Wednesday 13 February 2013

Burkina Faso Government under cyber attack, 50+ govt sites hacked by Teamr00t


The well-known hacker group Team root today come with interesting hack , they have hacked into the several Government websites of Burkina Faso which is a landlocked country in west Africa. Sounds like Teamr00t has lot of interested to hack the Government websites than other websites.

"Teamr00t Has Arrived!!! We are the voice for the suppressed people of the world, and we will show you the truth!"

The hacked Government sites includes Ministry of Defense, Ministry of Justice,Economic and Social Council,Ministry of Health, Ministry of Economy and Finance,High Council of Communication and more Top government sites hacked.
Hackers has posted their usual message to the Government "To the governments of the world,it is time you listened and acted upon what would benefit and help the people of your countries! It is now time for you to start listening to the voices of your nation and deal with the problems that are occurring every single day."

"Your people have the right to have their voices heard and you the government must listen to your nation. You cannot arrest, torture and lock up citizens, if you do not agree with their views, but must listen and act upon them. Everyone has the right to freedom of speech and your people must be allowed this freedom. Stop, listen and take action that will help benefit your nation!"

Sierra Leone Police website Hacked by Brazilian Cyber Army

The hacker group known as Brazilian Cyber army has claimed to have hacked the official website of Sierra Leone Police(police.gov.sl).

The hackers breached the site and compromised the data from the server.  The data has been posted in their official page( braziliancyberarmy.com.br/Sierra_Lione_Police_Department_hacked).

The leak contains admin username and password.  Nothing surprise about the password, as usual, the admins using weak password "Admin123!". They also provided the link to admin panel.

 The hacker also claimed to have break into the Security Defence Of Arabia . They have leaked the admin data and vulnerable link .
 

Multiple XSS and JSP Source code disclosure vulnerability in CNN

An Information Security researcher has discovered multiple Cross Site scripting vulnerability that affects one of the Top News channel website, CNN. Few days back, The vulnerability was reported by  Quister Tow. The vulnerabilities resides in three different sub domain of CNN: searchapp.cnn.com, audience.cnn.com,dynamic.si.cnn.com.  While verifying the XSS vulnerabilities, another critical security flaw in the website that expose the source code.
The Vulnerability has been reported to CNN but there is has been no response since the day it was published by the researcher.




Symptoms that you have been hacked

Your computer starts to run a little weird. You notice the drive light blinking when you aren’t doing anything and the system seems a little slow. In the middle of writing an important document for work your system suddenly reboots for no reason. At first you may shrug it off, then you notice some weird program in your Startup group. There is a good chance your system has been hacked.
Below is a listing of programs that may indicate a hacker has been on the computer.
  • Backdoors and Trojans are by far the most common programs to be installed on the computer after it has been hacked. These programs allow the hacker to gain access to the computer.
  • IRC clients are another common way for a hacker to get into a computer or remotely control thousands of computers. If you have never participated in a IRC chat, your computer may have been hacked.
  • Spyware, rogue antivirus programs, and malware can be an indication of a hacker. However, are more commonly a sign that your computer has been hijacked while on the Internet.
  • Unfortunately, if you did not prepare in advance for such an incident you probably are finding out much later than you should have and you have next to nothing to go on in trying to determine what occurred- how did the intruder get in? When did they intruder get in? What changes have been made to the system?
  • When you first realize you may have been hacked you need to decide your course of action. Your initial reaction may be to disconnect your computer from the Internet or shut it down entirely to break the connection with the hacker. Depending on the situation this may be the way to go. However, you may find many more clues and gather more evidence by performing certain actions while the system is still live.
  • Why is my Internet connection so slow?
  • Unknown programs wanting access
  • Computer security programs and firewalls help restrict access to programs on a network or Internet. If the computer prompts for access to programs you do not know, rogue programs may be installed, or it may have been hacked. If you do not know why a program needs access to the Internet, we recommend blocking access to that program. If you later discover these blocks cause problems, they can be removed.
  • Security programs uninstalled, if the computers antivirus, anti-malware program, or firewall that has been uninstalled or disabled this can also be an indication of a hacked computer. A hacker may disable these programs to help hide any warnings that would appear while they are on the computer.
  • Computer doing things by itself , when someone is remotely connected to a computer they can remotely control any device. For example, a mouse cursor could be moved or something could be typed. If you see the computer doing something as if someone else was in control, this can be an indication of a hacked computer.
If the system in question contains sensitive or classified material that you feel might be in jeopardy or if you believe your computer might be infected with a virus or worm that is actively propagating (sending itself out) from your computer you probably need to go ahead and disconnect from the Internet at the very least.
Computer passwords have changed
  • Online passwords Sometimes, after an online account is hacked the attacker changes the password to your account. Try using the forgot password feature to reset the password. If your e-mail address has changed or this feature does not work, contact the company who is providing the service, they are the only ones who can reset your account.
  • Local computer password If your password to log into your computer has changed, it may have been hacked. There is no reason why a password would change on its own. Log into an administrator account to change your accounts password.
  • Lost or forgotten Windows password.
  • E-mail spam being sent When an e-mail account is hacked or taken over, the attacker almost always uses that account to spread spam and viruses. If your friends, family, or coworkers are receiving e-mail from you advertising something like Viagra your e-mail is compromised. Log into your e-mail and change your e-mail account password.
Tip: E-mail addresses can also be spoofed without hacking the e-mail account. After changing the e-mail password, if your friends continue to get e-mails you have not sent, it is likely someone is spoofing your e-mail address.
Increased network activity
For any attacker to take control of a computer, they must remotely connect to that computer. When someone is remotely connected to your computer, your Internet connection will be slower. Also, many times after the computer is hacked it becomes a zombie to attack other computers.
There are six essential phases that make up incident response:
Prepare to detect and respond to incidents
Detect incident
Gather clues and evidence
Clean system and patch vulnerabilities
Recover lost data or files
Take lessons from incident and apply them to secure for future

Tips to maintain a virus free PC


Email is one of the common ways by which your computer can catch a virus. So it is always recommended to stay away from SPAM. Open only those emails that has it’s origin from a trusted source such as those which comes from your contact list. If you are using your own private email host (other than Gmail, yahoo, hotmail etc.) then it is highly recommended that you use good anti-spam software.
  • And finally NEVER click on any links in the emails that comes from untrusted sources.
  • Never open any email attachments that come from untrusted sources. If it is a picture, text or sound file (these attachments end in the extensions .txt, .jpeg, .gif, .bmp, .tif, .mp3, .htm, .html, and .avi), you are probably safe, but still do a scan before opening.
  • As we all know, Internet is the main source of all the malicious programs including viruses, worms, Trojans etc. In fact Internet contributes to virus infection by up to 80%. So here are the tips for safe surfing habits so that you can wardoff virus infection up to the maximum extent.
  • Don’t click on pop-up windows that announce a sudden disaster in your city or announce that you’ve won an hourly prize. They are the ways to mislead Internet users and you should never trust them.
  • You can also use a pop-up blocker to automatically block those pop-ups.
  • USB thumb/pen drives are another common way by which viruses spread rapidly. So it is always a good habit to perform a virus scan before copying any data onto your computer. NEVER double-click the pen drive to open it. Instead right-click on it and select the option "open”. This is a safe way to open a pen drive.
  • Most of us use search engines like Google to find what we are looking for. It is quite obvious for a malicious website to get listed in the search results. So to avoid visiting those untrusted malicious websites, you can download and install the AVG Link Scanner which is a freeware. This tool can become very handy and will help you to stay away from malicious websites.
  • Install a good Antispyware program that operates against Internet malware and spy ware. Install good antivirus software and keep it updated. Also perform full system scan periodically.
  • It is highly recommended that you turn on the automatic update feature. This is the most essential task to protect your PC from viruses. If PC security is your first option then it is recommended that you go for shareware antivirus software over the free ones. Most of the antivirus supports the Auto-Protect feature that provides real-time security for your PC. Make sure that this feature is turned on.
  • Do not use disks that other people gave you, even from work. The disk could be infected with a virus. Of course, you can run a virus scan on it first to check it out.
  • Set up your Windows Update to automatically download patches and upgrades. This will allow your computer to automatically download any updates to both the operating system and Internet Explorer. These updates fix security holes in both pieces of software.
  • While you download files from untrusted websites/sources such as torrents, warez etc. make sure that you run a virus scan before executing them.
  • And finally it is recommended not to visit the websites that feature illegal/unwanted stuffs such as cracks, serials,warez etc. since they contribute much in spreading of viruses and other malicious programs.