Few days back, a hacker with twitter handle @Reckz0r claimed to have breached the CNN website and leaked data.

The data published in the pastebin (http://pastebin.com/YQLv6t3E) includes server&database details, login credentials of 9 accounts that contain usernames and encrypted passwords.

"because they're a bunch of f**ng faggots trying to spread false news, your 9/11 is our 24/7. I strongly respect the Palestinian brotherhood, and it seems like CNN is on Israel's side. and you do know one thing;" He stated as reason for the attack.

He also claimed to have posted four fake articles on edition.cnn.com. We are not able to verify his claim. But my friend at Cyber War news reports that hacker provided him the vulnerability details.



The hacker also provided the screenshot of the fake article he posted : "Bill gates horrifies children by injecting poison into their buttocks". The articles has been removed.

He also said he identified Local File inclusion vulnerability in VeriSign.com
 

"We are aware that some of our accounts have been compromised and are working to resolve the issue. Many thanks for your patience." The telegraph responded to the hack.

A hacker has managed to gain access to the database server of the official career website of Bangladesh Air Force and leaked the accounts' login credentials.

 "Joinbangladeshairforce.mil.bd", serves as a portal for applying for Air Force, is reportedly breached by the hacker using the online name @1923Turkz.  The SQL injection vulnerability in the website gave him the opportunity to break in.

The database breach was announced in his twitter account along with the link to the accounts leak.

The leak include login credentials of 19 accounts that contains the email addresses that ends with 'army.mil.bd' and encrypted passwords.

Although the passwords are encrypted , it won't take much time for someone to crack the hash.  We have analyzed the leaked passwords and found most of the passwords are very weak passwords.

A simple google search reveals the decrypted passwords.  We just like to point out one of the worst password used : "password".  We recommend the Bangaldesh government to immediately fix the vulnerability and urge users to change their password.

Earlier Today, the Syrian Electronic Army, the group known for hijacking twitter accounts of top news organization, has tweeted they have compromised the Saudi Arabia's Ministry of Defence Mail system.

"The #SEA is prepared to release secret documents that belong to the Saudi Arabian defense ministry after compromising their email system" One of the tweets reads.

The group said "The leaks include correspondence and secret arms deals from the Saudi Ministry of Defense... These were forwarded to the Syrian government."

The hacker also provided a screenshot that proves the syrian electronic army has managed to gain access to the Saudi Arabia's Ministry of Defence Mail system.


The group recently hijacked the Social media accounts of Financial Times, The Onion, E! News, the Guardian and more.  You can find here the list hacks done by the SEA : Syrian Electronic Army

"The only person who know how to secure your system is the person who know how to break- Hacker." BreakTheSec.

A Romanian cybercriminal , who is six months into a 5-year sentence for supplying gadgets that conceal ATM skimmers has invented a new device that prevents ATM thefts, Reuters reported.

Valentin Boanta, 33-year-old, who was arrested in 2009 said his arrest made him happy because it helped him to get of his Blackhat hacking addiction.

"Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction." Reuters quoted as Boanta saying. "So that the other part, in which I started to develop security solutions, started to emerge."

Secure Revolving System-SRS:SRS device, funded by a technology firm called MB Telecom, can be installed in any existing ATM that prevents the operation of skimming devices.

Saudi branch of Anonymous hacktivist has launched cyberattack on Saudi Government websites , the operation has been named as "#OpSaudi". Few government websites are facing heavy Distributed-denial-of-service(DDOS) attack from the Anonymous.

The affected government sites include Saudi Arabia and the Ministry of Foreign Affairs(mofa.gov.sa), The Ministry of Finance(mof.gov.sa), General Intelligence Presidency(gip.gov.sa ).


gosi.gov.sa, Riyadh Region Traffic(www.rt.gov.sa), hrc.gov.sa are also being targeted by the hackers.

The Anonymous saudi also claimed they have gained access to the server of Qassim Region Traffic website(q-t.gov.sa/h.asp) and deleted the database. 

General Directorate of Education in Jeddah website fell victim to the cyber attack.  Hackers identified and exploited the SQL Injection vulnerability in feenakhair.jedu.gov.sa.

Mozilla has released Firefox 21 that closes eight security vulnerabilities including four High level and three critical security flaws.

Critical vulnerabilities : Memory corruption found using Address Sanitizer(MFSA 2013-48 ),  Use-after-free with video and onresize event(MFSA 2013-46), Miscellaneous memory safety hazards ( MFSA 2013-41).

High level vulnerabilities:  Uninitialized functions in DOMSVGZoomEvent( MFSA 2013-47),  Mozilla Updater fails to update some Windows Registry entries( MFSA 2013-45), Local privilege escalation through Mozilla Maintenance Service ( MFSA 2013-44 ),  Privileged access for content level constructor(MFSA 2013-42).

Firefox 21 introduces new feature Social API that "makes it easy for your favorite social providers to add a sidebar with your content to Firefox or notification buttons directly on the Firefox toolbar."

It also introduces Health report that "logs basic health information about your browser and then give you tools to understand that information and fix any problems you encounter".

Users are advised to upgrade the firefox as soon as possible, you can check version and update your browser by selecting to Help->About firefox.

Yes, it is Cyberspace, here no one can assure 100% Security but it doesn't mean that you can ignore the security holes.  Godzilla the hacker who breached the Pakistani Government websites few months ago has claimed to have identified multiple security flaws in EC-Council website(eccouncil.org).

EC Council is best known for its professional certifications for the IT security field, especially 'Certified Ethical Hacker(CEH)'.

The hacker claimed to have gained access to admin desk and accessed the course materials for CEHV8, CHFIV4, ECSS,ECSA_LPT4.

Talking to EHN, the hacker said "This could take a very deadly turn if played by the cyber terrorist.They are the same org who train DOD, CIA, NSA ,NASA etc."

"If a cyber terrorist infects this material with Trojans and malware the same content will be accessed by the defense people. And this is the easy way to enter into the network of defense. They should concentrate on security and in future should avoid such situation."

" Consider it as a security alarm for USA and Defence network, you will never know in cyber space who is knocking your door."

The hacker didn't mention the type of vulnerability that gave the access to these materials.  But it appears his motive is to create cyber security awareness.

*Update *

EC-Council responded to the hacking claim by saying the hacker obtained the files due to a "human error" that allowed "Directory viewing". 

"This configuration allows a visitor to view the contents of a web directory much like visiting a web page, however instead of a webpage, the user is able to see links to files in web directories."

" This was not a breach and no systems were affected. The files contained in the listed directories were encrypted binary .Resource files; primarily DRM (Digital Rights management) protected documents that EC-Council makes available for download to paying students and organizations globally and some other non confidential files that were already in public circulation. No sensitive data or personal information was compromised."

We are in the Cyber world , here the robbers don't wear masks, use guns or even threatening bank tellers , they use laptop and internet instead.

An alleged international cyber criminals managed to steal $45 million from thousands of ATM's in matter of hours.

Their first operation started from India, the hackers were able to "infiltrate the system of an unnamed Indian credit-card processing company that handles Visa and MasterCard prepaid debit cards. "

In their first operation, the crews made 4,500 ATM transactions worldwide and stole $5million, according to New York Times report.

In the second operation, the crews made 36,000 transactions worldwide and stole about $40 million in approximately 10 hours. It included $2.4 million stolen by a team of eight people in New York City.

The seven of the eight suspected members of the New York crew have been arrested. The eighth, said to be the ringleader, was found dead on April 27 in the Dominican Republic.

The hacker group specified they hacked this website in retaliation of attacks on people at MayDay.

"Hacked in retaliation of attack on people at MayDay and to commemorate revolutionaries Deniz. Yusuf, Huseyin hanged on 6th May 1972" the tweet posted by the hacker group reads.


Hacker posted a picture of the Istanbul Governor Hüseyin Avni Mutlu picture with the following message "I didn't say you can't be a Mayor, I said you can't be a man".(translated)

At the time of writing, the website seems to be restored by the administrator and back to normal.

The official website of Rajasthan Public service commission(RPSC) was found to be hacked and defaced by the Pakistani hacker named "Codacker" with the message "Pakistan Zindabad".

The hacker placed two links in the News section that leads to the defacement page.  According to the TOI report, the website was restored by the admin and changed the password of the website.

"We also put the websites on surveillance and have reported to the IT ministry,"K K Pathak, secretary of RPSC told Times of India.

But it doesn't seem like they have fully restored the website.  At EHN, we are still able to see the defacement page uploaded at the "http://rpsc.rajasthan.gov.in/index.html".

"Codacker is here.  Hey Admin! I own you now.  Feel the wrath of Pakistani Hacker" the defacement message reads.

Changing the password alone won't help in stopping the hackers.  They should identify the vulnerability that allowed the hacker to breach the website and patch that vulnerability.

The Syrian Electronic army once again strikes another news organization. The Twitter account(Eonline) belong to the Entertainment news organization E! Online which had more than 5.2M followers was hacked by the SEA.

The hackers tweeted fake messages after hijacking the account.  "Exclusive: Justin Bieber to E!online: I'm a gay," reads the first fake tweets posted by SEA.

"E! News Breaking: Justin Bieber arrested in Dubai due to false tweets with him coming out situation developing" another tweet reads.

"This account @eonline was compromised and some incorrect information was sent out. " E! online confirmed the security breach. "We're working with Twitter now to fix this."

The hacker also managed to compromise the SMS service of E! Online and sent the above message as well as the following message "E! News Breaking: Fuck Barack Obama via Syrian Electronic Army"


"This message will reach 33,684 subscribers... From E!News SMS Service Control Panel" Hacker posted in their official twitter account.

An Algerian man who is believed to be the creator of the infamous Banking Trojan "SpyEye" was extradited from Thailand to the United States to face charges.

Hamza Bendelladj, 24-year-old, also known as Bx1, will face charges for allegedly playing a role in developing, marketing ,distributing and controlling the SpyEye virus, according to FBI report.

SpyEye is a Banking Trojan(similar to Zeus virus) that steals confidential personal data and finance information such as online banking credentials , credit card information.

He was arrested at Suvarnabhumi Airport in Bangkok, Thailand, on Jan 5, while he was in transit from Malaysia to Egypt.

If convicted, he will face a maximum sentence of up to 30 years in prison for conspiracy to commit wire and bank fraud; up to 20 years for each wire fraud count; up to five years for conspiracy to commit computer fraud; up to five or 10 years for each count of computer fraud; and fines of up to $14 million.

Reputation.com , an online reputation management website lost their own reputation when a hacker invade their website and accessed the personal data of users.

Reputation.com on Tuesday sent an email to customers disclosing the security breach.  Reputation.com said in the mail that intruders had accessed the personal information including names, email , physical address, phone numbers, date of birth and occupational info.

On top of that, hackers had accessed the encrypted passwords of a small number of users. Reputation.com claimed that the passwords are highly encrypted(Hash+Salt) and "it was highly unlikely that these passwords could ever be decrypted".

One of the EHN's user commented on the issue "You fail at cryptology. The salt is stored with the hash. It doesn't add any strength to the individual hash's resistance to brute-force attacking, it only strengthens hashes from being attacked by pre-built rainbow tables.  Even if you used bcrypt with a cost of 16 and 128-bit /dev/random salts, all an attacker has to do is iterate the10,000 most common passwords and they'll hit 98% of internet users. "

However the company immediately reset the password to prevent unauthorized access.

Though the company claimed that hacker didn't access the financial information such as credit card numbers which they don't store, they are offering free credit monitoring for one year.

According to their report, some of the techniques used in the attack resembled the previous exploit identified in the Thailand NGO website.

These security breaches are going to be next examples for the Government careless about the cyber security.  The hacker @WilyXem found two more Army websites are vulnerable to SQL Injection.

Brazilian Navy and Pakistan Army websites are found to be affected by the SQL Injection vulnerability.  The hacker tweeted few links that contains the proof-of-concepts(http://sprunge.us/ZUHM, sprunge.us/ZdKY, sprunge.us/CJGO)

The vulnerability exists in the Board of Historic & Documentation Navy(biblioteca.dphdm.mar.mil.br), Department of Distance Education(ead.densm.mar.mil.br) and Pakistan Army(www.pakistanarmy.gov.pk).

The POCs exposes the target database details including database name, database version and table details.

The same hacker yesterday hacked into the Royal Thai Navy website and leaked the login information from the database.

Cyber space poses an important role in the national security. A country should also remember to provide security in cyber space.   But the government fails to concentrate on cyber security that lefts most of the government sites vulnerable to hack.

The security breach of Royal Thai Navy website(www.navy.mi.th) is best example for this - the navy of Thailand and part of the Royal Thai Armed Forces.

A hacker with twitter handle @WilyXem has discovered a SQL Injection vulnerability in the Thailand navy website.   He managed to exploit the vulnerability and compromised the target database.

Earlier today, the hacker posted a link to the dump in twitter(sprunge.us/YHHf). The dump contains database details including database name, version, table details.  He also provided a Proof-of-Concept of the SQL injection vulnerability.

The hacker also leaked 3 tables namely membern, personalacc, personalacc1 that contains username and passwords in plain-text format.

It is really sad to know that the passwords are being stored in plain-text format. But it won't take much time for a hacker to crack, even if there is an encryption.  Because they use very weak password. 

The twitter account of Associated Press (@AP) was hacked today by Syrian Electronic Army which was used to spread a bogus message that there had been two explosions at the White House and that Barack Obama was injured .

Sil3nt hack3r , a member of hacking crew called as Muslim Cyber Sh3ll'z, has breached multiple Bangladesh government websites and left those sites defaced.

The list of affected websites includes Ministry of Chittagong Hill Tracts Affairs, Bangladesh National Commission for UNESCO, BPSC Departmental Examination(portal.bpsc.gov.bd) and Cabinet Division(cabinet.gov.bd) .

The security breach was done few days ago but still few sites are not recovered by the admin and displays the defacement page.

We can still able to see the defacement page at 'www.bncu.gov.bd' and 'www.mochta.gov.bd/ck.htm'.

Apart from Bangladeshi government websites, the crew also defaced Indian government website(pcmcindia.gov.in) , Vietnam govt. (cti.gov.vn).

This is not the first time the Bangladesh National Commission for UNESCO being attacked.  It was defaced multiple times in the past ,  last month it was defaced by Rahm Anonymous.

*Outdated Joomla:
 At EHN, we have found those affected government websites are using outdated Joomla version 1.5 that has multiple critical vulnerabilities.