Thursday, August 16, 2012

Hackers steal 500,000 credit card details from Australian business, damage expected to top $25m

,
Hackers have grabbed the details of an estimated 500,000 credit cards in Australia after hacking into the poorly secured database of an unnamed business in what police have labelled a “disaster waiting to happen”.

The attacked could result in up to $25 million worth of fraudulent transactions, Detective Superintendent Brad Marden told SC Magazine, and it is believed that the perpetrators are part of a active Eastern European criminal syndicate.The group has previous and is said to be responsible for a 2011 attack on a Subway chain last year that affected 80,000 customers.This time the effects are considerably wider. The group is said to have taken advantage of a basic security set-up that the retailer was using to hold its data. Marden explained that ”the network was set up by some local suppliers who didn’t understand IT security.” SC outlines exactly how the hackers got their hands on the customers’ information:
The syndicate captured credit card details using keyloggers installed within Point of Sale (POS) terminals and siphoned the data through an insecure open Microsoft’s Remote Desktop Protocol (RDP) connection.
Police say they are closing in on the gang in relation to its latest activity but, for now, Australian banks are on “high alert” in expectation that the card details will be sold off to third parties and other criminal elements. The incident comes less than a month after Korea’s KT Telecom revealed that hackers had grabbed data from some 8.7 million customers. The operator revealed that the details were sold on to telemarketing firms during a five-month long campaign.
Read more →

Wednesday, August 15, 2012

Update your bt to r3

,

Yesterday backtrack 5 R3 came out, do you really need to burn another iso image for installation? hahah......
Update your system to current versions:

apt-get update
apt-get dist-upgrade



Now for 32bit version type:
apt-get install libcrafter blueranger dbd inundator intersect mercury cutycapt trixd00r artemisa rifiuti2 netgear-telnetenable jboss-autopwn deblaze sakis3g voiphoney apache-users phrasendrescher kautilya manglefizz rainbowcrack rainbowcrack-mt lynis-audit spooftooph wifihoney twofi truecrack uberharvest acccheck statsprocessor iphoneanalyzer jad javasnoop mitmproxy ewizard multimac netsniff-ng smbexec websploit dnmap johnny unix-privesc-check sslcaudit dhcpig intercepter-ng u3-pwn binwalk laudanum wifite tnscmd10g bluepot dotdotpwn subterfuge jigsaw urlcrazy creddump android-sdk apktool ded dex2jar droidbox smali termineter bbqsql htexploit smartphone-pentest-framework fern-wifi-cracker powersploit webhandler

Or for 64bit version:
apt-get install libcrafter blueranger dbd inundator intersect mercury cutycapt trixd00r rifiuti2 netgear-telnetenable jboss-autopwn deblaze sakis3g voiphoney apache-users phrasendrescher kautilya manglefizz rainbowcrack rainbowcrack-mt lynis-audit spooftooph wifihoney twofi truecrack acccheck statsprocessor iphoneanalyzer jad javasnoop mitmproxy ewizard multimac netsniff-ng smbexec websploit dnmap johnny unix-privesc-check sslcaudit dhcpig intercepter-ng u3-pwn binwalk laudanum wifite tnscmd10g bluepot dotdotpwn subterfuge jigsaw urlcrazy creddump android-sdk apktool ded dex2jar droidbox smali termineter multiforcer bbqsql htexploit smartphone-pentest-framework fern-wifi-cracker powersploit webhandler

Read more →

Tuesday, August 14, 2012

How secure is your gameserver?

,
Do you think you're invulnerable?

Today http://www.l2arcana.ru/ asked from us to check their vulnerability level..., damn was too low...

After running Nessus i got more than 43 vulnerabilities to play with....

Patch your servers, patches doesn't come for fun, there's a big reason a patch comes out for.... Buy the software you're using & make sure it's always up to date.

If you can't manage to do so then request someone's help doing it, never play with your personal data and security.
Voovode.NET
Read more →

Friday, August 10, 2012

Active Directory Recycle Bin - a must have feature

,
Active Directory Recycle Bin is a new feature welcomed in Windows Server 2008 R2. In Windows Server 2012 it has a GUI too :) Active Directory Recycle Bin helps you recover accidental deletion of users or objects very easily. Basically what it does is helps to reduce downtime. Back in the days of WS2003/2008 you could restore a backup, DSRM via ntdsutil.exe or ADRestore...., so how are we gonna enable this AD Recycle Bin? Default feature is disabled.
  1. Start Powershell.
  2. Type the following without the quotes:
    " Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Voovode,DC=local’ –Scope ForestOrConfigurationSet –Target ‘Voovode.local’ "
  3. Powershell will prompt for comfirmation,... proceed.
  4. This will enable the recycle bin feature on voovode.local domain.
  5. In Active Directory Administrative Center, action panel - you will find 'Deleted Objects'. You will see there anything that's deleted, Cheers.

Warning: The forest functional level of the AD Service must be 2008 R2 and above!
Read more →