Hacking – Page 10 – Michalis Nicolaides

OS X Lion Security is for Lulz

I have already posted that Apple laptops can be easily hacked. Now, with the new version of Apple’s OS X, you thought that security will be improved but this is not the case. OS X Lions passwords can be hacked faster and easier than ever. You don’t even have to crack the passwords, you can just change them to whatever you want if you have physical access to the terminal. By cracking the password, we mean to find the password from its hash or with a brute force attack. If you have access to a computer, you can change the password with the following command

INSA has been hacked

Intelligence and National Security Alliance (INSA) has been hacked. INSA’s Cybersecurity Council released a document explaining that government and private sector should work together to solve cyber security vulnerabilities. Two day after the release, they have been hacked. Details of U.S intelligence officials have been posted on Cryptome with the title “INSA Nest of Official and Corporate Spies”. Information leaked about the members of INSA includes names, emails and in some cases addresses. Cryptome posts interesting documents worth checking out. Hackers

Hackers poisoned GoDaddy

GoDaddy, the largest domain registrar and web hosting company poisoned with a modified .htaccess, an Apache web server configuration file. A number of websites hosted on shared servers compromised and when someone was visiting those websites through a search engine, they were being redirected to sokoloperkovuskeci.com and then again to some other malware sites. GoDaddy informed users that they are looking to resolve this issue. Affected websites may have been blacklisted from search engines so if you are one of those affected check it out

News feed for hacking is huge

Every day I read news about technology, science, gadgets, trends and local news but the category with the most news is hacking. Every day hundreds of websites are hacked, including few companies, and tens of hacking tools are created or new versions are released. You will not see all this here, I try to filter those for you and give you only the most important ones. For example if several websites are hacked, I will post only the one(s) that affected the most Internet users like i did with uTorrent. If some companies are hacked, I will post the one(s) with the highest reputation or the one that is specialized in security which is ironic

uTorrent website hacked

uTorrent website hacked and the attacker replaced the torrent client with a fake antivirus software. The fake software has the name “Security Shield” and prompts the victims that they have virus and then offers them to clean their pc after payment. The attack took place at September 13th 4:20 a.m. Pacific Daylight Time (UTC -7) and the users who have downloaded the file between 4:20 a.m. and 6:10 a.m. Pacific time, they have been infected

X-Nerd strikes again

Few days ago the Pakistani hacker ‘X-Nerd’ (x-nerd@live.com) hacked several domains and added a new file in their root called ‘x.php’. Few sites that are still having this file while I am writing this post are:

http://aeciecuador.org/x.php
http://clipartbackgrounds.net/x.php
http://ieducationaltoys.com/x.php
http://vectorpanic.net/x.php
and many more

This time X-Nerd hacked Panda Security Pakistan. A company that offers security has been hacked, this is not a good promotion for their products

Anonymous developed U.R.G.E.

Anonymous released a new tool to hijack trending topics on twitter. It is called Universal Rapid Gamma Emitter or simply U.R.G.E. It helps the user to post tweets on a trend without having to copy paste trending topic manually. Don’t be afraid to download it, it does not contain any malicious code and it is not an exploit. You can see download information and instructions in source

Windows AUTOPWN

Windows AUTOPWN or winAUTOPWN allows you to autohack targets with minimum interaction. It is an auto shell gaining tool created by quakerdoomer (Azim Poonawala). Even though some antivirus could detect it as a malicious software, it is not. It uses several exploits publicly available and it can be used to test the effectiveness of IDS/IPS

Registry Decoder

If you use windows then you should know that almost everything you do is recorded. Most of the information can be found on windows registry. It has a list with last accessed files, a list with the last programs run, all installed programs, USB activity, user accounts, last visited URLs, a list of the programs that run when the operating system starts and more. With Registry Decoder you can see all that information, it provides acquisition, analysis, and reporting of registry contents

BackBox Linux 2 – A must-have for security experts

BackBox Linux version 2 has been released. BackBock is based on Ubuntu and it is used (mostly) by security experts to perform penetration tests and security assessments. It is fast, easy and it has a desktop environment. There are tools for sniffing, spoofing, password cracking, vulnerability scanning, wireless analysis and more