CyberInsecure.com

Archive for the ‘Uncategorized’ Category

The notorious LulzSec hacking outfit has leaked over 26,000 email addresses and plain text passwords stolen from the database of an adult website Pron.com. After dumping the data online, the group encouraged people to try the login credentials on Facebook and tell the victims’ family members how they signed up for the adult site.

The reason? Just for fun. “Watch the hilarity. Tell us about it on twitter!” the hackers wrote in their announcement. Fortunately, word of the potential abuse quickly reached Facebook’s security team which forced password resets for all accounts corresponding to those email addresses.

This impressed LulzSec members, but also gave them new ideas for future attacks. “Props to Facebook security for locking all emails located on our list so fast. That’s the kind of security that earns a tip of our hat,” the hackers wrote.

“Hmm… so Facebook automatically locks every email on our list… exploitable. >:] Until next time, Facebook. Bwahahaha,” they later tweeted.

LulzSec pointed out that there were a number of .gov and .mil email addresses registered on the compromised site, as well as some 55 accounts belonging to admins of other adult portals.

Partial screenshot from the 26,000 emails and passwords txt file released online on LulzSec website:

The group didn’t stop with this leak. It also published the personal information (dox) of executive officers and other employees from vulnerability research company Endgame Systems and anti-DDoS solutions provider Prolexic Technologies.

The dox didn’t only include information about these individuals themselves, but also their spouses, children and other family members, and their respective social media accounts.

Endgame Systems is a company set up by former ISS and CIA executives with the purpose of selling offensive security solutions and zero-day vulnerability information. The HBGary Federal email leak from earlier this year revealed that the company and its management make significant efforts to keep a low profile.

Meanwhile, Prolexic Technologies has made a selling point from the DDoS attacks orchestrated by Anonymous. In 2010 the company helped firms considered by the hacktivist group as WikiLeaks enemies to protect themselves.

Credit: Softpedia.com News

Websense Security Labs reports a new spam campaign that uses the US presidential election as a social engineering mechanism to install information-stealing code on a victim’s machine. Emails are circulating with fake news of a sex scandal affecting one of the candidates. Recipients of the email are encouraged to view a video supposedly involving the Democratic candidate Barack Obama. Users who click the link are shown a pornographic video and while the video plays for 14 seconds, malicious applications are installed on the victim’s machine.

The email encourages users to download and run an infected .exe file. MD5 of the Trojan Dropper is 26B861DF715549C537C28E4D60D8D0B7. The dropper installs 809.exe in the user’s Temporary Internet Files folder. Also a Browser Helper Object (BHO) named Siemens32.dll is registered. This is an information-stealing application that currently posts data to a compromised Finnish travel site.

The attack loads spyware onto compromised PCs. Once harvested, stolen information from infected PCs is posted to a compromised web server in Finland, controlled by unidentified hackers.

Virus writers regularly make up news stories or offer illicit clips of celebrities in order to bait malware attacks. Users should never click links in emails received from unknown address and instead, just browse to favorite news website, like  CNN or Google News, for latest developments. Remember, if it looks like you have secret online friends who want you to see Obama’s sex videos first, it’ probably a virus.

A new online service allows conversion of websites into a downloadable pdf format file. This tool by html2pdf.co.uk can be a useful utility to anyone who wants to make a snapshot of a website that is being updated very often or just for later reading.

The usage is very simple. Website address must be supplied and after you click a button you receive a download confirmation for the pdf file containing that website. There is also an option to add a bookmarklet which can convert in one click any websites you`re visiting in your browser. It is also possible to copy the HTML code into a form and get it as a web page in pdf. An entire page will be saved into the pdf, even if the page is few pages long and needs scrolling.

This can be a great, free and very quick alternative to making regular screenshots from websites as images, although its not hard to imagine what will happen if someone makes a pdf copy of PayPal.com website, converts it back into HTML and uploads to some hacked web hosting.

Website URL: www.htm2pdf.co.uk

The CanSecWest conference announced on Tuesday the format for this year’s competition in which security pros can attempt to compromise a laptop computer’s operating system to win the laptop and potentially a cash reward. The first person to compromise one of the notebook computers gets to keep the system and can submit the vulnerability to the Zero-Day Initiative run by 3Com’s Tipping Point. The company pays for responsibly disclosed software flaws and could reward up to $25,000 for a vulnerability.

Dubbed the “PWN2OWN” competition, the contest will give security professionals the opportunity to hack one of three systems: up-to-date versions of Microsoft’s Windows Vista, Apple’s Mac OS X, and Ubuntu Linux. To win the contest, a person must run code on the laptop using a previously unknown vulnerability in the operating system or a major application, such as a Web browser, a plug-in browser program, an instant messaging client, or an e-mail reader.

Each participant can try to attack the systems using a crossover cable by creating an exclusive network connection or, under special circumstances, through a wireless network connection in a remote location. Each contestant will have a 30-minute slot to conduct the attack and can ask that contest officials go to a malicious Web server, read e-mail messages sent by the attacker, or add attackers to instant messaging buddy lists and read their messages. Last year, two security professionals, Shane Macaulay and Dino Dai Zovi, worked together to find a vulnerability and compromise one of the MacBooks. Macauley got the MacBook, Dai Zovi claimed the $10,000.

“These computers are real and fully patched,” Dragos Ruiu, the organizer of CanSecWest, said in an e-mail announcing the contest. “All third party software is widely used. There are no imitation vulnerabilities. Any exploit successfully used in this contest would also compromise a significant percentage of Internet connected hosts.”

The notebook computers being used in the competition include a Sony VAIO VGN-TZ37CN running Ubuntu 7.10 “Gutsy Gibbon,” a Fujitsu U810 running Windows Vista Ultimate Service Pack 1, and an Apple MacBook Air running Mac OS X 10.5.2.
The conference is supposed to take place during March 26-27 in Vancouver.