Indian government get access to BlackBerry messages

Indian government get access to BlackBerry messages

After a battle lasting almost two years, BlackBerry maker Research In Motion has knuckled under to the Indian government, giving security forces in that country access to private instant messages.

RIM decided to set up Blackberry servers that were stationed in Mumbai, India. If you were thinking that this move could only lead to the Indian government seeking more control over what goes in and out of RIM’s Blackberry servers, you would be right on the money.

Not only has the Indian government gotten their way with the Blackberry servers, but they will now be able to tap into BBM messages. This was confirmed by Indian security agencies who revealed that the process to decrypt the 256-bit encrypted data used by BBM is underway and would be up and running soon, claiming that the interception of BBM messages will be used in case where the government suspects that crimes or terror plots are being hatched.

It should also be noted that the tapping of BBM only affects those on BIS as BES encryption keys are specific to every installation, while BIS’ encryption key is shared. While India may be the first country granted official access to some of RIM’s data.

Your Facebook credentials at risk on Android - iOS jailbroken devices

Your Facebook credentials at risk on Android - iOS jailbroken devices

Facebook allows its authentication credentials to be stored in plain text within the Apple iOS version of its mobile app, allowing an attacker complete control over your Facebook account if he knows where to look.

Security researcher Gareth Wright noted the vulnerability and alerted Facebook. Wright wrote on his blog that he discovered the issue while exploring the application directories in his iPhone with a free tool and came across a Facebook access token in the Draw Something game on his phone.

The simple ‘hack’ allows a user to copy a plain text file off of the device and onto another one. This effectively gives another user access to your account, profile and all on that iOS device.

Facebook’s native apps for the two platforms not encrypting your login credentials, meaning they can be easily swiped over a USB connection, or more likely, via malicious apps. Facebook has responded that this issue only applies to compromised or jailbroken devices.

"My jaw dropped as over the next few minutes I watched posts appear on my wall, private messages sent, webpages liked and applications added," Wright wrote. Wright said that he harvested over 1,000 plists over the course of a week, although he copied no data.

As for the USB connection scenario, Facebook says there’s no way to fix this problem. Note that in this case it doesn’t matter if your device is jailbroken or not, because whoever is doing the deed has physical access to your phone or tablet.

Facebook said in a statement that the modifications made to the phone were responsible for exposing the data:

Facebook's iOS and Android applications are only intended for use with the manufacture provided operating system, and access tokens are only vulnerable if they have modified their mobile OS (i.e. jailbroken iOS or modded Android) or have granted a malicious actor access to the physical device. We develop and test our application on an unmodified version of mobile operating systems and rely on the native protections as a foundation for development, deployment and security, all of which is compromised on a jailbroken device. As Apple states, "unauthorized modification of iOS could allow hackers to steal personal information ... or introduce malware or viruses." To protect themselves we recommend all users abstain from modifying their mobile OS to prevent any application instability or security issues.

Wright called Facebook's statement "rubbish," adding that the vulnerability is present on both jailbroken and non-jailbroken phones.

181000 records compromised in Utah Security Breach

181000 records compromised in Utah Security Breach

Utah health officials said that hackers who broke into state computers last weekend stole far more medical records than originally thought, and the data likely includes Social Security numbers of children who have received public assistance.

The Utah Department of Health has been hacked. 181,604 Medicaid/CHIP recipients have had their personal information stolen. 25,096 have had their Social Security numbers (SSNs) compromised.

What is particularly threatening about this attack is the fact that the stolen records included personal information including client names, addresses, birth dates, SSNs, physician’s names, national provider identifiers, addresses, tax identification numbers, and procedure codes designed for billing purposes.

   “We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised,” said Michael Hales, deputy director of the Health Department. “But we also hope they understand we are doing everything we can to protect them from further harm.

DTS has implemented new procedures to ensure that this type of breach will never happen again. Additional steps are being implemented to improve security controls related to the implementation of computer hardware and software, as well as increased network monitoring and intrusion detection capabilities.

Anonymous Leaks Tunisia Prime Minister’s Emails

Anonymous Leaks Tunisia Prime Minister’s Emails

Anonymous Hackers says it has hacked 2,725 emails belonging to Tunisia's ruling Ennahda party, including those of the prime minister, in the latest challenge to the Islamist-led government. The email addresses of the president, head of the Constituent Assembly, Ennahdha party officials, and other party leaders were disclosed as well as documents from the electoral campaigns.

The activist said the emails include phone numbers, bank transactions and invoices paid during Tunisia's election campaign in October, in which Ennahda won more than 40 percent of parliament seats, going on to lead the government.

The Tunisian government seems to think the emails are pretty old, but are investigating if the emails from Jebali are from before or after the election.

Anonymous is pushing against internet censorship in Tunisia, and promised: "To the Tunisian government, we have kept a large part of your data secret. If you do not wish to see these published on the internet we ask you to work to the best of your ability to avoid internet censorship and to respect human rights and the freedom of expression in Tunisia."

iPad 3 jailbroken on Launch Day by 3 ways

Team posion Got access to over 300,000 servers EA Games server

This Data Surely Shows That The person HEX Of teampoison Have the whole acces on the ea games server
What he says about it

Hex00010 says:

10:09:26

that picture right there display all of there games that are currently being used for online through the PC , Xbox 360 , and PS3 networks

through that i can

edit the game files

shut down the network

10:09:37

Install updates

bind viruse to the .exe

Hex00010 says:

10:00:06

I have access to over 300,000 servers owned by EA Games

I have access to Xbox 360 , PS3 , and PC servers

It may be sure for u More info soon

Siemens and Canon's Databases exploited by Team INTRA

Siemens and Canon's Databases exploited by Team INTRA

Recently a hacker known as "JoinSe7en" from Team INTRA claims to have hacked into subdomains of Canon and Siemens. Apparently, the hacker has found and exploited a Blind SQL Injection vulnerability in Canon's website and a Error based SQL Injection in Siemens.

He published a full disclosure on both of the databases on pastebin:

Siemens : http://pastebin.com/HBL966wh

Canon : http://pastebin.com/fbL0s9aS

These pastebin notes include the vulnerable links of respective sites and extracted database info with usernames and passwords of Siemens Users & Canon forum, sites user credentials.

Artist and Hacktivists Sabotage Spanish Anti-Piracy LawArtist and Hacktivists Sabotage Spanish Anti-Piracy Law

In an attempt to sabotage a new anti-piracy law that went into effect today, hundreds of websites in Spain are participating in a unique protest organized by a local hacktivist group. The websites all link to an “infringing” song by an artist loyal to the protest, who reported the sites to the authorities to overload them with requests.

Traditionally, Spain has been one of the few countries where courts have affirmed that P2P-sites operate legally. This situation was met with disapproval by the United States Government who behind closed doors proceeded to help the Spanish authorities draft new laws to protect the interests of copyright holders.

Threatened with being put on a United States trade blacklist, the Government passed the so-called ‘Sinde Law’ in a rush late last year. The law allows for the blocking of allegedly infringing sites based on reports from copyright holders, a position similar to that proposed by the US SOPA bill.

Today the Sinde law went into effect and immediately it was met with resistance from opponents. The group Hackivistas was quick to organize a rather unique form of protest. They encouraged sites to link to a copyrighted track from the artist Eme Navarro, who’s a member of the music rights group SGAE, but critical of the Sinde law.

While Navarro generally publishes his music under a Creative Commons license, he created an “all rights reserved” track specifically for the protest. Thanks to the hacktivist campaign hundreds of websites are now linking to this copyrighted song without permission, and Navarro reported a first batch of sites to the Ministry of Culture early this morning.

As a result, the commission tasked with reviewing all the requests will be overloaded with complaints. All the reported sites have to be processed on order of arrival, so the protest will significantly slow down this review process.

Navarro delivering the complaints

“The aim of this action is testing this law and being the first ones who use it in order to show the absurdity and the censorship that it will bring,” the hacktivists say commenting on their action.

The sites participating in the campaign do risk being blocked by Internet providers, but according to the law they have to be notified about the alleged infringement first. Then they get the chance to remove the infringing link to avoid being blocked.

Besides from the “sabotage” angle, another goal of the protest is to find out how the takedown process works. Right now there is still much uncertainty about how the commission will operate and how websites will eventually be blocked, a Hacktivistas member told TorrentFreak.

“Nobody knows how they will shut down websites. We suspect that they will ask Spanish companies hosting the websites to shut them down, and that Spanish service providers will block websites that are hosted outside of Spain.”

“They will also censor foreign websites, so anyone in the world can join us. We want to check what happens in every case,” the hacktivist added.

Joining the protest is easy, websites can add a link to the infringing track through a simple piece of code provided on the campaign website. Just make sure not to ask Eme Navarro for permission.

Two years later, Apple still won’t fix Safari hole

Two years after fixing a security bug in the Windows version of its Safari browser, Apple apparently has decided that Mac users can go without a fix.

Apple was initially unimpressed by Nitesh Dhanjani’s work developing what’s known as a “carpet bomb” attack, the security researcher said in an interview Monday. “I told Apple about it two years ago, and they responded back, saying it was more of an annoyance than anything else.”

That turned out to be the wrong assessment. Soon after Dhanjani went public with the flaw in May 2008, another security researcher showed how carpet bombing could be combined with another Windows attack to run unauthorized software on a Windows PC. Apple then shipped a fix for Safari on Windows, but not for Safari on Mac OS X.

Nobody has shown how to do this on the Mac OS X version of Safari, but Dhanjani still thinks Apple should fix the issue on both platforms.

In a carpet bomb attack, the victim visits a malicious Web site, which then starts downloading unauthorized files to the victim’s computer without any sort of approval.

“[W]hile most sane Web browsers warn the end user and ask for explicit permission before saving a file locally, Safari goes ahead and saves the file into the default download location without asking the user,” he said in a blog posting, “even if hundreds of files are served up by the malicious website simultaneously.”

Without conducting another attack, hackers still have no way to run the files on the victim’s computer, but these unauthorized downloads still represent a security risk, Dhanjani said. “In this day and age … the site shouldn’t be able to drop anything it wants into my downloads folder.”

Not everyone agrees, however. Noted Apple hacker Charlie Miller said that Dhanjani’s bug is not serious because there is no second Mac OS X bug that causes downloaded files to be executed. “So basically, a Web site can start to download a bunch of files to your Downloads directory. This isn’t an ideal situation, but then again, I don’t see a lot of harm that comes from it,” he said in an e-mail interview. “Especially, if the alternative is for the browser to nag me every time I want to download something.”

Dhanjani believes Apple hasn’t fixed the issue because it might annoy Mac users. “They’re going after usability,” he said. “Apple wants to make everything so seamless that they don’t want the user to have to go through this extra process.”

Apple did not immediately respond to a request for comment on this story. The company typically does not comment on security issues.

In a May 2008 e-mail message to Dhanjani, viewed by the IDG News Service, Apple’s security team said it would consider adding an “Ask me before downloading anything” preference to Safari. “This will require a review with the Human Interface team,” Apple told the researcher. “We want to set your expectations that this could take quite a while, if it ever gets incorporated.”

The Killswitch : They can remotely modify your Window 8

Last year,a Finnish software developer, was cruising Google’s Android Market for smartphone apps last year when he noticed something strange. Dozens of best-selling applications suddenly listed the same wrong publisher. Google uses a little known kill switch, to forcibly removing the malicious code from more than 250,000 infected Android smartphones. It’s a powerful way to stop threats that spread quickly, but it’s also a privacy and security land mine.

With the rollout of the Windows 8 operating system expected later this year, millions of desktop and laptop PCs will get kill switches for the first time. Microsoft has confirmed that they have remote kill switch installed in to Windows 8 apps. using this access, they can disable and even remove an app entirely from a user’s device. This piece of information was released along with other details of the upcoming Windows Store for Windows 8.

Anyone worried about Microsoft having complete access to your computer can rest easy for now. The company has stated that they can only “kill” programs downloaded from its new Microsoft App Store. This is what the company has to say about it in official terms: -“In cases where your security is at risk, or where we’re required to do so for legal reasons, you may not be able to run apps or access content that you previously acquired or purchased a license for,”.

Any software loaded from a flash drive, DVD, or directly from the Web will remain outside Microsoft’s control. Still, the kill switch is a tool that could help Microsoft prevent mass malware infections. “For most users, the ability to remotely remove apps is a good thing,” says Charlie Miller, a researcher with the security company Accuvant.

Hiroshi Lockheimer, Google’s vice president of Android engineering, says the search company reserves the use of the kill switch for “really egregious, really obvious cases” of harmful content. Microsoft’s Biggs says the company has used the functionality in its smartphones only for “technical issues and content issues.” Apple declined to comment. Amazon did not respond to several messages.

Nonetheless, a “kill switch” for curators of online applications marketplace is common as companies try to protect users of the platforms they develop from malware or hacking attempts implemented through applications.Microsoft’s upcoming Windows 8 operating system is expected to be launched by the middle of next year.

Sandcat Browser 2.0 Released - Penetration Testing Oriented Browser

Sandcat Browser 2.0 Released, Penetration Testing Oriented Browser

Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions.

What is Sandcat Browser?

The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Sandcat web application security scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support.

This first Sandcat Browser release includes the following pen-test oriented features:

• Live HTTP Headers
• Request Editor extension
• Fuzzer extension with multiple modes and support for filters
• JavaScript Executor extension -- allows you to load and run external JavaScript files
• Lua Executor extension -- allows you to load and run external Lua scripts
• Syhunt Gelo
• HTTP Brute Force, CGI Scanner scripts and more.

User Interface & Experience Enhancements

• New windows will now open in new Tabs.
• Navigation bar now behaves like Firefox's or Opera's.
• Improved multi-tab support.
• Improved source tab.
• Added a simple cookie logging extension.

Sandcat Browser Extension Development Kit

The Sandcat Browser Extension Development Kit is now available here. It also includes the source of all the Sandcat Browser extensions.

Added RudraScript

Syhunt RudraScript allows you to easily execute code in JavaScript, PascalScript, Perl, PHP, Python, Ruby & VBScript from within the browser and the browser extensions. Details about the RudraScript support can be found at this link

Download Sandcat Browser 2.0

Cyber Criminals took over billion dollar of Brazilian companies

PricewaterhouseCoopers has revealed in a report that cyber criminals are now shifting their attacks towards emerging markets, especially those engaging with carbon emission trades which promote low carbon technologies but whose security measures have not yet grown to combat online attacks.

In Brazil, 8% of the companies under attack of Cyber Criminals and had losses above $ 1 billion of Brazilian companies. A recent survey by PricewaterhouseCoopers (PwC) finding that over one third of Brazilian companies (32%) was the victim of cybercrime last year. The world average is lower, 23% of companies have been targets of cyber attacks in 2011.More than half of Brazilian executives (51%) explained that one of the biggest problems related to awareness and combat electronic crime is the fact that management of their companies adopted only informally or on an ad hoc solutions and security processes.

Cyber criminals are targeting these emerging markets to exploit the vulnerabilities of their systems and extract information which they could use for illegal profit. For example, Greece and Austria have recently suffered from security breaches. In 2010, unsuspecting employees from German companies have received bogus emails allegedly sent by phishers through seemingly legitimate but bogus registries.

"Today the biggest challenge for those working in information security, especially corporate, are the attacks that target specific business environments", Moreno Garcia believes, commercial director and regional manager of Symantec in Brazil. The defense against this type of attack requires the use of remote management services, as the company's IT administrator can not monitor all security incidents at the same time.