Archive for the ‘news’ Category
A few minutes ago someone told me that the well known Greek security community of grhack became an “officially” private community. In my opinion this is a strange move but I cannot comment anything since I have no clue of the goals and motivation that lead to it, as well as any underlying stories being involved.
This community has contributed a lot to the security world from publishing content in e-zines such as phrack, to presenting in security industry conferences the past two years.
Also, since they turned to a private community I’ll remove my link to their website. It will be useless having a link to a private community. Finally, best wishes and good luck with your new community. :)
I was reading the Full-Disclosure mailing list when I came across this thread. I don’t know how valid this is since I didn’t have the opportunity to see it myself and I only got the following screen capture from the mailing list.
From the FD mailing list Juha-Matti Laurio posted the following zone-h mirror of the hack:
I’m finally back having a pretty bad flu. Nevertheless, I had some great time at Berlin this year and aluc was an awesome dude! Thanks for everything.
Awesome time meeting more and more cool people. Finally, I want to apologize to our Swedish friends for my attitude during the last two days of our stay in Berlin but I was having that flu and I was really stuck with something sin was coding during that period. This resulted in spending the New Year’s Eve coding instead of partying.
So, I’m sorry about this and I’m looking forward for our next meeting.
Merry Christmas! Today the “Owned and Exposed No.2” was released featuring:
And many many lulz… Enjoy!
I have just been informed via twitter that dumps of the carders.cc, inj3ct0r and free-hack are now publicly available. You can find more information in this URL.
Heh… This week has more disclosed hacks and discovered backdoors than killed bug. :P
This one was disclosed by VUPEN Security and it’s about this PHP project. The backdoor is installed in releases 2.6.11 and 2.6.12 and it’s placed in getTopTen() function located in inc/Faq.php file. For completeness, here is the official VUPEN’s security advisory for this backdoor, and here is the project’s one.
Unfortunately, the backdoored version of the project was removed from the tubes and that’s why the hacked code isn’t part of this post. :(
If you have the source code of inc/Faq.php downloaded between December 4 and 15 and you want me to publish it here, drop me an email.
Unfortunately, this is not very appropriate for the “news” since it’s quite old by now. For historical purposes I’m publishing this post. On Monday, 13 December 2010 hackers gained access to a McDonald’s database containing data of people whi voluntarily signed up for its websites and promotions. For further details you can read Reuters official report.