Nine months after shutting down operations — and just weeks after several suspected members were arrested — the LulzSec hacker community has apparently sprung back to life, hacking the website of military dating site MilitarySingles.
View full post on lulzsec hacker – Yahoo! News Search Results
View full post on National Cyber Security
Is there a bigger hassle than password management?
Based on ample evidence showing that a majority of users opt for simplistic, easy-to-guess passwords like “123456″ and, sadly, “password,” I’d say no.
Here’s the problem: You need a robust, virtually impossible to crack password. You need a different one for each and every site and service you use (to limit the fallout if hackers steal a password database). And you need an easy way to remember those passwords.
There are a number of utilities and browser plug-ins that can both generate secure passwords for you and plug them in when you sign into a site – thus eliminating the need to remember them.
But what if you’re using someone else’s computer, or a smartphone or tablet? Then you won’t have easy access to those passwords.
That’s why I’ve started using a different method for password generation and management, and I’ve found it pretty effective. Check it out:
1. Come up with a single, secure password you can commit to memory, one that mixes letters, numbers, and symbols. In my case, I might use a familiar word like HassleFree, but modified thus: Hassl3fr33!. All I did was replace each “e” with a “3″ and tack on an exclamation point. That’s now my baseline password (for purposes of this example – not in real life).
2. Whenever I sign up for a new service, I use the name of that service as the prefix, then add my unique password. Thus, for something like Amazon, my password would be AmazonHassl3fr33!. For eBay, it would be EbayHassl3fr33!. And so on.
Presto! I’ve got a lengthy, secure, unique password for every site, one that I can easily remember.
Is it the perfect solution? When it comes to passwords, I’m not sure there’s any such thing. A hacker who steals a password database could probably extrapolate my method – if he looked closely and really thought about it.
But this works for me, and if you’re routinely struggling to come up with and remember passwords, it might work for you, too.
View full post on National Cyber Security » Computer Hacking
A fake YouTube site purporting to show videos supporting the opposition in Syria has been taken down after it tried to infect visitors with malicious software, according to digital watchdog Electronic Frontier Foundation (EFF).
The EFF is “deeply concerned about this pattern of pro-government malware targeting online activists in authoritarian regimes,” wrote Eva Galperin and Morgan Marquis-Boire.
Syria, which has been sternly criticised for its brutal treatment of anti-government protestors since an uprising began about a year ago, is known to heavily censor the internet and monitor users.
The fraudulent YouTube page tried to get users to enter their username and password, which in some cases is linked with a person’s Gmail account. The site also tried to get the victim to download a bogus update for Adobe Flash, which was actually Windows malware, the EFF wrote.
The malware then “connects back to an address in Syrian IP space and downloads additional malware, which gives the attacker administrative access to your computer,” the EFF wrote.
The EFF detailed how a user can tell if he has been infected. The organisation recommended reinstalling the operating system if the computer has been infected, since an attacker could have installed other kinds of malware on the machine as well. The EFF said all passwords should also be changed for services accessed while the machine was infected.
Last week, the EFF blogged about a remote access tool called “XTreme RAT,” which was spreading through email and chat programs. The malware could take screenshots and log keystrokes on a victim’s computer, sending the data to a Syrian IP address.
The organisation also noted another remote access tool, Darkcomet RAT, which was reportedly infecting the computers of Syrian activists a few weeks before. That tool could disable antivirus programs, record keystrokes and steal passwords, also sending the data to the same IP address in Syria as “XTreme RAT,” the EFF explained.
View full post on National Cyber Security » Computer Hacking
Akamai Technologies/Cambridge, MA (MA)
Senior System Software Engineer – Site Application Engineering
Location: US-MA-Cambridge
Posted Date: 3/9/2012
Cost Center: 264
Category: Engineering
ID: 5944
About the Job
Akamai’s Site Application Engineering team is looking for an experienced System Software Engineer to work on integration of our new Front End Optimization technology into our globally distributed computing platform. This engineer will be assisting in design and development for the integration of our optimization software that quickly delivers high-performing sites with superior end-user experience for our customers. By leveraging Akamai’s globally distributed computing platform, we can build unique and powerful technology solutions to today’s content delivery challenges.
About the Team
With the rapid adoption of rich Internet applications and the increase in mobile browsing, new performance bottlenecks are emerging. Websites are becoming richer and more complex, with more compute requirements built into a single page, impacting performance in the browser or device. Our Front End Optimization technology will be designed to automatically optimize the code on a web page during the delivery process to ensure faster transmission of content and a faster rendering of the page. This technology will complement Akamai's market-leading site acceleration solutions.
Responsibilities:
- Assist in integration of our new Front End Optimization technology into the Akamai platform systems and operations.
- Work with Quality Assurance teams to increase quality and reliability of software.
- Work with Operations to increase operationalization and offload monitoring & troubleshooting tasks from engineering.
- Work on projects that increase stability, security, and reliability of our network.
- Quickly work through complex issues in the production network, test networks, and related processes.
- Some travel between Cambridge and Ottawa may be required.
Qualifications:
Basic Qualifications
- Education: Bachelor’s Degree in Computer Science or similar field.
- Minimum of 5 years of experience with object oriented languages in Unix/Linux environments.
- Minimum of 3 years working with Internet protocols such as TCP/IP, UDP/IP, and HTTP.
- Minimum of 3 years experience working with high performing high availability mission critical systems.
Desired Qualifications
- Experience with server side development in Java.
- Strong communication and organizational skills.
- Experience with end-to-end software development and release processes.
- Knowledge of the Akamai platform and systems, or a similar large scale global distributed system.
- Extensive experience working on multiple projects at a time in a fast paced, results oriented environment.
- Highly responsible, self-disciplined, motivational, creative, confident and a quick learner.
Other Information
- Is relocation available for this position: No
- Is US Citizenship required: No
- Is a Security Clearance Required: No
If yes, applicants selected will be subject to a government security investigation & must meet eligibility requirements for access to classified information.
About Akamai:
No one carries more of the world's Web traffic than Akamai, so working with Akamai means you’re helping some of the world’s best known brands succeed in bringing any experience to any device, anywhere. Cloud computing, SaaS, eCommerce, online entertainment and dynamic personalized experiences are all fueled by Akamai technology. Join Akamai and you join a culture that’s extremely intelligent, strongly supportive and passionately committed to delivering world-class solutions. Some of the best minds in business, mathematics, and engineering work at Akamai – leading, learning and shaping the future of the Internet.
Contact us!
If you're excited by Akamai and would like to help change the online landscape please apply. No time to apply? Join our Talent Community.
Akamai Technologies is an Affirmative Action, Equal Opportunity employer (M/F/D/V) that values the strength that diversity brings to the workplace.
View full post on Wired Jobs
View full post on National Cyber Security
LONDON, UK: In a suspected cyber attack, Interpol's website was brought down briefly on Tuesday.
View full post on cyber crime hacking – Yahoo! News Search Results
View full post on National Cyber Security » Computer Hacking
<!–Saxotech Paragraph Count: 10
–>
Hackers affiliated with the group Anonymous are taking credit for hacking the Springfield city website and obtaining the Social Security numbers and other personal information of thousands of citizens.
City officials announced Monday that the springfieldmo.gov site was hacked Feb. 17 and that about 2,100 people were being notified their information may be “compromised.”
The loosely organized group Anonymous is suspected of hacking businesses and government agencies around the world.
In online chat rooms and associated websites, groups with the monikers Kahuna and CabinCr3w said data was taken from the Springfield Police Department database as part of a larger effort targeting law enforcement agencies.
The data they claim to have obtained includes online police reports, as well as warrant and summons information. That data, the groups say, includes citizen information such as Social Security numbers, cell phone numbers, home address and physical description.
Why Springfield was targeted is unclear. One website claiming credit included a line saying, “Reason ???” that was followed by a 1-minute, 51 second video that begins with the words, “We Are Anonymous.” The video then shows scenes of law enforcement officers – none of which appear to be Springfield Police officers – using force to detain people or disperse crowds.
One website claimed more than 6,000 reports containing personal information was obtained. Tuesday, city spokeswoman Cora Scott said city information technology staff are confident that “the 2,100 number is a solid number” in terms of actual victims.
Springfield officials have released few details about the breach and have refused to say how the city learned of the issue or identify the agency or agencies investigating.
Police Chief Paul Williams did refer a News-Leader reporter to the FBI but declined to confirm or deny whether the federal agency was involved in the investigation.
Spokeswoman Bridget Patton said the FBI “is aware of these reports but at this point we cannot comment any further.”
Article source: http://www.news-leader.com/article/20120229/NEWS01/302290045/1264/RSS
View full post on National Cyber Security » Computer Hacking
The teenagers’ computers were seized for forensic examination.
View full post on eSecurityPlanet RSS Feed
View full post on National Cyber Security
Hardcore group 'fesses up to breach as youth uploads 'members privates' A teenage hacker claims to have broken into the Brazzers, the hardcore porn portal, before making off with hundreds of thousands of user login details.…
View full post on lulzsec hacker – Yahoo! News Search Results
View full post on National Cyber Security
The Cryptome.org whistleblowing website was hit by a serious web hijack last week that for several days borrowed thousands of its pages to serve malware, the organisation has admitted.
Starting on 8 February, attackers were able to hide malicious scripts pointing to malware on every one of the site’s 6,000 pages, leaving its admins battling to regain control until 13 February, Cryptome said.
The malware culprit was the Blackhole exploit kit 12, the latest version of a notorious but sadly incredibly common automated web compromise system designed to serve malware targeting specific browser versions with known software flaws.
Anyone visiting with a vulnerable browser (Internet Explorer 6 to 
could have found themselves infected with Blackhole, most likely adding their computer to a larger bot.
“5,000 more files found infected, still checking, but it looks as though every HTML file on Cryptome was infected.” The organisation said.
“Not clear how access was gained through our ISP. Access logs do not show the infection activity. Any ideas how that was done and how to prevent recurrence: cryptome[at]earthlink.net.”
The involvement of the Russian Blackhole kit is absolutely standard, indeed a report last week from M86 Security pointed out that this one web exploit system is now so successful and powerful it accounted for 95 percent of all attacks using such kits in the second half of 2011.
As with the Cryptome attack, website owners only know they have a problem when users contact them with the bad news after detecting it with security software wise to its many techniques for staying out of sight.
For Blackhole, a site such as Cryptome is merely a convenient jumping off point that allows it to serve malware via a legitimate domain that won’t be blacklisted by security software or search engines.
In this attack, the criminals appear to have gone to some trouble to keep the malware out of sight for as long as possible by ignoring anyone visiting the site from a Google domain. Presumably this was done to reduce the chance of Google’s search engine blacklisting Cryptome, a security layer incorporated into Chrome through the Safe Browsing API.
Overshadowed by Wikileaks in terms of publicity, Cryptome has had a few brushes with controversy.
Two years ago, the organisation published Microsoft’s secret Global Criminal Compliance handbook, which laid out how the company was gathering certain data from users of some of its services that could be accessed by the police and intelligence services.
Angry at the guide’s publication, Microsoft had the Cryptome website suspended using legal sanctions, before relenting as negative publicity accumulated on the Internet.
Later in 2010, an attacker broke into Cryptome’s servers, stealing a reported 6.8 terabytes of data including emails written by the site’s founder, John Young.
View full post on National Cyber Security » Computer Hacking
Calcutta News.Net
Saturday 11th February, 2012
A computer hacker from Morocco has claimed to have accessed a disused pornography web site to find the names of 350,000 former users.
In an open email, the hacker, who described himself as a 17-year-old with ties to hacking group Anonymous, said he had compromised personal information, including payment details.
The disused website had been operated by pornography provider Brazzers and Luxembourg-based Manwin, which runs some of the world’s most-used pornography websites.
Manwin has said investigations are taking place, although there was no breach of credit card information.
Earlier in the week, the young hacker posted to the internet some emails, usernames and supposedly-safe encrypted passwords.
Last week the hack-collective Anonymous reported that it had been able to hack into several websites affiliated with the US Central Intelligence Agency and the state of Alabama.
The CIA website was offline for most of the 10th of February due to the hack.
Article source: http://www.calcuttanews.net/story/203424042/ht/Pornography-site-information-accessed-by-hacker
View full post on National Cyber Security » Computer Hacking