Few days back, a hacker with twitter handle @Reckz0r claimed to have breached the CNN website and leaked data.

The data published in the pastebin (http://pastebin.com/YQLv6t3E) includes server&database details, login credentials of 9 accounts that contain usernames and encrypted passwords.

"because they're a bunch of f**ng faggots trying to spread false news, your 9/11 is our 24/7. I strongly respect the Palestinian brotherhood, and it seems like CNN is on Israel's side. and you do know one thing;" He stated as reason for the attack.

He also claimed to have posted four fake articles on edition.cnn.com. We are not able to verify his claim. But my friend at Cyber War news reports that hacker provided him the vulnerability details.



The hacker also provided the screenshot of the fake article he posted : "Bill gates horrifies children by injecting poison into their buttocks". The articles has been removed.

He also said he identified Local File inclusion vulnerability in VeriSign.com
 

An unknown cybercriminals compromised the official facebook page of the Miguel Ángel Mancera, the Head of Government of the Mexican Federal District.

After hackers hijacked the page, the officials immediately suspended the facebook page to prevent misuse.

"Please note that the account of # Facebook's # JefeDeGob @manceramiguelmx has been hacked." reads the message posted in the @GobiernoDF. (translated)


"We have suspended the Facebook page to detect the causes of the inadequate functioning. Thanks for your understanding" The tweet posted by the @ManceraConecta .(translated)

A hacker known by his online name @1923Turkz has breached Federal University of Bahia website(ufba.br) - one of the Brazil University, located mainly in the city of Salvador, Bahia.

"Universidade Federal da Bahia DB Hacked http://www.anonpaste.me/anonpaste2/index.php?952af0b8ee517a5f#0i/g1qDaqpzAeg8PloenF3vKMbozGKlU2gSTIxlxw6Y= …" Hacker tweeted about the hack along with a link to the database dump.

The database dump contains hundreds of account details that include name, plain-text password and email address. I had a quick look at the password list, most of them are weak passwords.

We recommend the admin to find and fix the vulnerability and users are advised to change their password.

1923Turkz become more active in recent days and busy in dumping the database from the hacked websites.  Yesterday, he hacked into the Bangladesh Air force website.

"We are aware that some of our accounts have been compromised and are working to resolve the issue. Many thanks for your patience." The telegraph responded to the hack.

A hacker has managed to gain access to the database server of the official career website of Bangladesh Air Force and leaked the accounts' login credentials.

 "Joinbangladeshairforce.mil.bd", serves as a portal for applying for Air Force, is reportedly breached by the hacker using the online name @1923Turkz.  The SQL injection vulnerability in the website gave him the opportunity to break in.

The database breach was announced in his twitter account along with the link to the accounts leak.

The leak include login credentials of 19 accounts that contains the email addresses that ends with 'army.mil.bd' and encrypted passwords.

Although the passwords are encrypted , it won't take much time for someone to crack the hash.  We have analyzed the leaked passwords and found most of the passwords are very weak passwords.

A simple google search reveals the decrypted passwords.  We just like to point out one of the worst password used : "password".  We recommend the Bangaldesh government to immediately fix the vulnerability and urge users to change their password.

Italian Police have arrested four suspected Anonymous hackers who are believed to be the hackers who participated in the "Tango down" operations.

Four men arrested are a 43-year-old man from near Lecce, a 20-year-old from Bologna, a 28-year-old from the province of Venice and a 25-year-old from the province of Turin.

The four individual part of hacktivist movement are being accused of various attacks including a Distributed-denial-of-service(DDoS) attack against the Vatican government websites.

The police said the group also hacked into organizations for selling their IT solutions as antivirus, according to RT report.

Globo.com , one of the top 10 portal of Brazil , has been hijacked by cyber criminals and users are being redirected to a website that displays spam ads, reports Sucuri.

The Users who visit the main domain and sub-domains(etc.globo.com, g1.globo.com,..) are being redirected to the pagesinxt.com - The domain appears to be registered in 2011 displays ads about internet, hosting, antivirus.

The sucuri says "redirection has been going for a few hoursat least and we detected it for the first time around 8am EST and it is still live four hours later (noon EST)".  Yes, The website still redirects users to the ads-displaying page.

Researchers identified an external script "hxxx://sawpf.com/1.0.js" which is being loaded in the site causes the redirection.

It appears the cybercriminals have hijacked the sawpf.com and modified the scripts such that it redirects to the target website.

A hacker from Turkey using twitter handle @1923Turkz has breached the Two University websites from Russia and United Kingdom.

The database servers belong to the Lomonosov Moscow State University(msu.ru) and Imperial College London(imperial.ac.uk) are breached by the hacker.

The Database-dump taken from the Lomonosov Moscow State University contains usernames, encrypted passwords and email addresses. It also includes the admin login credentials.

http://www.anonpaste.me/anonpaste2/index.php?2f4fcc3765679814#c+eRCx9jdbRZQzi2m/g45chIpsfsuMnnvX44Cfp/2Tg=


The dump said to be compromised from the Imperial college contains First &Last names, email addresses, phone numbers.  There is no password leaked in this dump.

http://www.anonpaste.me/anonpaste2/index.php?422670bd5aad422f#Yu0o6TXVsy5IeMI1uEGAAEppNPkRURbOjskwkKB9XcQ=

The official website of South African Police Service has been breached by the Anonymous hacktivist with online name "DomainerAnon". 

"This action is to serve as a reminder to the government regarding the murders of 34 protesting miners outside the Marikana platinum mine by police. "Hacker stated as reason for the attack.

"To date no officers have been brought to justice... This situation will NOT be tolerated. #OpMarikanaMiners"

The hacker provided a link to the database dump(pastebay.com/1232460) that includes Usernames, hashed passwords, Telephone numbers and few other details.

He also shared a 13Mb size file named "EMAILS.csv" in the DatafileHost which is said to be contain emails.

Earlier Today, the Syrian Electronic Army, the group known for hijacking twitter accounts of top news organization, has tweeted they have compromised the Saudi Arabia's Ministry of Defence Mail system.

"The #SEA is prepared to release secret documents that belong to the Saudi Arabian defense ministry after compromising their email system" One of the tweets reads.

The group said "The leaks include correspondence and secret arms deals from the Saudi Ministry of Defense... These were forwarded to the Syrian government."

The hacker also provided a screenshot that proves the syrian electronic army has managed to gain access to the Saudi Arabia's Ministry of Defence Mail system.


The group recently hijacked the Social media accounts of Financial Times, The Onion, E! News, the Guardian and more.  You can find here the list hacks done by the SEA : Syrian Electronic Army