Playstation Network Down Globally

[safeorigin]

It's either they are laying low or they're up to something covert on an unexpected time in a much more "exclusive" IRC channel.

Minomonitor din kasi sila ng ibang hacker kaya mahirap na magtiwala.

[safeorigin]

First step:

Hackers grab 90,000 military emails, encrypted passwords - Stripes Central - Stripes

The security of about 90,000 military email addresses might have been compromised by a computer break-in at consulting firm and defense contractor Booz Allen Hamiliton.

On Monday, the hacker group Antisec announced it had infiltrated the firm’s servers in an online statement that mocked the company for employing shoddy cybersecurity measures despite engaging in sensitive work for the Department of Defense and other federal agencies.

“So in this line of work you'd expect them to sail the seven proxseas with a state- of-the-art battleship, right?” the statement said. “Well you may be as surprised as we were when we found their vessel being a puny wooden barge.

“We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).”

MD5 is an encryption method, and a so-called “unsalted” MD5 encrypted password is considered far easier to compromise than its “salted” counterpart, which has another level of password encryption applied.

AntiSec claimed responsibility for breaking into the servers of computer security firm HBGary Inc., earlier this year after the company said it would help track down activist hackers.

Via Twitter, Booz Allen Hamiliton declined to offer further details on the incursion: “As part of *BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems.”

expect them to go deeper now that they have the accounts and passwords.

Booz Allen Hamilton is a massive American consulting firm that does a substantial amount of work for the Pentagon. This means they've got a lot of military business on their servers—which Anonymous hacked. Today they've leaked it.

The leak, dubbed 'Military Meltdown Monday,' includes 90,000 logins of military personnel—including personnel from US CENTCOM, SOCOM, the Marine Corps, various Air Force facilities, Homeland Security, State Department staff, and what looks like private sector contractors. Their correspondences could include exchanges with Booz Allen's highly brassy staff of retired defense folk: current execs include three former Directors of National Intelligence and one former head of the CIA. Anon was also kind enough to gut 4 GB of source code from Booz Allen's servers. Anon cites the firm's alleged complicity in the SWIFT financial monitoring program as at least partial motive for the attack.

Along with the email release is something of a hacked grabbag:

Additionally we found some related datas on different servers we got access to after finding credentials in the Booz Allen System. We added anything which could be interesting.

And last but not least we found maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies. This material surely will keep our blackhat friends busy for a while

We'll have to wait a bit to see the extent to which Anonymous has compromised some delicate defense mysteries, if any. At any rate, it's a big chunk of egg in the face of a company tasked with doing the Pentagon's work for it in the interest of our safety. A company whose servers had, in Anon's words, "basically...no security measures in place."

Booz Allen Hamilton has not responded to our request for a comment on the leak.

http://gizmodo.com/5820049/anonymous...antisec-attack

having the source code means you can unveil the system's vulnerabilities and practically open for even more exploit. All of these are now available in TPB btw ;)

[Monseratto]

I'm sure the Chinese are benefitting from this...

[safeorigin]

Well, every blackhat hacker in the world will generally benefit from this. Even whitehats will benefit since demand for them will increase.

[Monseratto]

Waiting for the counter-punch...

FBI raids suspected Anonymous hackers in 10 states, from New Jersey to California | Technology News Blog - Yahoo! News

FBI raids suspected Anonymous hackers in 10 states, from New Jersey to California
By Mike Wehner, Tecca | Today in Tech – 15 hrs ago


Internet "hacktivist" group Anonymous was the target of a bevy of early morning raids conducted at homes in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico and Ohio. FBI agents used search warrants to obtain computers and other electronics from the residences and arrested a total of 16 individuals with ages ranging from teens all the way to early 40s. Along with legal names, the indictment also notes screen names and internet monikers used by the group to communicate anonymously.

These arrests were just part of a total of 35 search warrants which were executed today as part of the ongoing investigation into the security-threatening hacking activities of the Anonymous collective. Among its various exploits, the brigade of cyber spies has been implicated in attacks on everyone from Sony to the federal government. The group has also executed web-based attacks on major credit card companies including Mastercard and Visa.

According to a press release from the Department of Justice, today's arrests focused primarily on Anonymous members who waged a cyber war on PayPal. Anonymous was allegedly inspired to hack the online payment company in "Operation Avenge Assange" after Paypal refused to accept donations for Wikileaks, the well-known whistleblower site headed by Julian Assange.

Anonymous' hacker cohorts, LulzSec, have taken aim at the CIA, as well as the Arizona Police Department in an effort to expose racial discrimination. Yesterday, LulzSec took credit for an attack on Rupert Murdoch's U.K. tabloid The Sun. A website redirect sent readers to a fake Sun page announcing the embattled media mogul's death from a drug overdose.

Murdoch's media empire has come under fierce scrutiny after it was revealed that journalists at the News of the World tabloid hacked into the voicemail accounts of prominent U.K. citizens. In addition to assailing one of the News Corp. sites head-on, LulzSec also claims to have a bounty of sensitive emails that will shed further light on the organization's less-than-honest tactics.

It wasn't immediately clear whether any of today's arrests also included members of LulzSec, but the group's Twitter feed appears to be as lively as ever. Today's actions clearly show that the federal government is no longer content to sit by while hackers have their run of the internet, but it's likely that Anonymous will respond in short order.

[Monseratto]

Across the pond...

LulzSec Tweets Exult In Wake of Global Hacker Sting -- InformationWeekLulzSec Tweets Exult In Wake of Global Hacker Sting - Blog

Late yesterday, UK police claimed it had snagged a 16-year-old member of LulzSec and the hacking group Anonymous in South London. That capped off days of arrests, part of a global sting in the UK, Holland and the U.S.

According to the FBI and Department of Justice (DOJ), more than 16 individuals are in custody, 14 of them for alleged involvement in denial-of-service attacks on Paypal.

Most of those arrested, the DOJ and FBI said, are in custody in the US. According to a DOJ report, law enforcement nabbed 14 of those individuals in New York, Florida, California, Nevada, New Mexico, Alabama, Arizona and the District of Columbia. FBI and DOJ spokesmen said they are charged with cyber-related crimes in the PayPal attack. The sting is ongoing, they said.

The arrests and, now, renewed LulzSec threats, come in the wake of a devastating LulzSec hacker attack on News International's The Sun. The attack opened with a fake story reporting the octogenarian media mogul's suicide.

[safeorigin]

Script Kids ^^

A person, usually a teenage male, with minimal knowledge of computer systems that executes code (often called "exploits") or follows procedures created by more knowledgeable people to break into computer systems or commit "denial of service" (DoS) attacks against other people. These kids are often portrayed by the media and other non-technically savvy parties as being very intelligent and having tremendous technical knowledge despite the fact that very few of these so-called "hackers" can write their own computer programs (of any sort) or even possess even the most rudimentary technical understanding of the underlying systems that they are attacking or using (e.g., CPU architecture, network protocols, algorithms, etc). The wide-spread and trivial availability of these exploits/scripts for "hacking" and denial-of-service attacks allows these kids to cause serious problems from time-to-time and thus they get themselves into trouble way out of proportion to their skill set.

Urban Dictionary: script kid

the real ones are much harder(or practically impossible) to catch

refer to the underlined quote of post #19

[safeorigin]

Anonymous claims attack on NATO

Hacker collective Anonymous posted on its Web site that it has taken a gigabyte of data from NATO.

On a Twitter feed believed to be run by the group, a Thursday morning message said that the hackers had obtained a lot of material that would be “irresponsible” to publish.

So far, the group has posted two documents on its Twitter feed. One of the documents is headed with the words “NATO Restricted.”

Another document posted by the group, titled “Outsourcing CIS in Kosovo,” appears to be from 2008. Hackers said that it was relatively easy to get the information.

Anonymous claims attack on NATO - Faster Forward - The Washington Post

here comes the pain train

hmmm... so they came up with 1 GB worth of data from NATO.