Company Blog

Start A FREE Trial
« Back to Resources

What’s HOT in Application Security Vol #34

Foreign Hacker Steals 387,000 Credit Card Numbers From South Carolina’s Department of Revenue

A foreign hacker has managed to steal nearly 400,000 credit and debit card numbers as well as 3.6 million Social Security numbers from the South Carolina’s Department of Revenue. While most of the stolen credit card details were encrypted, 16,000 had no encryption whatsoever.

The hack was reportedly only noticed by Secret Service In October, giving the hacker a full two months to extract the personal details. Some are now wondering why this information has been held secret for so long as the Secret Service became aware of the breach on October 10th. This is the largest hack in US history and has placed millions of South Carolina residents at risk.

An international criminal investigation is now taking place in order to ascertain the true extent of the hack and the security breach. Officials have stated a high priority will be to determine whether the database has been copied and whether any taxpayers have paid a ransom to the hacker in order to retrieve their stolen information.

 For more information please go to:

http://rt.com/usa/news/hacker-south-carolina-social-security-credit-400/

Hired Hackers lucrative business for Rogue Groups

Whilst Google may be paying up to $20,000 as a reward for those who discover bugs or vulnerabilities that affect its users data, it may not be enough. Paid hacking for rogue groups and governments will become a very profitable option for hackers with the ability to breach sensitive electronic networks according to leading security analysts.

Hackers today have a choice: They can either choose to report bugs to software manufacturers or sell their findings to foreign interests. With prices per job going up to hundreds of thousands of dollars, the decision for hackers motivated by financial gain is not so simple.

The cryptic nature of hacking also make it very difficult to ascertain how often and in what numbers independent or groups of hackers are paid on the black market by foreign governments or rogue organizations who are politically or ideologically motivated.

Many in the US military establishment are taking such threats very seriously with some arguing that worse case scenarios include a near-simultaneous cyber-attack targeting electrical, financial and communication systems in a coordinated attack

Hacker gains access to NASA subdomain website belonging to US Government

A Hacker who goes by the name of ‘LegitHacker97′ successfully gained access to a NASA subdomain website. The website actually belonged to a US Government computer.

The hacker dumped over 80 MB of compressed data on the internet last week, including the complete source code of the website (in ASP). The hacker commented that the successful breach was achieved by a LFI vulnerability which allowed him to upload his own shell.

For more information please go to:

http://thehackernews.com/2012/10/hacker-leaks-source-code-of-nasa.html#srthash.bN7Fv0V1.dpbs

The Patriot Hacker ‘The Jester’ publishes his favorite Open Source Intelligence toolset

The Patriot or ‘jester’ hacker as he is known who is famous for disrupting WikiLeaks and stalking the actions of Islamic ‘jihadist’ sites has revealed his favorite (ONSINT) Open Source Intelligence toolbox.

Open Source Intelligence (OSINT) is a very basic but effective form of intelligence gathering which involves acquiring information from publically available sources in order to exploit at a later date.

The ‘jester’ posted on his blog some of his favorite OSINT sites which included among others;  Maltego, Creepy, Spokeo, CaseFile and FoxOne Scanner.

For more information please go to:

http://thehackernews.com/2012/10/patriot-hacker-jester-list-his-all-time.html

Want to get future blog posts in your inbox? Sign up for our weekly newsletter!

Tags: , , , , , , , , , , , , , , , ,