Tag Archive for: Sites

Central Government ends social networking sites.. ?

/in


Central government ends social networking sites..!?

In recent years, various restrictions have been imposed on social networking sites in India. Especially religious posts, violent posts, obscene posts, false news, etc. are spreading beyond limits. social media companies are also taking various measures to control this. The government has imposed restrictions on this and is taking strict measures. Last year, the central government brought new regulations in this regard. According to the government report, it has been made mandatory for the companies to appoint officers and administrators to separately investigate and take action on the complaints received about the posts shared on social networking sites. Again there was a complaint that no action was taken if a complaint was filed. In the meantime, the central government said that a regulatory committee should be formed to investigate the matter and take action.But there are no restrictions as per government announcements. Again there was a complaint that no action was taken if a complaint was filed. In the meantime, the central government said that a regulatory committee should be formed to investigate the matter and take action. The IT rules have also been changed for this purpose. According to this change, many social networking sites including Twitter, Facebook, YouTube, and instagram will also have to function within the legal framework. A user complaint should be received within 24 hours. It has been announced that action should be taken on those complaints within 15 days.The central government hopes to increase the security of the internet through this. So it is expected that fake news, posts inciting violence, and obscene posts like obscene posts will decrease after this. Due to this, the government wants social networking companies to cooperate with the government. Intermediaries were merely dictating the terms to users. But that will no longer be the case. They must not publish any illegal records. Be it the leadership of the biggest tech companies in the US or Europe, when they operate in India, they should listen to the constitutional rights of indians and not go against the government.Currently, social media

Source…

Who DDoS-ed Georgia/Bobbear.co.uk and a Multitude of Russian Homosexual Sites in 2009? – An OSINT Analysis

/in


NOTE:

I took these screenshots circa 2009.

UPDATE:

Here are some of the related botnet C&C server domains known to have been involved in the campaign:

hxxp://cxim.inattack.ru/www3/www/

hxxp://i.clusteron.ru/bstatus.php

hxxp://203.117.111.52/www7/www/getcfg.php (cxim.inattack.ru)

hxxp://cxim.inattack.ru/www2/www/stat.php

hxxp://cxim.inattack.ru/www3/www/stat.php

hxxp://cxim.inattack.ru/www4/www/stat.php

hxxp://cxim.inattack.ru/www5/www/stat.php

hxxp://cxim.inattack.ru/www6/www/stat.php

hxxp://finito.fi.funpic.org/black/stat.php

hxxp://logartos.org/forum/stat.php – 195.24.78.242

hxxp://weberror.cn/be1/stat.php

hxxp://prosto.pizdos.net/_lol/stat.php

hxxp://h278666y.net/www/stat.php – 72.233.60.254

I’ve decided to share this post including related screenshots and technical details with the idea to inspire everyone to continue doing their research including cyber attack and campaign tracking and monitoring including cyber attack and cyber attack campaign attribution efforts.

Back in 2009 there was a major speculation that Russia indeed launched a massive DDoS (Distributed Denial of Service) attack against Georgia which was in fact true. What was particularly interesting about this campaign was the fact that the same DDoS for hire including the managed DDoS service that was behind the attack was also observed to launch related DDoS attack campaigns against bobbear.co.uk including a multi-tude of Russian homosexual Web sites where the actual Web sites indeed posted a message back then on their official Web sites signaling the existence of the DDoS attack targeting their Web sites.

Who was behind the campaigns? An image is worth a thousand words including the actual use of the original Maltego Community Edition back then which used to produce outstanding results in a variety of cases and cyber attack incidents and campaigns.

Sample screenshots include:

Sample DDoS C&C domains known to have been involved in the campaign include:

hxxp://emultrix.org

hxxp://yandexshit.com

hxxp://ad.yandexshit.com

hxxp://a-nahui-vse-zaebalo-v-pizdu.com

hxxp://killgay.com

hxxp://ns1.guagaga.net

hxxp://ns2.guagaga.net

hxxp://ohueli.net

hxxp://pizdos.net

Sample DDoS C&C domain URLs…

Source…

Hackers took down U.S. airport web sites, Department of Homeland Security confirms

/in


Unknown hackers attacked and temporarily shut down the public-facing websites of at least several major U.S. airports on Monday, a Department of Homeland Security official confirmed to USA TODAY.

The official from DHS’ Cybersecurity and Infrastructure Security Agency or CISA, declined to comment on who might have been behind what appeared to be a coordinated series of Distributed Denial of Service (DDoS) incidents, which did not affect the actual operations of the airports or planes flying into and out of them.

“CISA is aware of reports of DDoS attacks targeting multiple U.S. airport websites. We are coordinating with potentially impacted entities and offering assistance as needed,” said the official, who declined to speak on the record or provide any more information about the cyber attacks and who might have been responsible.

Russian-speaking “hacktivists” from a group calling itself KillNet claimed responsibility for the attacks, which temporarily took down websites at 14 airports, including the Hartsfield-Jackson Atlanta International Airport (ATL) and Los Angeles International Airport (LAX), according to the official Twitter account of the Russian service of the Voice of America.

A recently discovered cyber attack, most likely tied to Russia, has the potential to affect many companies and organizations.

A recently discovered cyber attack, most likely tied to Russia, has the potential to affect many companies and organizations.

DDoS attacks are used to overwhelm computer servers by sending them many thousands of requests at the same time, according to CISA. In this case, the servers hosting the airport sites were swamped with thousands of requests, making it all but impossible for travelers to connect and to get updates about their scheduled flights or book airport services, according to Frank Cilluffo, a former White House cybersecurity official. 

Smart analysis delivered to your inbox: Sign up for the OnPolitics newsletter

Cilluffo said such DDoS attacks usually are intended to generate attention rather than to cause significant destruction or even disruption, such as taking down the operations of airports.

“But they are not trivial and in this case they could be the beginnings of a larger trend,” said Cilluffo, the director of the McCrary Institute for Cyber and Critical Infrastructure Security…

Source…

WordPress sites backdoored after FishPig supply chain attack • The Register

/in


It’s only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.

We’ll start with FishPig, a UK-based maker of software that integrates Adobe’s Magento ecommerce suite into WordPress-powered websites. FishPig’s distribution systems were compromised and its products altered so that installations of the code semi-automatically downloaded and ran the Rekoobe Linux trojan.

Infosec outfit Sansec raised the alarm this week that FishPig’s software was acting weird: when a deployment’s control panel was visited by a logged-in Magento staff user, the code would automatically fetch and run from FishPig’s back-end systems a Linux binary that turned out to be Rekoobe. This would open a backdoor allowing miscreants to remotely control the box.

After that, the crooks could snoop on customers, alter or steal data, and so on.

Per FishPig’s disclosure, its products were altered as early as August 6, and the offending code has since been removed. We’re told that the paid-for versions were primarily affected. Free versions of FishPig modules available on GitHub were likely clean.

If you’re using FishPig’s commercial software, you should reinstall the tools and check for signs of compromise.

According to FishPig, it’s “best to assume that all paid FishPig Magento 2 modules have been infected.” It’s not known exactly how many customers were caught up in the supply-chain attack, though Sansec said the company’s free Magento packages have been collectively downloaded more than 200,000 times. That doesn’t necessarily mean there’s a comparable number of paid users, though it gives you an idea of the interest in FishPig’s tools.

While it’s not known exactly how the attackers broke into FishPig’s back-end servers, the outcome was…

Source…