#OpIsrael , Anonymous, the same group that reportedly took out the CIA's public website for a few hours in February, claimed it had attacked approximately 10,000 Israeli websites, both government and Private.
The cyber attackers have launched over more than 44 million attempts to disrupt the operation of various Israeli government websites & Servers infrastructure.
URL for a dump of the hacked database:
http://www.anonpaste.me/anonpaste2/index.php?6a51ed282cb3f846#VgBBdzIHLY1JWUZClr93F1AZc5wQEvePMw5R3640MrM=
Godaddy Hacked !!
GoDaddy, the internet's largest domain registrar, was hacked on Monday morning by a member of the Anonymous hacking group. Although it was not clear how many websites were affected, "DNS" or Domain Name System, "GoDaddy" and "Anonymous" are trending on Twitter, as thousands of clients and observers comment on the outage.
A hacker identifying himself as the Security leader of Anonymous claimed responsibility shortly after the attack. @AnonymousOwn3r said he hacked GoDaddy because: "I'd like to test how the cyber security is safe and for more reasons that I can not talk now."
A hacker identifying himself as the Security leader of Anonymous claimed responsibility shortly after the attack. @AnonymousOwn3r said he hacked GoDaddy because: "I'd like to test how the cyber security is safe and for more reasons that I can not talk now."
Yahoo's password hacked
Nearly 443,000 e-mail addresses and passwords for a Yahoo site were exposed late Wednesday. The impact stretched beyond Yahoo because the site allowed users to log in with credentials from other sites -- which meant that user names and passwords for Yahoo (YHOO, Fortune 500), Google's (GOOG, Fortune 500) Gmail, Microsoft's (MSFT, Fortune 500) Hotmail, AOL (AOL) and many other e-mail hosts were among those posted publicly on a hacker forum.
What's shocking about the development isn't that usernames and passwords were stolen -- that happens virtually every day. The surprise is how easily outsiders cracked a service run by one of the biggest Web companies in the world. The group of seven hackers, who belong to a hacker collective called D33Ds Company, got into Yahoo's Contributor Network database by using a rudimentary attack called a SQL injection.
What's shocking about the development isn't that usernames and passwords were stolen -- that happens virtually every day. The surprise is how easily outsiders cracked a service run by one of the biggest Web companies in the world. The group of seven hackers, who belong to a hacker collective called D33Ds Company, got into Yahoo's Contributor Network database by using a rudimentary attack called a SQL injection.
New Multi-Platform Web Exploit !!
The attack was detected on a compromised website in Colombia, When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority. If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform. The files are detected by F-Secure as 'Backdoor:OSX/GetShell.A,' 'Backdoor:Linux/GetShell.A' and 'Backdoor:W32/GetShell.A
Critical vulnerability derails Ruby on Rails
The H reports on a newly-discovered SQL injection vulnerability in Ruby on Rails, affecting the 3.0.x, 3.1.x, and 3.2.x versions.
The developers of the Ruby on Rails web framework have closed a critical vulnerability which allowed attackers to execute SQL commands on the database server. An "SQL Injection" attack such as this could allow the attacker, for example, to read confidential information without authorisation.
The vulnerability exists in versions 3.0 and later of Active Record, Rail's database layer, and is exposed when using nested query parameters. Code that directly passes parameters to a where method, is affected. For example, using the common idiom params[:id] can be tricked into returning a crafted hash which causes the generated SQL statement to query an arbitrary table.
Another weakness with query generation was also found to affect all versions of Ruby On Rails. Rails 3.2.4 was released with fixes for these, and many other bugs, but due to a number of problems in the release process for 3.2.4, the developers then released Rails 3.2.5. There are also updated versions of Rails 3.1.5 and Rails 3.0.13 to fix the same security problems in older versions of the framework.
Subscribe to:
Posts (Atom)
