4 Argentinian Universities Hacked, Login Credientials Leaked by @ThisIsGame0ver

A hacker by the handle of Barbaros-DZ from Algeria has hacked and deface 32 Chinese government websites. 
The hacker contacted us about his latest hack in which he defaced 32 important Chinese government owned websites, the hacker left his deface page and a message on all the hacked websites but reason for hacking the sites was not mentioned.
ccording to the message:

Hacked by Barbaros-DZ Algerian Hacker
Greetz: Bb0yH4cK3r_Dz | BOB_Dz | Dz Mafia | HTC 28 DZ | Kader11000
Ked Ans | Smail002 | TiGER-M@TE | The-DarKKn!ght | x00t | yasMouh
www.dz4all.com | www.dz-mafia.net | www.elkadimoun.org | www.htc28dz.net | www.htc-hacker.com
Contact: barbaros “@” live.ru
To be continued…

The targeted websites belong to high profile and decision making authorities in China, for example:
The website of Organization Department of the Communist Party of China Central Committee , a department of the Secretariat of the Communist Party of China Central Committee that controls staffing positions within the CPC.
zyz.ajdj.gov.cn
Mirror of the hacked website: 
http://www.zone-h.org/mirror/id/18775446
The website of China’s Jingde County Standing Committee
jdxrdcwh.gov.cn
Mirror of hacked website: 
http://www.zone-h.org/mirror/id/18780729
The website of Jurong Police Information Network
jrga.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779719
The website of Jiawang District, People’s Government Information Network Center
http://w08.xzjw.gov.cn/
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776093
The website of Jiaozuo City Office of Emergency Management
yjglbgs.jiaozuo.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776703
The website of Yancheng District Department of Transportation
jtj.lhyc.gov.cn/
Mirror of hacked website: 
http://www.zone-h.org/mirror/id/18776790
The website of Zhangpu county in southern Fujian of China 
en.zhangpu.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778811
The website of Jiamusi Environmental Emergency Command Center
hjzx.jms.gov.cn/
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778901
The website of  Henan Province Industry and SME Service Bureau of Information Technology
zxqylm.smehen.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778920
The website of Jiawang urban shantytowns headquarters
cgb.xzjw.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776079
The website of  Tangxia Town School
hlcz.jmpj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776633
The website of Delingha Civil Air Defense
dlhrfb.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779472
The website of Jinzhong City Softball Association
roliball.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18779407
The website of Yima City East Regional Office
ymdq.gov.cn
http://www.zone-h.org/mirror/id/18778949
This website is unknown to me
http://www.bcjw.gov.cn/
http://www.zone-h.org/mirror/id/18778759
The website of Ziyang Government Yanjiang Baotai
btzf.gov.cn
Mirror of hacked website
http://www.zone-h.org/mirror/id/18778752
The website of Quanjiao Tourism Sports Association:
qjwtj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778750
The website of Red Dragon home improvement network
hljtf.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18778681
The website of Environmental Network group
hljepb.gov.cn
http://www.zone-h.org/mirror/id/18776870
An other unknown Chinese government website
jchd.gov.cn
Mirror of the hacked website:
http://www.zone-h.org/mirror/id/18776818
The website of Business Corporation group
 hbwnmc.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776808
An other unknown hacked site
dpfpymj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776706
The website of Bureau of Justice Yandu County:
ydsfj.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776162
The website of Intellectual property office of Zhaotong City, Yunnan Provence Science and Technology Bureau
ztst.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18776098
The website of Jianshi County, Organization Department
jsdjw.gov.cn
Mirror of hacked website:
http://www.zone-h.org/mirror/id/18775047
To view all the hacks done by Barbaros-DZ Algerian hacker on China, click here
At the time of publishing this article, some of the sites were restored while some of the sites were taken offline.

4 Argentinian Universities Hacked, Login Credientials Leaked by @ThisIsGame0ver

The @ThisIsGame0ver hacker has hacked into four Argentinian universities and leaked their database online. 
The method which was used to access the database was simple SQL injection on all four websites. The hacker has posted the data online which is available on Pastebin.
The hack was accounted by the hacker on his official Twitter account, while on the Pastie, @ThisIsGame0ver mentioned that the reason for targeting universities site was to protest against the high fee.

According to the message: 

Universities, Fuck your Fee’s, Knowledge and Information should be free.. Forever & Always – #GameOver

The leaked data contains usernames, staff ids, emails, staff or students plain text passwords, admin login & passwords and other database related info. 
You can access the data on Pastebin by clicking here
Vulnerable links of targeted websites are given below:
http://fido.palermo.edu/servicios_dyc/docentesdc/claustro-docente/curriculum.php?id_docente=189
http://www.fi.uba.ar/carreras/index.php?m=187
www.ub.edu.ar/verNotaCompleta.php?id=146
 http://www.utdt.edu/inscripcion.php?id_evento=601
Just a while ago, @ThisIsGame0ver had breached the official website of media giant Fox, accessing the files and editing them with a new login and password.

Fake tweets make Honey Singh see red

"That isn't me!" protests Honey Singh, currently under siege for his allegedly misogynist. Honey is amused to see fake Twitter accounts in his name doling out rubbish on his behalf. One of these self appointed Honey-hued Twitter imposters has even apologized for the rapper's "past mistakes".
Speaking exclusively to this writer Honey expostulates, "What past mistakes? Why should I apologize when I've repeatedly stated that I haven't written those filthy songs?On Twitter the handle @thehoneysingh1 is a fake ID. My original Twitter is @asliyoyo. I am amused at how far my haters can go to discredit me. They are not only creating fake filthy songs in my name they are also creating fake Twitter accounts to bring me down." Worse still television channels and the print medium are picking up the fake tweets and using them as Honey Singh's quotes.
Says the bemused rapper, "I am surprised to see myself being quoted on television channels and newspapers with words I never said. Please understand that tweets from @thehoneysingh1 are not mine.Someone is impersonating me on Twitter." Honey Singh has initiated strict action against microblogging imposters. Says the exasperated musician, "The last thing I need right now is others making statements on my behalf.I've been assured that the fake Twitter accounts will shut down in 24 hours. I am trying to get it done even faster."

Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other.
Hacker start with "The Notorious Hackers are Back" , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , "and they copied my index as well," he said.

Anyway, deface page said, "on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood."

Zone-h of all defaced sites are available here.

Defaced domains are :

Update: "Zombie_Ksa"  Founder of Pakbugs Team make an official statement on his website - http://pakbugs.com/ that he was not involved in this hack against Israel. 

Also he expose that how hackers manage to hack these sites. In the Ezine, he Zombie said that, Israeli domain registrar website http://www.galcomm.com/ having a working MsSQL Injection vulnerability, which allow hackers to extract credentials of all domains from registrar database.

He added,"website is poorly coded in .NET And many more Injectable Links, so these skids must have used some GUI SQLi for example: Havij and many other, and simply logged in account change DNS to their server! and uploaded defacement index".

More comments added by him," well, i guess here it ends, so you see how simple it was huh? so Khantastic Script kiddie, stop using my name stop scamming other ppl using my handle, make your own, And ah! i almost forgot these skids copied my Index as well which i used in 2010 when i defaced NR3C, here's link: http://www.zone-h.org/mirror/id/10093092 how skids they are they even copied my index! c'mon who does that? huh? you guys can't even make an index? and oh i wanna tell one more thing that Zombie_KsA ( Me ) I DON'T DEFACE ANYMORE! I keep access on servers only! i dont deface anymore".

Download Cricket Power-Play Game for all iOS [Download Link Available]

For all the cricket fans all over the world, Cricket Power-Play is now available for download. Are you ready to step into the league of the most devastating batsman in the game?  Terrorize the bowlers with your big-hitting skills during the Power-Play overs, in this exciting, realistic and feature.
The game is a delight for the people who love power-hitting and want to remain ahead of the opponent bowlers. The game is designed with users playing in the power-plays and can have a full-go at the bowlers. An easy user interface is a silent feature of this particular game. Users can have choose the teams of their choices for playing matches and can even have some warm-ups at the practice nets.
Requirements: Compatible with iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPod touch (3rd generation), iPod touch (4th generation), iPod touch (5th generation) and iPad. Requires iOS 5.0 or later. This app is optimized for iPhone 5.
Click here to download Cricket Power-Play via iTunes. 

PayPal Awards USD 10,000 to Pakistani Hacker for Reporting Vulnerability

An ethical hacker, security researcher and a writer Rafay Baloch was paid total USD 10,000 for reporting a Code Execution / Command Execution vulnerability on the sub-domain of Paypal.
Paypal had started a *Bug Bounty program* for security experts around the world to report any bug or vulnerability if found on their server.
The hacker writes on his official blog that while testing Paypal’s server, he found a critical command execution vulnerability allowing hackers to execute any command on the server.
Rafay was initially paid USD 600 for reporting XSS Vulnerability on the main site of Paypal, later after reporting several other bugs, the company paid more USD 6000 for his expert services which obviously saved Paypal from a disaster and embarrassment.
Here is a screenshot of an email conversation between Rafay and a Paypal representative about money reward.


He claims that at the moment more then 20 of his reported vulnerabilities are still being validated by Paypal and it will not be a proper time to disclose the types of vulnerabilities.
However, money is not the only thing awarded to Rafay, Paypal has also offered him a job as a Senior Pentester A.K.A SecurityNinja in their HQ at San Jose, USA.
Here is another screenshot of an email conversation between Rafay and a Paypal representative Colley Grace regarding job officer at PayPal.

Speaking with HackRead, Rafay said that:

He feels great and proud to serve his nation by providing the cyber world a secure future.

If you would like to contact Rafay Baloch, he is available on Twitter and of course you can send him an email on his blog.

Google, Facebook and others brace for more scrutiny from US regulators

SAN FRANCISCO: Silicon Valley lobbied hard in Washington in 2012, and despite some friction with regulators, fared fairly well. In 2013, though, government scrutiny is likely to grow. And with this scrutiny will come even greater efforts by the tech industry to press its case in the nation's capital and overseas.

In 2012, among other victories, the industry staved off calls for federal consumer privacy legislation and successfully pushed for a revamp of an obscure law that had placed strict privacy protections on Americans' video rental records. It also helped achieve a stalemate on a proposed global effort to let Web users limit behavioral tracking online, using Do Not Track browser settings.

But this year is likely to put that issue in the spotlight again, and bring intense negotiations between industry and consumer rights groups over whether and how to allow consumers to limit tracking.

Congress is likely to revisit online security legislation - meant to safeguard critical infrastructure from attack - that failed last year. And a looming question for Web giants will be who takes the reins of the Federal Trade Commission, the industry's main regulator, this year. David C. Vladeck, the director of the commission's Bureau of Consumer Protection, has resigned, and there have been suggestions that its chairman, Jon Leibowitz, would step down.

The agency is investigating Google over possible antitrust violations and will subject Facebook to audits of its privacy policy for the next 20 years. Its next steps could serve as a bellwether of how aggressively the commission will take on Web companies in the second Obama administration.

"Now that the election is over, Silicon Valley companies each are thinking through their strategy for the second Obama administration," said Peter Swire, a law professor at Ohio State University and a former White House privacy official. "The FTC will have a new Democratic chairman. A priority for tech companies will be to discern the new chair's own priorities."

In early 2012, an unusual burst of lobbying by tech companies helped defeat anti-piracy bills, which had been backed by the entertainment industry. Silicon Valley giants like Facebook and Google feared that the bills would force them to police the Internet.

At the end of the year, Silicon Valley also got its way when the Obama administration stood up against a proposed global treaty that would have given government authorities greater control over the Web.

The key to the industry's successes in 2012 was simple: it expanded its footprint in Washington just as Washington began to pay closer attention to how technology companies affect consumers. "Privacy and security became top-tier important policy issues in Washington in 2012," said David A. Hoffman, director of security policy and global privacy officer at Intel.

"Industry has realized it is important to be engaged," he continued, "to make sure government stakeholders are fully informed and educated about the role that new technology plays and to make sure any action taken doesn't unnecessarily burden the innovation economy while still protecting individual trust in new technology."

At the end of 2012, tech companies were on track to have spent record amounts on lobbying for the year. In the first three quarters, they spent close to $100 million, which meant that they were likely to surpass the $127 million they spent on lobbying in 2011, according to an analysis by the Center for Responsive Politics, a Washington-based nonpartisan group that tracks corporate spending. Even the venture capital firm Andreessen Horowitz hired a lobbyist in Washington: Adrian Fenty, a former mayor of the city.

Technology executives and investors also made generous contributions in the 2012 presidential race, luring both President Barack Obama and Mitt Romney to Northern California for fundraisers and nudging them to speak out on issues like immigration overhaul and lower tax rates.

In a blog post in November, the center said Silicon Valley's lobbying expenditures have ballooned in recent years, even as spending by other industries has fallen.

Facebook more than doubled its lobbying outlay in the year, reporting close to $2.6 million through the third quarter of 2012. Google spent more than any other company in the industry, doling out more than $13 million in the same period and more than double its nearest competitor, Microsoft, which spent just over $5.6 million in the same period. Among Google's advocates on Capitol Hill is a former Republican congresswoman, Susan Molinari, who heads Google's office in Washington.

Google has particular reason to be engaged. It faces a wide-reaching antitrust investigation by the Federal Trade Commission, just as Microsoft did a decade ago. At issue is whether Google's search engine results favor Google products over its rivals'.

Although the agency was ready to settle that case before the holidays, without harsh remedies, late last month it shelved the inquiry and put stronger penalties back in play. A resolution is expected in January.

The commission has already fined Google on a separate matter. In 2012, the company paid $22.5 million to settle charges that it had bypassed privacy settings in Apple's Safari browser to track users and serve them targeted advertisements.

Facebook has vastly expanded its Washington presence in recent years. It has set up a political action committee, hired a stable of seasoned, well-connected insiders from both parties and offered tips to lawmakers in an effort to make its site indispensable to politicians seeking re-election.

Facebook scored a win on Capitol Hill in late 2012 when it nudged Congress to amend a 1988 law, the Video Privacy Protection Act, that had protected the privacy of Americans' video rental records. Facebook and its partner, Netflix, the video streaming service, advocated for changes in the law so that movies watched on Netflix could be shared on Facebook. That kind of data can be valuable for behavioral advertising, a principal source of revenue for Web services like Facebook.

The company also attracted increased scrutiny from the FTC. The agency negotiated a consent order with Facebook to settle charges that it had engaged in "unfair and deceptive practices" when changes in its settings revealed personal information that Facebook users had regarded to be private. As part of the settlement, Facebook agreed to audits of its privacy policies for 20 years.

Facebook faced renewed public outcry last month when its subsidiary, Instagram, proposed to deploy users' pictures to serve targeted advertisements. The company has backtracked on that proposal, but the outcry, say consumer privacy advocates, is an indication of public sentiment.

"Yes, the industry managed to hold off privacy legislation this year," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. "But if the end-of-year protests over the Facebook and Instagram changes are any indication, users will be pressing for better privacy protections in the next Congress."

Silicon Valley's lobbying efforts are also likely to expand across the Atlantic in 2013. Both Facebook and Google have faced off with European regulators over privacy issues. Now, the European Parliament is weighing an overhaul of data protection laws that apply across the Continent.

One of the proposed changes requires Web companies to ask European Union citizens for their explicit consent before collecting personal data for targeted Web advertising. Web companies vigorously oppose that and other proposals.

What India Inc needs to do to create own Google

T- Time
Google is arguably the most innovative and successful company of our time. And it is no secret that Google allows each employee to work on anything she wants, for one day a week, no questions asked. Fifteen years later, Apple (the most valuable company in the world) is rumoured to be adopting the same concept. If India Inc wants to create the next Google, it needs to give its employees way more paid "experimental" time, so that they can think of inventing as much as doing.

F - Faking it
Faking never worked in the bedroom and it is high time India Inc stopped faking in the boardrooms.

Any stock analyst can thumb through a classic P&L and the balance sheet of a company and say what doesn't look true and fair. While cases like Satyam are rare, there is a strong undercurrent to "adjust" financial statements to suit market sentiment and book closing dates.

As Chinese stocks get hammered on US bourses, India Inc needs to examine its commitment to reporting its performance without manipulation. It will only benefit us, in the long run.

H - Hierarchy
I see a lot of hierarchy in India Inc. To navigate some Indian companies, you feel as if you need an Indiana Jones map! Hierarchy as a functional requirement is fine, but flatter is better.

Think of the Berlin Wall when you see your "Org Chart" in your company. You have to make it disappear, make the company approachable and faster in decision-making, with fewer people acting as barbed wires in between.

E - Esop is the new equity
Dhirubhai Ambani is the first premier of Indian equity. He placed Reliance shares in the hands of petty traders who could later marry off their daughters. NR Narayana Murthy is the second premier of Indian equity. He made many shareholders super rich by the massive wealth explosion of Infosys equity.

The new colour of wealth is Esops. Travel to Silicon Valley and see how Esops can motivate even God to join you! We need India Inc to be bold, generous and aggressive in distributing Esop wealth to attract the next Jack Welch.

U - Universities
Did you know that McDonald's corporation has a 1,30,000 sq ft university situated on an 80-acre campus? The university is aptly called Hamburger University and trains people in the restaurant business. When will India Inc invest in universities? When will we see a Motorcycle University of Bajaj Auto and a Textile University of Reliance?

The existing state-owned Indian universities are not sufficient to serve our youth, and only India Inc can invest in parallel, hybrid universities to train Indians to be proficient in a specific industry that will help in long-term career planning.

T - Technology
Indian Inc must technologise. The cocktail party conversation where CEOs "number thump" and say, "I have 3,000 working for me", is as passe as sticking to a Nokia phone. Or as juvenile as the vanity sticker that says, "My other car is a Porsche." Hiring more people in most cases means that you are technologically dumb.

India Inc desperately needs to fully embrace technology. I worked in my father's socks factory for 10 years and my satori (nirvana) moment was learning how technology could revolutionise silly socks. That knowledge liberated me and made me a tech entrepreneur.

Today, India Inc needs tech in manufacturing, supply chain management, just-in-time inventory logistics and much more.

U - Unisex
Why do I see so many men when I visit Indian offices? I glanced at the 5,000-odd visiting cards I've collected over the past 15 years, and figured that 70% belong to men.

India Inc top honchos really need to spend time with KV Kamath (ex-CEO and MD of ICICI) and understand how splendidly he groomed and promoted extraordinary women leadership at the ICICI group. Women leaders bring great equilibrium, poise and diversity to a company. They are required in equal if not large numbers, to create the perfect yin and yang balance of the future Indian conglomerate.

R - Revenue ideology
In Shakespeare's Julius Caesar, Brutus says, "There is a tide in the affairs of men/ Which, taken at the flood, leads on to fortune;/ Omitted, all the voyage of their life/ Is bound in shallows and in miseries./ On such a full sea are we now afloat;/ And we must take the current when it serves,/ Or lose our ventures."

I think the tide has come in — for India Inc to rethink its revenue ideology. India Inc must accept that great companies will not earn revenues by leveraging the cost arbitrage of wages of worker in the US vs those in India; or by applying a "cost plus" calculation; or, worst, by relying on protectionist policies. Instead, as avant-garde companies such as Cognizant are championing, India Inc will need to earn revenues on revenue-sharing terms, as success fees and on the broad structure of win-win.

Global firms are cut-throat. India Inc's revenue complexion must be more collaborative and variable than before.

E - Entrepreneurship
Entrepreneurs drive the engines of development and India Inc must support them. It must promote entrepreneurship within its ranks and fund mini venture funds that could liberally invest in start-ups, fully knowing that start-ups fail more than they succeed.

India Inc has the experience, balance sheet mojo and the connections for this. Appraisals must not only offer promotions, but also offer "entrepreneurs in residence".

P - Product first
At airports, I usually eat Cafe Coffee Day's Veg Slimmer's Sandwich for breakfast. It's delicious, but that's only when you are able to bite into it. You have to first navigate and negate the menacing cellotape seal.

India Inc sucks at putting products and services first. Think of the ketchup sachets you struggle to open. Or, try calling your operator.

We need to understand that unless we think like Apple and make our products and services delightful, we will not progress.

L - Losses are OK
India Inc is allergic to losses. It's understandable. But losses are a metric that could be overlooked to appreciate the broader picture. Consider Amazon. It loses millions, but it is worth billions and has revolutionised e-commerce.

India Inc must work to amend rules to allow listing of loss-making companies. It's only fair that the public decides if they like such companies.

Top 10 Online Scams of 2012 and Prediction for 2013

Online scamming has these days have become more then simple crimes these days. Criminals see them as a business more than a crime committed by them. 2012 saw a tremendous increase in the scams carried by the criminals, not only the scams got increased but they also got sophisticated too. Ordinary people faced huge losses due to this. Billions were robbed and some significant information was also stolen. Let’s have a look at top 10 scams of 2012:

1. ATM thefts and skimming through devices: This type of crime has although dropped down a bit this year but, it’s still one of the major form of crime carried out by the criminals.
2. Hit and run scams: This is a fraud done by carrying out campaigns on fake cause, after getting money the criminal see to run away. Usually, fake organizations are made for this.
3. Economy-related scams: These are fraudulent schemes carried by the organization that are said to be related to the government. Loan modification scheme is one of the types of this scam.
4. Investment scams: In this type of scam, usually online promotion is done to invest in their program and huge rewards are shown against them.
5. Impostors/Grandparents scams: This type of scam is done by targeting the old folks, the scam schemes related to old people could be related to this type of scam. These days a popular type of scam.
6. Nigerian and advance fee scams: These are quite clear form of scams in which advance fees are taken from the people and then being vanished.
7. Lottery scams: This is one of the oldest forms of scams in which fake lotteries could be sold and people can be scammed.
8. Internet sales: This type of scam has increased quite a lot during recent year. These include: selling things through free classifieds, posting fake things and then after taking payment getting vanished. Fake sites selling fake things could also be related to it.
9. Malware: Probably one of the most popular scams of this year, a lot of damage has been done by malwares. Not only people’s systems are affected but they also have been financially hit.
10. Phishing and identity theft: This type of scam is carried out by all the above stated scams; it’s one of the crimes of all.

For 2013, all these are predicted to get a lot more sophisticated and increased in numbers. Another crime, that is not stated above is a dating scams. Not stating it above doesn’t means that it has not been carried in the ongoing year. But, the frequency and sophistication of this crime doesn’t allow it to enter in top 10 of this year’s scams. What will make this particular scam a lot more popular in 2013, according to the scam busters:
“Increasing divorce rates from middle age onwards and the ease of seeking a new partner via the Internet for older age groups could make it a more significant source of scams. It’s an outside bet”.

Microsoft set to launch Microsoft Windows Phone 8

On 29 October, Microsoft is going to launch its new operating system-Microsoft Windows Phone 8- at an event in San Francisco. This OS has already been released for tablets and PCs, but now, it would be launched for smartphones out there. This event would take place at the Bill Graham Civic Auditorium, where the official launch of the smartphone’s version would be witnessed, employing Nokia and other companies’ phones for a test-run.

As witnessed, this year proved to be full of activities for Microsoft Inc. considering the release of Office 2013, a refurbished Bing search engine, Windows Server 2012, and now finally, an operating system. Nokia, which is the main auxiliary company in terms of promotion, is heavily counting on Microsoft to present a good-enough OS that would save its Nokia Lumia 820 & Lumia 920’s market. Unfortunately, up till now, Nokia has been reported of a $1.27 billion third-quarter loss (till Oct.18), mainly because of its ‘declining sales’ in the Lumia chronology. These Lumia phones in the line-up were using Windows Phone 7 which managed to attain a sales level of only 2.9 million units internationally, where it fell from 4 million units in the second quarter of the year.

Microsoft’s decision of not upgrading Windows Phone 7 to 8 was certainly a shocker for Nokia, where consumers see those prior phones less attractive. The reason, being explained by Microsoft at the Windows Phone Summit, was that the new WP8 was primarily designed to be compatible with multi-core processors, where WP7 had a single-core. However, they gave a solution to owners of older phones to upgrade it to WP7.8 from a WP7.5 version. Apart from this, Samsung and HTC have also revealed phones supporting WP8

Michael Walkley, an analyst with Canaccord Genuity, considers that Nokia’s per ceptibility for 2013 is difficult on the basis of its business units. He also said that even Microsoft launches its WP8, it would be challenging for Nokia to regain or attain the position it searches for. Well, that seems considerably convincing, especially after acknowledging that the biggest giants of smartphone OS that are Google Android and Apple iOS, have a market share of 68 percent and 16.9 percent, respectively. Windows Phone has had a market share of only 3.5 percent, which is lower than the old & retired Symbian OS which hovers at 4.4 percent!\

The ‘beleaguered’ RIM (Research in Motion) was even better off than WP (Windows Phone), as Blackberry smartphones positioned themselves third with a 4.8 percent market share. So, it seems legit why Nokia is distressed for its future. But nothing can be said until the new Windows Phone 8 OS comes in action.
Personally, I believe that with the tremendous features of Nokia Lumia 920, users won’t be much bothered with the Windows Phone 8.

Microsoft’s India store hacked, usernames & passwords leaked by Chinese hackers

Chinese hacking group called Evil Shadow Team has hacked and leaked usernames & passwords of Microsoft India www.microsoftstore.co.in on Sunday night. Logins details belong to people who use to shop online on Microsoft Indian’s website. It has been reveled that the login details were stored without any password or encryption in a plain text file.

After a success hack attack by Chines hackers, Microsoft India took the website for maintenance, which is still down at the time this article was written. While Microsoft has urged users to change their passwords id .

Last year it was Lulzec to take down SONY website and now Chinese hackers. Such hacks are rising growing concern over cyber security and how safe it is to shop online.

Samsung Series 5 Ultra Touch Laptop Review

Samsung series 5 ultra touch is the first windows 8 ultrabook laptop. It’s a wonderful laptop, which is the first one specifically designed for Microsoft’s new operating system i.e. Windows 8. The laptop isn’t as aerodynamic as the series 9′s laptops, but, it’s not more less then it. It has an aluminum and fiberglass exterior and is really thin only 16 mm !

The screen is 13.3 inched with 1366 x 768 resolutions. The screen and the bezel of the laptop has nearly border between, them which is same as any windows certified laptop. The edge-swipe gestures are really easy to carry out on this ten-point capacitive touch screen. The display is of the laptop is bright and clear, the screen that doesn’t gets faded with continuous working most of the laptop’s screen are found in good working even after hours of working on it.

The black Island keyboard of this fantastic one, nice on fingers provides perfect grip to the people typing on this keyboard. The keyboard unlike screen isn’t border-less. For long hours of typing, the keyboard is perfect as it doesn’t makes the fingers feel tired and enables long hours of work on the laptop.

The Samsung series powered by a powerful CPU of Intel Core i7-3517U dual-core. Furthermore, it also consists of 1600 MB DDR-III ram with 500 GB of storage available. So, the laptop could be said as a mighty treasure box in terms of storage. According to a leading website the PC world, series 5′s CPU outperformed other CPU by some margin:
“The Series 5 outperformed its Core i5-based counterparts in most CPU-based benchmarks, which we expected. However, in long-running benchmarks that make heavy use of both processor cores, such as PCMark 7’s Computation test and Cinebench R11, performance was disappointing. In fact, in Cinebench, it was the lowest we’ve seen from any current-generation Intel Core CPU.”
The overheating of the laptop is being nullified by an extra external fan for keeping the processor cool and long lasting. Previously, the overheating of the laptop made a negative impact on the overall performance of the laptop but now this issue has been fixed in new generation’s this series 5 laptop.
The battery time of the laptop is over 4 hours which is really good for any laptop which requires continues working. So, all and all this particular has been one of the success stories from the home of Samsung, though, it’s portability is still a question mark. But, it also depends upon the person who is using it regarding how he uses it signifies the life time of the laptop. The price of the laptop is around $1699 involving GST.

Facebook vulnerability allowed hackers to record video of user and post in his wall

A Cross Site Request Forgery(CSRF) vulnerability in Facebook allowed hackers to record video of target users and post in the victim's wall. The vulnerability was discovered by security researchers Aditya Gupta and Subho Halder, from XYSEC Team .

A malicious hacker could record trick a user to silently record his webcam video and publish it to his facebook wall, without the user even knowing about it.

In a youtube video, researcher demonstrate how an attacker could exploit this vulnerability in a Youtube video.

Four months after researcher notified facebook about the security flaw, facebook finally emailed them that their finding is eligible to receive a bug bounty of $2500, that will come as a Facebook WhiteHat Debit Card.

Hackers breached Restaurant Depot's POS network again & accessed credit card info

Hackers once again breached the Point-of-Sale(POS) network of Restaurant Depot, New York based wholesale supplier. The hackers managed to steal credit and debit card details from the card processing system they use in some of their stores.

 The company discovered the security breach on December 4th 2012 when thier customers had experienced credit card fraud after they used their cards at some of our stores.

They hired Trustwave on December 6th to investigate the intrusion. After the investigation, researchers determined that the intrusion first started on Nov 7th 2012. Researchers are still in the process of identifying all the details and are continuing their investigation.

The company notified all the major card brands and provided information about potentially compromised accounts.
This is not the first time the company experiencing the security breach , in the 2011, Russian hackers hacked into Restaurant Depot database and accessed the credit and debit card details of more than 200,000 customers.

Google, Paypal, Facebook Internal IP disclosure vulnerability

Do you have any idea about an Internal IP Address or a Private IP Address that too assigned for Multinational Companies? Yeah, today we are gonna discuss about Internal IP or Private IP address Disclosure.

Disclosure of an Internal IP like 192.168.*.* or 172.16.*.* , can really Impact ? Most security researchers call it as "bull shit" vulnerability. But when it comes to impact calculation even if the server is behind a firewall or NAT, an attacker can see internal IP of the remote host and this may be used to further attacks.
Internet Giants like Facebook, Google, PayPal and Serious National Security organizations like FBI, Pentagon and NASA are taking initiatives for their Security Issues. At same, we at 'The Hacker News' stand together for organizations that talk about national security in a serious way.

I guess,its the time to understand about the flaws and its impacts where I would like to share my findings about our Internet Giants and Organizations.

Indian IT sector: Winners of 2012

BANGALORE: India's $100-billion IT industry in 2012 saw the emergence of new companies to serve global and local markets and sustained growth, despite tough business conditions.

For the bellwethers, the year was a turbulent one with Infosys and Wipro struggling to stay afloat while numero uno TCS withered headwinds to stay ahead even as distant competitor Cognizant challenged their dominance.

The industry sustained its growth trajectory despite technology challenges and tough market conditions by adopting new business models, driving organisational efficiencies and offering a host of new services around cloud, mobility, analytics, social media and collaboration in a multi-device connected world.

"European debt crisis, change of guard in China, US presidential elections and slowdown in world economy, including India, have affected the industry's growth rate as discretionary spending and investments for expansion or innovation have been put on hold," said a top industry representative.

Implementing lessons learnt from previous cycles of ups and downs, especially during the tech meltdown in 2008-10, the industry and especially its bellwethers have consolidated operations, forayed into new domains and diversified service offerings to create multiple revenue streams in traditional and emerging markets.

"A paradigm shift in technology trends and application is leading to emergence of new companies from India to serve global and local markets," Som Mittal, National Association of Software and Services Companies (Nasscom) president, told IANS.

"The domestic market is also witnessing increasing technology adoption in the government sector and the small and medium enterprise (SME) sector for efficient and faster delivery of services and products."

The domestic market is expected to grow 13-16 percent this fiscal as against 17 percent last fiscal to Rs.91,800 crore (Rs.918 billion) from Rs.78,600 crore (Rs.786 billion) in 2010-11.

Software exports are expected to grow 11 per cent this fiscal to $77 billion despite currency volatility from $69 billion in 2011-12, according Nasscom.

The year has, however, been most challenging to global software majors Infosys and Wipro, which have gone through a change in top management and facing the heat of competition from global peers, including TCS and US-based non-resident Indians (NRIs) funded Cognizant Technology Solutions Corporation.

First time in many years, Infosys halved its annual revenue forecast to five per cent in July in April. Also, its strategic shift to 3.0 version is yet to make impact on its marquee clients for cutting big deals.

It bought the Zurich-based consulting firm Lodestone for $349 million (Rs.1,932 crore) September 11 for strategic fit.

Sailing in the same boat, Wipro too went through a management rejig and in the process took time to get its act for clinching new deals and driving volume growth.

In a strategic move in November, the company decided to hive off its non-IT business into a separate entity from next fiscal (2013-14).

In contrast, TCS has been able to maintain double digit growth on annualized basis with better pricing and flexible billing. It also became the first IT major to cross the $10-billion revenue milestone early this year.

The industry as a whole managed to grow in double digit this fiscal (2012-13) so far though less than 16 per cent last fiscal (2011-12), unlike the global financial crisis in 2009-10 when the sector's export growth rate slumped to single digit (six per cent).

"We feel the worst is behind us and hope for a turn-around of the global economy in 2013 to fuel higher growth in the industry, as technology is increasingly becoming an integral part of every industry," said Mittal.

Industry highlights in 2012

* Global and local factors affect industry growth rate as IT budgets pared

* Industry to maintain double digit growth despite slowdown

* Domestic market to grow better than export markets due to steady demand

* Infosys & Wipro most affected while TCS & Cognizant breathe easy

* TCS first IT firm to cross $10-billion revenue mark

Why IT companies are looking to set up facilities in Andhra Pradesh

NEW DELHI: Wipro said its shareholders have approved the company's plans to hive off non-IT business into unlisted arm.

"The shareholders at the court convened meeting held on December 28, 2012, have approved the scheme of arrangement between Wipro Ltd (demerged company), Azim Premji Custodial Services Pvt Ltd (resulting company) and Wipro Trademarks Holding Ltd (trademark company)," it said in a BSE filing.

Following the announcement, Wipro's shares jumped 1.34 per cent from its previous closed on the BSE to Rs 396.50.

A total of 393 shareholders were present at the Extra-ordinary General Meeting, including 18 from promoters and promoter groups, the filing said. The company has about 235,598 number of shareholders.

Wipro, which is the country's third largest software firm, had announced last month that it will demerge its non-IT businesses like Consumer Care & Lighting into a new company to focus exclusively on information technology.

Wipro Ltd will continue to remain a publicly listed company focusing exclusively on IT.

The unlisted firm will be called Wipro Enterprises and include Wipro Consumer Care & Lighting (including furniture business), Wipro Infrastructure Engineering (hydraulics and water businesses) and Medical Diagnostic Product & Services business.

The board of Wipro remains unchanged and the demerger of the non-IT units will have no impact on the company's management structure, Wipro had said.

Wipro is a part of the $100-billion Indian IT industry and competes with the likes of Tata Consultancy Services and Infosys besides global players like IBM and Accenture.

With increased focus on its core business, the company is expected to better compete as the sector is witnessing stiff competition amid flat IT budgets due to economic slowdown.

Why IT companies are looking to set up facilities in Andhra Pradesh

HYDERABAD: Andhra Pradesh plans to spare information technology companies from the crippling power cuts that all others are subjected to, an unprecedented step as the Congress government attempts to shore up the state's image as an investment destination which has been tattered by political instability and a separatist agitation. The proposed move, which has to be approved by Andhra Pradesh's electricity regulator, is the first such by any state in India.

The cost of special treatment for IT companies may not be very high for the government because the sector consumes about 6% of the state's electricity. But in terms of perception, it could be a winner because Andhra Pradesh is home to companies such as Microsoft, Google, Facebook, Tata Consultancy Services, Infosys and Wipro. At 53,000 crore, Andhra Pradesh is the fourth-largest software exporter in the country, accounting

After PM, Sheila is the target on social media

NEW DELHI: After Prime Minister Manmohan Singh's "theek hai" remarks drew sharp criticism, it was the turn of Delhi chief minister Sheila Dikshit to be targetted on social media for making a similar comment towards the end of her statement on the death of Delhi gang-rape victim.

"It's okay," Dikshit said after reading out a statement in Hindi to reporters, expressing her condolence on the death of the young girl at a hospital in Singapore.

On social networking site Twitter, people took objection to Dikshit's comment. "CM does a PM #Dikshit says is it Okay after recording statement," said a tweet.

"Sheila Dikshit should try Bollywood. She said "Is it ok?" after a "take" on the girl's death. Earlier, she cried on every channel," said another tweet.

"We have too many experts on how to put your foot in your mouth," said another post.

Delhi BJP chief Vijender Gupta criticised Dikshit for the comment and said it reflected her "insensitivity" towards the tragic incident. "It was very unfortunate. The remarks showed the chief minister in poor light. They reflected the insensitivity of Dikshit towards the tragic incident," he said.

CPI National Secretary D Raja also slammed Dikshit for the remark, saying people in higher echelons must be more "humane".

"Those who are in the higher echelons of power must be more humane. They should make statements with sincerity while expressing their views on tragic incidents like this. They should be involved in what they say. Such utterances should be sincere and should not be for cameras," Raja said.

The Prime Minister's interrogative 'theek hai' remark at the end of a televised address to the nation on the Delhi gang-rape incident had drawn severe criticism on social media.

Google pays tribute to Delhi braveheart

NEW DELHI: Google has joined millions of Indians in paying tribute to the 23-year-old Delhi gang-rape victim.

Google India's homepage features a candle just below the search option box with a mouse over text reading 'In memory of the Delhi braveheart'.

The 23-year-old gang-rape victim, who passed away in a Singapore hospital on Saturday following a strong 13-day battle against death, was assaulted on December 16 on a moving bus in the national capital.

The brutal incident ignited massive protests across the nation with demand for severe punishment for the culprits and change in the law concerning crime against women.
Source: http://timesofindia.indiatimes.com/tech

How to Validate Credit Card Numbers in E-Commerce Transactions

Card-not-present transactions present merchants with fraud prevention challenges that are either non-existent or much easier to address in a card-present environment. E-commerce merchants are required to verify the validity of all bank cards submitted for payment on their websites, just as their brick-and-mortar counterparts are required to do in their physical stores.
However, they lack the advantage that store-front retailers have in being able to physically examine the card’s features, in order to determine whether or not it has been tampered with.

Still, web-based merchants are not entirely helpless in their fraud prevention efforts and have at their disposal plenty of tools to assist them in the card validation process and should implement the following best practices:

• Use the Mod 10 algorithm. Developed by IBM scientist Hans Peter Luhn, the Mod 10 algorithm was designed to validate a variety of identification numbers. In the payment card industry, the Mod 10 algorithm is used to verify credit card numbers before submitting transactions for authorization. The Mod 10 algorithm detects all single-digit errors, as well as almost all transpositions of adjacent digits. To implement the algorithm in your fraud prevention system:
  • Contact your processor and ask for the Mod 10 algorithm that lets you check the validity of a card number.
  • Use the Mod 10 algorithm to check all e-commerce transactions before submitting them for authorization.
  • Immediately notify your customer if the card fails to pass the Mod 10 check. Display the following message on the customer’s screen “The card number you entered is invalid. Please try again.” or a similar message.
  • Do not submit the transaction for authorization until the card number passes the Mod 10 check.
  
  Using the Mod 10 algorithm for checking the validity of your customers’ card numbers will help protect your business against fraud or an error on the part of the cardholder and minimize related disputes and losses.
  
• Display only the last four digits of a repeat customer’s card number. When showing on your website the account information of a returning customer, only display the last four digits of his or her card number. The truncation of the sixteen-digit account number and the displaying of only the last four digits helps minimize e-commerce fraud risk, but it also assures customers that you are taking concrete measures to securely handle their personal information. The last four digits of a card account provide customers with enough information to enable them to identify their card and to determine whether or not to use it or to select another payment method.
• Use the card security codes. Card security codes are the three-digit numbers found in the signature panels on the back of Visa (Card Verification Value 2 – CVV2), MasterCard (Card Verification Code 2 – CVC 2) and Discover (Card Identification Number – CID) cards and the four-digit numbers found slightly above and to the right of the account numbers of American Express cards (Card Identification Number – CID). These numbers are generated when the card is issued, by hashing the card number and expiration date under a key known only to the card issuer. Card security codes help merchants verify that their customers are in a physical possession of their cards at the time of the transaction. To use the card security codes, follow these steps:
  • Ask your customer for the card’s security code. Make sure you explain where the code is to be found on the card.
  • Include the number your customer provides in your authorization request.
  • Evaluate the result code you receive and take it into consideration when determining the validity of the transaction. Be advised that the card security code response is separate from the authorization response.