a new Tor client which aims to beat NSA


With an aim to beat powerful intelligence: like NSA, researchers have developed Astoria, a new Tor client which is said to be capable of protecting user’s privacy, even from such powerful intelligence agencies.

A cyber security researcher team from America and Israel come up with a new Tor client which is designed to make spying more difficult for the world's most capable intelligence agencies.

According to the research paper, people have used Tor, a popular anonymity system for users who wish to access the Internet anonymously or circumvent censorship, to prevent their activity from being tracked as Internet anonymity becoming difficult to establish.

However, Tor is not as safe as it was supposed to be, from the powerful intelligence agencies.

As a result the researchers have developed Astoria, which particularly focuses on defeating autonomous systems that has set up to intrude into Tor’s anonymity.

“In our experiments, we find that 58% of all circuits created by Tor are vulnerable to attacks by timing correlation and colluding sibling ASes. We find that in some regions (notably, China) there exist a number of cases where it is not possible for Tor to construct a circuit that is safe from these correlation attacks,” said in the research paper.

It added, “To mitigate the threat of such attacks, we build Astoria, an AS-aware Tor client. Astoria uses leverages recent developments in network measurement to perform pathprediction and intelligent relay selection. It not only reduces the number of vulnerable circuits to 5.8%, but also considers how circuits should be created when there are no safe possibilities. It performs load balancing across the Tor network, so as to not overload low capacity relays. Moreover, it provides reasonable performance even in its most secure configuration.”

The Astoria is aimed to do a list of things:
• Deal with asymmetric attackers.
• Deal with the possibility of colluding attackers.
• Consider the worst case possibility.
• Minimize performance impact.

Hack In Paris 5th edition - The French Cyber Security Conference

 Sysdream, a French company which provides auditing skills and training from an attacker’s perspective to those companies which require a high level of security for their information systems, is organizing 5th edition of Hack in Paris (HIP) from 15th June to 19th this year in France.

The HIP, which is said to be the most awaited event for security professionals, includes training and conferences sessions.

According to an announcement, the event, which will be entirely in English, brings IT security professionals like: information system directors, managers and security officers together with hacking experts.

The announcement said for the first three days, the participants will be given 13 training classes by international experts like: Aditya Gupta, founder of Attify, Peter Van Eeckhoutte, founder of Corelan Team, Richard Hollis, Chief Executive Officer of Risk Factory Limited, Mario Heiderich, security researcher, Nikhil Mittal, researcher, Gnesa Gianni, security research and professional trainer at Ptrace Security and many others.

The training will be given on various topics like: ANDROID/IOS EXPLOITATION, CORELAN “ADVANCED”, CORELAN “FOUNDATIONS”, DESIGNING AN EFFECTIVE 27001 ISMS, HACKING WEB APPLICATIONS – CASE STUDIES OF AWARD-WINNING BUGS IN GOOGLE, YAHOO, MOZILLA AND MORe, HARDWARE HACKING LABORATORY FOR SOFTWARE PENTESTERS, IOS APPLICATION EXPLOITATION, MASTERING BURP SUITE PRO - 100% HANDS-ON and among others.

The training session will be held at Sysdream, 14 Place Marie-Jeanne Bassot,92300 Levallois-Perret France.

More details available about the training at: https://www.hackinparis.com/trainings-2015

On the remaining two days of the HIP, there will be 16 talks, including two keynote addresses and one debate with world-renowned speakers like: Winn Schwartau, Jose Lopes Esteves, Chaouki Kasmi, Mario Heiderich and others.
The conference will be held at Académie Fratellini, 1-9 rue des Cheminots 93210 La Plaine Saint Denis France.

More details available about the conferences at: https://www.hackinparis.com/talks-2015

Vulnerability »

Malware Report »

Defacements »

Spam Report »