Thursday, 18 August 2011

Murdoch Hacking Scandal: Everything You Need To Know


 
NEW YORK (TheStreet) -- News Corp.'s (Stock Quote: NWSA) phone-hacking scandal in the U.K. has snowballed, with 10 people having been arrested in the case and dozens of others being linked to the corruption.<br>

Since the beginning of July, there has been a whirlwind of accusations surrounding Rupert Murdoch's media empire that has plagued British government and law officials. Victims have included a slain schoolgirl, celebrities, politicians and potentially even Sept. 11 terrorist victims.

The scandal has called into question the integrity and future of News Corp. Shares of the company have fallen more than 13% since the investigation, which has been ongoing for years, resurfaced on July 4. With new reports emerging daily, the list of those involved continues to grow.
Here is a look at the major players entwined in News Corp.'s phone-hacking scandal.

Hugh Grant

Actor Hugh Grant won a court ruling in the hacking scandal, with a High Court judge ordering police to hand over documentation that could reveal his phone messages were intercepted by a private detective working for News of the World.

Grant has been a harsh critic of News of the World amid the hacking scandal and is a member of the Hacked Off lobby group, which has campaigned for a inquiry into illegal eavesdropping by newspapers.

Grant isn't the only celebrity that has allegedly been a target for the now shuttered British tabloid. Sienna Miller settled a phone-hacking suit against the company last month.

Sean Hoare

The former News of the World reporter at the center of the phone-hacking scandal has been found dead.

Sean Hoare originally alleged that Andy Coulson was aware of phone-hacking by his staff.

According to The Guardian, Hoare was found dead in his home, but police have not confirmed his identity. Authorities have said that the death is currently being treated as unexplained, but it is not believed to be suspicious. Police are currently investigating the incident.



Saturday, 30 July 2011

#RefRef - Denial of Service ( DDoS ) Tool Developed by Anonymous

#RefRef - Denial of Service ( DDoS ) Tool Developed by Anonymous

Anonymous is developing a new DDoS tool which is said to exploit SQL vulnerabilities to support the group's future campaigns. So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website. Previously, Low Orbit Ion Canon (LOIC) was the go to weapon for Anonymous supporters during various Operations .However, LOIC is also the reason scores of people have been arrested in the last year, so many feel its time is at an end.


The new tool, called #RefRef, is set to be released in September, according to an Anon promoting it on IRC this afternoon. Developed with JavaScript, the tool is said to use the target site’s own processing power against itself. In the end, the server succumbs to resource exhaustion due to #RefRef’s usage. An attack vector that has existed for some time, resource exhaustion is often skipped over by attackers who favor the brute force of a DDoS attack sourced from bots or tools such as LOIC.


The tool is very effective, a 17-minute attack from a single machine resulting in a 42-minute outage on Pastebin yesterday. As expected, the Pastebin admins weren't very happy with their platform being used for such tests andtweeted "Please do not test your software on us again."
The effectiveness of RefRef is due to the fact that it exploits a vulnerability in a widespread SQL service. The flaw is apparently known but not widely patched yet. The tool's creators don't expect their attacks to work on a high-profile target more than a couple of times before being blocked, but they don't believe organizations will rush to patch this flaw en masse before being hit.
This means there are a lot of possible targets out there that will be hit at least once. "This tool only makes you vulnerable if you don't keep your systems patched, perform the basic security, which is how Sony got caught with it's pants down," the RefRef developers said.
The tool works by turning the servers against themselves. It sends malformed SQL queries carrying the payload which in turn forces the servers to exhaust their own resources. However, the tool's GUI does have a field for inputting the refresh interval so it might combine traditional forms of HTTP hammering with the new technique.


Some security experts have been skeptical that the success of Anonymous's DDoS attacks can be explained through LOIC alone. They proposed that some of the group's supporters also have access to botnets, a theory that has partially proven to be correct.

Sunday, 10 July 2011

Sony BMG Greece Hack, Complete Details Out!

Sony BMG Greece Hack, Complete Details Out !



Yesterday , we have reported that On 5th May, 2011 - Sony BMG's Greek website was also got hacked.  One of Them Provided the Full extract database from the site.  b4d_vipera was the hacker who Deface the site using SQL injection method. There are 8385 users on this website. Sample of hacked Database was leaked at http://pastebin.com/WqLysjiN . This was 7th Attack on Sony.


As from Source :
DB Detection: MsSQL no error (Auto Detected)
Method: GETType: 
Data Base: SONYBMG
Table: USERS
Total Rows: 8385
Fields are : u_id, u_usr , u_name, u_pwd , u_company , u_email , u_tel , FOREIGN_DOMAIN , u_regdate ,  u_lname