The Hacker News:
Hackers from Team r00tw0rm again hit NASA. According to Latest tweet by Hackers, They claim to hack the one of the Sudomain of Nasa (Link is not exposed by hackers and claimed to be reported for Fix).
Hackers claim to hack GB's of database and they Leaked sample of database include Users names, emails and Passwords , Contact as shown:
Same Hackers Yesterday Hack and Expose the Database of United States Census Bureau and Vulnerable link was also Exposed.
The Hacker News:
Today, Hackers from group EvilShadow successfully hack and deface the website of Microsoft Store India (http://www.microsoftstore.co.in) . But Hacker upload his deface page at location http://www.microsoftstore.co.in/evil.html .
Hacker revealed that user passwords were saved in plain text as shown below:
The Register: Microsoft plans to publish nine updates next Tuesday – four of which are critical – as part of a Valentine's Day edition of its Patch Tuesday update cycle.
Highlights of the batch, which collectively address 21 vulnerabilities, include a critical update for Internet Explorer.
There are also two critical fixes for Windows itself, plus one for Microsoft's .NET framework. Three the five remaining "important" fixes grapple with remote code execution-type vulnerabilities, one of which involves Office. Flaws of this type are best addressed sooner rather than later because they might easily be exploited by malware slingers.
Patching IE ought to be be the highest priority, according to vulnerability scanning and web services firm Qualys.
"[W]e saw last month how quickly attackers are incorporating browser-based attacks into their toolkits; an exploit for MS12-004 was detected a mere 15 days after Patch Tuesday," notes Wolfgang Kandek, CTO of Qualys, in a blog post on the upcoming patch batch.
Andrew Storms, director of security operations at net security firm nCircle, said all supported versions of Windows will need patching. Oddly the most recent versions of Windows – which normally need the least patching – are the most affected by the February 2012 patch batch, he added.
"Microsoft is planning to deliver a big 'Valentine' next Tuesday. Their advance notification indicated they plan to release nine bulletins, and 21 CVEs next Tuesday. This is very consistent with last year's 'Valentine delivery' that included 12 bulletins and 22 CVEs."
"It's surprising that this month's patch affects almost every Windows operating system – each OS is affected by five of the eight applicable bulletins. That's kind of weird because newer OS versions are generally more secure."
"It's even more surprising that Windows Server 2008 R2 is affected by the greatest number of bulletins. Generally, we see fewer bugs on server side operating systems, and this is doubly true for Server 2008 since so many of its newer mitigations and default settings protect the OS even when bugs are found," he added.
Microsoft's own pre-alert notice can be found here.
The Inquirer: A Hacker using the pseudonyms 'Weedgrower' or 'X-pOSed' claims that he has compromised Intel and obtained sensitive data.
The solo hacker claims to have found a flaw in the subscriber segment of Intel's web site, according to The Hacker News. He said that he has access to sensitive data that includes credit card numbers, email addresses and passwords.
Weedgrower said, "I've got to give some applause to all these pseudo-security technicians out there. I cut Intel a break, I have access to a database and another vulnerability which enables the right to read user data. I'll be gracious here and NOT spill the data, but I will provide screenshots to prove that I have access to Credit Card data and such."
The screen shot, which has been expertly edited, supposedly proves that he has the data, but it's unclear whether this is true or not. His previous successful hacks apparently included AOL, NASA, Hotmail, Myspace, Xbox, Yahoo and Visa, from which he claims to have leaked sensitive data.
A vulnerability that he is threatening to reveal purportedly can be used to expose sensitive data. We are waiting for a response from Intel on the alleged hack.
Intel has come back to us with the following short and sweet statement, "We are aware of these claims, and we are investigating them."
LifeHacker:
Windows has a ton of great utilities, and while we can't live without some of them, there's a special place in our heart for programs that merely improve Windows, rather than adding new software. Here are our top 10 apps that take Windows' built-in tools and make them better.
Continue reading it here: http://lifehacker.com/5884261/top-10-downloads-that-enhance-windows-built+in-tools
SophosLabs: The CIA's website was brought down for some hours last night by what appears to have been an internet distributed denial-of-service (DDoS) attack.
A post made from an Anonymous-affiliated Twitter account announced that the site was doing using the phrase "CIA Tango Down", although a later tweet left ambiguity as to whether the hacktivists were claiming responsibility for the attack.
Of course, this is one of the challenges when trying to get a sense of what actions can be attributed to Anonymous or not.
Anonymous doesn't have members, isn't a group in a conventional sense, and has arguably no official channels of communication. Without a defined hierarchy, anyone can claim to represent Anonymous if they wish, which means that even Anonymous itself can't actually claim that they did or did not launch an attack.
It's more a case of individuals bandying together to launch attacks, some of which they may choose to launch under the Anonymous banner even if it isn't an attack supported by others who would affiliate themselves with the movement.
So, it only actually needs one person to claim that the CIA attack was done by Anonymous and, well.. it's hard to prove that it wasn't. I often think that this must be frustrating for those who would closely associate themselves with Anonymous, and man their more popularly followed website outlets and Twitter accounts.
At the end of the day, it probably matters less whether the attack was by Anonymous or not - but rather, that the CIA's website was brought down and whether the authorities are able to identify those responsible.
In the past, law enforcement agencies have arrested individuals who they believe have been responsible for similar DDoS attacks against the likes of Britain's Serious Organized Crime Agency and the CIA.
If innocent users want to avoid being associated with a criminal DDoS attack, they should take care over what links they click on, and what software they install.
At the time of writing, the CIA's website still appears to be receiving a large amount of traffic - making it impossible for some internet users to reach the site.
Of course, a denial-of-service attack is very different from an actual hack of the CIA's computer servers. There is no suggestion at the moment that the CIA's own systems have been compromised - rather their webservers have been so bombarded with traffic that their site is no longer accessible from the outside world.
It's rather like when a luxury department store sells products at ridiculously reduced sale prices - so many people try to get in at the same time, that nothing moves and a complete logjam is created.
SophosLabs: One of the largest ISPs in The Netherlands has shut down its email services after hackers posted usernames, passwords, phone numbers, addresses and more of more than 500 customers on the internet.
KPN discovered the attackers on its network January 27th, but decided not to disclose the information immediately after consulting with the Dutch government and law enforcement agencies.
Presumably this was intended to allow them to monitor the attacker and gather evidence that might be used to apprehend and prosecute them.
They announced the breach on February 8th, but suddenly today decided to suspend all email access after some customers' information was posted on pastebin.com.
They are currently allowing customers to send outbound email, but have disabled access to customer mailboxes while they work on securing the server infrastructure.
KPN provides service to more than two million Dutch internet users and it is unclear if information was stolen about more than the 500+ already disclosed.
I have seen a lot of arguments among security researchers lately about the value of analyzing passwords that have been stolen from sites like Care2.com and Stratfor.
The argument is that people's passwords are weak because these are throwaway websites and people can't be bothered to choose unique passwords for every site they access.
This time the passwords disclosed are for accessing private email accounts, something I would expect most of us would consider very personal and important enough to protect properly.
What did I find? The average password was 8.3 characters long and most of them abysmally weak. The shortest password was only 4 characters, while the longest (2) were 13 characters.
Password complexity isn't really the problem in this case, rather it is not having your password database stolen to begin with.
No matter how long your password is it does you no good if it is stored in plain text and stolen by a cybercriminal.
KPN has warned its customers that they should change any passwords they might have reused on other sites like Google or Facebook.
To me, that is the real lesson here. You really *need* to use a unique password for every site you visit, or in the worst case at least for the important ones.
Complexity is nice, entropy is great, but it is all for naught if your service provider can't hold up its end of the bargain.
Symantec Connect: Recently there have been several reports about the re-emergence of a botnet variant (Kelihos), which Symantec detects as W32.Waledac.C. The Waledac family is a threat that has been monitored by Symantec for many years and was featured in numerous blogs as well as a white paper. In the past, Waledac gained its infamy as a spamming botnet that utilized compromised systems to send out spam. The purpose of these spamming campaigns had usually been for self-propagation of the threat through spam emails containing a link, often (but not always) pointing to a Waledac binary file hosted on a malicious website. The variant W32.Waledac.C is also sending out spam emails, but with a twist.
In one spam campaign, we observed it sending out the email seen below to only Russian target email addresses.
Email translation (Rough translation)
This year Rospres celebrates another birthday - we are now 5 years old.
All these years we were trying our best to bring to you the latest available information in its full integrity. In the nearest future we intend to work even harder for our readers, so they come back to our web portal again and again. We will be very happy to work for all visitors to http://www.rospres.com/ !
With best wishes, Ruspres.
The Rospres.com link seen in the spam email leads to a slanderous article hosted on the Rospres.com site and can be seen in the picture below. We have found no evidence that the link contained in the spam email is used to propagate the threat. The site Rospres.com seems to contain numerous articles on high profile Russian individuals such as politicians and businessmen that could be considered slanderous.
The individual in this article is Mikhail Prokhorov a Russian billionaire oligarch and an independent candidate in the Russian 2012 elections this March. While it is not clear whether the intent of this Waledac spam campaign has been to push the site Rospres.com or to smear the election campaign of any individual, it does question the exact motivation of the malware gang controlling the W32.Waledac.C variant.
gHacks: Mozilla, developers of the popular Firefox web browser, have just released an update for the browser’s stable branch that moves the version to 10.0.1. The release may come as a surprise to users of Firefox 10, who were updated to that version only ten days ago.
This is not the first occurrence that a critical update is released shortly after a major version upgrade of the web browser. Similar updates had to be delivered after the release of Firefox 9 and Firefox 8.
Firefox 10.0.1 fixes critical issues that came to light shortly after Firefox 10 had been released to the public. This includes at least one startup crash when the browser is opened by the user, and one Java related issue that is causing text fields to hang in the browser. Firefox users can resolve the issue manually by minimizing or resizing the browser. The patch released later today will fix the issue permanently though.
The product planning summary lists additional issues that the developers are currently looking into. This includes issues with AVG’s SafeSearch extension that is blocking the enter key. While it it possible to click on the go button to be taken to the site, it is a issue that the developers want to resolve as quickly as possible.
Other issues mentioned in the summary are additional crashes, and incompatibilities with Norton products and RealPlayer Video Downloader.
The release is already available on the Mozilla release ftp server and on third party download portals such as Softpedia. It is likely that the new version will be pushed to all users later today. At that point it will also be offered for download on the Mozilla website and as an update in the browser.
Please note that both the standard Firefox 10 build and Firefox 10 ESR will receive the update to Firefox 10.0.1.
SophosLabs: Is it possible to fight Anonymous?
The movement is proud of saying that an idea can't be arrested or killed, but it seems like the Boston Police Department has thought of one way of fighting back: sarcasm.
A week ago, the BPDNews.com website which provides news about the Boston police and crime in the area was hacked by Anonymous. The hackers replaced the home page of the site with a message and a video of American rapper KRS-One performing his song "Sound of Da Police".
After almost a week of downtime, Boston Police have managed to bring their website back up - and have proven they have got a sense of humor by making a video about the hack.
With straight faces, police officers explain how they were in Dunkin' Donuts when they first heard about the hack, and how they are struggling to make sense of a world without access to BPDNews.com:
As one officer explains, "My reaction was, 'Why would anybody want to destroy a perfectly good KRS-One song?'"
