TheHa

ckerNews
J
une 201
1-I
ssue03

Tot
alExpos
ureEdi
ti
on
T
HEG
OLD
ENB
OOKOFB
REA
CHI
NGI
NTE
RNE
TSE
CUR
IT
Y

Tot
alEx
pos
THN

ure

Pr
ese
nte
dBy:Mohi
tKumar
 EDI
TORI
AL
DearReaders,

Welcometothethirdeditionofthehackernewsmagazine.Wewanttothankyou60,
000timesforeach
hitwereceivedlastmonthMagazine!

TherearegoingtobesomechangesatTHNintermsofhowwedisseminateinformation.Wewantto
eliminatethemagazineandjustgiveyouthosegreatarticlesandinterviewsonthedailynewspageas
theycomeup.

Thiswillbeeasierforusandbetterforyou.Giveusyourfeedbackandletusknowhowyoulikethe
newformatasitisdeveloped.Ifthereissomethingyouwanttoseeonoursite,letusknow.

Ihopeyouenjoythenewsonthetopicof“TotalExposure”Iampersonallyblownawayattheamount
ofhackinggoingonworldwide.Itisexcitingandfrighteningatthesametime.

Whatareyourthoughtsonthisveryimportanttopic?Wewanttohearfromyou.

Thanksagainforyourcontinuedsupport.Weappreciateitandlookforwardtocontinuingtogiveyou
thebestandmostreliablehackingnewsavailable.

Sincerely,
MohitKumar(Chief-in-Editor)
TheHackerNews

VisitOurOficialSite-www.thehackernews.com

EmailId -thehackernews@gmail.com
Facebook-http://facebook.com/thehackernews
Twitter -http://twitter.com/TheHackersNews
 I
NDEX
1.
)TotalE
xposure 1
2.
)Wikil
eaks 6
3.
)Comput erSecurityCons ul
tant 10
4.
)InTheRea l
m ofS ecuri
tyBreach 13
5.
)Exploi
tWr i
ter
s:Cha l
lengingSecur
it
y14
6.
)Int
ervi
ewwi t
hT eamI nj3ct
0r 16
7.
)ITS
ecur
it
yInc
identMa
nagement 19
8.
)Int
ervi
ewwi t
hAnony _ops 23
9.
)PasswordS ec
retsofAppleSa
far
i 28
10.
)SonyHa ckedAga i
n&Aga i
n 37
11.
)NewsHi ghli
ghtsoftheMonth 41
12.
)Hackerstoolki
tupdate 44
13.
)BufferZone-S ecuri
tyTool 45
14.
)YourFeedba c
k 46
 TOTALEXPOSURE
BUI
LD I
T…….
THEY WI
LL HACK I
T
BY MOHI
TKUMAR
THE HACKER NEWS

Bynowcorporat
ionsandgover
nment
swor
ldwi
deha
vet
akennot
icet
hatt
hei
rsec
uri
tys
ys-
temsa
reatri
sk.Well,
kinda
.

Asyoucanseefr
om thi
smont h’
sedi
ti
onoftheTHN,thereiss
ti
ll
ana r
roganc
ea ndat
ti
tudeof
“i
tcoul
dn’
thappentome .
”Inthemea nt
ime,ha
cker
sa l
lovert
heglobearegett
ingi
ntoever
y-
thi
ngfr
om emailt
otopsecretdocuments
.

I
tdoes
n’ts
urpri
semethattheheadsofcor
pora
tionsli
keSonyandgover
nmentagenci
esli
ke
NASAhavebeensl
owont heuptake.Fortool
ongt hesepeopl
ehavebeendr
ivenbygreed
andha
veactedwit
htota
limpunit
y.

Nomor e.Bec
auseint
ernetsec
urit
yha sbecomethenumberoneta
rgetofor
gani
zedgr
oups
l
ikeAnonymousor13yearoldboysfooli
ngaroundont
hecomputer
,ever
ygover
nment,
busi
-
ness
,cor
porat
ion,
andper s
onalcomput eri
satri
sk.

And,theconundrum forev er
yoneisthati
fyouc anwr it
eas ecuri
typrogra
m, someonec an
hacki
t.THNdoes n’
tthinkitwi
llbeoutofbusi
nesssoonbec a
us esomegov er
nmenta gencyor
bi
ll
iondoll
arcor
por a
tionthinksitc
anouts martt
het echi
esofthewor l
d.No, t
herealis
sueis
howa rei
nsti
tut
ionsgoi ngtoprocessi
nformat
ion,secureandpubl i
cthatcannotbeha cked
i
nto?

Ev
eryerahashadana meandthi
serai
sgoi
ngtobenamedt
heEraofHa
cki
ng.Thi
sist
heer
a
whenthedishonestandc
orr
uptarebei
ngcaughtwi
tht
hei
rpa
ntsdownandthei
rphony -
nanc
ial
reportsexpos
ed.

Theher
o’
sofourworl
dwil
lnolongerbegol
dst
argener
alsorpr
esi
dent
sbutf
acel
essha
cker
s
wit
haweaponcall
edthek
eyboard.

T
HNha sha
dthepl
easur
eofsi
tt
ingba
ckandrepor
tingt
hehacki
ngnews.Wedon’thac
kour
-
s
elv
esbutwear
ethebeehi
vef
orhack
ingi
nformat
ionandt
rendsi
nint
ernets
ecur
ity
.

01 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 Wet hankourl oyalreadersandwel c
ome
ournewes t
.Wei nvi
tehea dsofSta
tea nd
digni
tar
iesal
lovertheworldtoreadandun-
derst
andtheya r
ea tr
isk
.Wor l
ds t
abi
li
tywil
l
comea ndIpr omise,notones hotwillbe
red.

WelcometotheEr
aof
Hac
king.Wel
comet
o
Tot
alExpos
ure.

OKRE
ADE
RS,
LET’
SGETT
ECHNI
CAL

Weneedt ot al
ka boutt hebr ea chofda tain
l
a r
geor gani zati
onsl i
keS ONY . Almost14a t
-
tacksonS ONYi nl asttwomont hbydi ffer-
entha ckers .Ha ckerse xposeda l
mos t100
mill
ionus er’sdataus ingas ma l
l SQLvulner-
abil
ityorbet t
ersa i
da s“Dev eloper ’
sStupid-
i
ty.
”T heda tal eaki salmos tofnowor tht o
anyone , noonewoul dha vet het imet odo
l
oginsonmi ll
i
onsof Users.T her ealaffectis
thebl emi shont hebr andna meS ONY .S ti
l
l
ther
ei sabenetS ONYget sf rom al
lthes e
hacks.T heygetf reeAudi ti
ng.YE S!S ony
hacker sa ctuall
yhel pS ONYt obec omet he
mos tsecur
ebrandi nthef ut
ure.Sonywil
ldeni t
elylea rnf rom a llthoses ecur it
ymi st
ak es.
Also,t
hishackbecomesal ess
onf orot
her
s.OnceSONYi sba c kwithpa t
cheds itesa ndservers
thenitwill
besurethattheywill
bemor esecur
ethanev erbef ore.

Anotherpa rtofTot
alExposureisthedi sclosureofv ar
iousv ulnerabil
iti
esand0da y s.
TheE x-
ploi
twr i
tersaret
hebes thackersbehindt hisjob.Theystudyt hewhol ec ode,ndt hev ulner-
abil
ityandma kesomea utoma t
ede xploit
sf orthatcode.Nodoubtt hattheseexploi
t sar
eda n-
gerousforthesecuri
tyofvar
iousus er
s,buts t
il
ltheDeveloperof thatpr oductwil
lgettheI dea
ofvulnerabil
it
yandtheywi l
ldevelopot hermor esecur
es y
stems .Thisistherul
eof mos tsec u-
ri
tyDev el
opmentt hat“Unti
lsomeha ckerca n’
tbreakyours ystem,y ouwi l
lneverthinka bout
mor esecurevers
ions”
.

I
nt hepa stwe( Theha ckerNews )t
riedtoc ontactsomeAdmi nsofser
vers/s
itesaboutthei
r
vulnerabi
li
ty.Butmos toft hem nev ercar
edt orespondbec a
usetheythoughtt hatnoone
wouldha ckthem.I hat
etot el
lthem theyareinforabigsurpr
is
e.Wedec idedt opostal
lvul
-
nerabil
iti
esofv arioussi
tesa ndpr oductsonline,becauseunti
lthevulnerabili
ti
esaread-
dressedseri
ously
, every
onei satri
sk.

02 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
T
her
ear
efewques
ti
onst
hatpeopl
eha
vea
skedusi
nla
stf
ewda
ysa
ndI
woul
d
l
i
ket
oanswert
hem:

Q.Whydoha c
kersl
ovetoe x
pos ethi
ngsinpubl i
c?
A.Hackers !
Exposi
ngda t
aisthebaseofsecurit
yforthem.S omeha cker
sha c
kforfun,s
omef or
part
icul
a rpoli
ti
calai
m,somef orgoodcauseslikeWikil
eaksa ndsomeforrevengeli
keLul
zsec.
Ever
yoneha sadifferentmot i
vea nddifferentnaturesofha cks.T
hee xposureofsomeone ’
s
pers
ona lda t
aisneveragoodt hi
ng,butweha veexempt ions.Let’
sletpeopledeci
detha t
,
whoiswr ongandwhodoi ngr i
ght!

Q.Whati
mpa c
tdoesha c
kinghavingont echnol
ogyingeneral
?
A.I
nGeneral
,becauseofhacker
st ot
a ls
ecuri
tydevel
opmentisimpossi
ble.
T heycanmakea
bi
gbrandli
keS ONYthi
nka gai
nont heiracti
ons
.T heycanhel
ps ec
uri
tyresearc
hersmaki
ng
ST
UXNETdes t
ructi
onproductsandt heycanhelpthepoli
ceforcyberi
nvestigat
ionl
ik
eout
whit
ehat
sdo.Technol
ogyisthecombi nati
onofgooda ndbadthi
ngs.

Q.Wha tisthegr eatestbeneti nhackinginformati

onort heex pos ureof weak nessi
nsecuri
ty
sys
temsors i
tes?
A.Hackingf ormi li
tar
yorCount r
yisalwaysbenec i
alforones ide .Hack i
ngforf uncannever
begoodf orany one ,
buti fsomeonei shackingfordestruct
iont hent hatisthewor stuseof
ski
l
ls.ST UXNET ,thebes tbotnetoflastyear,wasdevelopedbyI RANf ordes t
r ucti
onofcyber
spaceofIndi ana ndtheUS .
T hebestbenetofha ck
ingistha tther eisalessont obelearned
i
npos i
tivewa y.E xposureofwea knessha sbenetf orthea dmi nis t
ratorwillcomet oknow
wherehismi s
takesa re.Weaknessofsyst
emsa l
soleadstomor es ec uri
tyresearch.

Q.Itappea r
swi t
hout"hac
king"int
ernets ecuri
tywoul dnotha vebeenc hall
engeda ndi m-
proved.Doy ous eehacki
ngha vi
nganyot herv al
ue?
A.Yes,t
hisisright.Wit
houthacki
ng,inter
nets ecuri
tyisreal
lyworthl
ess.Thejobofas ecuri
ty
expertshouldbea l
wayschall
enged.Onlyt henwi l
lhe/shewi l
lbeabl
et olearnmor edayby
day.E v
enha c kershac
kforthesamer eason.T heydev el
opt hei
rski
ll
sbyha ckingrealworld
serv
ers/si
tes.Ha cki
ngisl
ik
eapa ssi
onf ork i
dstheseda ys.
Ev er
yonewa ntstok nowHOW T O
HACKF ACE BOOKORGMAI L.Lol
z!Itsreall
ymos ti
rri
tati
ngques t
ionaskedt omebyl otsof
people.

Q. Wha tlessonsc aneveryonegetf r

om S onyHa c
k s&wha tareyourViewsaboutthese13
SerialSonyBr eaches?
A.Itisnote xa ct
lyanews ecuri
tymea s
uret hat
'snec essar
y,buthowS onycanma nagethee x-
i
stings ecurit
ys yst
em effecti
vely
.Sonyneedst or uni t
sma nagementc ycl
erememberingtha t
securit
yt hreatsarevari
able.I
tgiveshackersac hanc etoinvadewhenbus ines
sesarerel
ying
hea v
ilyons ecurit
ytools
.IfSonyhasn'
tlearnedthel esson,atl
eastotherbusi
nes
seshave.Af
t er
Sony '
si nci
dent,thenumberofi nqui
ri
esf rom busines s
estov ari
oussecuri
tycons
ultant
sin-
creased.

03 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
Q.Hat heS ony ,RSA,HBgar yandOt her2011br eachesgi vensomebenett oSecur
ityRe-
sear
cherstoa na l
yzeandstudyt heS tyl
e/T
alentofHac kers?
A.Yes,
Af t
erS ONY ,RSA,HBGa r
ya nda l
lother2011br ea chesmostsecuri
tyexpert
sar
enow
morea l
ertinr echecki
ngthei ratt
itudestowa r
dsecur i
ty. Theycametoknowt hatonesma l
l
awlik
es qlinjecti
oncanbec omear easontoha c
kmi l
li
ondol la
rcompanies.S
ony ghtswith
GeorgeHot z,butmyopi ni
oni sthattheyshouldha v
ehi redhim.Whynotdev el
opthi
shacki
ng
tal
entforlegit
ima t
epurpos es.Whyma keanenemywheny oucanhavethem onyoursi
de?

Q. Doyouf eelthatgr oupslikeAnony mouswhoha ckf orthepur poseof e xpos i

ngt hec ri
minal
andc orrupts ideofc or
por at
ionsa ndgov ernmentha v ev al
ue?
A. Anony mousa reher o’sof21s tc ent ury.Anony mousi sthepol i
ti
calmov ementof cha ngefor
the21s tcent ury.
Anony mousc ana ndc ertainlywillacc omplis hwhatma nyot herpol it
ical
and
pea cemov ement soft hepa s tc oul dnot . Whenc orruption,des tr
uctiona ndma yhem s tr
ike
from gov ernment sorc orpora ti
onsi tisthegoa lofanony moust oawa kent ha tentityandthe
publ i
ctha tac hangemus toc cur. Giv entha t,ma nywi lluset hena meAnony moust oper f
orm
ac t
sofac r i
mi nala ndma l
iciousna ture.Bydoi ngt hisitgi vesther eal" Anony mous "aba d
na me.Inf act,gov ernment sa ndc or porationswi ll
tryt oret a
liateagai
ns tt hefa l
sea nonbyr e-
stri
cti
ngi nt ernetf r
eedom a ndus erc apa bil
iti
es.Wemus tunder s
tandt hatt heAnony mous
whos t
rivesf orpol i
ticalchangea ndwor l
dpea cemus tbef reetowor kwi thoutthemi st
rust
andmi sdeedsof ot herswhot arni sht heirgoodwor k
. Asonc ewa ssai
d,"cha ngea lwa yscomes
bea r
inggi fts.
"Anony mousi st hegi ftweha vebeenwa it
ingf or.Honesta ndt rustwor thyper-
sonswor k i
ngha rdonourbeha lffort hebet t
ermentofma nkind.

Q.Ma nypeopl ea dmi r

ey ouands upportTheHa ckerNews.Di
dy ouevert
hinkt hatyoua r
e
missi
ngs omet hing?
A.It’
sreal
lyt r
uet hatTHNha sbecomeas ucces
sfulCyberawarenessproj
ectinas mallti
me ,
onl
ybec a
us eofours upportfr
om ourreaders
.Iwoul dli
ketostartsomemorepr oject
sinthe
fut
urer el
atedt oS ecuri
tyLabsthatwillhel
pev erybeginnert
oa dva
nce.Also,shari
nga nd
doingresearchonCy berSecur
ity
.

Q.Conv ersely,whatdoy out hinka boutt heF BIandourc r

iminaljusti
cesystem i
nr ega r
dst o
hacking?
A.InIndiaweha vestr
ictpuni shment sf orcybercri
me ,butl
a wsarenots tr
ictl
yappliedtoa ll
.
Thisi
sthes a meinotherc ountries.Eveni nChina,hacki
ngha sbecomespa r
tof t
heChi nami li
-
taryservi
ces .
Lulzs
echac kersha ckPSB, SONYa ndev enoneFBI part
nera ndtheygav eanopen
chall
enget oF BI.Asofy et,theF BIha sfail
edtoidentif
ytheha ckerssowec a nsaytha tthere
aresomef a ul
tsinthej
us ti
ces ysteminr ega r
dstoha cki
ng.Mill
ionsof s
it
esgetha ckedmont h-
l
y,noonec a r
esaboutthos e.Event hea dministr
atoroft
hes i
tere-uploadstheba ck
upa ndfor-
getsthedef acingdonebyha c
k ers
.

Q.
Theinternetwor
ldi
ssor
elyunprepa
redwhenitc omestosecur
it
y.Doyoua gr
eeandwhy ?
A.
Thebes tter
mis“
Nooneissecur
einthi
sworld”
.Youcancheckourwebsi
teforthel
ates
tup-
da
tesofpeoplebei
nghack
ed. Mostof
them a
rehac ker
s,s
ecuri
tyexper
tsandbigbra
ndc om-
merc
ial
na mes.
04 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
AtlastIwouldli
ketos ay“WAKEUPI NTERNETWORL D!”Secur i
tysys
-
temsa l
lovertheglobea r
ethreateneda ndv er
yfews eem tounder-
standwhatishappening.Ift
heCE O’s,
Admi nist
rators
,Presi
dents,and
otherheadsofbus i
nessesandgov ernment saren’tdema ndingthat
theirI
Tdepa rt
ment sarere-eva
luati
ngt heirsecurit
ys ys
tems ,then
theydeser
v eever
ythingthehackersgiv
et hem.

Hacki
ngisher
etosta
y.I
twil
lnotgoawayquiet
ly.I
twi
llnotbeeli
mi-
nat
ed.Ifasof
twar
eengi
neercanwri
teasec
urit
yprogr
am beli
eveme
whenIsayahack
ercanbr
eachit.

Wri
ttenBy:
MohitKumar
Edi
tedBy:L
ikhaPat
el

05 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 By:Li
khaPat
el

A na t
ionunderawe llre
gulatedgovernmentshould
permitnonetor emainuninst
ruct
ed.Itismonarchi
cal
anda r
ist
ocra
ticalgover
nme ntonlytha
tr e
quir
esigno-
rancefori
tssupport
." ~Thoma sPaine

TheUni t
edSt atesDepart
me ntofJ usti
ceha sleftno
st
oneunturnedint he
irrut
hlessat
tempt stouncoveror
fa
bric
ateevide
nc eagai
nstWikile
aksf ounderJ
ulianAs-
sa
nge.TheirgoalistochargeAssangewi thconspir
acy
t
oc ommitespionage.

IftheUnit
edStat
esi
ssuc c
essfulJuli
anAs s
angewi l
l
becometheUnit
edSt
ate
sc onvenientsca
pegoat
,a l
ong
wit
hot her
sli
keUS cit
izena ndAr myPvt.Br adl
ey
Ma nni
ng.The
setwowilldisproporti
onat
elytakethe
bla
mef ort
heUnit
edSt
atesfai
ledpolici
esandcrimes.

Juli
anAs s angeha ss a
idtha tthel onga ndc rueldete
n-
tiona ndf orthcomi ngUSgove r
nme ntprose c
utionof
Ar myPvt .Br adleyMa nningi snothi ngmor ethana nat
-
temptt o"terrorizewhistle
- blowe rs"a ndthatPvt .Man-
ningl ikehims elfisavic t
im ofa llegedgove rnme ntre
-
pr e
ssionandmi s
treat
me nt." The reisnodoubtt heU.S.
gove r
nme ntha st ri
edtoterr orizewhi st
le-
blowe rs
intonotr evealingimpor t
anti nforma ti
ontot he
public,"ButAs sangebe l
ieve si thas
faile
dt oha veac hi
lli
nge f
fe ct.

Assangehass
tat
edthat“
Coura
geis
cont
agious
”.AndthatWiki
lea
kshass
eena
06 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 drama ti
ci ncreaseint henumbe rofs ourceswi llingt o
comef orwa rd,
"hea lsos t
ated" Fe arnodoubti sa l
so
rest
rainingt heira ct
ivities~butt herei sa ni ncre ased
supplyofma te
rial
sc omi ngtous."Hea lsosa idtha tthe
Ma nning'sc a s
ea ndU. S.gove r
nme ntthreatstopr os-
ecuteWi kiLe a
ksha venots lowe de xpansionoft heor -
ganization.
All t
hat Juli
anAs s a
ngeha sdonei stobet heme sse nger
ofinfor mation.Thei nformati
ondi sseminate dbyAs -
sange i nclude d diploma ti
cc ables whi chr eve aled
ma nyUni t
e dStatesf ai
luresandde ba c
lesbe yonda ny
doubt,a longwi t
hpr imaf aciewa rc r
imesa ndc rime s
againsthuma nit
ya ndt her e
velationoft heinf orma tion
hase mba rrassedtheUni tedStates.Unf airl
y,As sa nge
hasa l
re adybe enl a
be leda“ hight echterrorist”byt he
VicePr esi
de ntoft heUni te
dSt ates,JoeBi den,a nd
Admi ralMi keMul len’ sclai
mst ha tAs sangemi ght
now ha ve“ bloodonhi shands ”.The ybot hknow
better
.

I
tisadi sgr
a cet hatmanyc i
tize
nsoft heUni tedStat
es
andthewor ldmus tberemindedt hatexpos i
ngc orr
up-
t
iona ndcri
me si snotbreakingthel aw, butupholding
t
hela w.Topr os e
cutewhi s
tleblowe rslikeWi kil
eaks
Jul
ianAs sangei sas er
iousthreattode moc ra
cya nd
set
sada ngeroust rend.Wemus tunde rstandthatade-
mocra c
ymus tr elyonaf re
epr e
sst oinformi tsci
ti
zens
andke epgover nme nt
saccountabletot hepe ople
.

Inti
mespastJulia
nAs sangewouldhavebeenhai
led
asatr
uepat
riotofdemocracy.Solet
’sl
ookatt
hema n
behi
ndourinformati
onrevoluti
onwhoisnow bot
ha
res
pect
edandr e
vile
dfigurearoundt
heworl
d.

Jul
ianPaulAss
angewa sbor
nJuly3,1971inAust
ra-
l
ia.Todayhei stheedit
orinchiefofWikiLe
aksa
whist
lebl
owerwebsi
tewit
has t
ate
dpurpos
eof
07 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
cr
e ati
ngope ngove r
nme nts.Wi kiLe akswa sfounde di n2006.Tha tye ar,As-
sangewr otetwoe s
sayss e t
tingoutt hephi l
osophybe hindWi kiLeaks :" Tor adi
-
call
ys hiftregimebe haviorwemus tthinkc l
earl
ya ndbol dlyf ori fweha ve
le
a r
ne danything,itist hatr egime sdonotwa nttobec hange d.Wemus tthink
beyondt hosewhoha vegonebe foreusa nddi s
cove rtechnologi c
alc ha ngestha t
embol denuswi thwa yst oa c tinwhi c
hourf orebearsc ouldnot ."Inhi sbloghe
wrote," t
hemor esecretiveorunj usta norganiza
tioni s,themor elea ksi nduce
fe
a randpa ranoiainitsl eade rs
hipa ndplanningcote r
ie..
..Sinc eunjusts ystems ,
byt heirnature,induc eoppone nt s,andi nma nypl acesba r
elyha vet heuppe r
hand,ma ssleakingl eave sthe me xquisit
elyvulner
a bletot hosewhos ee ktor e
-
placethemwi t
hmor eope nf ormsofgove rnance.
"

As s angei sapr omi ne ntme dias pokesma nonWi ki Leaks'be ha lf.Whi lene wspa-
pe rsha vede scribe dhi ma sa" direct
or "or" founde r"ofWi ki
Le aks, As sangeha s
said," Idon' tc allmys e l
faf ounde r
";hedoe sde sc r
ibehi ms e lfast hee ditorin
chi efofWi kiLe aks, andha ss t
atedtha theha sthef i
nalde cisioni nt hepr oc essof
ve ttingdoc ume ntss ubmi ttedtot hes it
e.As sanges ayst ha tWi kiLe aksha sre-
lea sedmor ec lass i
fieddoc ume ntstha nther e
s toft hewor l
dpr es sc ombi ned:
"Tha t'snots ome thingIs aya sawa yofs ayi nghows ucc essfulwea r
e–r ather
,
tha ts howsyout hepa rlouss t
ateofther estoft heme dia .Howi si ttha tat eamof
fivepe opl eha sma nage dtor ele
a s
etot hepubl i
cmor es uppr e
s sedi nf orma ti
on, a
t
tha tl evel,thant her es tofthewor l
dpr essc ombi ne d?I t'
sdi s
gr ac e
ful ."Hea dvo-
ca tesa" transpa rent"a nd" sci
entifi
c"a pproa cht oj ournalism,s ayi ngt hat" you
ca n'tpubl ishapa peronphys ic
swi thoutt hef ulle xperime ntalda taa ndr esults
;
tha ts houl dbet hes ta ndardi njourna l
ism."I n2006,Count e rPunc hc all
e dhim
"Aus trali
a '
smos tinfa mousf orme rc omput erha cker.
"TheAgeha sc all
e dhim
"oneoft hemos t intri
gui ngpe opleinthewor ld"a nd" internet'
sf r e
e domf ighter.
"
As s angeha sc alledhi ms elf"extremelyc ynic al
" .Heha sbe ende scribeda sbe ing
large lys elf-t
aughta ndwi de l
yr eadons c
ienc ea ndma thema tics ,anda sthriving
oni nte l
lectualba ttle.

Wi kiLe akshasbeeninvol
ve di
nthepubl i
cati
onofma t
eria
ldoc umenti
nge xt
ra-
judici
a lkill
ingsinKenya,areportoft oxi
cwa st
edumpingont hec oa
stofCôte
d'I
voire ,Chur c
hofSc i
entol
ogyma nua l
s,Guant
ana moBa yprocedur
es,the12
July2007Ba ghdadai
rst
rikevide
o,a ndma t
eri
alinvol
vinglar
geba nkssuchas
Ka upthinga ndJuli
usBaeramongot herdocuments.

08 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
In2008,As sa
ngepublis
hedanart
icl
ee nt
it
led"TheHiddenCurseofThoma s
Paine",i
nwhichhewr ot
e"Whatdoesitme a
nwhe nonlythos
efact
sa boutthe
wor l
dwi t
he c
onomicpowersbehi
ndt hemc a
nbehe ar
d,whe nthetruthlays
nakedbe f
oret
heworldandnoonewillbethefi
rstt
ospeakwit
houtpayme ntor
subsidy?
"

Ist
ronglybeli
eveWi kilea
ksa ndthewor kJ ul
ianAs sangeha sdoneisa boutfre
e-
dom andjusti
ce.Jul
ia nAss a
ngei sabravede fenderofj us
ticeandf r
e edom.He
isamode r
nda yPaulRe verewill
ingt or
iskhislifetoinf ormt hewor l
dofc r
imes
andinjust
ice.Wea r eoftenc he
a t
e dbypowe rfulindus tr
ies,corporationsand
governmentswhoc a
r emor eaboutpr of
itthana boutpe ople.Wi kileaks,headed
byJulianAssangehass hownabr ightl
ightont heda rkne ssofgre a
tpowe rand
thei
rhiddenshocki
ngs ecrets
.

Hiswe bsit
eWi kile
a ks,f
oundedin2006,ha ssof arsel
ect
ivelyr
elease
da round
12,
000ofmor et han250,000se cr
etdoc umentsinha sini t
spossess
ion.Al l
thi
ngsc onsi
dered,J uli
an Assangema ybecor r
ectwhe n hegive screditt o
WikiLeaksandit’swor kwitht
riggeri
nga" yearofmi ra
cle
sf orj
ournal
ism"t hat
hasenhancedthetranspare
ncyoftheU. S.andforeigngovernment
sa ndcontrib-
ute
dtothede moc ra
ticrevol
uti
onsswe epingacrosstheArabwor l
d.

Wec
ana
lll
ear
nfr
omt
hebr
ave
ryofJ
uli
anAs
sange~

“
Wha
tdoe
sce
nsor
shi
pre
vea
l?I
tre
veal
sfear
.”
Jul
ianAss
ange

09THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 HowCanYo uTel
lIfYourNe
wCo mput
erSec
uri
ty
Cons
ult
antI
sReall
yABlackHatHa
cker?
Inthewo r
ldofcomp u
terse
curit
ytherear
eti
me swhe nthebadguysand
thegoodguysaregoingtohavetowo r
ktoget
her.I
nt hecaseofI
nterne
t
Sec ur
it
yCo mpani
esitisusuall
yth ebadguyturni
ngo veran e
wl eaf
.
Th ebadguysar
etir
edo fl
ivi
ngtheirli
fel
ooki
ngo verthe
irshoul
derand
wa nttose
ttl
edown .Buthowc ant he
yd ot
hatwh entheo nl
yskillse
t
thattheyhavei
sc r
iminali
nn at
u r
e? Theycano f
fsetthatbyget
tinga
jobwi t
hthepeopl
ewh otheyusedtog oaga
inst
.

Wh e
ny ouareacomp ut
ersecuri
tyco mpanyy ouhavetwoi nc
enti
ves
f
orhiringaformerbla
ckh athacke
r.Th efi
rsti
ncenti
veisthatt
heyare
ver
yg ooda twhattheydo.Yo uc a
n nothel
pwh e
reso meofthebest
t
alentinyourindus
tr
yg otthei
rstar
t.Wh atrea
llyma t
ter
siswh a
tthey
ar
ed oingwithitnow.Th esecondincenti
veforh i
ri
ngs omeonewh o
us
edt obeab l
ackhatha
ckeristha
titisgre
attobeabletohavesomeone
whowa so ntheot
hersi
de.
10 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
Thi
swa yyouk nowatl
eastsomeofthet
ri
ckstha
ttheba
dg uysuse
dto
beabl
etopulloffso
meo fthe
irat
tac
ks.I
tist
hesametheor
yaswh ena
count
ryisa
bletogetaspyonthei
nsi
deofthe
irenemy’
sborde
rs.Ther
e
i
snothingbet
tert
hanins
ideknowle
dge.

Butwhileh avi
ngso meonewh ousedtowo rkfo rtheothe
rs i
dei sfi
ll
ed
wit
hp e
rk s,the
reareals
os omed ange
rsa swe l
l.Yo uneverkn owifthe
pe
rsontha tyouhavewo r
kingforyoui sgoingtob etot
all
yr ef
o r
me dor
not
.Jus
tl i
k ethe
yha veusedthei
rski
llsinthepa stt
otri
ckp eopleonthe
i
nter
net,th e
ymi ghtbedoingthesamet h i
ngtoy ou.Andt hatiswh a
t
t
hisar
ti
c leisabout
.Ia mg oi
ngtotalka boutt
hes i
gnstolookfo rwhen
youwan ttoma kesurethatyourre
forme db l
ackh athackeristrul
yre-
f
ormed.

The
irha
bit
s
Ifyoua relo oki
ngtos e
eifthep e rsonthaty ouh aveh i
redtoh elpwi th
yourn et
wo rks ec
u r
ityhastrulylefttheirb l
ackh atwa ysinthep a
stt hen
t
h efir
stth i
ngy oua regoingtoh a vetol ookatist hem.Ia mn otsay ing
t
h atyouo rs ome onee l
seh a
st of oll
o wt hema round .Iamj ustsay ing
t
h ati
tisb estt
ok eepa neyeou twh enitco mestoa nythingsuspici
ou sin-
volvingthem.
Th efir
stt hingthaty ouwa ntt omo nit
o ristheirinternetconnection.
Wh il
ey o usho ul
dn otb eunfaira ndd oa nymo resnoo pi
ngo nt hei
ra c-
countsthany oud oan yoneelse,itwo uldn’thurttoseeifa nyofthes ys-
t
e msiny ouroffi
ceh avebeenl og gedintod uri
ngo ffh ours
.Ort os eeif
anyoneh aslog ge
din tothos
es ystemst hatareno tsupposedto.Some one
wh osti
llh asblackh athackertend enci
e sma ylettheircuriosi
tyge tthe
bett
ero fthema ndtrytoa c
cesss ystemss ucha sthis.Alsoy ouwa n tto
ma kesureth atal
lo ftheequipme nti
si ntheo ffi
ce.Wh enap ers
o nisa
blackh athackertheyn eedal oto fequip menttoc ond uc
ts omeo ftheir
acti
vit
ies.Ma kesuret h
atnon eo fy ouro ff
iceeq ui
pme ntisb ei
ngu sed
fornefariousp ur
poses.

1
1 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
Fi
ndoutt
het
ypeofa
tti
tudet
hepe
rsonha
s
Mo s
tblac
kh athacker
stendtobeanar
chis
ti
c ,oratl
ea s
tpeoplewh odo
notli
kerest
ri
c t
ionsputint
op l
acewhenitc omestot hem.Se eifyou
not
iceanyofthesetende
ncie
sinthepers
ont ha
ty oujusthir
ed.Ift
h os
e
t
endenci
esares l
ightt
henthatmightbejustyouthfulrebel
li
on.Bu tif
t
heya r
esever
et hentha
tissomethi
ngtha
tyo un e
edtol ookint
o.

Che
ckonl
ine
Whileyoud ono twa n
ttog etint
ot hei
rp r
ivat
ea c
co unt
sa tthejoba nd
s
noopo nthem,t hereisn ot
hings ayi
ngt ha
ty oucanno tlookthemu p
onl
ine.Fi
ndo utt hei
rema i
la ddres
so ranyu s
ername sthattheymi ght
us
ean dlookthemu pinGo og l
e.Bea warethough.Goo glehasas e
rvice
c
all
edGo og l
eale r
tsthatmightletthemk nowth a
ts ome oneisdoinga
s
earchonthem. Sod ono t
goc ra
z ywh enyouaredoingas earch.Sprea
d
i
toutoverap e
riodo ft
ime .I
fthes e
archleadsyoutoan yforumso rIRC
c
hatsthentakeal ooka tseewh atyouf i
nd.Reme mb erthep er
sonh as
a
dmi t
tedtoh avingas hadyp astsoma kesur
et hatthei t
emsy oua re
l
ookingatareno told.

I
nt hewor
ldofcomput
ersec
uri
tyyousomet
imesnee
dtohir
ep eopl
e
whoh a
vebee
no ntheot
hersi
de.The
rearet
onsofgoodi
nfor
ma t
ion
t
hatyoucangetf
romthem.Butmakesur
ethatyouar
eca
refulwhen
youdoit
.
Aboutt
heAut
hor
LeeIvesisaninterne
tsecurit
ybloggerfr
omLo ndo n,Eng l
and.He
st
art
edh i
swe bsiteacoupleo fye
a r
sagoa same an sofco mmu ni
cati
ng
se
curit
ytopicstotheaverageint
ernetuse
ri nawa yt hatt
h eywo ul
d
under
stand.
Co ntrar
ytosomep e
op l
e'
sexpe cta
tionshewo r
ksinretai
l
andnotthesecuri
tyindust
rywh ichgoestos howh owj ustaboutanyone
ca
na ccumulateag r
eatdealofknowledgea bouthowt op rot
ect
t
hems e
lvesonlineift
heya repre
pa r
edtoloo kforthean s
we rs
.
Visi
tHima t:Se cur
it
yFAQs-h t
tp:
//
www. se
c ur
ity-
faqs.
co m
12 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 In TheRealm of
SecurityBreach
I
nt hi
sc ybera gewea reli
vingundervari
ous
t
hreat
s.Thethreat
spos s
e s
sedbycybercr
iminal
s
c
a nbemor edangerousthannucl
earwar
fare
. I
t’
s
l
ikeli
vingwi t
hal oadedgun.

Suppos eallt
hedoor si nmyhous eha vedeadbol
t
locks.Ialsous eabur gl aral
arms ystem,butde-
spiteallthesepr eca
ut ionsabur gl a
rusedwha t
techieswouldc alla" bruteforce"a t
tac
ktoe nte
r
myhous e.Thebur gl
a rs mashedhi swaythrough
ana llgla
ssdoorwi thame t
alrods ode s
piteall
theseme asurestheba dguygoti n.
I
t’
sthesamewit
hprotec
tingyourcomput
er.Youc andoe verythingt osecureyourcomput-
e
rbutit’
sst
il
lpos
sibl
efors omeonetoi
nfi
ltr
ateyourc omput er
. Buta struea siti
swithmy
l
ocksandal
armsyste
mgoods e
c ur
it
yonyourc omput ercanr e
duc ethechanc eoftr
ouble.

Inearl
ierda ysitwa scommonf orha c
ke r
stoatt
ackapa ss
wor dtoe nt
eracomput er
system.Tha tisnotdonemuc hanymor ebutitisst
il
lwisetouseapa sswor dthati
sc ombi-
na t
ionofl ett
ersa ndnumbe rs.Tr ytoa voidwor dsthatc a
nbee asil
ygue ss
eda nda re
commoni nus e.Theme thodofc reat
ingac omplexpa s
swordist ousef irs
tlett
eroft he
wor dsinlineofpoe m .Fore xampl e,"Twi nkleTwinkleli
tt
lest
ar"woul dpr oduce"TTl s"
.
Tot hiswec ana ddnumbe rsbeforeanda ftertheword.Thispass
wor dist oughtocra c
k.It
isalsone c
e s
sarytoc hangeyourpa ssworde verysi
xmont hsorso.Sc heme rstr
ytobr each
comput ersecur
itybypl antingvirusesors pywa r
eonyourc omputer.Thesebugsc ana rr
ive
from shaddywe bsit
esorwhe nyoudownl oadf r
eeprogramsfrom we bsites.Of t
ent hey
comea sat
tachme ntstoema il
.Us ingagooda nti
vir
uscanpr e
ventthemf romha rmingyour
equipme nt
.

Wi -
Fi i
sc onvenientwaytoshar
eyourhomei nter
net
connect
ion,howe ve
r,al
wa yskeep
i
nmi ndi'
tsgoodwa yforpeopl
etogeti
ntoyouc omputer
.It
'
sfooli
shtothinkthatanysecu-
r
ityplancanbema debull
etpr
oof.Idi
scoveredthatwhentheburgla
rcamea r
me dwi t
ha
meta
lrod.Butt hatdidnotcausemetos t
artlea
vingmydoor sunlocke
d. I t
'ssamewi th
computer
s,takee veryprec
auti
ontosecureyourdata.

Author:
Sha
labhTewar
i
For
umofRa di
calComput
erExt
remi
st
s.

13 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 Expl
oitWr
it
ers-Cha
lle
ngi
ngSe
cur
it
yExpe
rts
!
Whatar eExpl oi
ts?
Atooldeve l
opedbyhacker
stha
t i
susedt
ope r
for
mma l
ici
ousatt
acksoncomput
-
e
rsyst
e ms .Theyareusua
llysc
r i
ptst
hataredes
ignedtoexploi
twe aknes
sesi
n
s
oft
wareove ranet
work,mostcommonlytheInt
erne
t."Zero-
Day"isac ommon
t
ypeofe xploit
.

Howimporta
ntareExploi
tsforHa cki
ng?
Youcanhackinma nydiffe
re ntwayswi t
hma nydif
fer
entpr
ocedure
s.Ke vi
n
Mit
nickcr
eat
edhackinghi
s t
orywi t
hjustaphoneandadrea
m.Ha cker
s,Expl
oit
wri
ter
sandDe f
acer
sa r
ealwa ysthechall
engeforSec
uri
tyExper
tsandCompa -
ni
es.

Ana t
ta
ckercanwri
teexpl
oit
sbecaus
eofsomemi
sconf
igur
ati
on,uns
ecur
ede
-
ve
lopmentandisl
acki
ngITma na
gement
.

Ther
ea r
evar
iousExpl
oitDa
taba
ses
it
esa
vai
labl
ewi
tht
hous
andsofExpl
oit
s.
Forexa
mple
:

1337Exploi
tDB/Inj
3ct
0r:htt
p://
www.1337da
y.c
om
Exploi
t-
DB:http:
//
www.expl
oit
-db.
com/

14 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
Expl
oitwr
it
ersfr
omallove
rworldsubmitt
hei
rlat
estexpl
oit
sont
hesewe
bsi
te
s.
Anyoneca
ngr a
bthee
xploi
tforper
sonalus
ageandformoreRese
arc
h.

Expl oi
tsa r
enota lwaysa gainstSe curi
ty,howe ver,
whe nse
curi
tyisbrea
c hedt his
isthebe stwaybywhi chde ve l
ope r
sge tfreea uditi
ngandsecuri
tytes
ti
ngoft heir
servicesandpr oducts
.Sof a rin201 1,al
mos te ver
yda yt
hereisanewbi gha ck-
ingc ase.Themos trecenta ndf amousonei st heSONYha cks
.Ha c
kersf r
om a l
l
ove rworlda r
et r
yingtoe xploittheSONYs ites ,s
erve
rsandproduct
s.Toda tewe
havenot icedtha t11Se riala t
tacksa redoneont heSONY ne twork,including
PSN,Er icson,a nd SOE e tc
.Formor ede tai
lsyou can visi
tourwe bsite
www. t
heha c
kerne ws.
com.
Simi la
rly,PSB.orga l
sowa sha c kedbe ca
us eofa n0dayExploi
tofMova bleType .
Ha ckersuploadedt heshe l
la ndgota ccesstot hewhol eser
verofPBSwi thone
securit
yhol e.

Someti
mesones
mal
lvulne
rabi
li
tyc
anc a
useama
jorSe
cur
it
yBr
eac
h. The
aboveexa
mpl
esa
ree
nought
oprovet
his
.

Todaywea regoi
ngtoInt
roduceabout1337Expl oitDBorI nj3ct
0r.Inj
3c t
0ri
s
ahacki nggroupthat
att
ackedthepopula
rsocia
l net
wor kingsitefa
cebookwi t
han
sqlinjec t
ionatt
ackinlat
e2009.The yfoundvul nerabil
it
iesi noneoft heweb
appsthr oughtheur
landmanagedtoe xt
rac
tvaluableinformationfr
omt hesqlda
-
taba
s e.The ya l
sohostafull
-dis
closur
ewe bsit
emuc hl i
kemi l
w0rm whi c
his
host
e dbyaus erwhogoesbythena mestr
0ke.

Lat
er,st
r0kesai
d"Ihavetal
kedwithaf ewfr
iendsandI'
llbehandi
ngt
hesit
e
ove
rs oagroupofpe
oplecanaddexploi
ts/ot
herthi
ngstothes
it
e.Hope
ful
lyi
t
wil
lbeane wgoodst
art
”.Thiswasthebornofinj3c
t0r
.

Thewe bsi
teworksbyr ec
eivi
ngemai l
sfrom hackerswhohavedisc
ove
redvul
-
nera
bil
iti
esinwe bappli
cat
ionsa
ndwr itt
ene xpl
oitstogai
nres
tri
cte
dacce
sson
thehos
t/pctha
ttheprogra
m/ a
ppl
ica
tionha sbeeninst
all
edon.

I
nj3ct0r
.com wa s ori
ginal
lyf oundedi n 2003, by a ha c
ke rc ompute
r
e
nthus i
ast.
Ini
tia
lly
,Inj
3ct0rwasapr i
vatet
eam.Doma inInj
3ct
0r.
com wa sre
gis
-
t
eredin2008. Theenormousdata
ba s
e,thecons
tantupdat
es,t
heuniquenatur
eof
t
hec ontentpubli
shed.
15 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 I
nte
rvi
ewwi
th

Aswedi scussedEa rl
i
I
nj
e
3c
rt
t0r
ha tI
nj3ct
0rprovidesuse
fulinformati
ont ope oplewho
perform pene t
rat
iontesting,IDSs i
gnaturedevel
opme nt,ande xploi
tr esear
ch.
Thi sproje
ctwa screat
e dt oprovideinformati
onone xploi
ttechnique sandt o
createaus efulresourc
ef orexploi
tde vel
opersandse curi
typrofessi
ona ls
.The
toolsandinforma t
ionont hissit
ea r
eprovidedforl
egalsecuri
tyresearcha ndtes
t-
ingpur posesonly.Thepr ojec
tdoe snotbe l
ongtotheTur kis
h,Ame r
ic an,Rus-
sian,Chinese,Ukr ai
niane tchacker
s.

THN:Wha ti
sinject
orTe amdoi
ngthes
edays,whatpl
ansa
rethe
reaboutf
orum
andhowthesethingswillhel
pbegi
nner
s?
Inj
3ct0r:inj
3ct0risnota ni
nst
it
utef
orbe
ginner
s.Forumsandalla
recoming,
l
ookoutfornewsa ler
ts.

THN:Mos tofthet
imewehearthatt
heInject
oradminbelongst
oPa ki
st
an,i
sit
t
rue?
Inj3c
t0r:Theymaybea ndt
he ymaynotbef r
om thatc
ountry. Oneofadmi
n
says–“Pat
ri
oti
smisthel
astr
efugeofascoundre
l.
”

THN:Ifiti
s,t
hendoe sregionmatt
e ri
nteamwor k?
Inj
3ct
0r:No,itdoesn'
t.I
fitdoes,i
tisnotte
a mwor kata
ll.
Eve
ryi
nj3c
t0ri
sli
ke
afr
eebir
d.The
yf loc
ki ngroupsbut,re
stinindi
vidualne
sts
.

THN:IsExpl
oit
ingacrime?Ordoesithel
pdeve
lopers?
Inj
3ct
0r:Thereisayinforeveryyang.Ift
her
ea r
ede vel
oper
s,t
her
ewi
llbe
hac
ker
s!Wearejustba
lanc
ingtheequat
ionwi
thourexis
tence
.

THN:I sexposure(vi
ae xploi
ts
,vi
deos
,tut
s)import
antornot?Wha ti
sthegood
sideofsecuri
tyholesexposure?
Inj3ct
0r:The rea r
e2s i
de stoever
ycoin.Iti
simport
antanditi
snotimport
ant
.
Itdependsont hepers
onwhoi sexpos
inganddependsonthepersonwhoisob-
servi
ngthem.

16 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
THN: Wha tarethebenef
it
se ve
ryonecangetwit
hexposur
eofexploit
s,li
kefrom
adevelope
rpointofview,fromaha ckerpoi
ntofvi
ew,orforalea
r ne
r/begi
nner?
Inj
3ct0r:Re cti
fyingmis
takesandma kingot
hersr
ecti
fywhohave n'
t.Afte
ra l
l,
weareme rehuma ns:)

THN:I tappearswithout"
hacki
ng"internetse
c ur
it
ywouldnotha vebeencha
l-
l
e ngeda ndimpr oved.Doyous e
eha cki
ngha vinganyothe
rvalue?
Inj 3ct
0r:Ha ckingisasval
uabl
ea sanyde vel
opme nts
.Ther
ei salwaysa'
next
l
e ve l
'i
ne veryt
hing.Irememberin2002,SQLI nje
cti
onwasconsideredt
hemost
l
e thalpracti
cea ndin1998DOSa t
tackswe reinevit
abl
e!Astechnologygr
ows,
wewi llgr
owt ooa ndaswegrow,itwi l
lgrowtoo: )

THN:I sExposur
eofSe curi
tyHolesI
mport
ant
?Wha tha
veyougottenfrom t
he
exper
iencepers
onall
y?
Inj3c
t0r:Pe r
sonalexpe
rience:J
oyofout
smart
ingthesmartone
s!I
tisimporta
nt
anditisnotimpor
tant-theexposur
eImean,dependsonuseronea
che nd.

THN:Doyouf eelt
hatgroupsli
keAnonymouswhoha ckforthepur
poseofex-
pos
ingthec
rimi
nalandcorrupts
ideofcor
pora
tionsandgovernmenthaveval
ue?
Inj
3ct0r:Myrepli
eswillrefl
ectmyenti
rebel
ove dte
ama nda l
sosuppor
ter
s.I
wouldli
ket
opres
sthe'Skip'but
ton:
)

THN :Soma nype opleadmireyouands upportyou.Di dyoueverthi

nkyou
woul dbeapublicfi
gureheldinest
eembyma nyinyourli
feti
me?
Inj3ct0r:A Ha cke
risknownbyhi slevelofsteal
th'mode'
.Ther
eisas ayi
ng,
"Eve r
yoneknowsagoodha ckerandhema keshi
sfolkspr
oudabouti
tbut,
noone
knowsa boutthebestone,notevenhisfolks
.Famewoul dma kemelookmor e
wea kert
omys el
f.

THN :Conve r
sel
y,wha tdoyout hi
nka bouttheFBIa ndourcriminaljust
ice
syste
mi nregar
dstohacki
ng?Howwoul dyouwr i
tethela
wsgove r
ningthisact
iv-
it
y?
Inj3ct
0r:Iwoul ds um itupinoneline'
Ifsome oneissmart
e rt
hanyou,e i
ther
lea
rnfromhi morgetyoursel
frepl
ace
d'.Ther
eisnogoodguya ndbadguy. Every
huma nisun-r
efi
ned,that
'
sa l
l:)

17 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
THN:Theinte
rnetworl
di ss
orel
yunprepar
edwheni
tcomestose
cur
ity.
Doyou
agr
eeandwhy?
Inj
3ct
0r:Notjus
tsecur
ity,eve
ryt
hing.But
,ast
imegoes
,itt
eac
hes.

THN:Wha tme s
sa gewouldyouli
ketogivet
hehackingcommuni
tytha
tissub-
scr
ibi
ngtothisma gazine
?
Inj
3ct0r:Beaki d. Besi
ncer
enotser
ious
,inwha
teveryoudo.I
fyoudon'
tenjoy
i
t,youain'
tdoingitr i
ght
.

Ha
ppyMi
lw0r
m1337Da
y
I
nj3ct
0rwi
shesyouaHappyMil
w0rm1337Da y!!!WishestoallI
nj3ct
0ruse
rs!
HappyMil
w0rm1337Da y!!
!Under
groundus
ersUnit
e!I t
'soursec
ondbirt
h!
Milw0r
mwa sbornonJ
une31998,Let’
sCele
brat
e-Vis i
t1337day.
c om

18 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 I
nfor
mat
ionSec
uri
tyInc
ide
ntMana
geme
nt
Wh a
tShoul
dWeNo tDo?
Inrecentt
imest hereha vebeensevera
lsec
urityinci
dentst
hathaveputthewor l
d
ona l
ert.Technol ogyGi antshavebeenhitandyourpe rs
onaldata
,yourt a
stes,
yourinter
est
sa ndyourha bi
tshavefall
eni
ntot hehandsofcri
minals
.
Theaimoft hisa r
ticl
eist odis
cusssomeacti
onst ha
thavetakenpla
ceininterne
t
secur
ityandwha tthi
ngswes houl
dnotdoi fweha vetoma na
geas ecuri
tyinci
-
denti
nouror gani zat
ion.

1.Hidet heInci
dentt
oourc ust
ome rs
Thefir s
tthoughtac ompanymi ghthaveassoci
ate
dwi t
has ecurit
yincidentis
concealment.Nothi
ngi sworsethanthi
sifwewa nttoprovethatweha vebe e
n
dil
igentwithourdataa ndourcust
ome r
’sda
ta.Wemus tremembe rt
hatpe r
sonal
dataf
r omourc li
ent
si snotour
stoownbutt oshel
ter
.

2.I ncreasethequali
tie
soft heattacker
As it
ua t
ionthatisoccurringfr
e quentl
yislookingf orwa ystoomitallt
hemi
s-
take sthatwe r
ec ommittedbyal a
c kofdil
igenc
e ,knowl e
dgeorotherwis
eint
he
thec ompa ny’ssecur
itysys t
em. Whe noursecuri
tyisbr eache
dthefir
st
thingha sbe entofocusont hehypot he
tic
alcharacte
r is
ti
csofthe
attacker,alwaysgivi
ngt he mmuc hmor esophist
ication
thant heyr eal
lyposs
e s
sed. Thatis,inc
reasi
ngthe
skillofthea tt
ackert
omi nimiz
eourmi st
akes.

19 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
"Weha vebee
nvict
imsofa nat
tac
kofpropor
tionsnevers
een,
"" Theattac
ke rha
d
verysophi
st
icat
edknowledge
”,"wasanonymous" et
c,et
c.Fe ssupa ndtakere-
spons
ibil
it
y.Youwillcr
eatemuchles
sinsecuri
tyinyourcl
ientifyoudos o.

3.Descr
ibebasicse curi
tyme a
suressuchasimprove mentpl
ansf ol
lowingthein-
ci
dent
Foll
owingthei ncidentther
eisapr ese
ntat
ionnami ngacti
onpl a
nst oimplement
sec
urit
yme asurest hatshoul
dha vebe enimple
me nte
dpr e
vious l
ya ndthatare
rea
llybasi
c,fore xa mple:"Wewi l
limplementas yst
em ofsafetymanage ment
basedonISO /I EC 27001" ,"Wewi l
lusee nc
r ypti
ontechniquesf orper
sonal
dat
a","Wewi lltr
a inours t
afftoprovidei
ncidentr e
sponse”
.Re s
ponsesofthis
st
ylecanbefoundi nthepubli
shed

stat
ementsofcompa niesthathaveha dthei
rsec
uri
tybre
a c
hed,whic hdoesnot
h-
ingbutdemons tra
tet
hes ecuri
tywe aknesse
sandnegl
igenceofwha tshoul
dhave
takenpla
cea ttheincepti
on.I tiscl
e artha
tanyorga
nizat
ionmus tcomplywith
lawsorr egul
ationssucha sPCI DSS,SOX,ors i
milar
,a ndshouldha vethe
se
kindsofsecuri
tyme asure
si nplace
.

4.Donota c
ceptmi st
akes
Some t
hingt
hats eemss osimpledoe snotha ppenof ten.Whatthecust
ome re
x-
pect
smor et
hane xcuse
s ,c
oncealme nt
,andl ie
sistha tt
heorganiz
ati
oncommuni-
cat
estheinci
de ntonti
me ,withsinc e
rit
ya nda cc
e ptanceofthemista
kesitmay
havecommi t
ted.Thus,"Wef ail
edt otakec areofy ourdata,wemademi st
akes,
weaskforgi
vene s
sandwehav eallourresourcesav ai
labletocove
rtheer
rorand
cont
inuebusi
ne sssaf
elyands ec
ure l
y."

Howmanyc
ompani
esar
ewi
ll
ingt
ocommuni
cat
ethi
stot
hei
rcus
tome
rs?

5.Offercompe nsat
ionthatisnotuptotheinci
dent
Inallt
ha tweha vebeendiscussi
ngitshouldbea ddedthati
ns evera
lcasesther
e
havebeenc ompe nsat
ionplansforcus
tomersthatreal
lylookridicul
ous,s
uc has,
"WelcomeAga in""FreeCont entforEver","Gol dMe mberships"ands oon.
Whe nestabli
shingsuchplanstheyshouldbepri
or it
ize
dbyc ustomerands houl
d
off
erac ompe nsat
ionplanthatreal
lyl
ivesuptothei mpactcaused.

20 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
6.Ke epthinki ngthatInc i
dent Mana gementisami noris
sueandthatonlybe longs
toIT.
Organizationst hatma intainthispos i
ti
ona r
et hoseinwhi c
hma nagersha venot
yetinter
pr etedt heInforma ti
onSe curi
tyasapr iori
ty
.Empl oyeesmus tma nage
ri
ska nda l
wa ysknowt hes ecuri
typolicyoftheirorgani
zati
onandbus iness.I fa
compa nyput soutame ssages ucha s,
"Weha vea ppoint
edanewCSO( Chi efSe-
curi
tyOf fice r
)whowi llrepor tt
ot heCI O(ChiefInformati
onOf f
icer)
"t hisma y
causedee pmi sc
onc epti
onst hataffectt
hebasicpr i
nci
plesofse
curit
ya ndi nter
nal
controlma king theot here mpl oyeesfeelthe ya renotr e
sponsiblef ort he
compa ny’si nter
ne tsecurit
y.

#Doesanyonethi
nkt ha
taft
ert
hePlaySta
tionNe
twor
kinc
ide
nts
ecur
it
yma
n-
a
geme
ntisaniss
uepur el
ytec
hnic
alandIT?
#Whatdocredi
tcardscompani
essa
y?

Anot
herst
ri
kingiss
ueistha
tcompani
eswhic
ha r
einvolve
dindi
rec
tly
,suc
has
V1SA,Master
Card,Amer
icanExpr
ess
,et
c.havenotcomefor
thwit
ha nyc
om-
muni
cat
ioninthi
srega
rd.

#Di dnotPCI DSSar

isebec
aus
eofthese
c ur
itybr
eache
stha
tcr
edi
tca
rdcompa
-
ni
eshaveha d?
#Woul dithavemini
mizedt
heimpa
c t
oftheinci
dent
ifS0NYhadc
ompli
edwit
h
PCIDSS?

Hows houl dwet a

ket heinformati
ons ecurityincidents?
Fornow,i nci
dentss houldbet akena ss ome t
hingt hatwi l
lha ppennotma y
happen.Wha twene e dtodoi savoi
di ncident s
.Inc i
dentswillbepr e
sent
eda nd
whatwemus tdoise st
a bl
ishthemecha nisms, pr
oc ess
esa ndsecuri
tyme as
uresto
res
pondi nat i
me l
ya nddi l
igentway.Itwi l
lnotbeI T,butitwillbetheent
ir
eOr -
ganiz
a tionr e
spondingt oaninformations ecurit
yi nci
dent.Justaswel ear
nfrom
anerrorormi st
akeine verydayli
fe(ora tleastwes hould),int
hec aseofwe bse-
curi
tyi ncidentsi
ses senti
altolear
na ndi mprove .

"
Wec an´ta
ffor
das e
condt
ime
wi
thoutdoi
ngsomethi
ngtoavoi
dit
".
21 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
I
mpl ement
ingama nageme ntsys
tem basedonsecuri
tyris
ksthattheOrganiz
a-
t
ionisexpose
dt oandlookingatthelega
landregulat
oryrequi
rements
,couldbe
t
hewa yforwar
dt ost
arttheconti
nuousanddili
gentmanagementasanorganiz
a-
t
ionmus tdoto provi
de t he
ircust
ome r
sa nduserssa
feands e
curehousingof
t
heirpri
vatei
nformati
on.

"I
nfor
mat
ionSec
uri
tyManage
menti
s
notonet
imeonl
yorjus
tbeca
useIha
vet
ome e
tit
.”
Ref
erence
s(Donotr
einventt
heWhe e
l):
Bel
ow youwi l
lacc
esst hesitewww. pri
vac
yri
ght
s.
orga
nds
ees
omeoft
he
br
eachesi
nrec
entye
ars:htt
p:/
/bit
.l
y/j
Ma V8g

NIST:SP800-100I
nfor
mat
ionSe
cur
it
yHa
ndbook-A Gui
deForMa
nage
rs:
ht
tp:
//
1.us
a.gov/
gQJ
hLd

NIST: SP800- 61 Comput

er Se
cur
it
y I
nci
dent Ha
ndl
ing Gui
de:
ht
tp:
//
1.us
a.gov/
gDPV4j

ENI
SA:GoodPr
act
iceGui
def
orI
nci
dentMa
nage
ment
:ht
tp:
//
bit
.l
y/mz
wLqJ

CERT:Ha ndbookf
orComput
erSe
cur
it
yInc
ide
ntRe
spons
eTe
ams(
CSI
RTs
):
ht
tp:
//
bit
.l
y/hAZVAx

I
nfor
mat
ionSe
cur
it
yChe
atShe
et:ht
tp:
//
zel
ts
er.
com/
che
at-
she
ets
/

Aut
hor
Mar
ianodelRío|I
nfor
mati
onSe
curi
tyCons
ult
ant
Twi
tter:ht
tp:
//
twi
tt
er.
com/
mmdelr
io

22 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 OURCAUSEI
SNOBLE
OURPOWERISPURE
23 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
Le
t’sTal
kwi
thAnony_ops
A Legend behi
nd Anonymous
Anonymousisthepol i
ti
calmovementofchangef ort he21stcent ury.
Anonymouscanandcer t
ainlywil
laccompli
shwhatmanyot herpoli
ti
cal
andpeacemovement soft hepastcouldnot.Whencor rupti
on,destruc-
ti
onandmayhem stri
kesf rom gover
nmentsorcorporat
ionsi ti
sthegoal
ofanonymoustoawakent hatenti
tyandthepubli
cthatachangemust
occur.Wemustunderstandt hatt
heAnonymouswhost rivesforpoli
ti
cal
changeandworldpeacemustbef r
eet oworkwit
houtt hemi str
ustand
misdeedsofot
herswhot arnisht
heirgoodwork.Anonymousi sthegi f
t
wehavebeenwai t
ingfor.Honestandt r
ustwort
hypersonswor ki
nghar d
onourbehalff
orthebet termentofmankind.TheAnonymous, Needof
21stcent
ury
,Let’
sTalkwi thhim:
THN:Whoi sRyanandwhathi smatte
rwi t
hAnonymous .
Anony_ops:Ryanwasane t
workadmi
nis
trat
orandunr
eli
a bleli
kema
nyothers
.
Bas
ical
ly,weknewRya nwouldexpl
odeoneday.Hewa sl i
ketheYe
llows
tone
Cal
dera,heoccas
iona
ll
yha dlit
tl
eout
burst
sands omepe oplewhoknew hi
m
f
rombe for
ewarnedustha
the'dhadmas
siveer
upti
onsinthepa st
.

THN :Doyout hinkt herearemor epe opl

el i
keRyantr
yingtobreakthe
Unit
yofAnonymous ?
Anony_ops:Ye s.Weha vehadlotsofguyslikehimint
hepasta
ndIbetthe
re
ar
esti
llsomelurking.Butt heywillnotdowha thedi
d.I
nmyopi ni
onwhathe
di
dwa sstupi
dandi tdidn'tac
hieveanythi
ng.

THN:I sAnonymousors uppor tersofAnonymousbe hindt heSonyHac ks?

Anony_ops:AnonymousI RC( AnonOps )isnotinvol vedint heSonyha cksa l
-
thoughs incebeingAnonymous ,ma nypeopl ecanc re
a tetheirownba ses(cell
s)
andwor kont heirplans.Soma ybeAnonymousi sinvolve dini torma ybenot ?
Wewi llneverknow. ButIc antellyouthattheyde f
initelytooka dvant
ageoft he
whol eOpSonys i
tuat
ion.Wha tIwoul dsugge stistha twhe ne verAnonymous
doe ssome t
hingbi g,webr a
ga boutit.Thef actt
hatwede niedi tisas t
rongindi-
catorthatwedi dn'tdoit-ifweha dsucce
e dedinbr eakingintot he i
rserve
rs,we
woul dha vebeengl oati
ngabouti tal
lovert heinte
rnet.

24 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
Itwa squi t
ec le
arthatnoonekne w wha twa sgoi ngonwi t
hSonya ndSony
blamedusf ortheirshitt
ys ec
urit
yi ntr
usion.Fur ther,thepeoplethatactually
parti
cipa t
edi ntheintrusionsawtha tt
heyc ouldus eAnonymousa sas ca
pe goat
butwewoul dha vekeptt he"Anonymous "tradit
iona ndnotha veleftourmot to
inas i
ngl efile,wewoul dhaveleftiti
ns ome t
hinga longthel
inesof9001f il
es.
Sot oa nswe ryourque sti
on,wewa ntaapologyf r
om Sony .The yhavenoc red-
ibleprooft hattheof f
e nseswerec ommittedby" Anonymous "onl ywha ts ome
copyc a tlefttherecaus i
ngconfusionint hereports.Be c
aus
eoft ha twewe re
subseque nt
lyha rassedbyami sguidedandmi sinforme dSonywhot henstarted
cloggingupours er
vers.

Quot
e:<e
vil
>somepe
opl
ewi
llt
akea
dva
nta
geofi
tfort
hei
rma
lic
iouss
hit
.

THN:Te lluss
omethingabouttheSpanis
hRe vol
uti
on
Anony_ops:Yoube
tteras
kthist
oSpanis
hAnons ,
Ihavenor
ight
toa
nswe
rthi
s
be
causeI'
mnotther
ightpers
on.Sorr
yabouttha
t.

THN :Whatar etheot he

rope r
ati
onsrecent
lyborninvariouspartsof
worl
d?
Anony_ops:Ther
ea reover9000oper
ati
onswhic
ha reon-
goi
ngr i
ghtnow.
Someare#OpGre
ece,#OpSpai
n,#OpSpai
n,#OpMexic
o,#OpCol
ombiae t
c.

Vi
si
tourI
RCf
ormor
ede
tai
ls
.:P

THN:I sthereanyc oreteam ofAnonymousori syoure verydecis

ionand
actioni ndepe ndent?
Anony_ops:The r
ei snoc orete a
m ofAnonymous .Ifyoua repoint
ingtowards
Ne t
wor kOpe rat
orsthe nwe l
l,therearejustnetworkopera t
orsandtheyma nage
allthet echstuff.The ydon'tge tinvolvedinAnonymous 'wor kandoperat
ions
exce pttoke e
pI RCc hanne
lsf r
e efromt r
oll
s,spamme rsandbota tt
acks.Ourde-
cisi
onsa ndac t
ionsa rebaseduponpe ople'
swi l
landt ea
mwor k.Wha twedoi n
IRCi sc ommuni catewi t
he achot her
,f or
m apl anandge tasma nypeoplein-
volve d,ofc oursea nonymous ly,andwea l
lvoteonas pecif
icacti
on.Se e
ms
simpl e?It'
sNOT.l olSo,oure ve r
ya ct
ionisac ol
lect
ivede ci
s i
on.

25 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
THN :Eve ryoneknowst hatAnonymousi sagainsti njust
ice ,c orruption,
andabus eofgove rnme ntpowe r.Howmuc hareyous at i
sfi
edwi thyourown
effortre gardingt hisgr eatresponsibili
ty?
Anony_ops:Ia mve rymuc hsa t
isf
iedwi thwha tIa mdoi ng.Wha tIdoi scarry
theinfor ma t
iona nde xpos eittothepubl icwhi chotherwisewoul dbeve rydiffi
-
cultfort hepubl ict oge t.Youc anc allmeaba st
ardAnonorwha tever.Idon' t
giveas hit.Weonl ydoi tfortheLul z.Anonymousi snotas e
c reta nymor e,in
timesofpa i
na nds uffering,yourignor edne i
ghborc ouldbeyourhe lpingha nds
andal ightofhope .It hinkAnonymousr e
presentshopef orma nkindbe cause
peopleha veha de noughwi ththesecrimi nalorganizat
ions,establishme ntsa nd
governme nts.The ya r
ef edupwi tht heirlawsa ndwa r s
.The y'ves acri
ficed
enough. I
t'sti
mef orpe opletouni t
eanda ctasonea ndwha tI'
mdoi ngi splaying
somepa rtintha t
.SoI '
mve ryproud.Iwi she veryonecouldbe comeAnonymous
ands ervet heirfellowbr other
sa ndsisters
.Be inga nanoni sbeingyour s
elffirs
t
thens haringwha te veryouc an.

THN:Anonymousar ebas icallyAc t

ivists.Arehac kersals os upportingyou
tomakei tHac ktivi
sm?
Anony_ops:Ye s.The ywor kinde pe ndentlya nds ome ti
me sunde rcertai
nc i
r-
cums t
anc estheywor kwi thinthehi ve .Asyouwe llknow,a sidef rom thepublic
ral
ly'
s,Anonymousha sa lsot akenpa rt i
nma nyonl ineope ra
tions ,mostofwhi ch
neededt heuseofha cke r
st oa ccompl ishwha twa sne eded.Agr ea tdea
lof Anon's
submitt hemselvestot heLOI CHi ve ,faxinga ndot herme t
hodsbuts omewe b-
sit
es,l
iket heUSCha mbe r
,ne ededmor et hent hat,whi c
hi swhe ret
heha ckers
havecomei n.Thef a
c ttha ttheydot hisistof urtherours t
rengt ha sAnonymous ,
andma nyoft hem,whe the rtheyha vehe lpf r
om t heAnon' sort he ydoi tsi
ngle
handed,wi llgivefullc r
e dittoAnonymous ,be causet heyfee lthec a
us eisjust
.
Soye s,toa nsweryourque sti
on,ha c kersa resuppor tingusa ndwi t
he verynew
operat
ioni tgivesusas t
ronge rgraspont he" Col l
ect i
ve"thatisAnonymous .

THN :Whatar etheotheriss

ue sonyourl i
stthatmaybe c
omet hene xt
Revolut
ion?
Anony_ops:Operat
ionsar
edependentupont
heirmoti
vesa
ndthei
rimpor
tance.
Anyone'
sf r
eetost
artanyopera
tionbutvali
dopswi t
hvali
dreasonsar
es up-
por
tedbya l
lAnonsandtha
t'
showt heymoveforward.

26 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
THN :theiss
uewithNATO anddoesAnonymouspl ans ome t
hingagains
t
NATO?
Anony_ops:Inmyopini
onNATOisjus
tfol
lowingt
hef ootst
epsofthePenta
-
goni
diot
sandtheI
RC( pe
opl
e)a
reyett
odeci
detheact
iont otakeagai
nstt
hem.
Butwewon'tf
iref
ir
st
!

THN:Maj orSe c
ur it
yBr e achesof201 1arerelatedwi thAnonymous .Isthis
divert
ingthestyl
eofAnonswor k?
Anony_ops:The rea r
es oma nya nonymousce l
lsnow t hatnoonec a nke ep
tr
a c
kofthem.But onethingi sforsur e
,thes
me gmai sout oft
hebottle
..
.trys t
op-
pingit
.Anonymousi swor ldwidefr ome ver
ycont i
nenta ndeverycountr
y .There
areli
ter
all
y100’sofI RCswhi charenowde di
catedtoa nonymous .Irea
llydon't
knowwha tthefutureholdsf orAnonymousbutwha tIc antellyoufors ureisI
willbetweet
ingaboutthe m.: )

THN:Anyme ssagefortheWor l
dfrom THNPl atf
orm?
Anony_ops:Thi sistoallhumanbei
ngsont hi
spl a
net:Sharea ndkeepinfor-
mati
onfreebecauseiti
souronlyli
fel
inetothefut
ure.Tothecr ooksi
ngove rn-
ment
sa ndcorporati
onsIcanonlysay
,you’redone.The r
earenomor esecret
s.
Youcan’thidefrom Anonymous.Weknow wha tyoua redoinga ndweha ve
madeitourmissiontoexposeyou.Peopl
efromt i
mebe gi
nningha vefoughtin-
j
ust
icebuttheyha ven’
thadtheri
ghtweapons.Wedonow.Re me mberthi
s:

WEAREANONYMOUS
ANONYMOUSISLEGION
WEDONOTFORGET
WEDONOTFORGI VE
EXPECTUS

27 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 T
otalExpos
ure
Pas
swor
dSe
cre
tsof“
Appl
eSaf
ari
”

28 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
29 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
30 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
31 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
32 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
33 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
34 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
35 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
Saf
ari
Pass
wor
dDecr
y pt
orwor
kso nmostoftheWindowspl
atf
orms
st
art
ingf
romWindowsXPtol
ate
stope
rat
ings
yste
m,Windows7.

AboutAut
hor

Nagares
hwa rTalekarisafounderofSecurit
yXploded.com –Infosec
Rese
arch&De velopmentPort
al.Hei sas e
curi
typrofess
ionalwiththe
unbe
atenpassi
ontowa r
dsCo mputerSecurit
y,ma i
nlyinvolvedinRe -
ve
rseEngine
e r
ing,
Se cur
it
yRe s
earchandd evel
opingSe c
urit
yTo ols.
Heholdsengi
neeri
ngd egr
eeinCo mp ut
erSciencefr
om Na ti
onalInsti
-
t
uteofTechnol
ogyo fKarnat
aka,Surat
hkal(KREC) ,I
nd i
a.Heh aspro-
f
essi
onalexperi
enceo faround6 +y earsspanni
nga crossNo vell&
Ci
tri
xwh er
eh ehaswo rke
do nSecurit
ya ndAp pl
ica
tionVirt
u a
liz
a t
ion
t
echnol
ogie
s.Cu rr
e nt
lyheiswo rki
nga sindepe
ndentsecuri
tycon sul
-
t
antandres
earche
r.

Youc a
nf i
nda l
lhis wor
kins
ecur
it
yfi
elda
thi
s we
bsi
te-
ht
tp:
//
Secur
ityXpl
ode
d.com

36 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 S O N Y
Hacked.HackedAgai
n.HackedAgai
n&OnceAgai
n!

GeorgeHot
zvsSONY

GeorgeHot
z,whoprevi
ous
lyhass
ucces
sful
lyhackedani
Phone(
1G)andt
hemos
tamazi
ngt
hingabouthi
mthatSpendi
ng

5weekst
osucces
sful
lyhacki
ngt
hePS3.

I
t’sbeenabout3yearsoft
imet
hePS3remai
nsunhacked.ButGeorgeHot
zspent5weekst
ohacki
t.TheHackedPS3wi
ll

beabl
etoreadanyt
ypeofdi
sct
hatyout
hrowi
n,andal
lowpi
rat
edgamest
obepl
ayeds
moot
hly.Thi
sat
tacki
svery

us
efulf
ort
hos
epers
onswhos
ellpi
rat
edgamest
hroughbl
ackmarket
ing.
.
!!

Sony'
slegaldus
t-upswi
thPS3moddersGeorge'
GeoHot
'Hot
zandGraf
_Chokol
ohaveearnedi
tthei
reoft
he'
hackt
ivi
st'

groupknownasAnonymous
.

Operat
ionSony,t
heret
ali
ati
oni
spartofAnonymous
'Operat
ionPayback;ani
nit
iat
ivewhi
chs
eekst
odi
sabl
ewebs
itesbe-

l
ongi
ngt
opercei
vedopponent
soff
ree-
right
scont
entwi
thdi
stri
but
eddeni
alofs
ervi
ceat
tacks(
DDoS)
.Theuni
dent
if
ied

groupcl
aimsSonyvi
olat
edbas
icf
ree-
usef
reedomswheni
tsuedGeoHotandarres
tedt
heGermanhackerGraf
_Chokol
o

f
oral
legedl
yengagi
ngi
nPS3j
ail
breaki
ngact
ivi
ti
es.

37 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
Overt
hel
astt
womont
hs,t
hemul
ti
-nat
ionalSonyCorporat
ionhascomeunderawi
derangeofat
tacksf
rom anevenwi
der

rangeofat
tackers
.Thebacks
toryaboutwhateventprompt
edwhot
oat
tackandwhywi
llmakeamedi
ocremade-
for-
TV

movi
esomeday.

SonyTi
meLi
ne
2Apri
l:Anonymous
,theonl
ineact
ivi
stcol
lect
ive,begi
nsOperat
ion:Sony,as
eri
esofdeni
alofs
ervi
ceat
tacksonSonyweb-

s
itest
hati
tsaysarei
ndef
enceoff
rees
peech.

11Apri
l:Sonyannouncest
hecas
ehasbeens
ett
ledoutofcourtandt
hatGeorgeHot
zhasagreedt
otakedownhi
swebs
ite.

13Apri
l:Anonymouss
aysi
twi
lli
ntens
ifyi
tsat
tacksandcal
lsf
oradayofprot
eston16Apri
l.“I
ntheeyesoft
hel
aw,t
he

cas
eiscl
osed,f
orAnonymousi
tisj
ustbegi
nni
ng… preparef
ort
hebi
gges
tat
tackyouhaveeverwi
tnes
sed,Anonymous

s
tyl
e,
”its
aysi
navi
deomes
sage.

16Apri
l:Hackersbreaki
ntoSonyOnl
ineEnt
ert
ainment
,thef
irmsPCgami
ngs
ervi
ceands
teal25mi
ll
ionus
ers
’pers
onal

det
ail
s.Around23,
400Europeanus
ers
’credi
tcardordi
rectdebi
tdet
ail
smayal
sohavebeent
aken.

17Apri
l:Hackersbreaki
ntot
hePl
aySt
ati
onNet
workands
teal77mi
ll
ionus
ers
’pers
onaldet
ail
s.

19Apri
l:Sonydet
ect
sthePl
aySt
ati
onNet
workbreach.

20Apri
l:Sonys
hut
sdownt
hePl
aySt
ati
onNet
work,publ
icl
yci
ti
ngt
echni
calprobl
ems
.

26Apri
l:Sonypubl
icl
ydi
scl
osest
hePl
aySt
ati
onNet
workbreachands
aysi
thascal
ledi
ntheFBI
.

38 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
4May:KazuoHi
rai
,Sony’
schai
rman,t
ell
saUSCongres
sionalcommi
tt
eet
hatt
hehackersl
eftacal
li
ngcardi
mpl
icat
ing

Anonymous
.Inves
tigat
orsf
oundaf
il
enamed“Anonymous
”wi
tht
hemot
to“WeareLegi
on.Heal
sos
ayst
hecol
lect
ive’
s

deni
alofs
ervi
ceat
tacksmadei
teas
ierf
ort
hehackerst
obreachs
ecuri
ty.“Securi
tyt
eamswereworki
ngveryhardt
odef
end

agai
nstdeni
alofs
ervi
ceat
tacks
,andt
hatmayhavemadei
tmoredi
ff
icul
ttodet
ectt
hisi
ntrus
ionqui
ckl
y–al
lperhapsby

des
ign,
”MrHi
rais
ays
.

4May:A pres
srel
eas
epurport
ingt
ocomef
rom Anonymousdeni
escredi
tcardt
hef
tbutdoesnotdi
rect
lydenyhacki
ng

Sony’
ssys
temsors
teal
ingpers
onaldat
a.“Wearet
ryi
ngt
ofi
ghtcri
minalact
ivi
ti
esbycorporat
ionsandgovernment
s,not

s
tealcredi
tcards
,”i
tsays
.

5May:Hackersannouncet
ogi
ve3rdbi
ghi
ttos
onys
oon!

7May:Sonys
uccumbst
oanot
herhackl
eaki
ng2,
500"ol
drecords
".Thi
sinf
ormat
ionwasavai
labl
evi
aaSonywebs
iteand

i
ndexedbyGoogl
e.

20May:Phi
shi
ngs
itef
oundonaSonys
ervernot
icedbyF-
secure.

21May:SonyMus
icI
ndones
iaDef
acedByk4L0ng666.

22May:SonyBMG Greecet
hel
ates
thackedSonys
ite.Apparent
lydonevi
aSQL I
nject
ion.Pas
tebi
ndumpRecords

Breached:8,
500us
ernames
,emai
laddres
ses
,phonenumbersandpas
swordhas
hes
.

23May:Lul
zSecl
eakSony'
sJapanes
eWebs
ites
.SQLI
nject
ioni
nwww.
sonymus
ic.
co.
jp.Dat
abas
edonotcont
ainnames
,

pas
swordsorot
herpers
onal
lyi
dent
if
iabl
einf
ormat
ion.

May24:SonyEri
css
onGotHackedbyI
dahc-Lebanes
ehackervi
aSQLI
nject
ionI
dahcdumped1,
000oft
hecordst
o

ht
tp:
//
pas
tebi
n.com/
4YGAWxQZ (
sinceremoved)
.RecordsBreached:Emai
laddres
ses
,pas
swordsandnamesof2,
000

us
ers
.

26May:4.
5mi
ll
ionrecordsexpos
edbyLul
z.Sonyhackersdenyres
pons
ibi
li
tyf
ormi
sus
eofl
eakeddat
aRecordsbreached:

Over1,
000,
000us
ers
'pas
swords
,emai
laddres
ses
,homeaddres
ses
,dat
esofbi
rth,aswel
lasadmi
nis
trat
orl
ogi
npas
swords
.

I
nformat
iont
akenf
rom Aut
oTraderus
ersdat
abas
e,SummerofRes
tles
sBeaut
yus
ersdat
abas
e,SonyWondercouponsda-

t
abas
e,SonyWondermus
iccodesdat
abas
e,Sei
nfel
dDelBocaVi
stadat
abas
e.

2June:SonyBMGBel
gium (
sonybmg.
be)dat
abas
eexpos
ed& SonyBMGNet
herl
ands(
sonybmg.
nl)dat
abas
eexpos
ed.

2June:Ti
mSchaaf
f,Pres
identofSonyNet
workEnt
ert
ainmentI
nternat
ionalWi
tnes
sTes
timony(
PDF)
"SonyNet
workEn-

t
ert
ainmentandSonyOnl
ineEnt
ert
ainmenthaveal
waysmadeconcert
edands
ubs
tant
ialef
fort
stomai
ntai
nandi
mprove

t
hei
rdat
asecuri
tys
yst
ems
."

39 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
3June:Dumpoft
heapps
.pro.
sony.
eudat
abas
evi
aSQLI
nject
ionRecordsBreached:120names
,phonenumbersande-
mai
l

addres
ses
.

5j
une:SonyPi
cturesRus
sia(
www.
sonypi
ctures
.ru)dat
abas
esl
eaked.

6j
une:SonyMus
icBrazi
lGet
sdef
aced.ASonyEnt
ert
ainmentwebs
itej
ustgothacked.Agroupofhackersbyname“The

UnderTakers
”wereabl
etot
akedownSonyMus
icBrazi
l,whi
chi
sdownf
ormoret
han12hours

ti
I snotexact
lyanews
ecuri
tymeas
uret
hat
'sneces
sary,buthowSonycanmanaget
heexi
sti
ngs
ecuri
tys
yst
em ef
fect
ivel
y.

Sonyneedst
oruni
tsmanagementcycl
erememberi
ngt
hats
ecuri
tyt
hreat
sarevari
abl
e.I
tgi
veshackersachancet
oinvade

whenbus
ines
sesarerel
yingheavi
lyons
ecuri
tyt
ool
s.I
fSonyhas
n'tl
earnedt
hel
ess
on,atl
eas
tot
herbus
ines
seshave.Af
ter

Sony'
sinci
dent
,thenumberofi
nqui
riesf
rom bus
ines
sest
ovari
ouss
ecuri
tycons
ult
ant
sincreas
ed.

Af
terSONYbreachesmos
tsecuri
tyexpert
sarenowmoreal
erti
nrechecki
ngt
hei
rat
ti
tudest
owards
ecuri
ty.Theycamet
o

knowt
hatones
mal
lfl
awl
ikes
qli
nject
ioncanbecomeareas
ont
ohackmi
ll
iondol
larcompani
es.Sonyf
ight
swi
thGeorge

Hot
z,butmyopi
nioni
sthatt
heys
houl
dhavehi
redhi
m.Whynotdevel
opt
hishacki
ngt
alentf
orl
egi
ti
mat
epurpos
es.Why

makeanenemywhenyoucanhavet
hem onyours
ide?

40 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
 TheHackerNews
HighlightsoftheMonth
#THNReport:ACERhackedbecauseoftheirownstupidity!
Youhavetowonderaboutpeoplewhoputthingsontheirwebsitesthatinvitepeopletohackintothem butthisjust
happenedtoACERastheypostedanFTPallowingthePakistanCyberArmytohackawaytheinformationofusers!
:ReadMore~http://tinyurl.
com/3bh3jqv

#HOW SWEETITIS!
OperationCupcake:MI6hacksal-Qaedawebsite!BritishIntelligencegaveAl-Qaedaasweetsurprisebyreplacing
abombmakingrecipewithacupcakerecipe.GottalovethoseBrits!:ReadMore~http://tinyurl.
com/4xah6oh

#DON'TCALLAWARUNLESSYOUMEANIT. ..
..
..
..
.ANDWEMEANITFBI!
LulzsechackInfragardAtlantaMembersAlliance&challengeFBI!AftertheFBIsaidthathackingwasanactofwar
hakershackedintoaFBIaffliatewebsiteandblewtheircover.:ReadMore~http://tinyurl.
com/3vaahhm

#MORETHANIRANIANPIPESARELEAKING
AnonymousLeaks10,
000E-mailsofIranianGovernment:ReadMore~http://tinyurl.
com/3fz292t

#CHINAN CHIPSAWAYATGMAILACCOUNTS
ChineseHackerCracksHundredsofGmailAccountsofU.
S.&Asia:ReadMore~http://tinyurl.
com/4y39gwd

#LIBERALPBSWEBSITELIBERATEDBYHACKERS!
PBS. orgwashackedwith0dayexploitforMoveableType!:Thehackersevengavethemtheinformationonhowthey
didit!ReadMore~http://tinyurl.
com/42hxawd

#INSTEADOFTHROWINGPOPCORN,UNHAPPYMOVIEGOERHACKSUPCOMINGMOVIE
ShahrukhKhan'
supcomingMovie-RaOneOfficialWebsitehacked:ShahrukhKhan'
swebsitetoutingthenew
moviewashackedanddefaced.ReadMore~http://tinyurl.
com/3z45of9

#GMA-7televisionnetworksHacked
GMA-7tvwebsite,twitter&FacebookhackedbyD4RKB1T:ReadMore~http://tinyurl.
com/3cl4cvr

41THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
#MICROSOFTROBSTHECRADLEANDIGNORESCHILDLABORLAWS!
14YearOldHackerHiredbyMicrosoftafterdoingphishingviaCallofDutyServer!:A14yearoldwhoimpressed
MicrosoftwithhishackingtalentwashiredbyMicrosofttolearnthemorelegitimatewaysoftheinternet.ReadMore
~http://tinyurl.
com/3tx9j5l

#DEFENSECONTRACTORSLEFTDEFENSELESSBYHACKERS!
HackersbrokeintoLockheedMartinnetworks& U. S.defensecontractors!Theextentandthetypeofdatahasnot
beenreleased.:ReadMore~http://tinyurl.
com/3etfn9p

#THERE'SADRAGONATCOMODO. .
..
..
..
ANDTHEYCAN'TCATCHHIM!
ComodoHacked-Resellerprivatedataexposed!:ReadMore~http://tinyurl.
com/4yg24ah

#ANONYMOUSTELLSTHEUSCHAMBERTOBUTTOUT
AnonymousTakesDownU. S.ChamberOfCommerceforPROTECTIPAct:AftertheChamberdecidedtohelpthe
government invade our privacy and information on the internet, they were hacked. Read More ~
http://tinyurl.
com/42tna2g

#INDIA'SOFFICIALWEBSITEHACKSRISINGINNUMBER
200+Important&SomeGovt.WebsitesofIndiaHackedbyXtReMiSt:ReadMore~http://tinyurl.
com/3lfz7j3

#MODERNDAYTHIEVESNOLONGERHAVETOPICKYOURPOCKETFORYOURCREDITCARDS
RoleofHackinginStealingandSellingCreditCards!Lotsofreportsofinternethackingresultinginthelossofcredit
cardinformation:ReadMore~http://tinyurl.
com/3c99j8a

#FACEBOOKBUGSITSELF
FacebookPreparestoLaunchBugBountyProgram!Facebookwants"legitimate"reportingoftheirsecurityflaws:
ReadMore~http://tinyurl.
com/44ce8ry

#ONCEAGAINNASAHACKEDOUTOFTHISWORLD!
TinKodeHackFTPofNASAGoddardSpaceFlightCenter!:ReadMore~http://tinyurl.
com/3srxcck

#HACKERSITCHINGFORACHANCETOSWEARATYOURFACEBOOKFRIENDS!
NewFacebookScam:WTFIcan’tbelieveyou’reinthisvideo!HackerswantFacebookuserstoclickonlinksthat
willspreadanastymessagetotheusersfriends.:ReadMore~http://tinyurl.
com/3pdq9ga

#WEDIDN'TKNOW OSAMAHADSOMANYFRIENDS!
RonaldinhowebsitehackedbyOsamabinLadensupporter!:ReadMore~http://tinyurl.
com/3nakz6m
42 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
#HACKERSDON'TPLAYETHICALWITHAPPIN
Appin(InformationSecurityandEthicalHackingTraining)hackedonceagain!:
ReadMore~http://tinyurl.com/3m2w28y

#LULZSECTALKSNONSENSEBYRELEASINGNONSENSICALINFO!
LulzSecHack&LeakpointlessATM information!:ReadMore~http://tinyurl.
com/63wft98

#ITISCLEARTHEDODANDOTHERUSGOVERNMENTAGENCIESAREPRETTYDEFENSELESS
ExclusiveReport:IsDepartmentofDefense(DoD),Pentagon,NASA,NSAisSecure?Agenciesscrambletosecure
websitesandimportantdata.:ReadMore~http://tinyurl.
com/66w73zu

#PAKISTANANDINDIATAKEITOFFTHEBATTLEFIELDANDONTOTHEINTERNET
PakistanCyberArmygothackedbyIndianCyberArmy(Indishell):ReadMore~http://tinyurl.
com/3tyo3se

#PAKISTANANDINDIAJUSTCAN'TLEAVEEACHOTHERALONE!
Channel[V]INDIAwebsiteHacKeDByMaDnI(PakCyberArmy):ReadMore~http://tinyurl.
com/3brn27h

#FOXNEWSISOUT OU FOXEDBYHACKERS!
Hackersreleaseusernames,passwordsofseveralFOX.
comaffiliateemployees!
:ReadMore~http://tinyurl.com/3zuh2e6

#IT'SNOTAGOODSIGNWHENTHEHACKERSAREBEINGHACKED
AnonymousIRCnetworks-irc.
anonops.
net&irc.
anonops.
ruHacked!:ReadMore~http://tinyurl.
com/3br4v2c

#INDIA'SLEADINGITCOMPANIESNOLONGERPATTINGTHEMSELVESONTHEBACK!
India'sleadingITcompaniesTCS(TataConsultancyServices)&TechMahindraisalsonotSecure!:ReadMore~
http://tinyurl.
com/6h92s6a

#THEXFACTORISX'DOUTBYHACKERS!
XFactorLeakedContestantsDatabase,AvailableforDownload!:ReadMore~http://tinyurl.
com/42fvwjj

#THENEWSMAKERSAREMAKINGNEWSOFTHEMSELVES(ANDTHEIRCUSTOMERS!)
Paktribune.
comcompromised,800+emails/passwordsExposed!:ReadMore~http://tinyurl.
com/3jn7l3e

HACKINGCREDITCARDINFOANDPAYMENTSSPREADWORLDWIDE
CCAvenuepaymentgatewayhacked!:ReadMore~http://tinyurl.
com/3psscxq

43 THN-Magazi
ne|June201
1 www.
thehacker
news.
com |I
ssue03
Foral lt
hos ewhowaswai ti
ngforBac kTr
ack5.Final
lythe“Revol ution”Edi ti
onRel easedon
10thMay .BT5hav eKDE( 4.
6)andGnome( 2.6)Deskt
openv i
ronmentf lavors,32and64bi t
suppor t
,Abas i
cARM Bac kTrackimagewhichc anbechrootedi nt
of r
om andr oidenabledde-
vi
c es,The32and64bi ti
magess uppor
t“For
ensicsMode”,whichboot safor ensical
lysoundi
n-
stanceofBac kTr
ackand“Stealt
hmode” ,whichbootswithoutgener ati
ngnet wor ktraf
fi
cand
yes ,Metasploi
t3.7.
0packagedintoBT5.Downl oad:http:/
/t
inyurl
.com/3jfqlv7

Tool
sUpdat
es-
THN
•JohnTheRi pper1. 7.7J umbo5:ht tp://
ti
ny ur l
.com/ 3ldy br 2
•Ani-Shel lv 1.0-PHPs hel l:ht tp://
ti
ny url
.c om/ 3t4z gdr
•Fac ebookPas s wor dEx trac t
or:ht t
p: /
/t
iny ur l
.c om/ 3n643s b
•Wi r
es hark1. 4.7&Wi res har k1. 2.17Rel eas ed:ht tp: /
/tiny url
.com/ 3nv 8fo6
•md5deepandhas hdeep-Lat es tver s
ion3. 9. 1Rel eas ed:ht tp://t
iny url.
com/ 3bv uj5b
•Quic kRec onv 0.3. 1-Lat estVer s i
onDownl oad:ht tp:/
/tiny url.com/ 3ppj bz h
•Pes ca0. 75Loc al Stealer-Downl oad:ht tp: //ti
ny ur l
.com/ 3gm3r rk
•R00TW0RM Li nuxAut or ooterf or2010k er nel :ht t
p: /
/tiny url
.com/ 3s 87b8l
•Or i
gami 1.0r el eas ed-Pdfmani pulati
onf ramewor k:ht tp: /
/t
inyur l
.c om/ 4yh9hl h
•R00TW0RM Li nuxAut or ooterf or2009k er nel :ht t
p: /
/tiny url
.com/ 3gl rmmv
•Fimapv .0.9r el eas ed-Loc al &Remot efilei nc lus i
onaudi ti
ngT ool :ht t
p://t
inyurl.com/3rczwf
b
•Impas sionedFr amewor kDownl oad :ht tp://tiny url
.c om/ 3d5s ay q
•Arac hniv .
0. 2.3-WebAppl icationSec uritySc annerFr amewor k:ht t
p: /
/t
inyur l
.com/3m9qv wr
•Blac kHoleEx ploi tKit1. 0.2-Downl oad:ht tp: //t
iny url.
c om/ 6gcz rq5
•Unk nownEx ploi tKit(Cr imewar e)leak ed:ht tp://ti
ny url.com/ 3mme4ar
•OpenDNSSEC1. 3.0rc2newVer si
onr eleas ed:ht tp:/
/tiny url.
com/ 3z 4g4s t
•RKAnal yz er-k er nel l
ev el r
oot k i
tanal yzer:ht tp://
tinyur l.com/ 3k 7z 7ql
•TheSoc i
al -Engi neerT ool kitv1. 4lates tVer s ion:ht t
p://tiny url
.com/ 6x q3t42
•Met asploitFr amewor k3. 7.
1Rel eas ed:ht tp://ti
ny ur l
.com/ 3h3e4aj
•Quic kRec onv 0.3v ersionr eleas ed:ht tp://tiny url.com/ 3s qbmv d
•Crimepac k3. 1.3Ex pl
oi tk i
tLeak ed:ht t
p: /
/tiny ur l
.com/ 3uq6h9b
•Qual ysandMal war eAnal yser-Onl i
nemal war es c anni ngengi ne:ht tp:/
/ti
ny url
.com/3jx3og5
•26Under groundHac kingEx ploi tKitsav ailabl ef orDownl oad:ht t
p: //t
inyurl.com/ 5u2w8s t
•Sour cec odeofZeuSBot netVer si
on:2. 0.8. 9 :ht tp://
tiny ur l
.com/ 3m9c l
qt
•SWFRET ool s1. 1. 0-AdobeFl as hSWFf i
ler ev ers eengi neer ing:ht tp://
ti
ny url
.com/ 3gbhxgr
•Fiddlerv 2.3. 3.3Newv er s i
onr el eas ed:ht tp: //ti
ny url.com/ 3ewj w5h

44 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 Buf
fer
Zone-I
nte
rne
tSe
cur
it
yTool
IfyouworkOnli
nethe
nyouha
vetobeSecur
efromuna
uthor
ize
dacce
ss..
.IJ
ust
Tellyoua
boutoneSof
twa
reNameBuff
erZone.
.It
sDif
fer&Secur
e..
.!
!Easyto
Use..
.

HowBuf fer
ZoneWor ks?
Buff
erZonecrea
tesa
nisol
ate
de nvir
onme ntcall
edtheVirtua
lZone.TheVi r
tual
Zone"buff
ers
"yourPCf r
om al
lf or
msofknownorunknowna tt
acksthatori
gi-
nat
efromtheInte
rne
tandext
ernaldevic
es. Allofyourpr
ivat
einf
ormationisse-
cur
edinatrust
edandsepa
rat
ede nvi
ronme nt.

Howdoe sBuffe
rZoneTe chnologywor k?
Whe nyouus et
heInt er
net,progr
a msfromt heWe bcanent
eryourPCuninvi
ted
orinvi
ted(bydownloa di
ng).Inordertor un,t
hesepr
ogra
msma kemodifi
cati
ons
toyourha r
ddrivea ndregist
ry(operat
i ngsyst
em).Usuall
ysuchmodifi
cati
ons
arehar
ml es
s.Howe ve r
,whe nthey'
renot ,i
nfec
tedpr
ogramsorfil
esca
ndos eri
-
ousdama getoyourc omputer.

SoBuff
erZoneIsMor
eHe l
pfulI
nComputerSe
c ur
it
yWa y.
.AndI
tsf
reeTo
Use
..
!!Downloa
dli
nk:ht
tp:
//
www.tr
ust
war
e.c
om/downloa
d/

By:
Pr
iyanshu,
Cert
if
iedEthi
calHacke
r,CyberSecur
it
yExpe
rt&Cybe
rLa
wExpe
rt.
Contac
thim>>pr i
yans
hu@cyber-
indi
a.i
n
45 THN-Magazi
ne|J
une201
1 www.
thehacker
news.
com |I
ssue03
 Wewi
l
lbeba
cki
nJUL
Y!
DearReaders
,
T
hanky ouforbei
ngapartofamovementofawar
e-
nes
sa ndchange.Yoursupport
,par
ti
ci
pati
onandencour
agement
i
swhywec onti
nuetoma k
e‘THEHACKERNEWS’ t
hebestsour
ce
ofi
nternets
ecuri
tyontheweb.

Toget
herwec anbringforwardt hei
nformati
onweneedt o
haveasust
ainableandhealthywor l
d.Wec an'twai
ttobri
ngy ou
nextmonth'
sedition,
"CyberWar "thatwil
lcoveri
ndepth,About
theusageofI nf
ormati
onT echnologyforCyberwa r
.Youwon' t
wanttomissit!

Plea s
eforwardourma gaz
inetofri
ends,co-worker
s,bos s
es,
family
andbus i
ness
esyouk nowwoul denj oyreadi
nga ndlearni
nga bout
i
nt ernetsec
urit
y,CurrentHappenings,Updatesandthewho' swho
oft heint
ernetworld.Inthemea nti
me ,Thankyou.y ourock!

T
heHa
ckerNewsT
eam

Cont
actUs
#Ema i
lUsyouFeedback/
Arti
clesatthehackernews@gma il
.
com
#Vis
itours
itehtt
p:/
/www.thehackernews .
com/
#Dona t
eus,
KeepusS t
rong:ht t
p://
tinyurl
.
com/ 64b7x
s 2
#Joi
nourfacebookpage:http:/
/ti
nyurl.
com/6de49r9
#Fol
lowusonT witt
er:htt
ps:
//twit
ter.c
om/ #!
/TheHacker
sNews