| 

Scarlett Johansson leaked nude photos cost $66,000 for the hacker

  • Post author: Omid Farhang
  • Post published: June 29, 2012
  • Reading Time: 3 min
  • Word Count: 515 words

Copied from LA-Times: A man who hacked the email accounts of celebrities should pay movie star Scarlett Johansson $66,179.46 in compensation, federal prosecutors said. The hacker also should serve 71 months in prison and pay a total of $150,000 in compensation to all his victims, prosecutors said in court papers filed this week. Christopher Chaney, 35, of Jacksonville, Fla., who pleaded guilty in Los Angeles federal court to nine counts of computer hacking, for two years hacked almost daily into email accounts of 50 people in the entertainment industry. ...

Continue Reading Scarlett Johansson leaked nude photos cost $66,000 for the hacker

1.5 Million Records Compromised In Global Payments Breach

  • Post author: Omid Farhang
  • Post published: June 14, 2012
  • Reading Time: 2 min
  • Word Count: 243 words

v3.co.uk: Card processing firm Global Payments has provided more detail on the attack on its computer systems earlier this year, warning that the attackers may have had access to unspecified personal data. Global Payments confirmed the attackers had access to details of 1.5 million cards, but it said the attack had now been contained. Global Payments also revealed the attacks had gained access to servers containing personal information “from a subset of US merchant applications”. While it could not ascertain whether the data had been copied, it would be notifying affected customers in the coming days. ...

Continue Reading 1.5 Million Records Compromised In Global Payments Breach

Password leaks bigger than first thought

  • Post author: Omid Farhang
  • Post published: June 9, 2012
  • Reading Time: 3 min
  • Word Count: 433 words

The H-Online: There have still been no official statements on the causes and extent of the recent password leaks at LinkedIn, eHarmony and Last.fm. A credible source is now reporting that the published 2.5 million Last.fm MD5 hashes, for example, are just the tip of a 17 million hash iceberg. That iceberg has reportedly been circulating since summer 2011.16.4 million of these – 95 per cent – have, the source claims, already been cracked, a claim which, for unsalted hashes, is entirely credible. ...

Continue Reading Password leaks bigger than first thought

Millions of Last.fm passwords leaked

  • Post author: Omid Farhang
  • Post published: June 9, 2012
  • Reading Time: 1 min
  • Word Count: 212 words

The H-Online: A list with several million passwords belonging to users of the music community site Last.fm has been posted on the internet. The site owners have posted a statement saying that the company is investigating the leak and that all users of the service should change their passwords immediately. This is the third major compromise of a popular web site’s passwords in as many days. The H’s associates at heise Security are in possession of a list containing approximately 2.5 million password hashes. Like the recently leaked data from eHarmony, these are unsalted MD5 hashes that are trivial to crack in today’s world of fast CPU and GPU hardware and specialised techniques such as using rainbow tables. At least one million of these hashes have already been cracked and the clear text passwords have also been posted on the internet. The hashes that were leaked from LinkedIn were generated using the SHA-1 algorithm. ...

Continue Reading Millions of Last.fm passwords leaked

LinkedIn passwords in circulation

  • Post author: Omid Farhang
  • Post published: June 6, 2012
  • Reading Time: 2 min
  • Word Count: 303 words

H-Online: Internet forums are currently circulating a list containing over six million password hashes which allegedly originate from LinkedIn. The passwords are being cracked collaboratively with about 300,000 passwords already published as plaintext. The list contains pure SHA1 hashes with no name or email addresses. If decrypted, the passwords will not easily give access to an appropriate account. However, it is probable that the person who captured the hashes also has the corresponding email addresses. In an initial sampling, The H‘s associates at heise Security didn’t find any known LinkedIn passwords in the list, but with over 160 million members that doesn’t mean a lot. The already cracked passwords often contain “linked” or even “linkedin” in the form, for example, of “lawrencelinkedin”. This suggests that the passwords actually come from the LinkedIn social network. However, this has not yet been confirmed. ...

Continue Reading LinkedIn passwords in circulation

Google's reCAPTCHA briefly cracked

  • Post author: Omid Farhang
  • Post published: May 30, 2012
  • Reading Time: 2 min
  • Word Count: 281 words

H-Online: Hackers developed a script which was able to crack Google’s reCAPTCHA system with a success rate of better than 99 per cent. They presented the results of their research at the LayerOne security conference in Los Angeles last weekend; however, their demonstration was somewhat frustrated as, just an hour before the presentation, Google made improvements to its CAPTCHA system. Of the various CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) systems, Google’s reCAPTCHA is considered to be one of the most reliable for differentiating man from machine. By requiring users to enter visually distorted alphanumeric sequences, web service providers can, for example, ensure that their registration forms are not flooded by spam bots. Rather than trying to analyze these distorted characters, the script, code-named “Stiltwalker”, analyzed the audio version of the CAPTCHAs, which Google provides for individuals who are visually impaired. ...

Continue Reading Google's reCAPTCHA briefly cracked

Fake BBC Website Serves Exploits and Work From Home Offers

  • Post author: Omid Farhang
  • Post published: May 21, 2012
  • Reading Time: 3 min
  • Word Count: 436 words

GFI Wrote: In September, our friends at Sophos wrote about a fake BBC website offering up the “chance” to work from home for predictably large sums of money. No more than a day later, we were covering fake BBC video posts targeting Facebook users. Today we’re looking at a fake BBC URL which drops the end-user onto a “work from home and earn $10,000+ a month” fake news site, but not before it’s attempted to load up the PC with malware via a rather nasty collection of exploits. The URL in question is bbcmoneynews(dot)com: ...

Continue Reading Fake BBC Website Serves Exploits and Work From Home Offers

Call of Duty hacker jailed after meatspace burglary

  • Post author: Omid Farhang
  • Post published: May 19, 2012
  • Reading Time: 2 min
  • Word Count: 328 words

theregister.co.uk wrote: A Brit who distributed a Trojan horse that posed as a patch for popular shoot-em-up game_Call of Duty_ has been jailed for 18 months. Lewys Martin, 20, of Deal in Kent, used the malware to harvest bank login credentials, credit card details and internet passwords from the compromised Windows PCs of his victims. Martin then apparently laundered the credentials via underground cybercrime forums, earning $5 or less for every credential, directing proceeds of his criminal activity towards an offshore account in Costa Rica, funds which remain beyond the reach of UK police. ...

Continue Reading Call of Duty hacker jailed after meatspace burglary

Fake Google Iranian domain defaced by Algerian Script Kiddies

  • Post author: Omid Farhang
  • Post published: May 3, 2012
  • Reading Time: 1 min
  • Word Count: 213 words

TheHackerNews: Google got Pwned ? NO Few Algerian Script Kiddies try to spread fake rumors that they Hack and Deface the Giant Search engine “Google Iranian” domain http://www.google.co.ir/ . As the screenshot shown a Algerian flag on it and Page Titles : **“**H4Ck3D By vaga-hacker dz and DR.KIM”. As mentioned by hacker, the team include hackers named : “V4Ga-Dz,Dz0ne,DR-KIM King-Dz,BroX0 aghilass elite jrojan password kha&mix wasim -dz” . It is not confirmed that, either these are member from some Anonymous Hackers but they try to use Anonymous Hackers Tag line : We Dont Forget , We Dont Forgive, Expect Us! to get some publicity. ...

Continue Reading Fake Google Iranian domain defaced by Algerian Script Kiddies

Hotmail hacked for $20

  • Post author: Omid Farhang
  • Post published: April 27, 2012
  • Reading Time: 1 min
  • Word Count: 210 words

The H-Online: The whitec0de.com blog reports that, for $20, a member of a hacker forum offered to crack any Hotmail account within a minute – and that he kept his word. Apparently, the hacker found out about a critical vulnerability in Microsoft’s email service on a security forum, and the hole allowed him to change the passwords of arbitrary Hotmail users. The blog says that various users were affected as a result, for example because they used their Hotmail accounts to access services such as PayPal. Allegedly, the vulnerability was also exploited to change the ownership of particularly attractive, short account names such as [email protected] and [email protected]. ...

Continue Reading Hotmail hacked for $20