The International Atomic Energy Agency has acknowledged that one of its servers has been hacked.

The U.N. nuclear watchdog commented Tuesday after a previously unknown group critical of Israel’s undeclared nuclear weapons program posted contact information for more than 100 experts working for the IAEA.

A group called “Parastoo” — Farsi for a swallow bird and a common Iranian girl’s name — claimed responsibility for posting the names on its website two days ago.

International Atomic Energy Agency Reports Being Hacked (via pieceinthepuzzlehumanity)

(via guerrillatech)

Two arrests over Scotland Yard terror line hack

12 April 2012, via

Two teenage boys have been arrested in connection with an investigation into reports that hackers accessed Scotland Yard’s anti-terror hotline.

The Metropolitan Police said officers arrested the 16 and 17 year olds in the West Midlands.

Earlier it had denied claims the confidential hotline had been hacked.

Hackers Team Poison posted recordings online to YouTube, which apparently show them speaking to the hotline, plus officers discussing operations.

The teenagers were arrested on suspicion of offences under the Malicious Communications Act and the Computer Misuse Act.

A Scotland Yard spokesman said the pair, who were arrested by detectives specialising in e-crime, remain in custody in the West Midlands.

Earlier the Met said the recordings had not come from an attack on internal systems but were made externally from the receiving handset.

The investigation is unrelated to the ongoing probes into News International.

Earlier on Thursday, after claims that the Team Poison group had made 700 calls to the hotline, Ailsa Beaton, director of information at Scotland Yard, said police remained confident their communications systems were secure and had not been breached.

In a statement, she said: “The public can remain confident in the ability to communicate in confidence and that the integrity of the Anti-Terrorist Hotline remains in place.”

BBC News: Two arrests over Scotland Yard terror line hack

Murray McCully's Emails Hacked By Anonymous?

via

The Government’s secretive surveillance agency believes Foreign Minister Murray McCully’s private emails were broken into by the international hackers’ collective Anonymous, despite claims by a self-described Russian hacker ”Yuri Petrov” that he was to blame.

In February Fairfax Media revealed the April 2011 breach of McCully’s private Telecom Xtra account, which had been used to forward official emails.

Documents released by Prime Minister John Key under the Official Information Act today show that a report from the Government Communications and Security Bureau (GCSB) said ”cyber activities attributed to the group ‘Anonymous”’ had resulted in McCully’s private webmail account being compromised.

Last May McCully’s senior private secretary sought advice from GCSB, saying: ”You’ll be aware that recently the minister’s personal email address was hacked by the ‘Anonymous’ group.”

[…]

More on Stuff.co.nz

Note Anonymiss Express: This doesn’t sound right. Anonymous did it because we think Anonymous did it, no matter who claims it and what facts we find. Sounds like “assignment hysteria” to me.

Web Hosting Provider ServerPro Hacked & Defaced

Posted on March 12, 2012, by Dre Armeda

Even the pro’s are susceptible to attack. Web hosting provider ServerPro has been compromised and completely defaced. This has been ongoing for more than a few days with no resolution.

ServerPro boasts to have over 200,000 clients over a 10 year stand. Although there is no direct proof that this attack affects a wide portion of their client base, we have seen a few of their clients experiencing the same issue.

If you were to visit the site, which we recommend against, you would get the beautiful Google infection banner:

ServerPro Blacklisted by Google

Once you’re through the wonderful Google warning banner, the fun really starts. You get a defacement page that showcases information about the hack and the group behind the attack, along with some nice ambient music. The attackers were even nice enough to leave behind a contact email in case you have any questions.

Defacement Screen

More on Sucuri

Porn site Digital Playground hacked, hackers say “too enticing to resist”

by Megan Guess As originally posted on: Ars Technica March 10, 2012

Yet another porn site was hacked this week, losing 73,000 e-mail addresses, user names, and passwords, and some 40,000 plain-text credit card numbers, including CCV numbers and expiration dates, according to SC Magazine. This comes just over two weeks after YouPorn, a popular adult-video site, suffered an information-grab at the hands of hackers, losing several thousand user names and plain-text e-mail addresses.

This time around, the hackers identified themselves as members of “The Consortium” and seem to be affiliated with Lulzsec and Anonymous. AVN confirmed the attack, and said while the hackers didn’t dump all the data, partially published lists correspond with Digital Playground’s customer list.

In a mirror image of Digital Playground’s compromise, the hackers said that they hadn’t set out to destroy the porn site, but that the lax credentials and shoddy security “made it too enticing to resist”. The hackers also claimed to have rooted four of the site’s servers, and listened in on the company’s conference calls.

On March 1, 2012, Digital Playground’s Website officially became a property of Manwin, a Luxembourg-based adult entertainment IT company that also owns the hacked YouPorn, and in an official statement to AVN, Digital Playground suggests that the breach may have occurred before that transfer, in February. The fee-based porn site is currently down, and says it will not charge customers while “management is supervising all aspects of this situation.”

shanksinatra: i want one of these. The Pwn Plug is a little white box that can hack your network By Robert McMillan, wired.com | Published about 11 hours ago When Jayson E. Street broke into the branch office of a national bank in May of last year, the branch manager could not have been more helpful. Dressed like a technician, Street walked in and said he was there to measure “power fluctuations on the power circuit.” To do this, he’d need to plug a small white device that looked like a power adapter onto the wall. The power fluctuation story was total BS, of course. Street had been hired by the bank to test out security at 10 of its West Coast branch offices. He was conducting what’s called a penetration test. This is where security experts pretend to be bad guys in order to spot problems. In this test, bank employees were only too willing to help out. They let Street go anywhere he wanted—near the teller windows, in the vault—and plug in his little white device, called a Pwn Plug.  “At one branch, the bank manager got out of the way so I could put it behind her desk,” Street says. The bank, which Street isn’t allowed to name, called the test off after he’d broken into the first four branches. “After the fourth one they said, ‘Stop now please. We give up.’” Built by a startup company called Pwnie Express, the Pwn Plug is pretty much the last thing you ever want to find on your network—unless you’ve hired somebody to put it there. It’s a tiny computer that comes preloaded with an arsenal of hacking tools. It can be quickly plugged into any computer network and then used to access it remotely from afar. And it comes with “stealthy decal stickers”—including a little green flowerbud with the word “fresh” underneath it, that makes the device look like an air freshener—so that people won’t get suspicious. The basic model costs $480, but if you’re willing to pay an extra $250 for the Elite version, you can connect it over the mobile wireless network. “The whole point is plug and pwn,” says Dave Porcello, Pwnie Express’s CEO. “Walk into a facility, plug it in, wait for the text message. Before you even get to the parking lot you should know it’s working.” Porcello decided to start making the Pwn Plug after coming across the SheevaPlug, a miniature low-power Linux computer built by Globalscale Technologies that looks just like a power adapter. “I saw it and I was like, ‘Oh my god this is the hacker’s dropbox,’” Porcello says. Dropboxes have been around for a few decades, but until now they’ve been customized computers that hackers or pen testers like Street build and sneak, unobserved onto corporate networks. Now Pwnie Express has taken the idea commercial and built a product that anyone can easily configure and use. It turns out that they’re also a great way for corporations to test out security at their regional offices. Porcellos says that the Bank of America is mailing the Pwn Plug to its regional offices and having bank mangers plug them into the network. Then security experts at corporate HQ can check the network for vulnerabilities. Another Internet service provider—Porcello wasn’t allowed to name it—is using the devices to remotely connect to regional offices via a GSM mobile wireless network and troubleshoot networking problems. The device can save companies big money, Porcello says. “You’ve got companies like T.J.Maxx that have thousands of retail stores and every single one of them has got a computer network,” he says. “Right now they’re actually flying people out to the stores to spot check and do penetration basis, but now with something like this you don’t have to travel.” Porcello was just a bored security manager at an insurance company when he started building the Pwn Plugs back in 2010. But pretty soon he was selling enough to quit his day job. “We started getting orders from Fortune 50 companies and the DoD and I was like, ‘OK I’ll do this now instead.’”
Pop-upView Separately

shanksinatra:

i want one of these.

The Pwn Plug is a little white box that can hack your network

By | Published about 11 hours ago

When Jayson E. Street broke into the branch office of a national bank in May of last year, the branch manager could not have been more helpful. Dressed like a technician, Street walked in and said he was there to measure “power fluctuations on the power circuit.” To do this, he’d need to plug a small white device that looked like a power adapter onto the wall.

The power fluctuation story was total BS, of course. Street had been hired by the bank to test out security at 10 of its West Coast branch offices. He was conducting what’s called a penetration test. This is where security experts pretend to be bad guys in order to spot problems.

In this test, bank employees were only too willing to help out. They let Street go anywhere he wanted—near the teller windows, in the vault—and plug in his little white device, called a Pwn Plug

“At one branch, the bank manager got out of the way so I could put it behind her desk,” Street says. The bank, which Street isn’t allowed to name, called the test off after he’d broken into the first four branches. “After the fourth one they said, ‘Stop now please. We give up.’”

Built by a startup company called Pwnie Express, the Pwn Plug is pretty much the last thing you ever want to find on your network—unless you’ve hired somebody to put it there. It’s a tiny computer that comes preloaded with an arsenal of hacking tools. It can be quickly plugged into any computer network and then used to access it remotely from afar. And it comes with “stealthy decal stickers”—including a little green flowerbud with the word “fresh” underneath it, that makes the device look like an air freshener—so that people won’t get suspicious.

The basic model costs $480, but if you’re willing to pay an extra $250 for the Elite version, you can connect it over the mobile wireless network. “The whole point is plug and pwn,” says Dave Porcello, Pwnie Express’s CEO. “Walk into a facility, plug it in, wait for the text message. Before you even get to the parking lot you should know it’s working.”

Porcello decided to start making the Pwn Plug after coming across the SheevaPlug, a miniature low-power Linux computer built by Globalscale Technologies that looks just like a power adapter. “I saw it and I was like, ‘Oh my god this is the hacker’s dropbox,’” Porcello says. Dropboxes have been around for a few decades, but until now they’ve been customized computers that hackers or pen testers like Street build and sneak, unobserved onto corporate networks.

Now Pwnie Express has taken the idea commercial and built a product that anyone can easily configure and use. It turns out that they’re also a great way for corporations to test out security at their regional offices. Porcellos says that the Bank of America is mailing the Pwn Plug to its regional offices and having bank mangers plug them into the network. Then security experts at corporate HQ can check the network for vulnerabilities.

Another Internet service provider—Porcello wasn’t allowed to name it—is using the devices to remotely connect to regional offices via a GSM mobile wireless network and troubleshoot networking problems.

The device can save companies big money, Porcello says. “You’ve got companies like T.J.Maxx that have thousands of retail stores and every single one of them has got a computer network,” he says. “Right now they’re actually flying people out to the stores to spot check and do penetration basis, but now with something like this you don’t have to travel.”

Porcello was just a bored security manager at an insurance company when he started building the Pwn Plugs back in 2010. But pretty soon he was selling enough to quit his day job. “We started getting orders from Fortune 50 companies and the DoD and I was like, ‘OK I’ll do this now instead.’”

Universal Music Sweden hacked by Sepo #OpSweden

#Greece: 'Anonymous' hackers seize justice ministry website for 2nd time after #arrests

27. February 2012

Hackers associated with ‘Anonymous’ pirated the ministry’s website, blocking its operation, and uploaded videotext protesting the austerity policies in Greece.

Hackers of the international ‘Anonymous’ group in the early hours of Wednesday hijacked the Greek justice ministry’s website, for the second time in less than a month, demanding the release of an 18-year-old boy arrested on Monday and withdrawal of charges against two other high-school pupils, all three of which are accused of belonging to a group using the pseudonym “Greek Hacking Scene” (GHS) that has claimed responsibility for the first attack on the ministry’s website, in a message saying it represented the “Anonymous”.

Hackers of the international ‘Anonymous’ group at dawn on February 2 hacked the Greek justice ministry’s website, in what law enforcement authorities called the first major case of ‘digital vandalism’ in Greece.

Hackers associated with ‘Anonymous’ pirated the ministry’s website, blocking its operation, and uploaded videotext protesting the austerity policies in Greece.

The ‘Anonymous’ hackers hijacked the justice ministry website again in the early hours of Wednesday, uploading a text demanding the release of the 18-year-old and withdrawal of charges against the other two teenagers, aged 16 and 17. The text also said that the “GHS kids” had nothing to do with the hijacking of that website.

More on emg.rs