-
Anonymous hacks church Web site during live interview
The Anonymous hacking collective this morning defaced the Web site of the controversial Westboro Baptist Church in the middle of a live radio show that included a church spokeswoman and a member of Anonymous.
-
Developers have published a fix to tackle a high-risk flaw in BIND, the widely used Domain Name Services (DNS) software. The flaw creates a potential mechanism for miscreants to crash systems running vulnerable version of the name-to-IP-address translation software.
-
Man admits hacking into NASA, e-commerce servers • The Register
-
Facebook clickjacking: Malware takes on new Italian disguises | Naked Security
-
Oddjob Trojan keeps banking sessions open after victims log out • The Register
domenica 27 febbraio 2011
Security Incidents of This Week (weekly)
domenica 20 febbraio 2011
Security Incidents of This Week (weekly)
-
Canadian finance ministries closed off from web after cyberspy hack
-
Hacked BBC streaming websites serve up malware • The Register
Streaming sites operated by the BBC were hacked on Tuesday so they silently served visitors with malware, researchers from security firm Websense said.
-
Man pockets $8m running computer fraud ring
A New Hampshire man has admitted pocketing almost $8 million in a scheme that infected people's computers with software that forced their modems to surreptitiously dial premium phone numbers.
-
Hardware keyloggers discovered at public libraries | Naked Security
-
Hacking the Web: Hijacking search results
In this post I will describe some recent attacks that we have been following in which the victim's browser is 0wned, and their search results hijacked.
domenica 13 febbraio 2011
Security Incidents of This Week (weekly)
-
"Night Dragon", cyber-attacco alle infrastrutture energetiche
-
Facebook clickjacking: Dirty Italian schoolteacher undresses
-
One third of EU surfers hit by malware
Around a third of European internet users picked up a virus or other computer-related infection in 2010, according to the latest statistics from the EU released ahead of Safer Internet Day on 8 February.
...
Three per cent on average had suffered financial loss owing to phishing or pharming attacks or fraudulent payment card use -
Free open WiFi suspected in Facebook hack of Missouri state representatives | Naked Security
-
Russian hacker escapes jail after $9 million RBS WorldPay ATM heist
-
Attacco hacker al sito del governo La Polizia: "Nessun furto di dati"
-
Nasdaq admits hackers planted malware on web portal • The Register
-
Anonymous pwns security firm that probed its membership
Anonymous did a number on HBGary by hacking into its email system and uploading 60,000 emails onto file-sharing networks. Anonymous also defaced HBGary's website with an image explaining their motives as well as taking over the Twitter feed of HBGary's chief exec, Aaron Barr, to tweet abuse as well as supposed details of his home address and social security number. LinkedIn accounts of other senior HBGary execs were also targeted for attack.
-
ClassicCars.com hacked by Indonesian hackers
Skip to contentSearch for:
Archive by date | author | category
Send us a tip | Subscribe by RSS | Email
malware spam social networks data loss law & order apple podcast video more about
67
Share
10
79
Share
Facebook stalkers and profile creeps - rogue apps spread virally
FLAMING RETORT - Cooling the friction when Linux meets anti-virus
ClassicCars.com hacked by Indonesian hackers
Hi there! If you're new here, you might want to subscribe to the RSS feed for updates. X
by Chester Wisniewski on February 7, 2011 | Comments (2)
FILED UNDER: Featured, Vulnerability
Late yesterday evening a fellow Sophos employee tipped me off that the website classiccars.com had been defaced. While it's not shocking news that another site of the millions on the internet has been hacked, this one was unusual in that the defacement seemed to be nothing more than an advertisement for the hackers.
Ten years ago hacking for bragging rights was a somewhat common practice, but today most attacks are more silent and are designed to steal information. I poked around to find out more about who was behind the attack and how they are compromising the security of the sites they are attacking.
The image and stolen JavaScript code that made up the new home page were stored at a free web host. No surprises there, but I did discover that they had an active IRC network.
The group had planted an IRC bot in a chat channel that they can command to remotely scan networks for vulnerabilities. This provides them with a list of hosts that are vulnerable to SQL injection and other techniques. It appears the bot uses search engines like Google and Bing to find potential targets.
The individual who claimed to execute this hack seems relatively unknown, but others in the group are proud enough of their work to publish tales of their exploits. One member, r3cogniz3d, was good enough to post his name and photo publicly on Facebook. He seems to really like the coffee shop Cafe Lampu in Jambi, Indonesia, by the way, so stop by and pay him a visit if yo