Sky News Twitter account Hacked

Hackers yesterday accessed the Twitter account for Sky News business desk and posted a tweet claiming that James Murdoch had been arrested by London police. It has also lately been used by hacker groups to simply raise their profile and make the public aware of their existence.

Soon re-twitted by many followers, the fake news created quite a stir.The false tweet was erased within minutes, but not before other Twitter users had shared it across the network. Sky News is likely to find out soon whether the hack was executed by an insider - possibly as a joke - or by hackers.

BackTrack 4: Assuring Security by Penetration Testing

Details:

Paperback: 392 pages
Publisher: Packt Publishing (May 11, 2011)
Language: English
ISBN-10: 1849513945


Description:

Written as an interactive tutorial, this book covers the core of BackTrack with real-world examples and step-by-step instructions to provide professional guidelines and recommendations to you. The book is designed in a simple and intuitive manner, which allows you to explore the whole BackTrack testing process or study parts of it individually. If you are an IT security professional or network administrator who has a basic knowledge of Unix/Linux operating systems including awareness of information security factors, and you want to use BackTrack for penetration testing, then this book is for you.

About the Authors:

Shakeel Ali

Shakeel Ali is a main founder and CTO of Cipher Storm Ltd, UK. His expertise in the security industry markedly exceeds the standard number of security assessments, compliance, governance, and forensic projects that he carries in day-to-day operations. As a senior security evangelist and having spent endless nights without taking a nap, he provides constant security support to various businesses and government institutions globally. He is an active independent researcher who writes various articles, whitepapers, and manages a blog at Ethical-Hacker.net. He regularly participates in BugCon Security Conferences, Mexico, to highlight the best-of-breed cyber security threats and their solutions from practically driven countermeasures.

Tedi Heriyanto

Tedi Heriyanto currently works as a Senior Technical Consultant in an Indonesian information technology company. He has worked with several well-known institutions in Indonesia and overseas, in designing secure network architecture, deploying and managing enterprise-wide security systems, developing information security policies and procedures, doing information security audit and assessment, and giving information security awareness training. In his spare times, he manages to research, write various articles, participate in Indonesian Security Community activities, and maintain a blog site. He has shared his knowledge in information security by writing several information security and computer programming books.




BUY : BackTrack 4: Assuring Security by Penetration Testing


Free Download : BackTrack 4: Assuring Security by Penetration Testing


If u want learn Ethical hacking ...U will download ethical hacking ebooks..

Uniscan 5.2 is released - vulnerability scanner

Uniscan is a open source vulnerability scanner for Web applications. Uniscan 2.0 is a perl vulnerability scanner for RFI, LFI, RCE, XSS and SQL-injection. 
features:
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
Control of file extensions that are ignored.
Test of pages found via the GET method.
Test the forms found via the POST method.
Support for SSL requests (HTTPS).
Proxy support.
Generate site list using Google.
Generate site list using Bing.
Plug-in support for Crawler.
Plug-in support for dynamic tests.
Plug-in support for static tests.
Plug-in support for stress tests.


DOWNLOAD UNISCAN 5.2


Tutorials to create your plug-ins:


http://www.uniscan.com.br/tutorial1.php


http://www.uniscan.com.br/tutorial2.php


http://www.uniscan.com.br/tutorial3.php

Duqu computer virus Detected by Iran civil defense organization

The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora’s Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being checked and that Iran had developed software to combat the virus.

First, Duqu is not deigned to harm industrial automation. The software basically attacks windows systems. Instead of sabotaging industrial control, Duqu has been general remote access capabilities. Duqu has a key logger and can save passwords etc.. The malware uses HTTP and HTTPS to communicate to a command and control (C&C) server at 206.183.111.97, which is hosted in India, the IP is inactive as of October 18th. Duqu infiltrates systems directly it is not a worm like Stuxnet and needs to be placed directly, e.g. through infected mails.Duqu also the certificate of C-Media Electronics Incorporation, a Taiwanese audio chip producer.

"We are in the initial phase of fighting the Duqu virus," Gholamreza Jalali, was quoted as saying. "The final report which says which organizations the virus has spread to and what its impacts are has not been completed yet. All the organizations and centers that could be susceptible to being contaminated are being controlled," he said.

So far Duqu was found on less than 10 computers from European companies, which are developing industrial control software, according to a Symantec-Analyst. The software is programmed to remove itself automatically after 36 days. The complete set up: Invades target (not wormlike), spies out passwords, and removes itself – hopefully without being detected – seems like Duqu actually prepares an attack. This is also assumed by F-secure, “it’s possible we'll eventually see a new attack targeting PLC systems, based on the information gathered by Duqu.