The document reports on several cybersecurity incidents:
- A Pakistani hacker defaced several Indian government websites in Goa.
- Edward Snowden confirmed that the US and Israel co-developed the Stuxnet malware.
- Anonymous hackers leaked documents from Spain's governing People's Party website.
- A security report found mobile malware increased 614% over the past year.
Warrantless governmental surveillance through the use of emerging technology ...Vania_Chaker
Abstract: Warrantless Governmental Surveillance through the Use of Emerging Technology Has Become a Mainstay of Governmental Investigation
The United States government enjoys awesome technological capabilities. It can facilely monitor electronic communications and surreptitiously retrieve stored information on private computer systems through the use of emerging technology. Indeed, technology that was once the stuff of science fiction is now routinely used in real life to monitor the activities of citizens, corporations, even foreign nationals in foreign nations.
This blog post raises the question as to whether such powerful governmental capabilities have been tempered by the countervailing protective judicial or legislative safeguards necessary to offset the greatly increased potential for improper government intrusiveness. The word count is 449 words (1,396 words including footnotes).
This is the presentation from Null/OWASP/g4h Bangalore December MeetUp by Vandana Verma.
technology.inmobi.com/events/null-owasp-g4h-december-meetup
Outline:
Security news from November and December 2014.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Warrantless governmental surveillance through the use of emerging technology ...Vania_Chaker
Abstract: Warrantless Governmental Surveillance through the Use of Emerging Technology Has Become a Mainstay of Governmental Investigation
The United States government enjoys awesome technological capabilities. It can facilely monitor electronic communications and surreptitiously retrieve stored information on private computer systems through the use of emerging technology. Indeed, technology that was once the stuff of science fiction is now routinely used in real life to monitor the activities of citizens, corporations, even foreign nationals in foreign nations.
This blog post raises the question as to whether such powerful governmental capabilities have been tempered by the countervailing protective judicial or legislative safeguards necessary to offset the greatly increased potential for improper government intrusiveness. The word count is 449 words (1,396 words including footnotes).
This is the presentation from Null/OWASP/g4h Bangalore December MeetUp by Vandana Verma.
technology.inmobi.com/events/null-owasp-g4h-december-meetup
Outline:
Security news from November and December 2014.
If last year’s presentation on the SANS 20 felt like more of a rant than a practical application of elite IT knowledge, Ian Trump’s technical track presentation is going to unleash GFI MAX as a security dashboard like nothing you have seen.
The Octopi team has leveraged network scanning and event log checks, and Ian takes the GFI MAX dashboard to a whole new level. MSP’s can take his code and research and immediately apply it to their practices to secure their customers from cyber threats. Dehydrated from the summer information security conferences, Ian will give you the threat intel you need to be on the lookout for in the months ahead.
Besides all the GFI MAX goodness, being part of a live demo to find APT, and seeing Ian link Human Rights, Market Research, Ice, Law, Iggy Azalea, War Ferrets, Christian Studies, Event Auditing, Security Tools, Taylor Swift and How we can all fix the cyber problem into one epic presentation – well, you don’t want to miss this.
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
This research includes detailed attack timeline, discovers what kind of vulnerability was exploited and provides the recommendations how to avoid data breaches in SAP systems.
LAST ISSUE -CYBER ESPIONAGEBusinesses and government agencies in.docxsmile790243
LAST ISSUE -CYBER ESPIONAGE
Businesses and government agencies in many countries experienced a spike in targeted attacks originating outside their borders, many from China. Analysis of the attacks leads security experts to believe that many governments are involved in cyber espionage. Cyber espionage is the use of the Internet to spy on other governments. Not only is the Internet being leveraged for international espionage, but it is also being used for economic espionage. Economic espionage refers to the use of the Internet by nation-states to steal corporate information in an effort to gain economic advantages in multinational deals.
One report describes how Chinese hackers infected the Rolls Royce corporate network with a Trojan horse that sent secret corporate information from the network to a remote server. Shell Oil Company discovered a Chinese cyber spy ring in Houston, Texas, working to steal confidential pricing information from servers at its operation in Africa.
Although it would be easy to jump to the conclusion that the Chinese government is behind all of these attacks, experts are quick to point out that it is difficult to pinpoint the origin of an attack. The Internet makes it possible for hackers to launch attacks from any server in the world. If an attack originates in China and is engineered by a Chinese citizen, it still cannot be determined if that person is working for the government. The Chinese government vehemently denies any part in cyber espionage. Still, most governments hold the Chinese government accountable for not cracking down on hackers if not actually sponsoring them. It is estimated that 30 percent of malicious software is created in China. The next largest distributor of malware is Russia and Eastern Europe.
A report developed by security firm McAfee states that “120 countries are developing ways to use the Internet as a weapon to target financial markets, government computer systems, and utilities.” A number of experts are calling this the “cyber cold war.”
The Internet of Things may become the Internet of Threats!
Questions:
1. Find a recent article concerning Hacking or Cyber espionage. Recap the article. Then create your own question and answer from the content.
2. Why are countries and businesses concerned about cyber espionage that originates in China and Russia?
3. What are the dangers if the cyber cold war turns into an actual cyber war?
...
Chinese attack on USIS exploiting SAP vulnerability. Detailed review and comm...ERPScan
This research includes detailed attack timeline, discovers what kind of vulnerability was exploited and provides the recommendations how to avoid data breaches in SAP systems.
LAST ISSUE -CYBER ESPIONAGEBusinesses and government agencies in.docxsmile790243
LAST ISSUE -CYBER ESPIONAGE
Businesses and government agencies in many countries experienced a spike in targeted attacks originating outside their borders, many from China. Analysis of the attacks leads security experts to believe that many governments are involved in cyber espionage. Cyber espionage is the use of the Internet to spy on other governments. Not only is the Internet being leveraged for international espionage, but it is also being used for economic espionage. Economic espionage refers to the use of the Internet by nation-states to steal corporate information in an effort to gain economic advantages in multinational deals.
One report describes how Chinese hackers infected the Rolls Royce corporate network with a Trojan horse that sent secret corporate information from the network to a remote server. Shell Oil Company discovered a Chinese cyber spy ring in Houston, Texas, working to steal confidential pricing information from servers at its operation in Africa.
Although it would be easy to jump to the conclusion that the Chinese government is behind all of these attacks, experts are quick to point out that it is difficult to pinpoint the origin of an attack. The Internet makes it possible for hackers to launch attacks from any server in the world. If an attack originates in China and is engineered by a Chinese citizen, it still cannot be determined if that person is working for the government. The Chinese government vehemently denies any part in cyber espionage. Still, most governments hold the Chinese government accountable for not cracking down on hackers if not actually sponsoring them. It is estimated that 30 percent of malicious software is created in China. The next largest distributor of malware is Russia and Eastern Europe.
A report developed by security firm McAfee states that “120 countries are developing ways to use the Internet as a weapon to target financial markets, government computer systems, and utilities.” A number of experts are calling this the “cyber cold war.”
The Internet of Things may become the Internet of Threats!
Questions:
1. Find a recent article concerning Hacking or Cyber espionage. Recap the article. Then create your own question and answer from the content.
2. Why are countries and businesses concerned about cyber espionage that originates in China and Russia?
3. What are the dangers if the cyber cold war turns into an actual cyber war?
...
Website Penetration Testing for small, medium & enterprise customers.
Website: websitepentest.com
Website Penetration Testing,
Website Security Assessment
Website security is very important to protect your business, brand, and reputation and also prevent financial loss and shutting down of your business website. With the development of more sophisticated cyber threats, website security is gaining more importance as website owners are now keen on protecting their websites and visitors from dangerous cyber threats. As we all know, cybercrime is indeed a huge business and cybercriminals are always on the lookout for weaknesses in your website.
Perform a search on the Web for articles and stories about social en.pdffasttrackcomputersol
Perform a search on the Web for articles and stories about social engineering attacks or reverse
social engineering attacks. Find an attack that was successful and describe how it could have
been prevented.
Solution
Answer:
As per Computer Weekly, social engineering attacks were the most well-known hacking strategy
utilized as a part of 2015. What\'s more, there\'s no indication of it backing off; in 2016 60
percent of undertakings were casualties of a social engineering attack or something to that affect.
Furthermore, as per EMC, phishing attacks—the least demanding and most normal sort of social
engineering attacks—brought about almost $6 billion in misfortunes in 2013 alone, spread out
finished around 450,000 separate bargains.
Some hurt more regrettable than others, however all brought about a sufficiently genuine shake
up for security directors to recalibrate their regard for the vector, investigate their conventions,
and make teaching staff a best need.
Here\'s our pick for five of the greatest social engineering attacks ever.
5. 2011 RSA SecurID Phishing Attack
Security firms ought to be the most secure targets with regards to a data framework attack, yet
they are likewise delicious focuses on that draw more than what\'s coming to them of endeavors.
In 2011, one of these attacks bit encryption mammoth RSA and prevailing with regards to mesh
hackers profitable data about the organization\'s SecurID two-factor validation coxcombs.
In spite of the fact that RSA at first denied that the data could enable hackers to trade off
anybody utilizing SecurID, protection temporary worker Lockheed Martin soon recognized
hackers endeavoring to rupture their system utilizing stolen SecurID information. RSA retreated
rapidly and consented to supplant a large portion of the disseminated security tokens.
This inconvenience came down to four workers at RSA parent organization EMC. Attackers sent
them email with a satirize deliver implying to be at a vocation enrollment site, with an Excel
connection titled 2011 Recruitment Plan. It wasn\'t clear why the representatives would think
about a spreadsheet from an outsider site, however they opened it—and a zero-day Flash
adventure covered in the spreadsheet introduced indirect access to their work machines that soon
exposed the keys to the kingdom.
4. 2015 Ubiquiti Networks Scam
Not all hackers are searching for touchy data; here and there they simply need chilly, hard
money.
In 2015, Ubiquiti, a particular producer of wifi hardware and software situated in San Jose,
discovered this out the most difficult way possible when their fund division was focused in an
extortion conspire rotating around worker pantomime.
The organization never uncovered precisely how the attack was organized, yet said that the
bookkeeping office got email indicating to be from the organization\'s Hong Kong auxiliary.
Regularly, such emails contain guidelines with respect to changes in installment account points
of interest or new selle.
Chinese Cyber attack on mumbai power plantRohanMistry15
Chinese Cyber Exploitation in India’s Power Grid. On Feb. 28, 2021 The New York Times (NYT), based on analysis by a U.S. based private intelligence firm Recorded Future, reported that a Chinese entity penetrated India’s power grid at multiple load dispatch points. Chinese malware intruded into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant.
Case Study - Cyberterrorism—A New RealityWhen hackers claiming .docxcowinhelen
Case Study - Cyberterrorism—A New Reality:
When hackers claiming to support the Syrian regime of Bashar Al-Assad attacked and disabled the website of Al Jazeera, the Qatar-based satellite news channel, in September 2012, the act was another act of hacktivism, purporting to promote a specific political agenda over another. Hacktivism has become a very visible form of expressing dissent. Even though there have been numerous incidents reported by the media, the first case of hacktivism was documented in 1989 when a member of the Cult of the Dead Cow hacker collective named Omega coined the term in 1996. However, hacktivism is not the only form of cyber protest and conflict that has everyone from ICT professionals to governments scrambling for solutions. Individuals, enterprises, and governments alike rely in many instances almost completely on network computing technologies, including cloud computing. The international and ever-evolving nature of the Internet along with inadequate law enforcement and the anonymity the global architecture offers creates opportunities for hackers to attack vulnerable nodes for personal, financial, or political gain.
The Internet is also rapidly becoming the political and advocacy platform of choice, bringing with it both positive and negative consequences. Increasingly sophisticated off-the-shelf technologies and easy access to the Internet are significantly increasing incidents of cyberterrorism, netwars, and cyberwarfare. The following are a few examples.
• According to The Israel Electric Company, Israel is attacked 1,000 times a minute by cyberterrorists targeting the country’s infrastructure—water, electricity, communications, and other services.• The New York Times, quoting military officials, said there was a seventeen-fold increase in cyberattacks targeting the US critical infrastructure between 2009 and 2011.• The 2010 Data Breach Investigations Report has data recording more than 900 instances of computer hacking and other data breaches in the past seven years, resulting in some 900 million compromised records. In 2012, the same study listed 855 breaches, resulting in 174 million compromised records in 2011 alone, up from 4 million in 2010.• Another study of 49 breaches in 2011 reported that the average organizational cost of a data breach (including detection, internal response, notification, post notification cost) was $5.5 million. This number was down from $7.2 million in 2010.14 The Telegraph (London) reported that “India blamed a new ‘cyber-jihad’ by Pakistani militant groups for the exodus of thousands of people from India’s north-eastern minorities from its main southern cities in August after text messages warning them to flee went viral.”
There have been recorded instances of nations allegedly engaging in cyberwarfare. The Center for the Study of Technology and Society has identified five methods by which cyberwarfare can be used as a means of military action. These include defacing or di.
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
Cyber terrorists are sophisticated, organized and disruptive to your business. How prepared are you? Explore the landscape of malicious actors most likely to strike your business and what you can do about it.
Professional Practices PPT Slide on Chapter 5: Crimefrazaslam10
This is a ppt file for the subject "Professional Practices", in which this covers the chapter about crime. This includes hacking, identity theft and fraud, scams and forgery, and laws that rule the web. It shows the different phases of such crimes throughout the history of Internet. It also shows how the practices were starting to form to stop these unlawful activities.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
2. 15 Goa Government Websites hacked
by Pakistani Hacker "H4x0r HuSsY”
A Hacker with Handle "H4x0r HuSsY" from
Pakistan has managed to take control of few
Indian Government websites and has
defaced them. All of the hacked websites
are belong to Goa State
The affected websites includes NRI Commission of
Goa(nri.goa.gov.in), Directorate of Agriculture
(www.agri.goa.gov.in), Directorate of Art and Culture
(artandculture.goa.gov.in/uploads/index.html), Department of
Information and Publicity
(artandculture.goa.gov.in/uploads/index.html) ,Directorate of
Fire & Emergency Service (goadfes.gov.in/media/index.php),
Goa Dental College (gdch.goa.gov.in), Government Printing
Press & Stationery (goaprintingpress.gov.in).
3. City of Mobile Police Hacked &
Data Leaked by Turkish Ajan
While it's been widely speculated that
the notorious computer worm Stuxnet
was the result of partnership between
US and Israel, the famous NSA
Whistleblower "Edward Snowden" has
confirmed it. Stuxnet was a highly-
complex malware discovered in 2010,
used as cyber weapon against the
Iran's nuclear program..
Snowden answered a few interesting questions in an Interview had
with Germany's Der Spiegel Magazine.When Interviewer asked
about the NSA involvement in Stuxnet, Snowden confirmed that
saying "NSA and Israel co-wrote it“.When asked about German
authorities involvement in NSA surveillance system, Snowden
confirmed that saying "Yes, of course. We're 1 in bed together with
the Germans the same as with most other Western countries.".
4. Anonymous Hackers Breach Systems of
Spain’s People’s Party, Leak Documents
Anonymous hackers have defaced the
official website of Spain’s People’s
Party (Partido Popular), the country’s
governing party. In addition
to defacing the website – which has
been restored –, the hacktivists have
also leaked 5 gigabytes of documents
that allegedly represent the party’s
financial accounts from 1990 to 2011.
Darknet.in reports that the party refused to release the documents after a
judge overseeing a political corruption scandal asked to see them. The
information has been posted on torrent sites, blogs and other websites so
that citizens can analyze it. According to a video statement published by
the hackers a couple of days ago, the documents show that the People’s
Party has used public money to buy expensive cars, a pony and other
items.The hacktivists are displeased with the fact that the party keeps
talking about austerity and cuts while it “robs” the people.
5. Mobile malware grows by 614 %
Mobile malware creators and
smartphone makers seem to be in a
neck-and-neck software race, but new
data shows that the malware creators
could be taking the lead.
Juniper Networks released its third annual Mobile Threat Report on
Tuesday and the findings aren't pretty. Mobile malware grew at a
rate of 614 percent from March 2012 to March 2013 -- that's equal to
276,259 malicious apps floating around out there. Last year, the
increase was amere 155 percent.
The report is based on an analysis of more than 1.85 million mobile
apps and vulnerabilities across major mobile operating systems.
in last year
6. WellPoint takes $1.7 million hit
over HIPAA slip
WellPoint, a managed health care giant,
agreed to pay $1.7 million to the U.S.
Department of Health and Human Services
for violating HIPAA regulations. HIPAA, the
Health Insurance Portability and
Accountability Act of 1996, is a set of rules to
maintain patient privacy.
These fines may also pick up given that HIPAA liability will extend to
business partners that receive and store health information. HIPAA will
extend to contractors and subcontractors on Sept. 23.
According to the HHS, WellPoint left patient health data accessible to
unauthorized users over the Internet. The HHS began its WellPoint
investigation following a data breach report.
7. Kremlin finds way to avoid
leaks:Typewriters
Dust off your Olivetti.
It might be the future. The future of national
security, at least.
This quaint thought comes to mind as the result
of news emerging from the inner bowels of the
Kremlin.
So the Kremlin has started ordering typewriters. Lots
of them. Indeed, the Telegraph, relying on sources
at Russia's Federal Guard Service, says that about
$15,000 is being spent to purchase new electronic
typewriters.
8. Cyberattack on South Korea was part
of 4-year spying campaign
"Our analysis of this attack -- known first as Dark Seoul and now as
Operation Troy -- has revealed that in addition to the data losses of
the MBR wiping, the incident was more than cybervandalism,"
McAfee's report reads. "The attacks on South Korean targets were
actually the conclusion of a covert espionage campaign."
South Korea has been under a concerted
cyberattack for the last four years, according to
a comprehensive new report (PDF) released
Monday by security firm McAfee. That means
the hack that crippled three TV broadcasters
and two banks in March was possibly just the tip
of the iceberg.What has been the goal of these
hackers? To steal South Korean government
and military secrets, according to McAfee.
9. Secunia and VLC get into
Fight overVulnerability report
Secunia and VLC Team got into a hot argument
after Secunia set the patch status of their VLC
vulnerability report to "UnPatched". At the end of
last year, Secunia team reported a vulnerability
(SA51464) in VLC version 2.x.The root cause of the
vulnerability lies in the underlying FFmpeg library,
which VLC statically links to. It was reported that the
vulnerability was caused due to a buffer overflow
issue when parsing SWF files, which was incorrect.
When the VLC team came to know about the issue they tried to
fix it but they missed the root cause and didnot solve the core
problem. They released the next VLC version and claimed it to
be safe but this was not the case as said by Secunia team. The
VLC team kept on releasing the version from 2.0.5 to 2.0.7 and
claimed that the vulnerability was fixed -
10. Pakistani Google,Yahoo, Apple,
Microsoft hacked by Turkish Hacker
group Eboz A Turkish hacker group called Eboz has hacked
and defaced Pakistani high profile websites
which includes Search Engine giant Google,
Yahoo, Microsoft and Apple, Visa, HSBC, Coca
Cola, Blogspot, Sony, HP, eBay and PayPal .
The hackers has defaced Google.pk,
Google.com.pk, Yahoo.pk, Apple.pk,
Microsoft.pk and 279 other sites in Pakistan
It seems like hackers compromised the Pakistan's TLD operator PKNIC
which administers and registers all .pk domains. Hackers modified the
DNS servers records such that it points to some other server, points to
two nameservers, dns1.freehostia.com and dns2.freehostia.com
11. Convicted Hacker Says He
Committed Credit Card Heist for
U.S. Government
The hacker who orchestrated the biggest computer crime
operation in U.S. history is alleging that the American
government authorized him to do so. Last year, 29-year-old
Albert Gonzalez pleaded guilty to hacking into computer
systems at TJX, Office Max, Dave & Busters, Heartland
Payment Systems and other companies, in order to steal
some 130 million credit card numbers. He received a 20-year
prison sentence, which he's currently serving at a low-security
facility in Michigan.
"I still believe that I was acting on behalf of the United States
Secret Service and that I was authorized and directed to
engage in the conduct I committed as part of my
assignment to gather intelligence and seek out international
cyber criminals," Gonzalez wrote. "I now know and
understand that I have been used as a scapegoat to cover
someone's mistakes."
12. ITV News Twitter account hacked
by Syrian Electronic Army
British broadcaster ITV on Friday
became the latest media outlet to
have one of its Twitter feeds hacked by
anonymous supporters of Syria's
President Bashar al-Assad, just days
after Twitter beefed up security to
prevent such attacks.
ITV's London news Twitter account @itvlondon was hijacked on Friday
afternoon and used to promote spoof stories about Syrian rebels,
before the hackers tweeted "Just kidding. The Syrian Electronic Army
was here. #SEA via @Official_SEA12."
the security breach was triggered by a phishing email.
13. Netherlands Domain Registrar
SIDN websites hacked via SQL
Injection
Unknown hackers have penetrated into the Netherlands Top
domains registrar(.nl) SIDN and placed malicious files in a number of
SIDN sites.
According to official statement, hackers have managed to breach
the site by Exploiting a SQL Injection vulnerability in 25jaarvan.nl. To
prevent further attack the organization shut down the web
application and temporarily suspended the zone file publication. "As
a result of our precautionary action, some areas of the website that
registrars use to download registrar ship-related data have been
unavailable since Tuesday". In an email to registrars, SIDN reports the
login credentials of Registrars' site have also been compromised in
the Security breach.