New Java 0-Day Exploit Spotted in the Wild



Java 7 0-Day ExploitA new Java 0-day vulnerability has been discovered, and is already being exploited in the wild. Currently, disabling the plugin is the only way to protect your computer.
Description:
The MBeanInstantiator in Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier allows remote attackers to execute arbitrary code via vectors related to unspecified classes that allow access to the class loader, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681.
Impact:
By convincing a user to visit a specially crafted HTML document, a remote attacker may be able to execute arbitrary code on a vulnerable system.
CVE Standard Vulnerability Entry: CVE-2013-0422
This actual vulnerability was later confirmed by security firm AlienVault Labs. With Kafeine’s help, the company reproduced the exploit on a new, fully-patched installation of Java, and used a malicious Java applet to remotely execute the Calculator application on Windows XP as shown in the below screen-shot:
Java 7 update 10 0-day exploit demo
11 comments
Labels: , , , , ,

How DNSChanger Malware Works



DNSChangerDNSChanger is malicious software (malware) that changes a user’s Domain Name System (DNS) settings, in order to divert traffic to unsolicited and potentially illegal sites.
Beginning in 2007, the cyber ring responsible for DNSChanger operated under the company name “Rove Digital” and used the malware to manipulate users’ Web activity by redirecting unsuspecting users to rogue DNS servers hosted in Estonia, New York, and Chicago. In some cases, the malware had the additional effect of preventing users’ anti-virus software and operating systems from updating, thereby exposing infected machines to even more malicious software.
FBI has since seized the rogue DNS servers and the botnet’s command-and-control (C&C) servers as part of “Operation Ghost Click” and the servers are now under their control. To assist victims affected by the DNSChanger, the FBI obtained a court order authorising the Internet Systems Consortium (ISC) to deploy and maintain temporary legitimate DNS servers, replacing the Rove Digital malicious network. As mentioned earlier, this is by no means a permanent solution and does not remove malware from infected systems; it just provides additional time for victims to clean affected computers and restore their normal DNS settings. According to the court order-which expired on 9 July 2012-the clean DNS servers will be turned off and computers still infected by DNSChanger malware may lose Internet connectivity.
To put this into perspective, DNS is an Internet service that converts user-friendly domain names into the numerical IP addresses that computers use to talk to each other. When you enter a domain name into your Web browser address bar, your computer contacts DNS servers to determine the IP address for the website you are intending to visit. Your computer then uses this IP address to locate and connect to the website. DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration.
DNS WorkDNSChanger Work
How DNS WorksHow DNSChanger Works
With the ability to change a computer’s DNS settings, malware authors can control what websites a computer connects to on the Internet and can force a compromised computer to connect to a fraudulent website or redirect the computer away from an intended website. To do that, a malware author needs to compromise a computer with malicious code, which in this case is DNSChanger. Once the computer is compromised, the malware modifies the DNS settings from the ISP’s legitimate DNS server’s address to the rogue DNS server’s address, in this case, advertisement websites.
A task force has been created, called the DNSChanger Working Group (DCWG), to help people determine if their computers have been compromised by this threat and to also help them remove the threat.
0 comments
Labels: , , ,

Access Banned Torrent and Video Sites in India


Some of the ISPs in India have already started blocking torrent websites (The PirateBay, Torrentz, etc.) as well as some legal video sharing websites (like Vimeo, DailyMotion). Nowadays, when someone tries to access these websites, he/she may receive a rather annoying message:
 “Access to this site has been blocked as per Court Orders“
Currently, two of the Indian ISPs – namely Reliance and Airtel – have blocked specific websites. The reason for blocking is yet unclear but the citing of a Court order in the display message gives us a clue. The US Government has already blocked websites in the past on grounds of copyright infringement and it is certain that other countries have also started to follow suit. Torrents have regularly provided users access to copyrighted content worldwide; particularly new movie releases which could be downloaded through torrents.
Read more »
27 comments
Labels: , , , , , , , ,

Wifi Hacking


Ok now how to hack some ones wifi with the help of BACKTRACK 

Heres' the SECRET

Make a backtrack boot-able pen-drive :: Now how to make bootable backtrack pendrive => Click on me

after making backtrack bootable pendrive

insert the pendrive and open ur BACKTRACK in ur laptop :: Y laptops beacause laptops has wifi card (hardware) and software in it ::
Read more »
4 comments
Labels: ,
Subscribe to: Posts (Atom)