Hacking It: Hacker News,

.Begginners guides to build basic trojans-viruses-keyloggers.
If you`ve an interest in learning about hacking but dont know where to start
checkout the beginners section for a full list of what you need to know & how
to go about it- & once youve progressed a touch try the links to some of the hacking resources & forums :-0


Hacker news

Lamo labeled a grass

Former grey hatter Adrian Lamo,has been revealed to be an informant ,
according to sources, he has spilled the beans on former friend,Bradley Manning,
who has been accused of leaking top secret information to wikileaks.As well leaking embassy cables & communications,is also thought to be behind the leaking of the video showing the massacre of Journalists & Medical personnel carried out by an Apache helicopter in Iraq .Lamo says Manning approached him to brag about the leaks,saying he had leaked more than 250 thousand classified documents.Lamo went straight to the army with this information & later met with the FBI.Lamo reported the information with the thought that innocent people may lose there lives when in shark contrast to this,wikileak aims to notify people that may be in danger before any publishing is made.Manning stands by the fact the he was only making the public aware of the wrong doings & scandal.

New e-crime unit, nine arrested

Nine suspects in a banking Trojan case have been arrested by specialist cybercops from the UK's new Police Central E-Crime Unit (PCeU).

The suspects - four women and five men - were arrested following police raids in south east London. Investigators reckon the group of UK-based eastern European nationals used malware planted on compromised machines to steal login credentials and plunder online banking accounts.

The arrests follow the establishments of a virtual crime force, involving more than 50 officers from the PCeU and the Met's specialist crime directorate.

Deputy assistance commissioner Janet Williams, ACPO lead for e-crime, said Wednesday's operation illustrated that the long-awaited national e-crime unit was already up and running Computer Weekly reports


Indian politico's webmail hacked

Fraudsters have hacked into the email account of an Indian politician in a bid to extort money from his contacts.

Senior Congress politico Mani Shankar Aiyar's Hotmail account was broken into on Wednesday in order to send messages claiming he'd lost his wallet & was in urgent need of cash to settle a $3,500 hotel bill in England & return home.

Indian Express tracked the former union minister down to New York, from where he confirmed his webmail account had been hacked into to send the dodgy "loan-requesting" emails. Unidentified hackers, who probably took advantage of weak passwords to break into the account in the first place, have locked Aiyar out of his account.

"Unfortunately, the hacker has changed my password so I cannot access my email account," Aiyar told Indian Express. "I am in New York attending a seminar on local self-government at Columbia University. I request all recipients to ignore this message."

The Times of India reports that fashion designer Rina Dhaka was hit by a similar scam last week. Delhi police are advising users to make use of strong passwords, it added.

Aiyer is far from the first high-profile politician left explaining a webmail hack. Previous examples have famously included Alaska governor Sarah Palin & former Republican candidate, as well as UK justice minister & former home secretary Jack Straw.

The 'person in plight' scam isn't new either & has recently moved on from messages from hacked email accounts to electronic communiques from compromised social networking sites.

Hackers exploiting unpatched directx bugs using quicktime

It`s looking like yet another security scare for microsoft user`s in which hackers
are exploiting an unpatched critical vulnerability, it allows remote code execution, & attacks versions of direct x 7-8-9 in windows 2000,xp & server 2003.Newer versions of vista , server 2008 & windows 7 are`nt being affected,so they seem to have already fixed the problem in there newer software but haven`t addressed the issue in there older operating systems.
Microsoft has had quite a spate of serious vulnerabilities recently, it seems resourceful hackers are targeting applications & components of the OS rather than the actual OS or networking stack. 3 times in the last 3 months microsoft have warned of the vulnerability in the software.

Thursday, Microsoft issued a security advisory that said hackers were already using attack code that leveraged a bug in DirectX, a Windows subsystem that`s crucial to games & also used when streaming video from sites.

Hackers are using malicious QuickTime files — QuickTime is rival Apple Inc.’s default video format — to hijack PCs, Microsoft said. “The vulnerability could allow remote code execution if [the] user opened a specially crafted QuickTime media file,” the company said in the advisory. “Microsoft is aware of limited, active attacks that use this exploit code.”

According to Christopher Budd, the spokesman for the Microsoft Security Response Center, QuickTime itself isn`t flawed. Instead, the QuickTime parser in DirectShow, a component of DirectX, contains the bug. “An attacker would try to exploit the vulnerability by crafting a specially formed video file , then posting it on a website or sending it as an attachment in e-mail,,” Budd said in an entry on the MSRC blog.

Because the bug is in DirectShow, any browser using a plug-in that relies on DirectShow is also vulnerable.Until there`s a patch available, users can protect their PCs by disabling QuickTime parsing. To do that requires editing the Windows registry, normally a task most users would do there best to shy away from, but Microsoft say`s they have automated the workaround. “We’ve gone ahead & built a ‘Fix it’ that implements the ‘Disable the parsing of QuickTime content in quartz.dll’ registry change,” Budd said. “We have also built a ‘Fix it’ that will undo the workaround automatically.”

Earlier this month microsoft announced
a vulnerability in Microsoft Internet Information Services (IIS) that could allow Elevation of Privilege. Products affected are IIS 5.0, IIS 5.1, & d IIS 6.0. The advisory contains guidance & workarounds that customers can use to help protect themselves. We will continue to monitor the situation & post updates to the advisory & the MSRC Blog as we become aware of any important new information.

At this time, we are not aware of any known attacks that attempt to use this vulnerability.

An elevation of privilege vulnerability exists in the way that the WebDAV extension for IIS handles HTTP requests. An attacker could exploit this vulnerability by creating a specially crafted anonymous HTTP request to gain access to a location that typically requires authentication.

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

To better help understand the issue, Microsoft security experts have provided additional technical details on the Microsoft Security Research & Defense blog.


Obama setting up security task force

President Obama is expected to announce late this week his decision to create a senior White House official responsible for protecting the nation’s government-run & private computer networks from attack, according to a report.

The “cyber czar” will probably be a member of the National Security Council but will report to the national security adviser and the senior White House economic advisor, according to The Washington Post, which cited unnamed officials who had been briefed on there new plan`s. As of Friday, Obama had not yet settled on the advisor’s rank and title.

The announcement is set to coincide with the release of a 40-page report evaluating the government’s strategy for securing government networks & other infrastructure deemed critical to national security. The timing of the report & the details included in the Washington Post report suggest`s the plan may have run into problems with some of the advisors to Obama.

Officially the rank & title have not yet been decided but they will be working with the National Security Council and the Economic division of the government.

more news

Chinese Down time due to Dos attack

Latest news shows a few million Chinese Internet users had trouble accessing websites yesterday due to a DDoS attack on the DNS system from one of the countries registrars.

It just shows that China has an inherently weak infrastructure if such a large portion of people can be disrupted with an attack to a single location.

An attack on the servers of a domain registrar in China caused an online video application to cripple Internet access in parts of the country late on Wednesday.

Internet access was affected in five northern and coastal provinces after the DNS (domain name system) attack, which targeted just one company but caused unanswered information requests to flood China’s telecommunications networks, China’s IT ministry said in a statement on its Web site. The DNS is what computers use to find each other on the Internet.

The incident revealed holes in China’s DNS that are “very strange” for such a big country, said Konstantin Sapronov, head of Kaspersky’s Virus Lab in China.

The problems started when registrar DNSPod’s DNS servers were targeted with a DDOS (distributed denial of service) attack, described by the company in an online statement. In such an attack, the attacker orders a legion of compromised computers to try to communicate with a server all at once, which overwhelms the server and crushes its ability to return requests for information.

Read all about it !
Full hacker news index can be found

page rank search tool


.Begginners guides to build basic trojans-viruses-keyloggers.
If youve an interest in learning about hacking but dont know where to start
checkout the beginners section for a full list of what you need to know & how
to go about it- & once youve progressed a touch try the links to some of the hacking resources & forums :-0


Visit the Site