• where do I go now with leaked belgian accounts ?

    yes, online accounts and passwords from Belgians leaked online

    full account and password

    didn't try it out

    but they seem to be interecepted through infection of fake proxies

    the cert is closed

    and publishing them online is crazy

    the fccu ?

    but the cert was put into place so that the fccu wouldn't be bothered with this kind of stuff anymore

    ridiculuous

     

    sorry people, stop hacking for a few days we are on holiday

    oh and if you lose your online account, just take care of it yourself, we are on holiday

    maybe, you better stay off the internet all together ....

     

    oh and that belgian looking at the services I could bill his account, change his social media image (pornify it and insult all his friends and so on....)  skype on his account and so on and so on.....

    but hey kid, sorry, the cert is on holiday for the moment .....

  • not a joke : belgian cert is closed for holidays :)

    http://cert.be/

    The CERT.be offices are closed on Monday 31 October, Tuesday 1 November
    and Wednesday 2 November.

    Les bureaux du CERT.be sont fermés le lundi 31 octobre, mardi 1 novembre
    et mercredi 2 novembre.

    De CERT.be kantoren zijn gesloten op maandag 31 Oktober, dinsdag 1
    November en woensdag 2 November.

     

    this is what I got when I sent to them the information about the hacked sites 

    yes, they may have holidays, but why have it at the same time

    you are a security service or you aren't

    and as a security service there are other rules and obligations next to your rights

    chosing freely your holidays all together at the same time is maybe not so evident

     

    sorry that your house is on fire, but I am on holiday

    a break-in in your house you say, call back on thursday

    you are bleeding and need an operation, oh sorry everybody is on holiday to egypt, it is so cheap there for the moment ....

     

    sorry guys, but this is ridiculuous

    and even if you are on holiday, you don't put it in your email for everybody to know

    you could at least hold up at least the impression that somebody is garding the fenches and doing the mails and calls ..... (even if he would get 300% compensation in hours for doing so - which is why people normally fight to be able to be 'on guard' during holidays).

  • pepsi.be, mercedes-benz.be, bbdo.be, nucleus.be and many other hacked (and friday the websites of the belgian football league)

    it is not done by one big operation or against one big fail of a program or an Os

    it just seems that .be sites seem to be caught up in a series of attacks and hacks

    and that they aren't as secure as they thought they would be (or told their clients and costumers)

    even more worrying is that some of the hacked sites have login pages..... without any https protection

    so you have hackable sites without any https protection....

    than they were just very very lucky that they weren't after your client data and didn't publish all the accounts online

    oh yes and friday the websites of the belgian football league

    see for yourself (as long as it is online that is) http://slides.diigo.com/list/mailforlen/insecure-belgiumweb

    the websites of the belgian football league and some others have been cleaned since

    but you understand I am not sure that they have put more security in place and that they understand the dangers that they are running and how vulnerable they are running older IIs 6 and windows 2003 and insecure apache and linux operations ..... they were luckily, but for how long

    a mail has been sent to the cert

    although I start asking myself why I would still have to do this kind of stuff while there are people who are fulltime paid to this and it isn't very difficult at all to follow this kind of stuff (one site, two clicks and one search for .be sites) and even if they can't do it theirselfs, why don't they follow the rss feeds with all the hacked .be sites and the leaked .be accounts ?

    maybe they need a wake-up call soon because yes I have been helping and supportive but this wasn't the purpose of the cert in Belgium and it can't be the purpose

    when I take some holiday I shouldn't find all that stuff, it should have been handled by the itsecurity professionals who are paid to do that

    maybe instead of blocking music and p2p sites we should start blocking hacked sites as dangerous untill they have cleaned up their act

    hacked belgian sites the list

    http://www.diigo.com/list/mailforlen/insecure-belgiumweb?order_by=0

    Rss feed  http://www.diigo.com/list/Mailforlen/insecure-belgiumweb/rss.xml

  • encourage hackers with a tweet to hack creditcardthieves

    just retweet this

    Original Forsaken ✔
     
    to see attacks on un-secure Hacking/Carding forums more often.
  • ssl servers without load-balancing and ddos protection : get down

    the last several months hackers are working on new ddos tool that all have the same goal : getting a server down as fast as possible - without putting lots of people in danger of prosecution as this lesson was learnt

    they can only do that by using misconfiguration, security holes and bad code or bugs especially those that have become widespread (and normal) or that haven't got the necessary attention

    It was first the linux servers, than Apache and now it are the ssl servers that are targeted

    even to get the biggest serverfarms down you would need only 20 laptops and 120 kbps of traffic - which wouldn't be a problem for any campaign and that kind of traffic won't be stopped by your ddos protection

    oh and if the administrator still hasn't patched the renegotation problem in ssl, than it is just kids play

    so don't be very surprised if sites may go down quite easily, especially if the occupy movement is beaten by cops, attacked by banks or gathering forces and importance

    try it against your own servers

    http://www.thc.org/thc-ssl-dos

     

  • Nasdaq : so secure they are using hackable older servers

    because what can you think about that

    est date Mon Oct 24 15:19:23 UTC 2011

    Test duration 27.110 seconds

    Server signature Microsoft-IIS/6.0

    Server hostname secure.directorsdesk.com
    https://www.ssllabs.com/ssldb/analyze.html?d=https%3A%2F%2Fsecure.directorsdesk.com

    so stop the bullshit about super-hackers and cyberwar and all that crap

    this server is crap

    if you use that kind of server - you are asking for problems

    there is no way you can secure that version of Iis especially in a high secure environment with targeted attacks

    you can maybe stop the automated attacks but you will be fair game for all the human experience

    --------------------

    and yes you may expect more attacks after this information because running that kind of servers is ......

    just too good to be true for a real hacker

    except if it is a lie to trap the hackers in a virtual honeypot so you can block them easier afterwards

    but I am asking myself if you are that smart :)

  • Nasdaq : so secure that their ssl certificates are badly configured

    https://www.ssllabs.com/ssldb/analyze.html?d=https%3A%2F%2Fsecure.directorsdesk.com

    first the certificate comes from rsa (hacked) and managed by Go daddy which got hacked several times this year

    secondly the server has the following essential mistake

    This server is vulnerable to MITM attacks because it supports renegotiation

    this means that it is possible to insert an interception attack between the browser and the destination and to intercept the logins and all the other information or even to login together with the login and to continue to be logged in when the real users logs out.....


  • Nasdaq hack : the ultimate blended attack - better than a film

    First step : you need access to systems with a double authentification like Rsa secure-ID

    Hack rsa through a zero-day exploit in a pdf file that you send to people in the HR department of which one opens the file on his own computer while retrieving it himself from the spambox (where it should have stayed)

    Take your time and through the installation of some webbased backtunnel to the pc you install other software on the pc and you take control of the pc who was more rights than others as he is in a high security department (normally) and than you need to get secure-ID accounts or the master-keys (some doubts about what it was but Rsa has to change all keys because of their doubts and the hacking attacks against a number of defense agencies and firms that use their double authentification)

    second step : you need access to some-one who uses and secure-id and uses the secret tool of the nasdaq stock exchange to exchange confidential pre-market information (worth billions)

    You use the secure-ID of some of the Us based defense firms and you access his computer and get the logins or the connection to the webbased application http://www.directorsdesk.com/  (not fully https for starters)

    third step : once are inside the system you try to install some snooping files or software that will collect all the information that it is possible to catch (during some time it seems) and send it back to your operation

    than you do whatever you wanted to do with this confidential information untill somebody catches you

    is this complicated ?

    No - because security is too lax

    why it is too lax - simply because malicious software could be installed and operated on such confidential secretive and high-security systems (when products like tripwire and snort exist to stop them or alert you)

    so all of this is b.s.

    • Advanced network and system security based on industry best practices
    • Use of strong data protection technology
    • 24x7 monitoring and support by NASDAQ OMX's global operations team
    • Redundant high performance servers in the US and EU
    • SAS70 and ISO27001 controls

    the most strangest thing is how silent everybody is about the impact and the consequences

    or they know it in detail and a number of market operations have to be corrected because they have been falsified (or it was too long ago which puts their security even more in jeopardy (monitoring, my a...))

    or they don't know shit and they are too afraid to tell you because that would install a complete level of distrust

    or maybe it was just an insider job and that's even more scary

  • hacker calls to Boston police after publishing the names of the cops

     

    because of brutality against one other local Occupy movement

    Anonymous said it would attack the sites of govs that are attacking the Occupy movement

    never underestimate those warnings - never

    even if they don't materialize immediately

    And here's a partial transcript:

     

    Caller: Your website has been defaced.

     

    Police official: Yes, we're in the process of uh.. investigating it, but apparently someone hacked into our website, but we've..

     

    Caller: Yeah that was me.

     

    Police official: .. shut the website down at this time.

     

    Caller: The person who did it was me.

     

    Police official: You hacked into the website?

     

    Caller: Yes sir.

     

    Police official: Would you like to tell me why you did it?

     

    Caller: AntiSec.

     

    Police official: Is there a particular reason that you did it? Are you trying to prove a point? Or are you just picking on for us any particular reason? What's the problem?

     

    Caller: Just got a bit bored, y'know.

     

    Police official: I can't hear you sir.

     

    Caller: I said, I said I got a bit bored.

     

    Police official: You got a bit bored?

     

    Caller: Yeah.

     

    Police official: That's fine. Alright, well.. perhaps I can break your boredom if we can trace you back and come and put you in jail, we'll get a warrant for you - how's that?

     

    Caller:Well, I'm not in America.

     

    Police official: That's okay. That's alright. It doesn't make any difference where you're at.

     

    Caller:So you're gonna [laughs] come and get me?

     

    Police official: I'm gonna get on a plane in the next few minutes and head that way, start looking for you somewhere.

     

    Caller:Bring it on.


    http://nakedsecurity.sophos.com/2011/10/23/hackers-phone-call-to-boston-police-saying-he-defaced-their-website-because-he-was-bored/?utm_source=twitter&utm_medium=gcluley&utm_campaign=naked%2Bsecurity

    although more and  more hackers are arrested overseas or wherever they are to be found

    they are only the very few that are publicized as widely as published to send a message

    - if your website doesn't need any traffic from Russia or proxies or other countries, just drop it dead before it arrives at your website

  • publishing thousands of hacked or stolen facebook accounts

    this is a new trend or just one information being added to the creditcards and the access to emailaccounts or paypal and ebay accounts

    facebook accounts

    with email and login

    they get it by phishing

    they get it by infecting computers and stealing all the logins

    they get it by setting up fake proxies and intercepting everything that is being done

    and than they publish it

    like here http://pastebin.com/J486sG6t

    and thousands of others

    what is the importance

    well Oracle for example said that they were building social networks and applications for real secure enterprises in which you could log in with your facebook or google account

    never thought I would hear such stupid idea

  • official website Belgian french community administration for schools hacked

    since a few days and nobody saw it

    this is the official site

    http://www.agers.cfwb.be/

    this is the added webpage

    http://www.agers.cfwb.be/index.html

    which gives you this image

    image be Hacked by root_1319458192348.png

    this says a lot about their security and their monitoring (if there is any)

  • database pedo(?)manga website users still online

    it was hacked by anonymous

    and since august the police services have been informed about the existence of the online database

    so they had their headstart

    here it is

    http://www.densetsu.com/  

    http://pastebin.com/0FxaTCpy

    it may be that not every member is a pedo or knows that somewhere on the site there are forums that are being used by pedo's to exchange stuff (that look like manga but in fact aren't really real interesting manga but just disgusting stuff hidden in manga-art sic.:) )

    there are belgians that are members .......

  • 1000 open anonymous ftp servers listed

    http://pastebin.com/L628BaLz

    yeah hundreds of open ftp servers that untill 2 days ago gave access to anonymous and anonymous as login and passwords

    this doesn't mean that you have always the rights to place or download files

    but it is in fact an open ftp server and that gets attention that it doesn't need

    and yes there are a few open Belgian .be servers in it

    universities

    and if you are lucky they have forgotten all about it

    and you can place all your crap and porn on high-bandwith servers and distribute it among all crack-forums on this web

    for the curious - just don't forget that some may be 'police traps' and that in some cases - especially in your own country - you may be doing things illegal that are easy to prosecute in your own country

    so don't do what I wouldn't do (which is use them :)) and do what I would do - warn them that it is stupid to do that

  • belgian webshop hacked and all members leaked

    so you thought that it were only webshops and sites around the world that were hacked

    so you thought you could offer webservices with login without https

    so you thought that they would never come to you and inject your database with commands to extract every information that is available

    wel this is NOT the case

    http://pastebin.com/********

    webshop.sh****.be which is in fact a bit hidden but that is no defense gives you without encryption access to a webshop with this kind of PUBLIC information

    delphine.$$$$@va$$.be        $$$$$$  D$$$f Delphine        address       Hulste
    pedro.$$$$@telenet.be $$$$$$ Loosveld        A$$$$        address            8790
    kim$$$$$@hotmail.com  $$$$$$ B$$$$  Kim     Address                 Rumbeke

    the $ are passwords or things saved to protect a bit the innocent (address in fact changes the real street and number)

    and their login is ..... their emailaddress

    and on the website itself you can read a fully published sql injection alert showing you where to find all the users and necessary tables

    but they won't hack a Belgian webshop, wouldn't they

    why not ? 

    If the service doesn't use https don't use it

  • a new mass infection in thousands of .asp sites

    the dropped malware is only found in 6 of the 43 antivirustools tested by virustotal

    about 130.000 links are in Google but the number of websites is much less as several pages are on the same website

    1. Contact ... - Den Artist, de online contactgids voor artistiek talent

      www.denartist.be/addcontact.aspx
      Deze site kan schade toebrengen aan uw computer.
    2. Zoekertje Toevoegen - Den Artist, de online contactgids voor ...

      www.denartist.be/addad.aspx
      Deze site kan schade toebrengen aan uw computer.
       
       
    3. Antec - Contact Forestier Belgique - Vente de matériel et outillage ...

      www.contactforestier.be/.../ListArticles.aspx?..
    4. (A) Vanuit huis een leuk inkom... - Gratis adverteren | Gratis ...

      adverterenisgratis.customer.ipower.be/index.cfm?...

  • #antisec comes to Belgium ? and new hacking campaign announced

    #antisec seems to have inspired someone to hack the University of Mons servers of the IT department or is it the IT lessons department, in some universities this is more or less the same (practical and economical)

    I hope it is no Belgian because untill now FCCU has found and arrested all Belgian hackers responsable for Belgian hacks (how stupid can you be to hack servers in your own country :)

    and the other end there are calls on twitter for an Octobercampaign or is it an Octoberfest of hacking and defacing

    not sure how real it is because calls for campaigns appear all the time on twitter and only a very few of them really materialise into something for some time

    after all, it is not bad that the hacktivists have turned again into activists and are sleeping and demonstrating far away from computers and (our) servers :)

    the most favourite techniques are

    * sql injection

    * xss

    * folder surfing (google dorks)

    and they will publish the data or the passwords or both, defacing alone is not good enough for #antisec

    there will be consequences

  • Belgian University of Mons, access to database Computer department hacked

    so this has been online for a full day or so

     

    Hacked again by Team Intra.

    T. INTRA.

    PhD Thesis accepted in October 2011

    Keywords: hacked,by,team,intra,security,passwords,sql,computer,pc,etc

    Abstract:

    #Antisec

    I did not find the vulnerability on this site, gratz to .sfx who did though!

    Just thought I'd put our name here again to increase the chances of you noticing this.

    Exploited by Team Intra, via SQL Injection. Fix this, before someone more malicious comes along and decides to delete all your publications.

    Decrypted passwords:

    hmelot : cffc8b6c3fb20865d45fdb859930b729 : cavalera
    delgrange : 2b51f15abb85db80f223e6ed99b4e299 : Adrien96
    ramil : e89a0842f1d5b704d796ee2b91cfa43b : ramil
    elena : 212b627d47ef6f451acfdab10334825f : prep14
    wijsen : 026000cae52bfe6f0503c4e7fbbd8632 : saoedi
    poiret : 4405c45698f97064a80cf8ca41b80a3c : poiret
    buys : 38dd380927d8765d98098b1d0c5a4152 : buys
    adecan : ff5b9ae37810e31f852727677d13373b : lexpage

    You are meant to be researchers of computer science, yet some of you can't even make a unique password? Ramil, poiret and buys is disgraceful, your passwords are the same as your username!


    http://informatique.umons.ac.be/publications/index.php?page=paper_info&ID=303

    wow, sorry they can't ask for help from the institute for forensics because they have some work of their own, but this can turn into a real great shutdown if there was no clear isolation because tens of hackers with different specialities may have been using these passwords the last day, changing all kinds of things

    backdoors, time-bombs, re-opening vulnerabilities,..... you name it, deep penetration can bring this whole shit down if there was no isolation

    isolation isolation isolation is what localisation localisation and localisation is to shops

  • Belgian institute for forensic auditors defaced (hacked)

    this is the propaganda

    Welcome to the website of the Institute of Forensic Auditors (IFA), the professional organization of forensic auditors in Belgium. IFA is has been founded in 2001 as a not for profit association which is based on a public-private partnership. IFA holds a list of professionals in the public and private sector who are certified as "Registered Forensic Auditors". IFA develops best practices for forensic practitioners. IFA regularly organises conferences and trainings on forensic topics. IFA is an ideal forum for networking within the forensic community.
    http://www.ifa-iaf.be

    this is the page today

    http://www.ifa-iaf.be/data/

    and this is the archive (if they find it out on day)

    http://www.zone-h.org/mirror/id/15575296

    oh yes and they have a login page for members without https

    http://www.forensicaudit.be/nl/library/members_only-11.html

    maybe their site is a fake case for newbies

    proof that you know something about forensics and solve this case before you can become member

  • dexia and the european stress tests

    so dexia passed the european stress tests

    * no real professional believed it would proof anything

    * didn't test the case of a real crisis

    * was purely theoretical

     

    in fact they are useless because when the financial storms starts there is no stress test that will prepare you for it

    in fact nearly any bank that was englobed in such a storm has sunk or had to restructure totally to survive

     

    so if any bank says or thinks  "this won't happen to us because we have passed the stress test"

    so did Dexia

  • dexia crisis : it is the fault of twitter (instead of the US, London, speculators and so on)

    it is always the fault of something or somebody else

    it is never their strategic mistakes or their mismanagement or indecision or foolish mis-communication

    now some say that the crash of dexia is the fault of twitter on which where launched a series of so-called rumors

    and what does Dexia do on twitter

    nothing really, just crap

    Dexia
     
    :persbericht na raad van bestuur 3/10/11
    19 hours ago Favorite Retweet Reply
    Dexia
     
    :Communiqué post conseil du 3/10/2011
    19 hours ago
    Dexia
     
    : press release post board of directors of October 03, 2011
    19 hours ago
    Dexia
     
    Crédits Logement devient Crefius
    28 Sep
    Dexia
     
    Woonkredieten wordt Crefius
    28 Sep
    Dexia
     
    Statement Jean-Luc Dehaene following the Board of Directors' meeting of Dexia SA on 27/09/2011
    28 Sep
    Dexia
     
    ouverture de la première agence bancaire basse énergie
    16 Sep
    Dexia
     
    opent eerste laagenergie bankkantoor
    16 Sep
    yeah this is really an example of pro-active following and answering rumors that are appearing on twitter
    when another big firm was in problem I said to them over and over again, you have to follow twitter round the clock and look at the trending of misinformation and rumors and answer them or develop a strategy to answer them
    but dexia can't answer them because they don't know what they will do or have to do
    they are just a ship without fuel in the middle of a huge storm on sea
    there is no media like twitter media and there is no media that fast that I know
    everything i have to know appears on twitter first and than elsewhere
    so it is twiiter here and twitter all the time
    because there is no media as fast as twitter media all the time
    what do you need
    * you need a twitter following tool that will give you in realtime what is being said about your products and firm on twitter and the trending of it
    * you need some people that have nothing else to do than to follow the social media and report permanently or instantly the things people have to pay attention at
    * have fast action-reaction procedures so you don't have to wait for hours to contradict or correct something that afterwards seem to be correct