Report

TheHackerNews: A team of Hackers called, “r00tBeer Security Team” today hack into official blog of Advanced Micro Devices (AMD) which is a American multinational semiconductor company. AMD is the second-largest global supplier of microprocessors based on the x86 architecture and also one of the largest suppliers of graphics processing units. Hacker deface the blog page (http://blogs.amd.com/wp-content/r00tbeer.html) [Dead Link – Screenshot blow] and also leak the complete user database of blog on his twitter account. Leaked database SQL file uploaded on Mediafire by Hackers which include 200 AMD user’s Emails, WordPress Blog Usernames and Passwords. ...

FirstPost: A hacker Friday revealed a security flaw that he claimed could make Apple’s iPhone particularly vulnerable to text message cheating. The flaw has existed since iPhone was first launched in 2007, and is still not solved in the beta version of iOS 6, the next operating system for iPhone, the hacker under the name “Pod2g” said in a blog post, reported Xinhua. ...

h-online: Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick scan and analyzing” functionality. ...

BBC: Hacking group Anonymous has aided a global search for a cyber-vandal who defaced a charity website. Members of Anonymous helped track the attacker down to Madrid following a plea from the owner of the RedSky video production company. New Zealand-based RedSky asked for help after an attacker penetrated its website, erased data and left graffiti. The attack was reportedly carried out in a bid to impress Anonymous and join its ranks as a member. ...

h-online: Three weeks after releasing LibreOffice 3.5.5, The Document Foundation has confirmed that security holes in earlier versions of the open source LibreOffice productivity suite can be exploited by attackers to compromise a victim’s system. According to the project’s security advisory, these include multiple heap-based buffer overflow vulnerabilities in the XML manifest encryption tag parsing code. Successful exploitation of the vulnerabilities could lead to the execution of arbitrary code on a system with the privileges of a local user. For an attack to be successful, a victim must first open a specially crafted Open Document Format (ODF) file. Versions up to and including LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these problems. All users are advised to upgrade. ...

Mashable Wrote: The team behind Outlook.com revealed in a tweet that one million people signed up for the new email service in just six hours. Microsoft unveiled its Hotmail replacement Tuesday at noon Eastern, and by dinnertime it had cracked seven digits. That’s an impressive spike, illustrated in the chart that @Outlook attached to the tweet (shown below). However, it’s still a tiny fraction of the user base of Hotmail, which comScore pegs at about 350 million — making it the most popular free email service in the world. ...

h-online: At the Black Hat hacker conference in Las Vegas, encryption expert Moxie Marlinspike promised that his CloudCracker web service was able to crack any VPN or WiFi connection secured using MS-CHAPv2 within 24 hours. The cost? Around $200. MS-CHAPv2 is based on the eminently crackable encryption algorithm DES. The problem was first documented in 1999 by Bruce Schneier working with two other researchers. A large number of processor cores are still required to crack the encryption within a reasonable time – the number of possible keys makes trying to perform a brute force attack on a normal PC a hopeless task. ...

h-online: A data leak at the meetOne dating site allowed anyone to access private data including the plaintext passwords, email addresses and real names of the site’s approximately 900,000 members. To obtain the data, an attacker simply needed to increment a URL parameter. After they were informed by The H‘s associates at heise Security, the operators soon closed the hole. When news of a data leak in one of the dating portal’s custom APIs was disclosed to heise Security, the editors managed to reproduce the problem and access the data of a specially created test profile. The API disclosed information including the email address and password of the test user, which allowed access to the user’s profile. ...

h-Online: Citizenlab has released a detailed analysis of the activities of a trojan in which the experts conclude that the malware is most likely closely related to FinFisher, a commercial spyware tool developed by a company called Gamma International. The trojan targeted political activists in Bahrain and included sender names such as that of an Al Jazeera correspondent and subject lines like “Torture reports on Rabil Najaab”. The attached .exe file, disguised as an image, disabled anti-virus software and installed a complete set of spyware programs on the recipient’s PC. The spyware proceeded to monitor, among other things, the victim’s Skype communications including conversations and file transfers. An analysis of the infected systems’ working memory repeatedly produced the “finspy” character string. This name is used by Gamma to advertise FinFisher modules. ...

iol scitech: London – A British computer hacker accused by the United States of breaking into top secret military and space agency networks will learn the result of his six-year fight against extradition within three months, a court heard on Tuesday. Gary McKinnon faces up to 60 years in jail if convicted in American courts for what one US prosecutor has described as the “biggest military computer hack of all time”. ...