Philippines Navy hacked by Pr3 H4ck3r

Philippines Navy website (www.navy.mil.ph) hacked by the hacker going with the handle Pr3 H4ck3r and the hacker also leaked the database credentials of the website online.

The Hacker found and exploited SQL injection flaw on the website and dumped the usernames, emails and passwords. Over 50+ emails with passes are leaked, According to Pinoyhacknews.

The hacker also mentioned the crafted URL which allowed the hacker to get into the database of the website.

http://www.navy.mil.ph/alcaraz/blog_full.php?news_id=-1012 UNION SELECT 1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12,13,14 from tbl_users–

Attacked Site:
http://www.navy.mil.ph/

The leaked database includes email addresses, usernames and encrypted passwords belonging to navy officials. The complete leaked doc can be found here.

Read More..

Hong Kong Police Website Hacked, Database Leaked by Portugal Cyber Army

Official Police of Hong Kong website(www.police.gov.hk) hacked by the renowned  hacker groups Portugal Cyber Army & HighTech Brazil HackTeam, database credentials leaked online  by the hackers under the operation called #OpFuckThePolice.

The hackers announced the hack and leaked information on official twitter handle.

This is not the first time police website hacked and credentials leaked online, Some days ago, Chinese Police website was hacked by the hacker under the same operation. The hackers said on the leaked document, this is a first round of the operation, they gonna next target Police of Ecuador

See Also: China Police Website Hacked, Database Leaked by Algerian Hackers

Anatomy of the attack on the police site is not known. It seems hacker found and exploited SQL Injection flaw on the website and dumped the database of the website.

Targeted Website:
www.police.gov.hk

Leaked Database:
http://pastebin.com/PDEkRttB

The leaked data by the hackers contains email addresses of Police Officials and different departments with the encrypted passwords  and IP addresses, The encrypted passwords possibly of MD5 Hashes, a weak hash type which can easily be cracked. The Hong Kong Police Department needs to take a decent look into the security in order to protect their data.

Read More..

UK Commonwealth Bank Site Hacked, Data Leaked

The infamous hacker group with the handle LatinHackTeamR have hacked into the Commonwealth Bank of Australia, United Kingdom branch (www.commbankuk.co.uk/).The hackers leaked of data of the Bank website.

Tuesday morning, The hackers announced the hack on twitter and the leak has been posted to Anonpaste site.

The commonwealth bank is one of Australias largest banks. Now a days hackers targeting Banking System and leaking databases.

See also: Soneri Bank online banking system Hacked by Xploiter from Pakbugs

Anatomy of the attack on banking site is not known. It seems hacker found and exploited SQL Injection flaw and hacked the website or used some 0 day to get into the server.

The leaked data by the hackers contains 1900 email addresses, encrypted passwords and full names being leaked online. It is unsure exactly who these accounts belong to but either way it proves that they need to have a decent look into the security of customers information.

Read More..

Important US Celebrities Hacked, Finances exposed online including vice president, attorney general, FBI director and others

Hackers have published alleged personal financial records of several politicians and celebrities, including US Vice President Joe Biden, Kim Kardashian, Robert Mueller (FBI Director), Hillary Clinton, Eric Holder (U.S. Attorney General), Charlie Beck (LAPD Chief), Mel Gibson, Ashton Kutcher, Jay Z, Beyonce, Paris Hilton.

Hackers have published what are alleged to be the personal financial records for several politicians and celebrities, including US Vice President Joe Biden, Attorney General Eric Holder and musicians Jay-Z and Beyoncé.

Gossip website TMZ reported on Monday that hackers have leaked sensitive information pertaining to a list of important American figures, including Kim Kardashian, Paris Hilton, Mel Gibson, Ashton Kutcher, Joe Biden, Robert Mueller, Hillary Clinton, Eric Holder and LAPD Chief Charlie Beck, but elected to not share the information with their audience.has posted social security numbers, mortgage amounts, credit card info, car loans, banking and other info of major celebs.The hackers has posted social security numbers, mortgage amounts, credit card info, car loans, banking and other info of major celebs.

The website is Exposed.Su that posted personal financial information of important US celebs.


According to RT, The documents were made aware on monday, contained on a page titled ‘The Secret Files. The page contains simply a link to the figures allegedly hacked, an image of a girl holding her forefinger up to her mouth and a quote from the television program Dexter: "If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve.”

Among the specific details included in the data dump are the social security numbers and alleged home addresses and contact information for most of the figures profiled, as well as credit reports and other financial figures for a select bunch.

For former first lady and Secretary of State Hillary Clinton, hackers have released only her Social Security Number and places of residence. For other targets, though, the information leaked allows for much more of a glimpse into the finances.


The law inforcements agency  has already launched an investigation on this alleged information leakage.

Read More..

EDUCAUSE Hacked, Users advised to Change Password

EDUCAUSE – a nonprofit association whose mission is to advance higher education by promoting the intelligent use of IT – published an advisory on Tuesday urging users to immediately change their passwords because hackers had breached one of the organization’s servers.

The cyber criminals might have gained access to information such as names, titles, email addresses, usernames and hashed passwords, according to EDUCAUSE.

EDUCAUSE breach might have also compromised the hashed passwords of .edu domain holders. This is why administrators are also advised to change the domain passwords.

EDUCAUSE has notified all affected members. In the meantime, the association has deactivated all passwords.

Fortunately, InCommon users are not affected. Another piece of good news is that there’s no evidence to suggest that sensitive personal or financial information has been accessed by the hackers.

Federal law enforcement, investigators and security experts have been called in and additional security measures are being implemented to prevent future incidents.

Read More..

Montreal Police Department database leaked by Unknown Hackers

Last week, unknown hackers had breached into the official website of the Montreal police department (www.spvm.qc.ca), personal information belonging to over 2000+ police officers stolen and posted online, according to GlobalNews.

The Canadian based GlobalNews reports that information was posted on line on Pastebin with a message for the police department in French and English languages.  The leaked data contains names, telephone numbers and positions of police officers circulating on the internet since 9th February 2013.

The hacker did this hack against the allegedly police brutality against the citizens of Montreal, according to the message “The SPVM have tormented the people of Montreal continuously, using physical violence to club us into submission, using sexual violence to intimidate and dominate, using ethnicity, race, sexuality, gender and political beliefs to suppress the voices of our city.”

The hackers also warned the police from using force against its citizens “We are watching, we are listening and we are recording every action you commit. Against the elders, against our youth and against the land. We will not tolerate violence any longer, we will not stay quiet as you destroy the lives of innocent people, we will no longer tolerate the State you enable.”

Rest of the message can be read on Pastebin.

The Canadian Security Intelligence Service (CSIS) and Montreal police (SPVM), the Sûreté du Québec is now investigation the hack and promises to take down the culprits.

Read More..

Nokia Taiwan Hacked, 100,000 account details leaked

The famous Turkish hacker by the handle of Maxney from TurkishAjan group has hacked four official sub-domains of a Nokia website for Taiwan and leaked over 100,000 user accounts online. The hacker left his group’s deface page along with a deface message against Israel, US, China, EU and UN.

Deface Page:

Deface Message:

Türkçe: Kalpleri taslasmis cani israilli siyonistler. Oynadiginiz tüm oyunlarin karsisinda bizi bulacaksiniz.
English: Hearts a petrified Monster Israeli Zionists. You will find us in the face of all the games you’ve played.

The leaked data contains complete sales details of Nokia products in Taiwan, usernames, IP Address, Gender, Email Address, PhoneNumber, Invoice and IMEI numbers of Nokia Lumia, Nokia 610, Nokia 510, users in Taiwan and shockingly details of Facebook account and links of millions of Nokia users within Taiwan and China.

The leaked data can be downloaded from here. While the links and mirrors of hacked websites are given below.

Hacked Sites:

www.member.nokia.com.tw/index.htm
www.event.nokia.com.tw/index.htm
www.swipe.nokia.com.tw/index.html
www.fun.nokia.com.tw/index.htm 

Mirrors:

http://zone-h.org/mirror/id/19251210
http://zone-h.org/mirror/id/19251214
http://zone-h.org/mirror/id/19251252
http://zone-h.org/mirror/id/19251206

The leaked data is huge, posing a great danger to Nokia users in Taiwan, leaking their Facebook details, Mobile numbers, addresses and contact details.

Read More..

British Chamber of Commerce Luxembourg Hacked by Tunisian Cyber Army

The official website of the British Chamber of Commerce  for Luxembourg has been breached and 900 user information has been leaked by the Tunisian Cyber Army. The hacker called this operation: #OpMali.

Sophisticated attack announced by Hackers on their official Twitter account.

Targeted Site:

http://www.bcc.lu/

Hackers found SQL Injection vulnerability on the targeted site and dumped the whole data and made it public by posting on popular paste site Pastebin.

According to a doc posted by Hackers on Pastebin, [ Message for the British government ]

Greeting gov of france we are the tunisian cyber army..we are here for justice..No fear No war..his is our dream..for the last few months we was watching you..we follow all your speech about mali and now its our time to talk..you and all those who support attack on mali..will face a cyber war..there is no forgiveness..there is nothing that will stop us..we give you the time to think well..and now is the time for our attack…expect other attack soon..and remember we watch you. we are tunisian cyber army.

The leaked data posted on Pastebin includes usernames, addresses, phone numbers, emails and plain text passwords from the chamber of commerce and different other major British financial giants like Barclays bank and ATC Group.

Read More..

US Department of Defense Subdomain hacked & database leaked by Gevolus

The hacker goes by the handle @Gevolus from Brazilian Cyber Army have hacked into the subdomain of US Department of Defense. which is Non-Lethal Weapons Program, leaked its highly sensitive database and pasted on pastebin.

The hacker announced this hack on its official twitter account.

The targeted site which is attacked by the hacker is "http://jnlwp.defense.gov". The range of Sensitive information leaked by hacker contains official’s usernames, email addresses,personal contact numbers of  US Army, US Navy and some other defence organizations employees.

Pastebin link of sensitive database:
http://pastebin.com/Y41DzLPq

The hacker put himself in danger while making the very sensitive information to public. The hacker hacked many big sites like Mississippi State University and Syrian Higher Commission for Scientific Research , according to his tweets.

Read More..