HackrNews

The Conficker worm has been stepping up its activities with reports made of distributed denial of service (DDoS) attacks on a number of Russian websites.

David Harley, director of malware research at ESET, working with researchers from Arbor Networks, claimed that a Russian newspaper is stating that attacks on tonks.ru, roem.ru and others are evidence of Conficker stepping it up its activities

More check the article at scmagazineuk.com

There are no ethics in business anymore! Those who thought that MNCs in India would be more ethical are smoking pot! Here is an interesting and a distasteful hijacking of the domain by Vodafone of Airtel’s domain name. Type Airtel.com   and you will be directed to www.vodafone.es ! Domain Squatting in not uncommon but this is a little too cheeky and unprofessional.

Huzaifa Das suggests in a desecrates group email that this is because Vodafone bought out Airtel’s Spain operations. Airtel had won a license to operate in Spain . In the last line, she has a valid point!

Try www.Airtel.es  that will also redirect to www.Vodafone.es ! Vodafone or Badfone huh??

All this three domains r registered and hosted with  Verio Inc. http://www.verio.com/

Domain Squatting Explained

I think no more we will have airtel’s mistake or surprise postings!!!

follow the link for me explanation u can ping me!

http://ezinearticles.com/?Domain-Squatting-Explained&id=50564

Goggle.com is a classic and great example of domain squatting — whether you like it or not.

The domain was first registered in 2003, only six years after Google.com was first registered. Sure, it’s quite possible Google just didn’t think about this in the first place and got sloppy, but either way, goggle.com is owned by someone other than Google Inc.

Stats prove that day in and day out, Internet users around the world type in the wrong domain. Google receives hundreds of millions of hits per day, seems like a decent amount of that traffic actually goes to the wrong domain.

So what is goggle.com doing to monetize that typo type-in traffic? “Free” offers provided by FluxAds, which then redirects you to a MyExclusiveRewards partner page. Seems like these “free” offers were a huge success, one year ago, but now they are worthless and it’s so hard to actually make them work now.

Online brokerage TD Ameritrade Holding Corp. announced today that a hacker broke into one of its databases and stole personally identifying information for some of its 6.3 million customers. An online advisory and letters to account holders disclosed that names, e-mail addresses, phone numbers and home addresses were taken in the data breach. Client assets, along with user IDs, personal identification numbers and passwords, were not stored in the compromised database.

However, the advisory noted that it’s unclear if account numbers, dates of birth and Social Security numbers were stolen. The company said there is no evidence that any customers were the victim of identity theft because of this security breach.

TD Ameritrade did not say when the hackers got into the database or how long they remained there.

“While the financial assets our clients hold with us were never touched, and there is no evidence that our cleints’ Social Security numbers were taken, we understand that this issue has increased unwanted spam, which is annoying and inconvenient for them,” said Joe Moglia, chief executive officer of TD Ameritrade, in a statement. “We sincerely apologize for that and any added concern this may have caused.”

TD Ameritrade tracked down the break-in while doing an internal investigation into stock-related spam. The company called in forensic investigators and they discovered “unauthorized code” in their system that provided access for the hacker or hackers. According to the advisory, the code has been eliminated from the system.

Moglia, speaking in an online video-taped message to customers, said he is “confidant” that they have figured out how the information was taken.

“This is an issue of the global e-commerce that will be with us the rest of our lives,” he said in the video message. “You have my promise that we will remain totally committed to protecting the trust you’ve placed in us.”

According to the Privacy Rights Clearinghouse’s list of data breaches, TD Ameritrade lost a backup tape in 2005 that contained 200,000 records. And in December of 2006, a missing laptop contained unencrypted information, including names, addresses, birthdates and Social Security numbers. That incident affected about 300 current and former employees.

Today, the company is telling customers that they don’t have to do anything with their accounts. They can change their passwords, but it’s not necessary, according to an advisory.

The Pentagon got owned pretty hard with 1,500 accounts being taken offline due to a hack attack. For once however they did admit the incident and didn’t try to cover it over or brush it off.

I guess the amount of attacks they get is exponentially more than other networks…but still, I would have thought they should be super secure.

About 1,500 unclassified e-mail users at the Pentagon had their service disrupted yesterday when a hacker infiltrated the e-mail system, forcing the accounts to be taken offline.

In a briefing today with reporters in Washington at the Pentagon, Secretary of Defense Robert M. Gates confirmed the incident and said that the users were disconnected from the system after the intrusion was discovered.

“The reality is that the Defense Department is constantly under attack,” Gates said during the briefing. “Elements of the [Office of the Secretary of Defense] unclassified e-mail system were taken offline yesterday afternoon, due to a detected penetration. A variety of precautionary measures are being taken. We expect the system to be online again very soon.”

The funny thing is the Secretary of Defense himself doesn’t even use e-mail…so I doubt he even noticed what had happened.

Hopefully the government will sharpen up it’s ideas.

Gates said that he was not sure why the 1,500 users were removed temporarily from the system. “Well, I don’t know the answer to that, and they’re still investigating it.”

Gates said he doesn’t use e-mail, so he didn’t know if his account was affected.

“I don’t do e-mail,” he said. “I’m a very low-tech person.”

A spokesman at the Department of Defense late this afternoon said he had no additional information about the incident.

Windows Live Search in Italy has been taken over by hackers according to reports. Security experts at Sunbelt software claim that certain queries typed into the search engine point to sites run by hackers. ‘It looks like the malware people have practically taken over Live search in Italy. 95 per cent or more of the following search results lead to extremely nasty malware and exploit sites,’ writes Alex Eckelberry. Rather than infiltrate Microsoft’s servers, the hackers appear to have employed SEO tactics to hijack the results of searches of specific keywords. Searches such as ‘online multimedia encyclopedia’, ‘online house insurance’ and ‘milan jacket’ land the searcher with a list of unsavoury sites.

Once the users were on the Live.com site apparently they were served up links to malware sites. The search engine itself was used as a conduit for sending people to the malicious search pages. This is yet another reason why search engines shouldn’t index XSS. Even if the site is benign, they would be indexing links to malicious pages on benign sites. Anyway, interesting read, and it’s scary that the SEO community is now dabbling in hacking as well. It was only a matter of time.