4 Argentinian Universities Hacked, Login Credientials Leaked by @ThisIsGame0ver

A hacker by the handle of Barbaros-DZ from Algeria has hacked and deface 32 Chinese government websites. 
The hacker contacted us about his latest hack in which he defaced 32 important Chinese government owned websites, the hacker left his deface page and a message on all the hacked websites but reason for hacking the sites was not mentioned.
ccording to the message:

Hacked by Barbaros-DZ Algerian Hacker
Greetz: Bb0yH4cK3r_Dz | BOB_Dz | Dz Mafia | HTC 28 DZ | Kader11000
Ked Ans | Smail002 | TiGER-M@TE | The-DarKKn!ght | x00t | yasMouh
www.dz4all.com | www.dz-mafia.net | www.elkadimoun.org | www.htc28dz.net | www.htc-hacker.com
Contact: barbaros “@” live.ru
To be continued…

The targeted websites belong to high profile and decision making authorities in China, for example:
The website of Organization Department of the Communist Party of China Central Committee , a department of the Secretariat of the Communist Party of China Central Committee that controls staffing positions within the CPC.
zyz.ajdj.gov.cn
Mirror of the hacked website: 
http://www.zone-h.org/mirror/id/18775446
The website of China’s Jingde County Standing Committee
jdxrdcwh.gov.cn
Mirror of hacked website: 
http://www.zone-h.org/mirror/id/18780729
The website of Jurong Police Information Network
jrga.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779719
The website of Jiawang District, People’s Government Information Network Center
http://w08.xzjw.gov.cn/
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776093
The website of Jiaozuo City Office of Emergency Management
yjglbgs.jiaozuo.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776703
The website of Yancheng District Department of Transportation
jtj.lhyc.gov.cn/
Mirror of hacked website: 
http://www.zone-h.org/mirror/id/18776790
The website of Zhangpu county in southern Fujian of China 
en.zhangpu.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778811
The website of Jiamusi Environmental Emergency Command Center
hjzx.jms.gov.cn/
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778901
The website of  Henan Province Industry and SME Service Bureau of Information Technology
zxqylm.smehen.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778920
The website of Jiawang urban shantytowns headquarters
cgb.xzjw.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776079
The website of  Tangxia Town School
hlcz.jmpj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776633
The website of Delingha Civil Air Defense
dlhrfb.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779472
The website of Jinzhong City Softball Association
roliball.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779407
The website of Yima City East Regional Office
ymdq.gov.cn
http://www.zone-h.org/mirror/id/18778949
This website is unknown to me
http://www.bcjw.gov.cn/
http://www.zone-h.org/mirror/id/18778759
The website of Ziyang Government Yanjiang Baotai
btzf.gov.cn
Mirror of hacked website
http://www.zone-h.org/mirror/id/18778752
The website of Quanjiao Tourism Sports Association:
qjwtj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778750
The website of Red Dragon home improvement network
hljtf.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778681
The website of Environmental Network group
hljepb.gov.cn
http://www.zone-h.org/mirror/id/18776870
An other unknown Chinese government website
jchd.gov.cn
Mirror of the hacked website:
http://www.zone-h.org/mirror/id/18776818
The website of Business Corporation group
 hbwnmc.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776808
An other unknown hacked site
dpfpymj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776706
The website of Bureau of Justice Yandu County:
ydsfj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776162
The website of Intellectual property office of Zhaotong City, Yunnan Provence Science and Technology Bureau
ztst.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776098
The website of Jianshi County, Organization Department
jsdjw.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18775047
To view all the hacks done by Barbaros-DZ Algerian hacker on China, click here
At the time of publishing this article, some of the sites were restored while some of the sites were taken offline.

4 Argentinian Universities Hacked, Login Credientials Leaked by @ThisIsGame0ver

The @ThisIsGame0ver hacker has hacked into four Argentinian universities and leaked their database online. 
The method which was used to access the database was simple SQL injection on all four websites. The hacker has posted the data online which is available on Pastebin.
The hack was accounted by the hacker on his official Twitter account, while on the Pastie, @ThisIsGame0ver mentioned that the reason for targeting universities site was to protest against the high fee.

According to the message: 

Universities, Fuck your Fee’s, Knowledge and Information should be free.. Forever & Always – #GameOver

The leaked data contains usernames, staff ids, emails, staff or students plain text passwords, admin login & passwords and other database related info. 
You can access the data on Pastebin by clicking here
Vulnerable links of targeted websites are given below:
http://fido.palermo.edu/servicios_dyc/docentesdc/claustro-docente/curriculum.php?id_docente=189
http://www.fi.uba.ar/carreras/index.php?m=187
www.ub.edu.ar/verNotaCompleta.php?id=146
 http://www.utdt.edu/inscripcion.php?id_evento=601
Just a while ago, @ThisIsGame0ver had breached the official website of media giant Fox, accessing the files and editing them with a new login and password.

Fake tweets make Honey Singh see red

"That isn't me!" protests Honey Singh, currently under siege for his allegedly misogynist. Honey is amused to see fake Twitter accounts in his name doling out rubbish on his behalf. One of these self appointed Honey-hued Twitter imposters has even apologized for the rapper's "past mistakes".
Speaking exclusively to this writer Honey expostulates, "What past mistakes? Why should I apologize when I've repeatedly stated that I haven't written those filthy songs?On Twitter the handle @thehoneysingh1 is a fake ID. My original Twitter is @asliyoyo. I am amused at how far my haters can go to discredit me. They are not only creating fake filthy songs in my name they are also creating fake Twitter accounts to bring me down." Worse still television channels and the print medium are picking up the fake tweets and using them as Honey Singh's quotes.
Says the bemused rapper, "I am surprised to see myself being quoted on television channels and newspapers with words I never said. Please understand that tweets from @thehoneysingh1 are not mine.Someone is impersonating me on Twitter." Honey Singh has initiated strict action against microblogging imposters. Says the exasperated musician, "The last thing I need right now is others making statements on my behalf.I've been assured that the fake Twitter accounts will shut down in 24 hours. I am trying to get it done even faster."

Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other.
Hacker start with "The Notorious Hackers are Back" , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , "and they copied my index as well," he said.

Anyway, deface page said, "on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood."

Zone-h of all defaced sites are available here.

Defaced domains are :

Update: "Zombie_Ksa"  Founder of Pakbugs Team make an official statement on his website - http://pakbugs.com/ that he was not involved in this hack against Israel. 

Also he expose that how hackers manage to hack these sites. In the Ezine, he Zombie said that, Israeli domain registrar website http://www.galcomm.com/ having a working MsSQL Injection vulnerability, which allow hackers to extract credentials of all domains from registrar database.

He added,"website is poorly coded in .NET And many more Injectable Links, so these skids must have used some GUI SQLi for example: Havij and many other, and simply logged in account change DNS to their server! and uploaded defacement index".

More comments added by him," well, i guess here it ends, so you see how simple it was huh? so Khantastic Script kiddie, stop using my name stop scamming other ppl using my handle, make your own, And ah! i almost forgot these skids copied my Index as well which i used in 2010 when i defaced NR3C, here's link: http://www.zone-h.org/mirror/id/10093092 how skids they are they even copied my index! c'mon who does that? huh? you guys can't even make an index? and oh i wanna tell one more thing that Zombie_KsA ( Me ) I DON'T DEFACE ANYMORE! I keep access on servers only! i dont deface anymore".

Download Cricket Power-Play Game for all iOS [Download Link Available]

For all the cricket fans all over the world, Cricket Power-Play is now available for download. Are you ready to step into the league of the most devastating batsman in the game?  Terrorize the bowlers with your big-hitting skills during the Power-Play overs, in this exciting, realistic and feature.
The game is a delight for the people who love power-hitting and want to remain ahead of the opponent bowlers. The game is designed with users playing in the power-plays and can have a full-go at the bowlers. An easy user interface is a silent feature of this particular game. Users can have choose the teams of their choices for playing matches and can even have some warm-ups at the practice nets.
Requirements: Compatible with iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPod touch (3rd generation), iPod touch (4th generation), iPod touch (5th generation) and iPad. Requires iOS 5.0 or later. This app is optimized for iPhone 5.
Click here to download Cricket Power-Play via iTunes. 

PayPal Awards USD 10,000 to Pakistani Hacker for Reporting Vulnerability

An ethical hacker, security researcher and a writer Rafay Baloch was paid total USD 10,000 for reporting a Code Execution / Command Execution vulnerability on the sub-domain of Paypal.
Paypal had started a *Bug Bounty program* for security experts around the world to report any bug or vulnerability if found on their server.
The hacker writes on his official blog that while testing Paypal’s server, he found a critical command execution vulnerability allowing hackers to execute any command on the server.
Rafay was initially paid USD 600 for reporting XSS Vulnerability on the main site of Paypal, later after reporting several other bugs, the company paid more USD 6000 for his expert services which obviously saved Paypal from a disaster and embarrassment.
Here is a screenshot of an email conversation between Rafay and a Paypal representative about money reward.


He claims that at the moment more then 20 of his reported vulnerabilities are still being validated by Paypal and it will not be a proper time to disclose the types of vulnerabilities.
However, money is not the only thing awarded to Rafay, Paypal has also offered him a job as a Senior Pentester A.K.A SecurityNinja in their HQ at San Jose, USA.
Here is another screenshot of an email conversation between Rafay and a Paypal representative Colley Grace regarding job officer at PayPal.

Speaking with HackRead, Rafay said that:

He feels great and proud to serve his nation by providing the cyber world a secure future.

If you would like to contact Rafay Baloch, he is available on Twitter and of course you can send him an email on his blog.

Google, Facebook and others brace for more scrutiny from US regulators

SAN FRANCISCO: Silicon Valley lobbied hard in Washington in 2012, and despite some friction with regulators, fared fairly well. In 2013, though, government scrutiny is likely to grow. And with this scrutiny will come even greater efforts by the tech industry to press its case in the nation's capital and overseas.

In 2012, among other victories, the industry staved off calls for federal consumer privacy legislation and successfully pushed for a revamp of an obscure law that had placed strict privacy protections on Americans' video rental records. It also helped achieve a stalemate on a proposed global effort to let Web users limit behavioral tracking online, using Do Not Track browser settings.

But this year is likely to put that issue in the spotlight again, and bring intense negotiations between industry and consumer rights groups over whether and how to allow consumers to limit tracking.

Congress is likely to revisit online security legislation - meant to safeguard critical infrastructure from attack - that failed last year. And a looming question for Web giants will be who takes the reins of the Federal Trade Commission, the industry's main regulator, this year. David C. Vladeck, the director of the commission's Bureau of Consumer Protection, has resigned, and there have been suggestions that its chairman, Jon Leibowitz, would step down.

The agency is investigating Google over possible antitrust violations and will subject Facebook to audits of its privacy policy for the next 20 years. Its next steps could serve as a bellwether of how aggressively the commission will take on Web companies in the second Obama administration.

"Now that the election is over, Silicon Valley companies each are thinking through their strategy for the second Obama administration," said Peter Swire, a law professor at Ohio State University and a former White House privacy official. "The FTC will have a new Democratic chairman. A priority for tech companies will be to discern the new chair's own priorities."

In early 2012, an unusual burst of lobbying by tech companies helped defeat anti-piracy bills, which had been backed by the entertainment industry. Silicon Valley giants like Facebook and Google feared that the bills would force them to police the Internet.

At the end of the year, Silicon Valley also got its way when the Obama administration stood up against a proposed global treaty that would have given government authorities greater control over the Web.

The key to the industry's successes in 2012 was simple: it expanded its footprint in Washington just as Washington began to pay closer attention to how technology companies affect consumers. "Privacy and security became top-tier important policy issues in Washington in 2012," said David A. Hoffman, director of security policy and global privacy officer at Intel.

"Industry has realized it is important to be engaged," he continued, "to make sure government stakeholders are fully informed and educated about the role that new technology plays and to make sure any action taken doesn't unnecessarily burden the innovation economy while still protecting individual trust in new technology."

At the end of 2012, tech companies were on track to have spent record amounts on lobbying for the year. In the first three quarters, they spent close to $100 million, which meant that they were likely to surpass the $127 million they spent on lobbying in 2011, according to an analysis by the Center for Responsive Politics, a Washington-based nonpartisan group that tracks corporate spending. Even the venture capital firm Andreessen Horowitz hired a lobbyist in Washington: Adrian Fenty, a former mayor of the city.

Technology executives and investors also made generous contributions in the 2012 presidential race, luring both President Barack Obama and Mitt Romney to Northern California for fundraisers and nudging them to speak out on issues like immigration overhaul and lower tax rates.

In a blog post in November, the center said Silicon Valley's lobbying expenditures have ballooned in recent years, even as spending by other industries has fallen.

Facebook more than doubled its lobbying outlay in the year, reporting close to $2.6 million through the third quarter of 2012. Google spent more than any other company in the industry, doling out more than $13 million in the same period and more than double its nearest competitor, Microsoft, which spent just over $5.6 million in the same period. Among Google's advocates on Capitol Hill is a former Republican congresswoman, Susan Molinari, who heads Google's office in Washington.

Google has particular reason to be engaged. It faces a wide-reaching antitrust investigation by the Federal Trade Commission, just as Microsoft did a decade ago. At issue is whether Google's search engine results favor Google products over its rivals'.

Although the agency was ready to settle that case before the holidays, without harsh remedies, late last month it shelved the inquiry and put stronger penalties back in play. A resolution is expected in January.

The commission has already fined Google on a separate matter. In 2012, the company paid $22.5 million to settle charges that it had bypassed privacy settings in Apple's Safari browser to track users and serve them targeted advertisements.

Facebook has vastly expanded its Washington presence in recent years. It has set up a political action committee, hired a stable of seasoned, well-connected insiders from both parties and offered tips to lawmakers in an effort to make its site indispensable to politicians seeking re-election.

Facebook scored a win on Capitol Hill in late 2012 when it nudged Congress to amend a 1988 law, the Video Privacy Protection Act, that had protected the privacy of Americans' video rental records. Facebook and its partner, Netflix, the video streaming service, advocated for changes in the law so that movies watched on Netflix could be shared on Facebook. That kind of data can be valuable for behavioral advertising, a principal source of revenue for Web services like Facebook.

The company also attracted increased scrutiny from the FTC. The agency negotiated a consent order with Facebook to settle charges that it had engaged in "unfair and deceptive practices" when changes in its settings revealed personal information that Facebook users had regarded to be private. As part of the settlement, Facebook agreed to audits of its privacy policies for 20 years.

Facebook faced renewed public outcry last month when its subsidiary, Instagram, proposed to deploy users' pictures to serve targeted advertisements. The company has backtracked on that proposal, but the outcry, say consumer privacy advocates, is an indication of public sentiment.

"Yes, the industry managed to hold off privacy legislation this year," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. "But if the end-of-year protests over the Facebook and Instagram changes are any indication, users will be pressing for better privacy protections in the next Congress."

Silicon Valley's lobbying efforts are also likely to expand across the Atlantic in 2013. Both Facebook and Google have faced off with European regulators over privacy issues. Now, the European Parliament is weighing an overhaul of data protection laws that apply across the Continent.

One of the proposed changes requires Web companies to ask European Union citizens for their explicit consent before collecting personal data for targeted Web advertising. Web companies vigorously oppose that and other proposals.