Saturday, March 23, 2019

ANONYMOUS LEAKS PARIS CLIMATE SUMMIT OFFICIALS' PRIVATE DATA



#hacker #viral #hacknews #parisclimatesummit


This story originally appeared on The Guardian and is part of the Climate Desk collaboration.
Hackers have leaked the private login details of nearly 1,415 officials at the UN climate talks in Paris in an apparent act of protest against arrests of activists in the city.
Anonymous, the hacktivist movement, hacked the website of the summit organisers , the UN Framework Convention on Climate Change (UNFCCC), and posted names, phone numbers, usernames, email addresses, and secret questions and answers onto an anonymous publishing site.
Anonymous claimed the attack was an act of protest against the arrest of protesters on a climate march in Paris on Sunday. Climate activists organising a peaceful protest say that the demonstration was hijacked by a small group of anarchists who clashed with police. All public protests have been banned in the city since a state of emergency was declared after the terror attacks nearly three weeks ago.
Officials whose data has been leaked are from a range of countries including the United Kingdom, Switzerland, Peru, France, and the US. Employees of the British Council and the Department for Environment, Food and Rural Affairs are among the British officials whose data is now in the public domain.
“For the UNFCCC itself it’s embarrassing,” says Oliver Farnan, security researcher at the Cyber Security Network in Oxford University. “The specific attack that was used [an SQL injection attack] is a well-known vulnerability … To have their entire user database compromised in this way demonstrates a lack of focus on security,” he said.
Farnan also said that the password encryption used by the UNFCCC appeared to be an “old and weak hashing algorithm,” that should have been “phased out”.
However the damage is likely to limited, and mitigated by changing the passwords on any accounts that use similar passwords.
“Although it’s embarrassing, it’s essential to ensure that their users don’t get compromised in follow on attacks,” Farnan said.

Friday, March 22, 2019

DAILY STORMER 'HACKED': NAZI WEBSITE 'TAKEN OVER BY ANONYMOUS HACKING GROUP' AFTER CHARLOTTESVILLE WHITE NATIONALIST RALLY

Anonymous have taken over the world’s most notorious Nazi website, following clashes with white nationalists over the weekend that left one anti-fascist protestor dead, it has been claimed, though the attack may have been staged.
A post on the Daily Stormer website attributed to the hacking group said that the site was now under its control and that it would stop it posting “putrid hate”. It also suggested that it will release data that had been taken as part of the attack, as well as suggesting it could conduct attacks on its leader.
The site is to remain online for 24 hours “so the world can witness the hate”, the group said. After that it will be shut down forever, they claimed.
Protesters clash and several are injured
Trump supporters at the protest
State police stand ready in riot gear

Racial tensions sparked the violence
Because of the nature of Anonymous – a loosely-grouped organisation with which anyone can claim affinity – it's not possible to verify the claims or even be sure whether the hack was being done by an established account. "We have no confirmation that 'Anonymous' is involved yet," a Twitter account associated with the group posted.
One of the biggest Anonymous Twitter accounts, Your Anon News, said that it didn't have confirmation the attack was being done by Anonymous. It even suggested that the Daily Stormer itself could have put the post up as a distraction.
According to the post on the Daily Stormer website, the cyber attack was done in the name of Heather Heyer, the anti-fascist protestor who died when a car was driven into counter protestors during a white supremacist rally in Charlottesville, Virginia, over the weekend. A statement posted onto the Daily Stormer website said Ms Heyer was a “victim of white supremacist terrorism”.
Ms Heyer died during unrest in Charlottesville as counter-protestors attempted to stop a “unite the right” rally in the city that included protestors from groups including the Ku Klux Klan. The protests began in response to a plan to remove a statue, but violence erupted and the city was forced to declare a state of emergency in response to the far-right protest.
The Daily Stormer had supported that protest, as well as historically giving support to many of the groups that called for and participated in it. 
“For too long the Daily Stormer and Andrew Angling have spewed their putrid hate on the site,” a statement from Anonymous that was posted as a story on the website read. “That will not be happening anymore.”
The same statement suggested that Anonymous had got access to private files and information during the attack.
“We have all the details on the servers and will be releasing the data when we feel the time is right,” it continued. “We have also gathered locational data on Anglin himself and are sending our allies in Lagos to pay him a visit in person.
“This evil cannot be allowed to stand.
“The events of Charlottesville alerted us to the need for immediate action.”
The statement said that it had taken a “united force of elite hackers from around the world to breach the systems and the firewall”. The statements’ claims to have breached the most central parts of the website can’t be independently verified.
All of the website’s posts are still online, including those that were put up just hours before the statement claiming control from Anonymous. But the top of the homepage now includes a link to that site, and a large picture of the Guy Fawkes mask that is associated with the group.

Thursday, March 21, 2019

5 Gangsters Aiming To Kill Brothers Hack Parents To Death: Police

Since the sons could not be found, the gang attacked their parents 

as they were running out of their house, police said


5 Gangsters Aiming To Kill Brothers Hack Parents To Death: Police
A special team has been formed to trace the gang. (Representational)

MADURAI: 
Five gangsters, who were on the lookout for two siblings to avenge their associate's killing, hurled a country bomb at their parents' house and when the couple ran out, hacked them to death, the police said Monday.
Since the sons could not be found, the gang attacked their parents as they were running out of their house, they added. 
The woman was hacked to death outside the house while her fleeing husband was killed by the gang 100 metres from the residence which was destroyed in the blast, police said.
The siblings were both on bail in connection with the case and and were working in Coimbatore. They had come home on Sunday.
COMMENT
A special team has been formed to trace the gang.

Android Q — Google Adds New Mobile Security and Privacy Features

Android Q security and privacy features
Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements.

Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support for passive authentication like face ID, and warnings when you install a new app targeting Android Marshmallow or older.

Instead of directly going through dozens of different pages Google published about Android Q, here I have summarized all new privacy and security features of the new version of Android you can quickly learn from:

1) Stop Android Apps From Tracking Your Location in the Background


Android Q gives you more control over how an app can use your device location information. Currently, you have a single option to either allow or deny an app access to your device location, doesn't matter if it is in-use or running in the background.

However, starting from Android Q, you can choose between three options, just like iOS: allowing an app to access location "all the time," "while in use," i.e., when the app is in the foreground, or "Deny."

"The new location control allows users to decide when device location data is provided to an app and prevents an app from getting location data that it may not need," Google says.

If you are an Android developer and your application requires location data when running in the background, you must declare the new permission in your app's manifest file.

"Your app's use case relies on periodic checks of a user's location all the time, such as geofencing or location sharing. In that case, your app should explain to the user that they need to allow your app to access their location all the time in order to operate correctly, then request access to background location," Google warns Android developers.

2) New Restrictions On Apps' Access to Device Identifiers


A) Contacts Affinity — Starting from Android Q, the operating system will no longer keep the track of contacts affinity information, meaning that apps searching for user's contacts will not be able to do so.

B) Making MAC Address Randomization a Default Feature — Introduced in Android 6.0 Marshmallow, the feature will now come enabled by default with Android Q, preventing app developers, location analytics firms, stores, and others from using MAC addresses to build a history of your device activity.

For those unaware, MAC address randomization works by replacing the number that uniquely identifies your device's wireless hardware with randomly generated values, preventing your device from being tracked when connected to different Wi-Fi networks.

C) Non-Resettable Device Identifiers — From Android Q, only some apps with the READ_PRIVILEGED_PHONE_STATE privileged permission will be able to access your device's non-resettable identifiers, such as your phone’s IMEI and serial number.

D) Restricting Access to Clipboard Data — With Android Q, Google also restricted apps from accessing the operating system's clipboard data. Only apps that are running in the foreground (on screen) or apps that are the default input method editor, or IME (e.g., default keyboard apps) can access the clipboard data.
Android Q Privacy features
E) Removing Access to Device's Network State — Android Q also removes access to the information about a device’s network state. Apps that require access to this information, like Virtual Private Network (VPN) apps, can refer to the NetworkStatsManager and ConnectivityManager classes.

F) Access to USB serial — Apps running Android Q will only be able to read the serial number of a USB device after users themselves grant permissions to access the USB device or accessory.

3) Background Apps Can't Start A New Activity Without User Interaction


Android Q also comes with new restrictions, preventing apps from launching activities while in the background without user interaction, keeping users more in control of what's shown on their screen.

"As long as your app starts activities as a direct result of user interaction, however, your app most likely isn't affected by this change. In fact, the majority of apps are unaffected by this change," Google says.

In nearly all cases, Google has now made it mandatory for apps that are in the background to create notifications in order to provide information to users instead of directly starting an activity.

App developers who want user's attention urgently can create high-priority notifications and provide a full-screen intent.

4) Apps Can't Change Location and Network Settings


Android Q makes it mandatory for apps to have the ACCESS_FINE_LOCATION permission to use several methods within the Wi-Fi, Wi-Fi Aware, or Bluetooth APIs.

This means now third-party apps will not be able to make changes to your device Wi-Fi (enable or disable); instead apps have to prompt users to enable or disable Wi-Fi in the device settings manually.

To protect user privacy, performing manual configuration of the list of Wi-Fi networks will now be only restricted to system apps.


5) Scoped Storage to Protect Data Stored by One App from Others


Android Q will give each app an isolated storage sandbox into an external storage device so that no other app can directly access data saved by other apps on your device.

That means, apps don't require any special permissions to save and access their own sandboxed files on external storage. However, if an app needs to access or modify files that other apps have created, it must first request the appropriate permission.

"Because files are private to your app, you no longer need any permissions to access and save your own files within external storage," Google notes. "This change makes it easier to maintain the privacy of users' files and helps reduce the number of permissions that your app needs."

Instead of just making Android Q Beta 1 available for developers, Google has allowed anyone to sign up and install the beta operating system as far as they own Google's Pixel phones, including the original Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Pixel 3 and Pixel 3 XL.

Android Q is scheduled to be made available to end users sometime in the third quarter of this year, according to the company’s timeline — likely at the end of August.
Have something to say about this article? Comment below

Google Will Prompt European Android Users to Select Preferred Default Browser


european union google chrome browser antitrust
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones.

The European Commission accused Google of forcing Android phone manufacturers to "illegally" tie its proprietary apps and services—specifically, Chrome and Google Search as the default browsers—to Android, unfairly blocking competitors from reaching consumers.

This rule led Google to change the way it licenses the Google mobile application suite to Android smartphone makers. Now, Google is further making some changes related to browser and search engine choice.

In a blog post published Tuesday, Google announced that the company would prompt Android phone owners in Europe (new and existing ones) in the coming months to choose from a variety of web browsers and search engines for their devices as their default apps.

"Now we will also do more to ensure that Android phone owners know about the wide choice of browsers and search engines available to download to their phones," the company says.

"This will involve asking users of existing and new Android devices in Europe which browser and search apps they would like to use."

Although Google did not specify, the prompt will likely appear during the phone setup phase.

The move comes a few months after Google revealed its new paid licensing agreements for Google apps on third-party Android smartphones.

The new licensing scheme applied only to Android devices in the European Economic Area (comprises the 28 EU countries along with Iceland, Liechtenstein, and Norway) and required phone makers to obtain separate, paid licenses if they want to include:

  • Play Store, Maps, Gmail, and YouTube without Chrome, and Search
  • Everything, including Chrome, and Search

This change allowed smartphone makers in Europe to install any app they want to serve as alternatives to Google apps without being forced to bundle Google Search and Chrome.

Google also said Android users have always been free to download any browser and search engine apps they want, "irrespective of what came pre-installed on the phone," noting that "a typical Android phone user will usually install around 50 additional apps on their phone."

The company has likely come up with these latest changes to show the European Union its "continued commitment to operating in an open and principled way."

Not just for Google's mobile operating system, but the European Union also fined Google $2.7 billion in June 2017 over abusing the way it prioritizes its own shopping results at the top of its search results at the expense of its rival products.

In the latest blog post, the tech giant also announced some changes to Google Shopping, which includes providing "direct links to comparison shopping sites, alongside specific product offers from merchants."

Have something to say about this article? Comment below

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities.

PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols.

Almost 20 months after releasing the last version of its software, the developers of PuTTY earlier this week released the latest version 0.71 for Windows and Unix operating systems.

According to an advisory available on its website, all previous versions of the PuTTY software have been found vulnerable to multiple security vulnerabilities that could allow a malicious server or a compromised server to hijack client's system in different ways.

Here below I have listed all 8 vulnerabilities with brief information that PuTTY 0.71 has patched:

1) Authentication Prompt Spoofing — Since PuTTY doesn't have a way to indicate whether a piece of terminal output is genuine, the user-interface issue could be exploited by a malicious server to generate a fake authentication prompt at the client side, prompting victims to enter their private key passphrases.

"If the server had also acquired a copy of your encrypted key file (which, for example, you might have considered safe to copy around because it was securely encrypted), then this would give it access to your private key," the advisory explains.

2) Code Execution via CHM Hijacking — When a user launches the online help within the PuTTY GUI tools, the software tries to locate its help file alongside its own executable.

This behavior could allow an attacker to trick the user into executing malicious code on the client system via the hijacking CHM file.

"If you were running PuTTY from a directory that unrelated code could arrange to drop files into, this means that if somebody contrived to get a file called putty.chm into that directory, then PuTTY would believe it was the real help file, and feed it to htmlhelp.exe."

3) Buffer Overflow in Unix PuTTY Tools — According to the advisory, if a server opens too many port forwardings, PuTTY for Unix does not bounds-check the input file descriptor it collects while monitoring the collections of active Unix file descriptors for activity, leading to a buffer overflow issue.

"We don't know if this was remotely exploitable, but it could at least be remotely triggered by a malicious SSH server, if you enabled any of the options that allow the server to open a channel: remote-to-local port forwarding, agent forwarding or X11 forwarding," the advisory says.

4) Reusing Cryptographic Random Numbers — This issue resides in the way cryptographic random number generator in PuTTY, occasionally using the same batch of random bytes twice.

"This occurred because of a one-byte buffer overflow in the random pool code. If entropy from an external source was injected into the random pool exactly when the current-position index was pointing at the very end of the pool, it would overrun the pool buffer by one byte and overwrite the low byte of the position index itself."

5) Integer Overflow Flaw — All prior versions of PuTTY suffers an Integer overflow issue due to missing key-size check-in RSA key exchange.

A remote server can trigger the vulnerability by sending a short RSA key, leading to an integer overflow and uncontrolled overwriting of memory.

PuTTY developers are not sure if this flaw can be exploited to gain control over the client, but since the issue occurs during key exchange and happens before host key checking, the overflow can be induced by a MitM attack even if the middle man does not know the correct host key.

So even if you trust the server you think you are connecting to, you are not safe."

6, 7 and 8) Terminal DoS Attacks — Last three vulnerabilities in PuTTY allows a server to crash, or slow down client's terminal by sending different text outputs.

Servers can send a long unbroken string of Unicode characters to the client’s terminal, which could lead to a denial-of-service attack by causing the system to allocate potentially unlimited amounts of memory.

The second DoS attack can be triggered by sending combining characters, double-width text, an odd number of terminal columns, and GTK to the client's terminal in output.

In the third DoS attack, by sending width-2 characters used by Chinese, Japanese and Korean to the client, PuTTY's terminal emulator can be forced to crash.

If you use PuTTY, make sure you download and use the latest version of it.

Have something to say about this article? Comment below


Wednesday, March 20, 2019

Learn Ethical Hacking with 180 Hours of Training — 2019 Course Bundle

The world of cybersecurity is fast-paced and ever-changing.

New attacks are unleashed every day, and companies around the world lose millions of dollars as a result.

The only thing standing in the way of cybercrime is a small army of ethical hackers. These cybersecurity experts are employed to find weaknesses before they can be exploited. It’s a lucrative career, and anyone can find work after the right training.

The 2019 Ethical Hacker Master Class Bundle offers the perfect education for aspiring professionals, with 10 courses and over 180 hours of video tutorials. Right now, you can get lifetime access to this huge learning library for just $39 — that's over $4,800 discount the face value.

According to the Bureau of Labor Statistics, demand for cyber security experts will expand rapidly over the next three or four years. If you want to build a career in the industry, now is the time to take action.

The 2019 Ethical Hacker bundle helps you master all the fundamentals of cybersecurity and prepare for important exams.
Ethical Hacker Training
You learn through concise video lessons, and each course provides plenty of hands-on experience.

Along the way, you learn how to set up your secure workflow and perform penetration tests on multiple platforms. The training also looks at intrusion detection, policy creation, social engineering, DDoS attacks, and much more. You even pick up some useful Python programming skills along the way.

Just as importantly, this bundle helps you stand out in the jobs market. The training includes full prep for three CompTIA exams: A+, Security+ and Network+. These certificates are essential for anyone who wants to work in cybersecurity and are highly valued in other technical roles.

There is no time limit on any of the courses, and you can stream the tutorials on both mobile and desktop devices.

The training is worth $4,883 in total, but you can get lifetime access now for only $39.

Have something to say about this article? Comment below

PUBG MOBILE FIRST ANNIVERSARY EVENT FEATURES A NEW SONG FROM ALAN WALKER

PUBG MOBILE to Feature Alan Walker’s New Single “On My Way “and Host One of the World’s Biggest Mobile Gaming Tournament In celebratio...