KAZEY JOURNAL

What is happening to hackers this days? I really do not understand the motives behind some attack or should I call it vunurability analysis?. Why would someone, want to exploit the vunurability of the Spread Firefox site for goodness sake?

The Spread Firefox Team became aware this week that the server hosting
Spread Firefox, our community marketing site, has been accessed by
unknown remote attackers who attempted to exploit a security
vulnerability in TWiki software installed on the server. The TWiki
software was disabled as soon as we were aware of the attempts to access
SpreadFirefox.com. This exploit was limited to SpreadFirefox.com and
did not affect mozilla.org web sites or Mozilla software.

This is the second time, last time was in July if I aint mistaken.
Well the good news is no sensitive information was stolen. But well the site is currently down as a precautionary measure, and they are re-building it again from scratch. What a pity

I expected him to blabber about the way he did it. But seems the guy is a real matured hacker, and did it to access his own account.

My Conversation WIth Google

So Prior to this post. I informed all that i had to hack into my account back to be able to make postings. Apparently, i didnt do the hacking process quite well because Google(the owners of blogspot) were notified through their server process about some tweaking that went on at so so date. I didnt think this was gonna happen but it did and now i have to face the consequences.

I’m not allowed to publish the mail because it says all that BS about confidentiality and shit but in summary, it mentions a part in the constitution about illegal entry some computer law which was signed by George W himself. Anywayz i cooperated with them and gave them all the necessary information on how i was able to penetrate through their highly secure software. THey were pretty impressed even though i didnt get in through my technical expertise but rather, a minor flaw in their server technology that i read about last semester. I was warned and i promised not to talk about it or reveal the letter if not i could be charged with section bullshit of the US constitution(like i’m not going to be in my counttry soon). To end everything they informed me that i could enter into some competition for programmers called “Summer of Codes” http://code.google.com/summerofcode.html

Continue Reading>>>

Hum i am quite impressed, that he didnt try to prove stubborn, and he was mature about the whole scenario. Google Inc is quiet friendly, if it were another organisation, i guess he would be arrested by now. But is there a possibility of future occurence?

A hacker after getting irritated of receiving spams, hacked into the mailing list database of the spam source, and erased the entire database of email addreses. Below is the news in that relation.

The Israeli National Institute of Standards have being practicing in a controversial activity. In the name of “helping to inform the public” the National Institute of Standards hired a company to send email messages thru the company’s distribution list (in other words spam list). An Israeli hacker tired of getting these spam messages have taken an action and hacked to the server where the email database is stored. After he got access to the database he deleted all the data from the spammer’s database, deleted all user names and passwords to the database and changed the database’s admin password.

Source: HAckintheBox

I think this is what hackers should be doing, hacking into spammers database and deleting it. Atleast that would reduce spams tremendously. Hackers you heared me.

The number of online frauds vary by country. Below is a breakdown of the countries from where the most fraud originates as well as the least. According to ClearCommerce, approximately 6% of all online transactions from such countries as Malaysia and Israel (who are
actually on the bottom of the dirty dozen show below) are fraudulent.

Countries from where the most online fraud originate.	Countries from where the least online fraud originate.	When the fraud is perpetrated from within the U.S., these are the states with the largest percentage of fraudulent people
1) Ukraine 2) Indonesia 3) Yugoslavia 4) Lithuania 5) Egypt 6) Romania 7) Bulgaria 8 ) Turkey 9) Russia 10) Pakistan 11) Malaysia 12) Israel	1) Austria 2) New Zealand 3) Taiwan 4) Norway 5) Spain 6) Japan 7) Switzerland 8 ) South Africa 9) Hong Kong 10) United Kingdom 11) France 12) Australia 13) United States	1) California – 21% 2) Florida – 10.1% 3) New York – 8.3% 4) Texas – 6.0% 5) Penn. – 4.5% 6) Illinois – 3.9% 7) New Jersey – 3.7% 8 ) Michigan – 2.8% 9) North Car. – 2.6% 10) Virginia – 2.5%

I would add Nigeria to the international dirty dozen, with the help me get my money out of here email scam. It is also known to be one of the major players in the shipping the goods to a freight forwarder to circumvent the international shipping scrutiny. By the way, most of the victims of this scam pay through account debits and wire services.

Top Internet Frauds

Jan.-Oct. 2001 Top 10 Frauds	Percentage of total fraud	Average Loss Per Person
Online Auctions	63%	$478
General Merchandise Sales	11%	$845
Nigerian Money Offers	9%	$6,542
Internet Access Services	3%	$568
Information Adult Services	3%	$234
Computer Equipment/Soft.	2%	$1,102
Work-At-Home	2%	$120
Advance Fee Loans	1%	No Data
Credit Card Issuing	.6%	No Data
Business Opportunities/franchises	.4%	No Data

 

2001 Top 5 Methods of Payment	Payment used in general merchandise fraud
Money Order – 29%	Credit Card – 41%
Credit Card – 28%	Money Order – 21%
Check – 18%	Check – 16%
Bank Account Debit – 6%	Debit Card – 6%
Debit Card – 5%	Wire – 4%

Source: Internet Fraud Watch

Google Inc’s expansion has been phenomenal. And as it explores more solutions, its rapid expansion is prompting concerns that the company may know too much..

Google is at once a powerful search engine and a growing e-mail provider. It runs a blogging service, makes software to speed Web traffic and has ambitions to become a digital library. And it is developing a payments service.

Although many Internet users eagerly await each new technology from Google Inc., its rapid expansion is also prompting concerns that the company may know too much: what you read, where you surf and travel, whom you write. “This is a lot of personal information in a single basket,” said Chris Hoofnagle, senior counsel with the Electronic Privacy Information Center. “Google is becoming one of the largest privacy risks on the Internet.” Not that Hoofnagle is suggesting that Google has strayed from its mantra of making money “without doing evil.”

Rather, some privacy advocates worry about the potential: The data’s very existence—conveniently all under a single digital roof—makes Google a prime target for abuse by overzealous law enforcers and criminals alike.

Through hacking or with the assistance of rogue employees, they say, criminals could steal data for blackmail or identity theft. Recent high-profile privacy breaches elsewhere underscore the vulnerability of even those systems where thoughtful security measures are taken.

This is very true. Google Inc just knows too much, and this is really scary. Especially when it comes to hypothesizing a possible security breach.
Source: Hackinthebox

Patch MS04-19, which addresses the privilege escalation
vulnerability described below, is one of many patches currently in St.
Bernard Software’s comprehensive UpdateEXPERT® patch metadatabase.
As a busy IT professional, do you really have time to inventory,
research, test, validate, and report on each patch? Let UpdateEXPERT
Patch Management work for you. All the steps are automated and our
scalable architecture works on large and small enterprises alike.
UpdateEXPERT always checks for patch interdependencies and includes
custom deployment options. Find out why UpdateEXPERT was named a
TechTarget 2004 Product of the Year. Download a Free 15-day Live Trial
Today!

http://list.winnetmag.com/cgi-bin3/DM/y/egnr0IFWcR0CBw0BJ4l0Av

========================================================

Security Alert, July 21, 2004

Privilege-Escalation Vulnerability in Microsoft Utility Manager for
Windows

Cesar Cerrudo of Application Security, Inc., discovered that a
privilege-elevation vulnerability exists in the way in which Utility
Manager launches applications. A logged-on user could force Utility
Manager to start an application with system privileges, then take
complete control of the system. Microsoft has released bulletin
MS04-019, “Vulnerability in Utility Manager Could Allow Code Execution
(842526),” to address this vulnerability and recommends that affected
users apply the appropriate patch listed in the bulletin. http://secadministrator.com/articles/index.cfm?articleid=43270

A vulnerability in Microsoft Internet Information Server (IIS) 4.0
could result in arbitrary remote code execution and remote compromise
of the vulnerable system. This vulnerability is a result of a
buffer-overflow condition in the redirect function. Micosoft has
released bulletin MS04-021, “Security Update for IIS 4.0 (841373),” to
address this vulnerability and recommends that affected users apply
the appropriate patch listed in the bulletin.
(http://secadministrator.com/articles/index.cfm?articleid=43272)

Arbitrary Code-Execution Vulnerability in Mozilla

Keith McCanless discovered a vulnerability in Windows-based versions
of Mozilla products that involves the use of the shell: scheme Uniform
Resource Identifiers (URIs), which are passed to the OS for handling.
The effects of the vulnerability depend on the version of Windows, but
on Windows XP it’s possible to launch executables in known locations
or the default handlers for file extensions. An attacker could combine
this effect with a known buffer overrun in any of the affected Mozilla
programs to create a remote execution exploit. The Mozilla Foundation
has released the security bulletin “What Mozilla users should know
about the shell: protocol security issue,” which addresses this
vulnerability, and recommends that affected users immediately apply
the appropriate patch listed in the bulletin or upgrade to the latest
software release. http://secadministrator.com/articles/index.cfm?articleid=43263

To experienced Web developers, it’s a cardinal sin: passing user input into a database query without first processing it to escaped special characters is bad! But as a beginner-friendly language, PHP is host to this mistake more often than most. If you don’t understand SQL injection attacks, read this!

The danger is easy to explain. Your site’s security relies on a database query that includes one or more values taken from user input (e.g. login credentials). But, because you neglected to encode special characters in those values, an attacker is able to bypass your site’s security by entering carefully-chosen values that alter the meaning of the query.

PHP’s magic quotes feature is designed to save inexperienced coders from themselves. Values in the $_GET, $_POST, $_COOKIE, and $_REQUEST arrays have backslashes added to them so that they are safe for use in database queries. But magic quotes isn’t enabled on all servers, and not all user input comes through the $_GET, $_POST, $_COOKIE, and $_REQUEST arrays, which magic quotes protects.

SitePoint’s PHP columnist Harry Fuecks spotted one such mistake in a popular PHP magazine in the UK recently, showing that even supposed experts can get this wrong now and then!

SitePoint has a couple of articles that cover SQL injection attacks and ways to avoid them. SQL Injection Attacks – Are You Safe? discusses such attacks in ASP code, while Chapter 3 of The PHP Anthology (which is available free for you to read online) covers the subject in PHP.