NASA HACKED! AnonSec tried to Crash $222 Million Drone into Pacific Ocean.

Once again the Red Alarm had been long wailed in the Security Desk of the National Aeronautics and Space Administration (NASA).

Yes! This time, a serious hacktivism had been triggered by the Hacking group named “AnonSec” who made their presence in the cyber universe by previous NASA Hacks.

The AnonSec Members had allegedly released 276 GB of sensitive data which includes 631 video feeds from the Aircraft & Weather Radars; 2,143 Flight Logs and credentials of 2,414 NASA employees, including e-mail addresses and contact numbers.

The hacking group has released a self-published paper named “Zine” that explains the magnitude of the major network breach that compromised NASA systems and their motives behind the leak.

Here’s How AnonSec Hacked into NASA

The original cyber attack against NASA was not initially planned by AnonSec Members, but the attack went insidious soon after the Gozi Virus Spread that affected millions of systems a year ago.

After purchasing an “initial foothold” in 2013 from a hacker with the knowledge of NASA Servers, AnonSec group of hackers claimed to pentested the NASA network to figure out how many systems are penetrable, the group told InfoWar.

Bruteforcing Admin’s SSH Password only took 0.32 seconds due to the weak password policy, and the group gained further indoor access that allowed it to grab more login information with a hidden packet sniffing tool.

They also claimed to infiltrate successfully into the Goddard Space Flight Center, the Glenn Research Center, and the Dryden Research Center.

Hacker Attempted to Crash $222 Million Drone into the Pacific Ocean

Three NAS Devices (Network Attached Storage) which gathers aircraft flight log backups were also compromised, rapidly opening a new room for the extended hack:

Hacking Global Hawk Drones, specialized in Surveillance Operations.

Hackers have tried to gain the control over the drone by re-routing the flight path (by Man-in-the-Middle or MitM strategy) to crash it in the Pacific Ocean, but…

…the sudden notification of a security glitch in the unusual flight plan made the NASA engineers to take the control manually that saved their $222.7 Million drone from drowning in the ocean.

This hacking attempt had happened due to the trivial routine of drone operators of uploading the drone flight paths for the next fly, soon after a drone session ends.

After this final episode, AnonSec lost their control over the compromised NASA servers and everything was set to normal by NASA engineers as before.

This marked the attack’s magnitude at a steep height by infecting into other pipelines of NASA, leading to this nasty situation.

However, in a statement emailed to Forbes, NASA has denied alleged hacking incident, says leaked information could be part of freely available datasets, and there is no proof that a drone was hijacked.

“Control of our Global Hawk aircraft was not compromised. NASA has no evidence to indicate the alleged hacked data are anything other than already publicly available data. NASA takes cybersecurity very seriously and will continue to fully investigate all of these allegations.”

Why Did AnonSec Hack into NASA?

If you are going to point your fingers against the AnonSec Hackers, then Wait! Here’s what the group of hackers wants to highlight:

“One of the main purposes of the Operation was to bring awareness to the reality of Chemtrails/CloudSeeding/Geoengineering/Weather Modification, whatever you want to call it, they all represent the same thing.”

“NASA even has several missions dedicated to studying Aerosols and their affects (sic) on the environment and weather, so we targeted their systems.”

And Here’s What NASA was actually doing:

Cloud seeding: A weather alteration method that uses silver iodide to create precipitation in clouds which results to cause more rainfall to fight carbon emission which ultimately manipulates the nature.

Geoengineering: Geoengineering aims to tackle climate change by removing CO2 from the air or limiting the sunlight reaching the planet.

Similar projects are running on behalf of the US Government such as Operation Icebridge [OIB], Aerosol-Cloud-Ecosystem (ACE) which are dedicated to climate modeling.

This security breach would be a black label for the Security Advisory Team of NASA and became a warning bell to beef up the security.

(Source:- http://www.ehackingdna.com/nasa-hacked-anonsec-tried-to-crash-222-million-drone-into-pacific-ocean/33)

A New Technique For Hacking ATMs...

An old method used for stealing card details is drilling holes in the ATM and hooking a data-intercepting device to the card reader in the machine. The problem with the old-method is that the traces of tampering can be easily detected by the bank employees or service personnel.

NCR, a global manufacturer of ATMs has identified a new technique (derived from the old method) that has compromised ATMs in the United Arab Emirates and Europe.

In the new method, hackers target free-standing ATMs, such as those placed in retail locations. Access to the inside card reader is done by opening the top box of the machine by picking the locks.

Since this type of attack doesn’t leave any evidence of intrusion from the outside, the data-intercepting device can remain undetected by bank employees filling the money cassettes or by service personnel.

“…. all observed cases of eavesdropping to date have been against Personas ATMs, however all ATMs must be protected against this form of attack,” NCR says.

NCR recommends an Anti-Eavesdropping kit that provides a physical protective shield around the ATM Card reader for SelfServ and Personas ATMs.

(Source:- http://www.hacoder.com/2016/02/a-new-technique-for-hacking-atms/)

OSCP Course PDF – Penetration Testing with Kali Linux.

Penetration Testing with Kali Linux (PWK) is an information security training and ethical hacking course. This online security training is designed for network administrators and security professionals who need to acquaint themselves with the world of offensive security.

Penetration testing training introduces the latest hacking tools and techniques in the field and simulates a full penetration test from start to finish. YOU will gain hands-on experience by injecting yourself into a diverse and vulnerable network.

Starting from $800 USD, Penetration Testing with Kali Linux (PWK) is one of the most highly regarded InfoSec Training Courses in the security industry. The PWK course is delivered entirely online and is completely self-paced, allowing you to take the time to fully explore and exploit our vast virtual penetration testing lab environment. Successfully completing the 24-hour certification exam earns you the coveted Offensive Security Certified Professional (OSCP) certification.

(Source:- http://www.hacoder.com/2016/02/oscp-course-pdf-penetration-testing-with-kali-linux/)

10 year old Kid Scores 100 Percent in Java Exam, Completes 150 Minutes Paper in 18 Minutes.

Ronil Shah almost surprised everyone by scoring cent percent in a Java exam. Well, that’s not the end of the story. The story continues as he just finished the entire paper of 150 minutes in just 18 minutes. If you want to know the level of the paper, let me tell you that he competed in an exam which is generally taken by engineering graduates or professionals preparing to be software developers. That too, not all of the graduates crack it.

The Java exam was held on September 2 last year. In the IT world, this exam is very famous and it’s called Java Standard Edition 6 Programmer Certified Professional examination. This exam is an international exam and it is conducted by US-based Oracle University.

Ronil Shah did not take any previous attempt and he cleared this exam just in his first attempt. This exam is required to show the deep understanding of the programming language, Java, and is a prerequisite to many other Java certificates. Ronil is a student of standard five from Euro School in Ahmedabad, and now he is also called a ‘JAVA champion’.

As Ronil says —

“I developed so much love for computers that I started learning animation, coding programming after standard 1. I took a holiday to practice for JAVA standard edition 6 program exam. I used to reach my computer institute to practice at 11.30 am and come home by 6 pm. That is how I managed to complete my online exam in 18 minutes,” 

Ronil wants to work in robotics in coming years. We wish him all the best.

(Source:- http://fossbytes.com/10-year-kid-scores-100-percent-in-java-exam-completes-150-minute-paper-just-in-18-minutes/)

How to share files over wifi

Most of Now a days Operating System’s come with inbuilt file sharing, but most of the user pivot to cloud services like Dropbox to transfer files from even the local PC’s, but users whose internet connection is slow and they need files in a pinch this trick might come in handy help you share files over the Wifi.

The folder is shared over the Wifi as the shared it is declared as the shared folder over the two computers or the number of the computer participating in the share.
The file sharing over the wifi helps you in the faster distribution of the data moreover if you are a student and you want to share a video file with your class it may come in handy and saves lot of mobile data. First make sure both of the PC’s or laptops are connected to the same wifi network if you don’t have wifi router with you turn on wifi hot-spot in your mobile without turning on the mobile data this will create a temporary hot-spot to share files over wifi We will show you how it is done in Windows and even Ubuntu

Windows

Right Click on the folder you want to share and select the properties


Now go to the sharing tab and you will find an option called Advanced sharing

When you click on the advanced sharing option there will be another tab popped up, click on share this folder check box thus followed by deciding the name of the folder

Below you need to set the permission of whom can access your folder keep it as guest so that every body can read it, but not to delete it

Finally click share There you folder sharing is done on windows
From the other computer search in the network to find the computer on which the folder is being shared and access it.

Ubuntu

When coming to Linux there will be folder sharing software for the Linux called samba
Install it
If you didn’t install it will prompt you install the software
After installing the software, right click on the folder and click on local network share


If you didn’t install samba it will prompt you install it
There will be a dialog opened you will find and square tick box to start sharing tick and
allow the guest access


If you want specific people to access that folder then there will be special permissions in the windows
Restrict the access to your network if you are in ubuntu

(Source:- http://www.dexterstuff.com/how-to-share-a-folder-or-a-file-over-wifi/#.Vrq8odC2a00)

CyberWarfare on the Web

In recent years, social media platforms like Twitter and Facebook also have been used by Islamic State group fighters to navigate and coordinate their operations on the ground. Social media has been used by Hamas to determine how effective missile strikes on Israeli targets are.And then, of course, social media is an efficient means of spreading misinformation, a tool that has been used in wars for centuries. There are indications that Russia spends significant resources on misinformation campaigns targeting the United States. That pro-Putin comment below an online news article may seem like it was posted by an American, but may have been the work of a “Russian troll.”As New York Times writer Adrian Chen reported in June, there are entire buildings in Russia filled with employees who do nothing but feed the social media universe with misinformation. They even attempt to stir up panic situations, like the time these trolls faked a chemical leak in a town in Louisiana, causing needless alarm. These kinds of actions can have broad impacts. In 2013, the stock market plummeted temporarily and fear swept across social media after the Twitter account of the Associated Press was hacked and a bogus tweet reported that the president had been injured during a bomb attack on The White House. The state-sponsored hacker group The Syrian Electronic Army claimed credit.

Anonymous And Islamic State CyberWarfare

After the deadly terrorists attacks in Paris, the hacktivist network Anonymous declared war on ISIS. In a widely distributed video, a figure in a Guy Fawkes mask announced Operation Paris, or #OpParis, and promised the Islamist group that “Anonymous from all over the world will hunt you down.”
So far, Anonymous’ much-hyped digital war has generated lots of headlines but not much in the way of impressive results. It’s been mostly focused on identifying ISIS-affiliated websites, Twitter accounts, and internet addresses and reporting them to Twitter and other webmasters in an effort to get them shut down. Shortly after OpParis launched, Anonymous claimed to have helped get 5,500 ISIS Twitter accounts taken down, a number that ballooned to 20,000 by last Friday. An unnamed Twitter spokesperson told the Daily Dot that Anonymous’s claims are “wildly inaccurate.”
“In terms of effectiveness, I think all they can do is make a small dent,” saysGabriella Coleman, an anthropologist and the author of Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. “Since they started, ISIS’s online presence hasn’t really shrunk or grown. It doesn’t really matter if there is a small dent. ISIS, unlike Al Qaeda, has been really savvy with online propaganda.” Last week, ISIS posted a message on the encrypted messaging app Telegram, calling the hacktivists “idiots” and offered an online security guide for their sympathizers. Noting that Anonymous had only gone after Twitter accounts, the message joked, “What they gonna hack?”

North Korea Cyber Attack on Sony

ony Pictures Entertainment is hacked. Employees are locked out of their computer network and glowing, red skeletons appear on their screens. An accompanying message says they’ve been “Hacked by #GOP” and all of their internal data have been obtained and can be shared. In the days that follow, personal information, e-mails and unreleased movies like Still Alice, Annie and To Write Love on Her Arms are leaked online.
Some speculate that North Korea is behind the attack because Sony’s upcoming comedy The Interview, starring Seth Rogen and James Franco, is about an assassination attempt on Kim Jong Un.

A screen shot of an image that appeared on computers at Sony Pictures Entertainment on Nov. 24, 2014. (Photo: Reddit)

Indian regulators have effectively blocked Free Basics, a controversial Facebook online service that sought to bring free access to a limited version of the social network and other sites to the country’s poorest people. The Telecom Regulatory Authority of India(TRAI) on Monday outlawed charging different prices for downloading different kinds of internet content.

The ruling, which regulators said was guided by the principles of net neutrality, is a major setback for Mark Zuckerberg, the Facebook chief executive, who had lobbied hard for the programme as part of a campaign to expand Internet access to billions of people around the world. Yet, it is a victory for critics who argued that Facebook’s Free Basics programme gave an unfair advantage to some internet services over others.

Facebook founder Mark Zuckerberg said he would work to make Free Basics legal.

“While we’re disappointed with today’s decision,” he wrote. “I want to personally communicate that we are committed to keep working to break down barriers to connectivity in India and around the world.
“Connecting India is an important goal we won’t give up on, because more than a billion people in India don’t have access to the internet. We know that connecting them can help lift people out of poverty, create millions of jobs and spread education opportunities.”
The World Wide Web Foundation, founded by Sir Tim Berners-Lee, the inventor of the web, welcomed the regulator’s decision.
“The message is clear: We can’t create a two-tier Internet – one for the haves, and one for the have-nots,” said programme manager Renata Avila.
“We must connect everyone to the full potential of the open Web. We call on companies and the government of India to work with citizens and civil society to explore new approaches to connect everyone as active users, whether through free data allowances, public access schemes or other innovative approaches.”

(Source:-  http://www.geekboy.co/news/india-blocks-facebooks-free-basics-app/)