Following the Pentagon and State.gov security breach, the Tunisian Cyber Army and Al-Qaeda Electronic Army has attacked two more United States Government websites.
Today, they have targeted the U.S. customs and Border Protection (cbp.gov) and Office of Personnel Management (OPM.gov).
The team managed to extract the information from the target database by exploiting the critical SQL Injection vulnerability in those websites.
TCA team told EHN that they have compromised information such as username, encrypted passwords(they managed to crack), private emails.
In an email sent to E Hacking News, the hacker provided the vulnerable link of both websites. For a security reasons, we are not disclosing the links here.
The hack is part of the their ongoing operation called as "#OpBlackSummer", an operation against U.S. So far, they have hacked large number of websites and compromised data. The hacker said their next target is Gas and Petroleum companies.
Today, they have targeted the U.S. customs and Border Protection (cbp.gov) and Office of Personnel Management (OPM.gov).
The team managed to extract the information from the target database by exploiting the critical SQL Injection vulnerability in those websites.
TCA team told EHN that they have compromised information such as username, encrypted passwords(they managed to crack), private emails.
In an email sent to E Hacking News, the hacker provided the vulnerable link of both websites. For a security reasons, we are not disclosing the links here.
The hack is part of the their ongoing operation called as "#OpBlackSummer", an operation against U.S. So far, they have hacked large number of websites and compromised data. The hacker said their next target is Gas and Petroleum companies.
The Tunisian hacker 'Human Mind Cracker' who discover critical vulnerability in high profile website, come with another interesting vulnerability finding. He discovered SQL Injection Vulnerability in one of the Bangladesh Bank website , "Islami Bank Bangladesh Ltd"(islamibankbd.com).
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
A Hacker with Twitter handle AnonAcid has claimed to have leaked the records of more than Steubenville,Ohio residents as part of the operation called
"OpRollRedRoll".
The campaign has been launched after news broke out that authorities might be protecting members of the Steubenville football team accused of abusing a 15-year-old girl.
The hacker uploaded the dump in Mediafire. According to his pastebin post, the leak contains address,emails,personal information,dates of births,current address,phone numbers,names,state,country,city,current location,firstname, lastname, middlename, many many more.
The hacker didn't mention the origin of the data .
http://pastebin.com/Pf6HMATe
"City Of Steubenville,Your justice system is broke and needs to be fixed maybe this might help a little. Bring justice to the girl who was raped " The hacker wrote in the post.
He also published a list of individuals suspected of being involved in the abuse and demands that they be sent to jail.
one of the largest computer breaches in the South Carolina:
Hackers breached the South Carolina Department of Revenue website(sctax.org) and steal sensitive information belong to 3.6 Million South Carolina taxpayers .
The data stolen by hackers includes 3.6 Million social Security Numbers(SSN) and 387,000 credit card and debit card numbers.
The S.C Department of Revenue became aware of the breach on October 10 but the investigation revealed the intrusion occurred in mid-September. The vulnerability exploited by hacker has been fixed on October 20.
The state is offering affected taxpayers with one year of credit monitoring and identity theft protection from Experian.
If you are one of the person who filed a South Carolina tax return since 1998, you are urged to visit protectmyid.com/scdor or call 1- 866-578-5422 to determine if their information is affected. If so, then you can immediately enroll in 1 year of identity protection.
Hackers breached the South Carolina Department of Revenue website(sctax.org) and steal sensitive information belong to 3.6 Million South Carolina taxpayers .
The data stolen by hackers includes 3.6 Million social Security Numbers(SSN) and 387,000 credit card and debit card numbers.
The S.C Department of Revenue became aware of the breach on October 10 but the investigation revealed the intrusion occurred in mid-September. The vulnerability exploited by hacker has been fixed on October 20.
The state is offering affected taxpayers with one year of credit monitoring and identity theft protection from Experian.
If you are one of the person who filed a South Carolina tax return since 1998, you are urged to visit protectmyid.com/scdor or call 1- 866-578-5422 to determine if their information is affected. If so, then you can immediately enroll in 1 year of identity protection.
