Tag Archives: var-username

LizardSquad’s DDoS tool falls prey to hack, exposes complete customer database

If you conceive a fire, you better prepare yourself to stray away from its flames. Maybe LizardSquad failed to learn this elementary lesson and underestimated the consequences that a rising popularity brings along. LizardSquad, the hacker group that earned its fame from Playstation and XBox web portals hack, last month mentioned the intentions behind its notorious activities saying that it just wanted to catch a little attention for its tool dubbed “Lizard Stresser”. Lizard Stresser is a tool developed by Lizard Squad which holds the potential to execute similar DDoS attacks that the group made on PlayStation and Xbox websites. Now reports have surfaced that the tool that was supposed to hack other websites, has fallen prey to a powerful attack, revealing all of the customer’s information who registered themselves to get access to the tool. Well, Lizard Squad isn’t the only player in this arena, that’s evident. A copy of the Lizard Stresser customer database obtained by KrebsOnSecurity says that it has more than 14,241 registered users during its first month of operation. Another interesting fact noticed from the hack and the leak is that Lizard Squad saved all registered usernames and passwords were in plain text. The registered clients are now under a potential threat as much as the sites they paid to take down. Their identities are not a secret anymore. Source: http://thetechportal.in/2015/01/18/lizardsquads-ddos-tool-falls-prey-hack-exposes-complete-customer-database/

Read this article:
LizardSquad’s DDoS tool falls prey to hack, exposes complete customer database

Outage that swept French news sites ‘was not a DDoS’

The outage looks to be linked to issues with the hosting provider rather than cyber criminals. Reports that major French news sites were taken offline this morning by a massive DDoS appear to be inaccurate. News websites including that of media group Mediapart; daily newspaper Libération; political magazine L’Express; and ZDNet.fr suffered significant outages on Friday morning. Problems began at around 8.30am CET and lasted for approximately an hour. It was initially feared the outage could be a DDoS linked to the recent Charlie Hebdo attack, where 10 journalists and two police officers were killed. According to reports citing Arnaud Coustilliere, head of cyberdefense for the French military, DDoS attacks have been carried out against thousands of French websites by “Islamic hacker groups” following the Charlie Hebdo attack. However, in the case of today’s incident, the cause is thought to be a more straightforward one. Oxalide, the hosting provider used by the news companies, tweeted this morning that it was investigating the cause of the incident which went “right to the heart of our network”. Around an hour later, the company’s Twitter account said that the cause of the problem had been identified and that some services were beginning to become functional once again. Over an hour later, the company confirmed that a DDoS was not thought to be behind the attack. The company added that it will provide an update as to the cause of the outage to customers by early afternoon. According to a report published this week by European security body ENISA (European Agency for Network and Information Security), the number of DDoS attacks businesses suffered last year has significantly since 2013. Source: http://www.zdnet.com/article/outages-that-swept-french-news-sites-was-not-a-ddos/

See the original post:
Outage that swept French news sites ‘was not a DDoS’

Thousands of French Websites Face DDoS Attacks Since Charlie Hebdo Massacre

Nineteen thousand French websites have been attacked since the Charlie Hebdo terrorist attacks last week, according to French military head of cyberdefense Adm. Arnaud Coustilliere. The attacks have been carried out by a variety of hackers, including “more or less structured groups” and some well-known Islamic groups, Coustilliere said. Most have been minor DDoS attacks, carried out on sites for everything from military regiments to pizza shops. “What’s new, what’s important, is that this is 19,000 sites — that’s never been seen before,” the Associated Press quoted Coustilliere as saying. “This is the first time that a country has been faced with such a large wave of cyber-contestation.” The Huffington Post published a story earlier this week on Algerian hackers attacking French sites in response to the publication of offensive images by the French magazine. Those hackers included members of a group called Anonymous Algeria, though the similarly named group Anonymous explicitly expressed support for Charlie Hebdo while vowing to disrupt terrorist websites. Coustilliere characterized the attacks as a response to the public outpouring of support for free speech and the victims of the attack. Arbor Networks counted 1,070 DDoS attacks in a 24 hour period this week, CBC said. For comparison, Arbor says the US hosts 30 times more sites and suffered four times more attacks, meaning French sites are roughly 750 percent more likely to be attacked. Jihadist hackers also hacked US military social media accounts on Monday, and the intersection of hacking with the revived “war on terror” promises to further muddy a whole raft of long awaited regulatory reforms related to internet communication and security. The European Union and UK have both suggested more monitoring of internet communication is necessary since the attacks. Source: http://www.thewhir.com/web-hosting-news/thousands-french-websites-face-ddos-attacks-since-charlie-hebdo-massacre

More:
Thousands of French Websites Face DDoS Attacks Since Charlie Hebdo Massacre

Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL

Members of the hacktivist collective Anonymous have launched new protests in reaction to the dismantling of a homeless camp at Viger Square in downtown Montreal as part of a project they started last year dubbed #OpSafeWinterMTL. The group has executed one distributed denial of service (DDoS) attack against the Service de Police de la Ville de Montréal (SPVM) and occupied the square for a short time; members are calling for a permanent moratorium on police winter raids of homeless encampments. On January 7, without warning and in the middle of a cold snap—temperatures had dropped under -22 degrees Fahrenheit during the night—city crews bulldozed the encampment while SPVM officers watched. Last week, in an interview with the CBC, Montreal police spokesman Laurent Gingras argued that it’s a matter “of cleanliness, of public health,” and that the City had mostly collected garbage and soiled needles. “There was some good stuff in there,” said Jacques, 49, who returned to Viger Square on Monday after camping at the site for about three months. CBC’s footage from the dismantling clearly shows bulldozers piling up mattresses, blankets, pillows and sleeping bags. “This is all they have,” an Anonymous activist told VICE, outraged at how the Montreal government destroyed and confiscated all their belongings—including winter gear provided by Op Safe Winter Montreal activists on December 23. “This has nothing to do with public health, it has to do with aesthetics,” the activist said. “What’s actually a hazard is still on the floor,” They pointing out that used syringes were still lying around in a corner of the destroyed encampment site. The encampment is located in the lower downtown area, right across the street from the new Centre Hospitalier Universitaire de Montréal (CHUM) construction site and half a kilometer from City Hall and the tourist-friendly Old Montreal—leading some to believe that the camp’s removal had more to do with optics than public health and safety. Brutally removing the homeless population is nothing less than “an act of war against the poorest of the poor,” the activist told VICE. “The encampment was tolerated for a long time,” another Anonymous activist added, saying there was no reason to dismantle it in the middle of winter. SPVM Commander Vincent Richer insisted, however, that “the interventions that were made, in the context of extreme cold weather, were made with regards to the safety and health of homeless people.” He also noted that interventions with homeless people were made in partnership with health services and with the Old Brewery Mission, and that the material the city bulldozed was soiled and caught in the ice. In response to the city’s raid on the Viger Square homeless encampment, Anonymous launched a call for an occupation of the site and threatened the city of Montreal with attacks on its cyber infrastructure. “Anonymous will not stand by and allow the SPVM (Montreal police) and the City of Montreal to attack homeless camps in the middle of winter,” the hacktivist group stated in a January 11 press release. “We love this camp,” said one #OpSafeWinterMTL activist. “We want to help. We’ve got people ready to build a kitchen,” the other added. Two SPVM officers came by early Monday afternoon and took down all the signs that had been put up around the square. They told the activists that the occupation would not be tolerated. “Encampments have always been forbidden,” an officer named Fradette told both activists before she and her partner went to check out the site where homeless people had already started setting up a new camp. When the activists were told they would be evicted by nightfall, Anonymous launched a DDoS attack on the SPVM’s website, and successfully brought it down just before 5 PM. In recent years, Montreal police have been criticized for their questionable handling of the homeless population. A year ago an SPVM officer was caught on video threatening to tie a homeless man to a pole in the biting cold of January. A 2012 study showed that homeless people counted for 25 percent of all tickets gave out by the SPVM in 2010—a 7 percent increase from 2006. At Viger Square, Jacques told VICE, “Every week we get harassed by police… That’s not right.” SPVM officers have also been involved in the killing of several homeless men in mental health crises. A public coroner’s inquiry was launched this week into the shooting of Alain Magloire, who was gunned down on February 3, 2014, just a few blocks north of Viger Square. With an estimated homeless population of around 30,000, the homelessness crisis in Montreal is serious. In an attempt to alleviate the problem, last fall the city adopted an action plan on homelessness, which includes “reinforcing the exercise of citizenship.” “Raiding encampments and destroying precious cold weather gear belonging to the homeless is an act of war against the poorest of the poor,” Anonymous declared in its statement on Sunday, accusing Montreal of neglecting the needs most vulnerable population. The action plan adopted in September 2014 does involve creating a position of “homeless people’s protector” who would engage in regular consultation with homeless people and launch public consultations into issues of social profiling by the SPVM. But the watchdog for homeless people’s rights has yet to be appointed—and apparently Anonymous is attempting to step into that role instead. Source: http://www.vice.com/read/anonymous-has-targeted-montreal-police-for-their-treatment-of-the-homeless-283

See original article:
Anonymous launching DDoS attack against the Montreal Police for Their Treatment of Homeless People #OpSafeWinterMTL

The Evolution of Web Application Firewalls

Technological advances related to computing and the Internet have affected every one of us. The Information Revolution that the Internet has made possible is affecting society just as dramatically as the Industrial and Agricultural Revolutions of the past, but there is an unpleasant side to progress. Criminal use of the Internet, or hacking, is an unavoidable part of information technology development. Hackers have gained unauthorized and undesirable access to information, sometimes with far-reaching consequences. Innovations in hacking have in turn led to the development of protection methods and devices commonly known as web application firewalls (WAF) . An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall. A Web Application Firewall does much more than a consumer’s computer firewall. Consumer-level applications work by blocking software access to certain ports. Web applications such as Apache, WordPress and Microsoft’s Office all require an extra level of protection against malicious users. WAFs offer this extra protection and work by analyzing all data passing through them and checking its conformity to pre-set rules. A WAF fulfills a web-user’s need to protect both internal and public web applications, whether locally (on-premises) or remotely (cloud-hosted), against unauthorized access attempts. These attacks revolve around hacking and illegal access to web applications. According to statistics, every year, cyber attacks are increasing by 30%, while successful breaches are increasing at twice that rate, 60% a year: In plain English, more attacks are getting through. Basic consumer-level cyber security measures are essential and are an urgent call on companies’ financial resources, but these are not enough. If a company has a website then that website must be protected using a WAF against unauthorized intrusion by hackers. The need to protect customers’ data is even more important than the need to keep the website live. If there is a security breach the negative effects of the attendant publicity and loss of trust are immeasurable. So how have application firewalls been evolving? Web application firewalls have been evolving rapidly and becoming more sophisticated with the objective of protecting websites and customer data from increasingly sophisticated attacks and unauthorized access. Hackers’ methods have become more devious and WAF sophistication has increased correspondingly as part of the information security industry’s fight back against criminals stealing data and malicious hacking. The more evolved and developed WAF solutions are capable of preventing attacks and unwanted intrusion on any website. Modern web application firewalls generally have default settings that give no false negatives and errors and all modern WAFs are designed to work perfectly without the need for any user knowledge of source code. A WAF has become crucial in detecting and preventing any attack that that is masquerading as network access by a legitimate user. Understanding interactions Web Application Firewalls need to do much more than just see the code: They need to be able understand every line of code passing through them and to evaluate any risk that it represents. This risk evaluation ability enables a WAF to analyze visitors based on reputation behaviors. The old adage of prevention being the best cure still holds true and is very relevant here. Instead of blocking an attack as and when it occurs, a WAF should see it coming by understanding and tracking visitor behavior. It should be proactive. More than In-Depth Inspection From the historical perspective of web application firewalls, they have always performed an in-depth inspection of any access routes to the protected sites. However, the modern evolution of web application firewalls comes with more than in-depth inspection of access routes in the sense that modern WAFs are deployed in-line in the form of reverse proxies. These are crucial in preventing any form of access log collection that may be used later to audit the protected site or perform any form of analysis on the protected web applications. Simplicity of use is vital, so the modern web application firewall has evolved to the extent that it can be deployed out of the box with no user setting changes necessary. New-age WAFs such as those from the aforementioned Incapsula are constantly learning and are able to stop threats that have never been seen before by analysis of their code and finding similarities to previous threats. They are updated frequently and monitoring is available on some plans to ensure maximum protection for your site and your customers. Modern firewalls have enabled an increase in firewall features that revolve around transparent proxy and bright modes, which can enable WAFs to easily integrate with other network security technologies such as vulnerability scanners, protection applications, distributed denial of service prevention, database security solutions, and web fraud detection. Another major noticeable evolution has to do with the fact that modern WAFs are perfectly packaged to include content caching, as well as web access management modules, which are specially designed to provide simple sign-in features, especially for distributed web applications. Concluding thoughts There are massive advances going on in the field of web application firewalls. Modern firewalls are perfectly devised to provide maximum protection against hacking, easy detection and filtering of both known and unknown threats, while at the same time, minimizing false alerts. Are you aware of the level of protection that your web application firewall offers? Does it protect you against a DDOS attack? Does it protect your customers’ login and credit card details adequately? Source: http://tech.co/evolution-web-application-firewalls-2015-01

Visit site:
The Evolution of Web Application Firewalls

Extratorrent down – Massive DDoS attack against popular torrent website

The worlds number 4 torrent website is down following a massive Distributed Denial of Service (DDoS) attack by unknown hackers. The website seems to have been down for 23 hours and seems to come online for little bit before throwing up a 503 service error. The Extratorrent admin took to Twitter to tell its fans about the DDoS attack ExtraTorrent was one of the more popular torrent websites in 2014. It has grown in size due to more traffic and has moved up again in the top 10, now placed as the 4th most-visited torrent site by torrent ranking websites. This success didn’t go unnoticed by rightsholders groups such as the MPAA who recently called out ExtraTorrent as one of the top pirate sites. The site was forced to trade in its .com domain for .cc this year, after it was suspended by its domain registrar. The Isitdownrightnow says that Extratorrent has been down for past 23 hours (now it says 4 minutes because the website sprang to live for few seconds before going down again While the admin says that its a DDoS attack by unknown hackers, the actual reason may be a takedown by authorities or a revenge DDoS by the music and movie companies. Earlier Sony had allegedly undertaken a similar kind of DoS attacks to stop the torrents sites from sharing the files from the massive hack attack. Reader may note that only two days back around 13 mega Hollywood movie screener versions were leaked and being shared on torrent websites. These movies are considered to be prime Oscar award contenders and it is though that one of the guild members or his/her associates may have leaked these screener versions. Source: http://www.techworm.net/2015/01/extratorrent-down-hackers-launch-ddos-attack.html

Taken from:
Extratorrent down – Massive DDoS attack against popular torrent website

Anonymous vows to take down jihadist websites to avenge ‘Charlie Hebdo’ victims #OpCharlieHebdo

Hacker group Anonymous has vowed to avenge those killed in the deadly attack on the offices of French satirical magazine Charlie Hebdo by taking down jihadist internet sites and social media accounts. In a video uploaded to the Anonymous Belgique YouTube channel, a figure wearing the group’s signature Guy Fawkes mask condemned the attack that killed 12 individuals, which includes eight journalists. The video description addresses the message to “al-Qaeda, the Islamic State and other terrorists.” “We are fighting in memory of these innocent people today who fought for freedom of expression,” stated the disguised person in the video. The group integrated a link to anonymous data sharing internet site Pastebin with a list of Twitter accounts it claims are linked to jihadists. The group is using the hashtag #OpCharlieHebdo to urge other customers to assistance them take down the accounts by reporting them to Twitter, or participating in a Distributed Denial of Service (DDoS) attack – a practice normally used by the hacker group. “Anonymous should remind each citizens (sic) that the press’s freedom is a fundement of the democracy. Opinions, speech, newspaper articles with no threats nor pressure, all these issues are rights you can’t modify,” read a statement posted to Pastebin by the group Thursday. “Expect a massive reaction from us, simply because this freedom is what we’ve been often fighting for.” Read A lot more: Each ‘Charlie Hebdo’ suspects killed as police storm constructing Wednesday’s attack in Paris has not been linked to ISIS – numerous reports have suggested it is much more most likely to be connected to the Yemen-based al-Qaeda in the Arabian Peninsula. On Friday, Charlie Hebdo suspects Cherif Kouachi, 32, and Stated Kouachi, 34, had been killed just after police stormed the constructing exactly where they were holed up for extra than five hours. The third suspect Hamyd Mourad, 18, surrendered to police early Thursday. Source: http://www.finditwestvalley.com/world/anonymous-vows-to-take-down-jihadist-websites-to-avenge-8216charlie-hebdo8217-victims-h46362.html

German government sites faced DDoS attacks

A German official says Chancellor Angela Merkel’s website and several other German government sites have been blocked, and a pro-Russian organization has claimed responsibility. A pro-Russian organization calling itself CyberBerkut claimed on its website Wednesday to have blocked the official sites of Merkel and the German Parliament ahead of a visit to Berlin by Ukrainian Prime Minister Arseniy Yatsenyuk. Merkel has been a leading figure in attempts to calm the Ukraine crisis. Merkel spokesman Steffen Seibert said several government websites were unreachable Wednesday morning because of a “serious attack clearly caused by a multitude of external systems” — what is known as a distributed denial of service, or DDoS, attack. Seibert says the attack is still being analyzed, and he did not say who was believed to be responsible. Source: http://www.nytimes.com/aponline/2015/01/07/world/europe/ap-eu-germany-merkel-cyberattack.html?_r=0

Scandinavian banks hit with DDoS attacks

The new year started poorly for Finnish bank OP Pohjola Group and its customers: the latter have been prevented from executing their online banking transactions by a DDoS attack that targeted the bank’s online services starting on the last day of 2014. “OP’s services experienced some problems on New Year’s Eve due to data communications disruptions. The disruptions were caused by a denial-of-services attack. The attack flooded OP’s data communications systems and prevented customers’ banking. During the disruption, online services were not available and cash withdrawals could not be made from ATMs. There were also some difficulties in card payments,” the bank shared on the second day of the attack. “The disruption was detected at about 16.30 on New Year’s Eve. The services started to function again at times and were completely restored and available to customers after midnight. Nevertheless, further disruptions are possible as the corrective measures are still ongoing and the security level of data traffic has been raised for the time being. Customers abroad may still have difficulties in logging in to OP’s online services.” The attack is still ongoing, and OP’s services were not the only target. The Finnish division of the Nordea bank and the Danish Danske Bank have also experienced online service slow-down or disruption. While the latter is yet to comment on the matter, Nordea has confirmed they have been targeted by unknown DDoS attackers and have called in the police to investigate. The cause of the attack is still unknown, they said. Nordea’s customers were still able to use the online banking service, but the service was slowed down. OP Pohjola Group’s customers, on the other hand, were unable to use the service altogether for many hours during the last six days, as the bank managed to restore it occasionally. They, along with its service company Tieto, are cooperating with the authorities and investigating the attack. In the meantime, the bank has set up a telephone service number that can be used by customers who cannot access their online services and have urgent banking business. They have also pledged to compensate customers for any fees they many have incurred and losses they may have suffered as a result of their inability to access the bank’s online services during the attack. Source: http://www.net-security.org/secworld.php?id=17785

Read this article:
Scandinavian banks hit with DDoS attacks

Nordea bank’s online services hit by DDoS Attack

Nordea Bank Finland was quoted as saying on Friday that its online banking services were hit by a denial of services attack on the heels of Wednesday’s hacking on OP-Pohjola, another Finnish financial services group. Nordea said that its online banking system has suffered a denial of services attack, which started on Friday morning. As a result, the services have worked much slowly than usual. In addition, Fixing the problem and additional security measures might cause service interruption. According to the bank, the attack has not affected the use of its credit or debit cards or other services. Marko Mettenranta, spokesperson of Nordea, told Finnish national broadcaster YLE that the bank has contacted the police about the attack and measures are underway to fix the problem. Denial of service attacks essentially makes an online resource or service unavailable for its intended users. The National Bureau of Investigation of Finland is investigating OP-Pohjola’s case, saying that the attacks came from both Finland and abroad. Source: http://www.dailytimes.com.pk/business/04-Jan-2015/nordea-bank-s-online-services-hit-by-hackers