A new hacking group named "Group Hp-Hack" has found a way to break into the database server of St. Francis Preparatory School website and accessed the data.
Today, we received a notification from the team that they have hacked the sfponline.org website and leaked the data compromised from the server.
Talking to EHN, the group also provided a sql injection vulnerable link that gave them access to the server. The leak contains a list of username and password(plain text format).
The group also claimed to have breached the auto-dress.ru website which is said to be Russian auto company. The group leaked thousands of user id, name, email and password data.
*Update*:
A hacker known by his online name @1923Turkz has breached Federal University of Bahia website(ufba.br) - one of the Brazil University, located mainly in the city of Salvador, Bahia.
"Universidade Federal da Bahia DB Hacked http://www.anonpaste.me/anonpaste2/index.php?952af0b8ee517a5f#0i/g1qDaqpzAeg8PloenF3vKMbozGKlU2gSTIxlxw6Y= …" Hacker tweeted about the hack along with a link to the database dump.
The database dump contains hundreds of account details that include name, plain-text password and email address. I had a quick look at the password list, most of them are weak passwords.
We recommend the admin to find and fix the vulnerability and users are advised to change their password.
1923Turkz become more active in recent days and busy in dumping the database from the hacked websites. Yesterday, he hacked into the Bangladesh Air force website.
A hacker has managed to gain access to the database server of the official career website of Bangladesh Air Force and leaked the accounts' login credentials.
"Joinbangladeshairforce.mil.bd", serves as a portal for applying for Air Force, is reportedly breached by the hacker using the online name @1923Turkz. The SQL injection vulnerability in the website gave him the opportunity to break in.
The database breach was announced in his twitter account along with the link to the accounts leak.
The leak include login credentials of 19 accounts that contains the email addresses that ends with 'army.mil.bd' and encrypted passwords.
Although the passwords are encrypted , it won't take much time for someone to crack the hash. We have analyzed the leaked passwords and found most of the passwords are very weak passwords.
A simple google search reveals the decrypted passwords. We just like to point out one of the worst password used : "password". We recommend the Bangaldesh government to immediately fix the vulnerability and urge users to change their password.
Earlier Today, the Syrian Electronic Army, the group known for hijacking twitter accounts of top news organization, has tweeted they have compromised the Saudi Arabia's Ministry of Defence Mail system.
"The #SEA is prepared to release secret documents that belong to the Saudi Arabian defense ministry after compromising their email system" One of the tweets reads.
The group said "The leaks include correspondence and secret arms deals from the Saudi Ministry of Defense... These were forwarded to the Syrian government."
The hacker also provided a screenshot that proves the syrian electronic army has managed to gain access to the Saudi Arabia's Ministry of Defence Mail system.
The group recently hijacked the Social media accounts of Financial Times, The Onion, E! News, the Guardian and more. You can find here the list hacks done by the SEA : Syrian Electronic Army
"The #SEA is prepared to release secret documents that belong to the Saudi Arabian defense ministry after compromising their email system" One of the tweets reads.
The group said "The leaks include correspondence and secret arms deals from the Saudi Ministry of Defense... These were forwarded to the Syrian government."
The hacker also provided a screenshot that proves the syrian electronic army has managed to gain access to the Saudi Arabia's Ministry of Defence Mail system.
The group recently hijacked the Social media accounts of Financial Times, The Onion, E! News, the Guardian and more. You can find here the list hacks done by the SEA : Syrian Electronic Army
A security Researcher Shikhil Sharma has identified a Non persistent Cross Site scripting vulnerability in one of the Leading online jobs search portal, Monster.
Monster is the largest job search engine in the world. Monster has over a million job postings at any time and over 1 million resumes, in the database (2008) and over 63 million job seekers per month. The company employs approximately 5,000 employees in 36 countries.
The Job search field in the Monster India website(jobsearch.monsterindia.com) is found to be vulnerable to the XSS injection.
POC:
http://jobsearch.monsterindia.com/searchresult.html?fts='/><script>alert('E+Hacking+News')</script>&x=0&y=0&mne=&mxe=The same vulnerability affects the Hong Kong(jobsearch.monster.com.hk) and Gulf(jobsearch.monstergulf.com) branch of the Monster job portal.
Today , one scammer posted a spam message in E Hacking News fan page that reads " John Cena of WWE died in a head injury while training! Watch the original video clip here >>> [Facebook_Group_Link]"
Clicking the link leads to a group post with title "Exclusive vids". The post has the following message:
John Cena (John Felix Anthony Cena) of World Wrestling Entertainment died in a head injury while perfecting a wrestling stunt with WWE wrestler, Dwayne Johnson or also known as The Rock. Authorities are now investigating. Watch the original video clip from WWE and their effort to save JOHN CENA (for 18 years+) CLICK HERE --------->[Bit_ly_Link]Clicking the link will lead the victim to a Tumblr page where it displays a GIF image that looks like a buffering video interface. The GIF displays a fake error message " Ahhh your social media player needs to update click here and then click add to update"
Once the victim click the link, it redirects to another page where users are being asked to paste the "Access token" .
Last year, the Hoax-Slayer identified similar spam post that claims the John Cena of WWE died.
One of the Top free web hosting provider, 000WebHost website is found to be vulnerable to Cross site scripting . The vulnerability was discovered by the Cyber Security Researcher Vedachala.
Domain name,Subdomain name and email address field in "Order Free Web Hosting" page of the site (000webhost.com) are vulnerable to xss injection.
The web app developer of this site fails to validate those inputs for the special characters that results in this security flaw.
POC code for this security bug:
http://www.000webhost.com/order.php?domain=\"><script>alert(/e hacking news/)</script>&subdomain=\"><script>alert(/e hacking news/)</scrip&name=\"><script>alert(/E Hacking News/)</script>&email=\"><script>alert(/e hacking news/)</script>&pass1=\"><script>alert(/E Hacking New&pass2=\"><script>alert(/E Hacking New&aggree=yes&error_multiple=1&error_domain=1&error_subdomain=1&error_name=&error_email=1&error_pass=4&error_tos=&error_number=&error_js=&error_disposable=&error_bad_gmail=
The researcher also recently found a reflected xss vulnerability in the Airtel website.
Aegis group is manufacturing and services sectors of steel, energy, power, communications, shipping ports and logistics, and construction and also he have many BPO centre in india of call centre like TATA DOCOMO
The vulnerability exists in the Search field of the website. Injecting the xss code in the Search box will execute successfully the injected code.
For instance, injecting the following code in the search box will display the alert box:
"><script>alert("E Hacking News")</script>
Narendra also found that the field allows user to run the iframe code also. So , possibly, a hacker can inject phishing page to scam innocent visitors.
"/><iframe src="http://www.google.com" width=1000 height=1000></iframe>
A SQL Injection vulnerability has been discovered in official website of Bangladesh Post Office (bangladeshpost.gov.bd). The vulnerability was discovered by the Grey-hat hacker "Human Mind Cracker".
In an email sent to EHN, the hacker provided the vulnerable link and claimed that the site is vulnerable to lot of vulnerabilities.
The hacker breached the site by exploiting the SQL injection vulnerability and compromised the database.
"I get into their database,and the most funniest thing is that The passwords is not encrypted with any hash, and this so bad for a website related to a government." the hacker said in the email.
The database dump(heypasteit.com/clip/0N9U) contains database details, username, plain-text format password. It also includes the admin username and password.
In an email sent to EHN, the hacker provided the vulnerable link and claimed that the site is vulnerable to lot of vulnerabilities.
The hacker breached the site by exploiting the SQL injection vulnerability and compromised the database.
 |
| Screenshot of Admin Panel |
"I get into their database,and the most funniest thing is that The passwords is not encrypted with any hash, and this so bad for a website related to a government." the hacker said in the email.
The database dump(heypasteit.com/clip/0N9U) contains database details, username, plain-text format password. It also includes the admin username and password.
The official website of French Ministry of Defense has been breached by a hacker named as XTnR3v0LT from XL3gi0n Hackers group.
The hacker leaked the database in pastebin. The hack is part of their operation called "OpLeak".
"opleak is AN operation created by xl3gi0n hackers IN which we leak more THAN 1000 database to show the world that they need more security."
The leak contains database details, login id, encrypted password. The leak includes the administrator id and password.
"to NATO member and all those who support the attack on Mali. we are against this so you must expect us. congratulation you are now on the list of our enemy
France/UAE/UK/US.... expect us ..the message is clear. stop war we stop attack keep fire, we keep hacking" The hacker said in the leak.
http://pastebin.com/YxiRKAR8
The Mauritania hacker group AnonGhost claims that Anonymous Squad No.035 lost their Cyber war Against AnonGhost. The hackers defaced more than 150 Serbia websites.
"Anonymous Squad No.035 F**d bY AnonGhost XD !!!!!! they couldn't deface any website of Mauritania , they tried sql injection loool :v we traced the admin and we f***ed their websites country"
The hackers defaced educational websites including osbrankoradicevic.edu.rs, oskaradjordje.edu.rs,sepsab.edu.rs, vsov-gbr.edu.rs, petartasic.edu.rs and politehnicka.edu.rs
"To Anonymous Squad No. 035
Rememeber this, The Team you want to f**k with is AnonGhost and we just want to tell you one thing Lammer go watch cartoons ! and fuck offff :::Listen to justin bieber kidz it's good for education , hacking is dangerous for you :p iihihihihihihi " The hacker said in the defacement message.
The full list of hacked sites with mirror can be found here:
pastebin.com/rAa9Hp5F
The Tunisian hacker 'Human Mind Cracker' who discover critical vulnerability in high profile website.Again,this time he hacked into Pakistan Army website and he get into their Database. He discovered SQL Injection vulnerability in their website 'www.pakistanarmy.gov.pk' .
In an email sent to EHN,the hacker provided us the vunerable link as a proof for his hacking.And he also provided a link to the dump (www.heypasteit.com/clip/0N5T).
" The reason of the hack is just to break the security of that website...I was thinking that Pakistan has a good cyber army but lool also they have a lot of vulnerable websites" hacker said in the email.
The dump contains database details, password, email address, admin id and password.
The hacker always try to hack into governments and banks website to improve his skills and want to know if government mind about security in their website.And the hacker said that more governments websites will be hacked by him soon.
In an email sent to EHN,the hacker provided us the vunerable link as a proof for his hacking.And he also provided a link to the dump (www.heypasteit.com/clip/0N5T).
" The reason of the hack is just to break the security of that website...I was thinking that Pakistan has a good cyber army but lool also they have a lot of vulnerable websites" hacker said in the email.
The dump contains database details, password, email address, admin id and password.
The hacker always try to hack into governments and banks website to improve his skills and want to know if government mind about security in their website.And the hacker said that more governments websites will be hacked by him soon.
The official website of Indonesian president,Susilo Bambang Yudhoyono , presidensby.info, has been hacked and defaced by an Indonesian Hacker group known as Jember Hacker Team(JHT) .
The site was defaced by a hacker called "MJL007" from the group with a small message reading "This is a payback From Jember Hacker Team".
Few hours after the site got breached, the Indonesian Government restored the website. At the time of writing, the website works fine.
Detik cited the Indonesian minister of communications and information, Tifatul Sembiring, as claiming that the hacker didn't really hack into the website diverting the IP address that is in the existing DNS soft layer in Texas.
The mirror of the defacement can be found here:
http://www.zone-h.org/mirror/id/18912807
Several Yahoo users complained that their accounts have been hacked. It appears that the Yahoo email accounts are being hacked after victim click a malicious link included.
The attack was started after one hacker or Security Researcher "Shahin Ramezany" uploaded a video in Youtube that demonstrates how to hack a Yahoo account by leveraging a DOM based XSS Vulnerability. The attack works in all major browsers.
"not so new Yahoo! again put ~400 million user in risk here is demo: http://www.youtube.com/watch?v=GJsMRDyC9eY … full detail PoC will be available after patch. #RT"
In the Demo video, the hacker included a link to external html file hosted in his website and send to his victim. He opened the malicious link from the victim account.
When the victim opens the malicious link, the cookie logs of the victim are being stored in hacker website. Hacker managed to use those cookies to log in into the victims account.
A Voice actress and singer Cristina Vee, was affected by this hack and posted in a twitter account:
"Friends and colleagues, don't click the link that was sent to you from my Yahoo email account, I was hacked :/ Apologies! "
According to The Next Web report, Yahoo has plugged the security hole in question.
At the time of writing, we are not able to confirm whether the attack was launched by the Shahin Ramezany or not.
*Update*:
Thought the Next Web report says the yahoo fixed the vulnerability, offensive-security Team claims that the vulnerability is still there.
"With little modification to the original proof of concept code written by Abysssec, it is still possible to exploit the original Yahoo vulnerability, allowing an attacker to completely take over a victim’s account." Offensive-security post reads. The POC code will be released once Yahoo patched the vulnerability.
The video Demo posted in Offensive-security:
An unknown hacker defaced the website(iowasenaterepublicans.com) used by the Iowa Senate Republican Caucus on Monday. The Senate GOP website normally contains press releases and information about the 24 Iowa Republican senators.
The Hacker replaced the normal page with a picture of a young woman in a white lab coat and words "Ayumi... there is only one reason for loving you..."
Spokeswoman Kirsten Anderson said the caucus staff had no idea who attacked the website or why. She said the website is hosted by a West Des Moines-based contractor outside of state government.
At the time of writing, the website has been restored and working normally.
The xl3gi0n hackers has breached one of the NASA subdomain ( Lunar Science Forum 2010) and compromised the database server. The hackers leaked the stolen data in pastebin.
The leak(pastebin.com/HdFLpEMH) contains the email addresses, plain-text passwords, name of the user. The leak also contains admin details including username, encrypted password.
There are three admin username and password listed in the leak. Hackers managed to crack the two out of three passwords and published the plain-text format of the password.
"This is why i were arrested the first time. hope you come and arrest me again cuz there are some files that will be leaked " Hacker said in the leak.
The hackers breached the database server by exploiting SQL Injection vulnerability. In an Email send to EHN, hacker provided the vulnerable link of the target website. Hacker requested me not to publish the vulnerable link.
The Tunisian hacker 'Human Mind Cracker' who discover critical vulnerability in high profile website, come with another interesting vulnerability finding. He discovered SQL Injection Vulnerability in one of the Bangladesh Bank website , "Islami Bank Bangladesh Ltd"(islamibankbd.com).
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
In an email sent to EHN, the hacker provided the vulnerable link and a link to the dump(heypasteit.com/clip/0MWN).
"The vulnerability was SQL injection...I report it many times..but they didn't reply and they didn't fix it yet...So I get into their database." Hacker said in the mail.
The dump contains database details, encrypted password, email address, admin id and password.
He also discovered Cross Site scripting security flaw in Feedback sending page of Islami Bank.
This is not the first time the Bank sites are being targeted by Human Mind cracker. Last time, he discovered SQLi in Tunisian Bank site.
The hacker always like to be a Grey Hat hacker and like to help the admin of site by reporting the vulnerability. But the admin fails to respond and fails to patch the security flaw.
20,000 Credentials has been compromised from the Association of Irish Festival Events website (aoifeonline.com) by a new hacker with twitter handle @DarkWebGoons.
The Association of Irish Festival Events(AOIFE) is an all-island voluntary network organisation that brings together organisers of festivals and events in Ireland, suppliers to the festival and event sector and policy-makers and funders
The hacker announced the breach in Twitter and posted a link to the leak of the compromised database. Hacker did not mention the reason for the attack
http://www.darkwebgoons.net/data/associationirish.txt
The dump contains password hash, Corporate Company, Email & Password , mobile number, name and other details.
A Hacker with Twitter handle AnonAcid has claimed to have leaked the records of more than Steubenville,Ohio residents as part of the operation called
"OpRollRedRoll".
The campaign has been launched after news broke out that authorities might be protecting members of the Steubenville football team accused of abusing a 15-year-old girl.
The hacker uploaded the dump in Mediafire. According to his pastebin post, the leak contains address,emails,personal information,dates of births,current address,phone numbers,names,state,country,city,current location,firstname, lastname, middlename, many many more.
The hacker didn't mention the origin of the data .
http://pastebin.com/Pf6HMATe
"City Of Steubenville,Your justice system is broke and needs to be fixed maybe this might help a little. Bring justice to the girl who was raped " The hacker wrote in the post.
He also published a list of individuals suspected of being involved in the abuse and demands that they be sent to jail.
The hacker with the online handle "TibitXimer" has claimed to have compromised millions of Verizon FiOS customer data. He has dumped a database with a few hundred thousand customer records from Verizon's FIOS Department.
The leak includes serial numbers, names, addresses, date they became a customer, password to their account, phone numbers, etc.
The dump has been uploaded in speedyshare as 279MB text file and AnonFiles as 19MB RAR file.
According to Zdnet report, the hack was carried out earlier this year on July 12, which allowed him to gain root access to the server holding the customer data. The hacker attempted to inform Verizon of the exploit, but the company ignored his report and did not comment.
It seems like the Twitter account of the hacker(@TibitXimer) has been suspended. At the time of writing we are not able to reach him through Twitter. But his recent announcement about the hack is available here:
http://pastebin.com/Nf9ThT03
