29.5.11

ROOTCON welcomes Shipcode as a Blog Contributor


In less than a month, after posting “Are you a Techie Blogger? Join ROOTCON!”, one of our regular online visitors emailed us at info[at]rootcon[dot]org and introduced himself as Shipcode and interested to apply as a Techie Blogger for ROOTCON.


He has been with us since DEFCONPH (then became PinoyGreyHat) and finally ROOTCON. We started DEFCONPH in 2008 and now it’s already 2011. ROOTCON followed in 2009. Time flies so fast! Wew!


I was not mistaken when I posted “Are you a Techie Blogger? Join ROOTCON!” because he was inspired to share his knowledge about security after reading that post. He’s a student enrolled in Computer Programming course in one of the universities here in Cebu City, Philippines.


Technically speaking, I saw his nick in our ROOTCON Forum but only this time that I get the chance to know him better.


The reason why ROOTCON decided to invite contributors / techie bloggers because we know from the very beginning that it will also benefit the community to see someone contribute right before their eyes. First I had to ask myself: How would that benefit the community?


My first hope was that people would see what it takes to start from the very beginning and what it will become in the future.


What is the Future of ROOTCON?


My online friends and even those in the industry encouraged me to continue contributing to ROOTCON because they compare this to any international security events like DEFCON and BlackHat in the US.


Like in India, they started ROOTCON 2011 just this year and look what they have now. India has good sponsors and supported by their government. View and read their appreciations. Please don't be confused, it's not a copycat because ROOTCON Philippines started in 2009.


Reading about it and joining our ROOTCON Forum is one thing, but seeing it in action can be even better.


How can you support ROOTCON? Email us at info[at]rootcon[dot]org.


About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.




ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

GMA News Hacking Incident

Around 1:00AM May 29, 2011 news spread all over Twitter and some other blog sites, mentioning the attack that occurred within the GMA News website. Basing on the defaced note and tweets posted on Twitter, a nick D4rkb1t caught up our attention because he is one of our speakers this coming ROOTCON 5 event.

We cannot easily confirm if it was indeed D4rkbit or somebody else using his nick to destroy his credibility.

To make things clear D4rkb1t is not in any way connected with ROOTCON. We identify our speakers through CFP or Call For Papers, CFP is open to anyone with cutting edge research or experience with regards to security. ROOTCON carefully examines the submitted paper and approve them accordingly.

D4rkb1t is one of the many folks that submitted a paper through our Call For Papers. We carefully examined his talk and it was approved by the topics committee.

His talk was about MITM on SSL With BackDoor As An After Effect.

==============================================
Man In The Middle Attack on SSL with BackDoored After Effect
by: D4rkB1t

Synopsis

You think SSL is secure? This talk will demo out Man In The Middle Attack on SSL with BackDoored After Effect, on this talk the speaker will be using BackTrack 4 as a primary hacking tool to achieve the goal of the attack vector.
==============================================

We at ROOTCON do not condone any illegal activities - however we do not criticize our speakers through an incident like what happened to the GMA News Hacking Incident.

ROOTCON will always serve its purpose as a neutral ground for white hats, black hats, grey hats and other security professionals. ROOTCON is not an underground organization nor an underground movement but an event and a community of free thinking individuals.

We preserve our speakers identity and privacy. Later today we received an email that D4rkb1t will cancel his talk this coming ROOTCON 5, we totally understand and respect the decision made by the speaker. This is to protect the image of ROOTCON.

ROOTCON Founder,

Semprix

GMA Website and Twitter ~ Pawned

I was just chatting with my friends in facebook and suddenly a couple of my friends passed me a link of GMA's twitter account which is http://twitter.com/#!/GMANewsOnline and I was surprised that it was filled with Tagalog foul words and that it appears to be hacked because I saw a tweet claiming it was hacked by d4rkb1t.


And so I tried to look in their website and suddenly I was redirected to google. Hmm.. what could have caused this? Then when I tried to visit a certain page in http://www.gmanews.tv/entertainment, and again a pop-up message just came out that says hacked by d4rkbit. The same guy who posted nasty stuffs in the twitter.

I wonder what his motives are. Does he want to gain access to its ssh or just for pure fun? Could this cause another competition with its rival TV network? Again I witnessed another defaced site accidentally. My opinion is that maybe the defacer just want to tell the admin of the website that their site is vulnerable.


About the Contributor:

Shipcode is an InfoSec enthusiast from Cebu. During his high school days he was just an ordinary script kiddie. He loves to search for web exploits and other issues concerning network / wireless security.


ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

28.5.11

14 Year Old Hacker Hired by Microsoft after doing phishing via Call of Duty Server!


Is this a scam or just another copy paste story? I mean how can a 14 year old be hired by Microsoft by just phishing?


Honestly, I was a little bit of skeptic regarding the article that was posted in thehackernews.com a few hours ago. But I couldn't doubt no more as I began to reflect on the article. The name of the Irish boy who stirred up a little trouble with his Call of Duty: Modern Warfare 2 phishing scam alert was not disclosed because of some legal issues.

Luckily the script kiddie didn't end up in jail instead was hired by one of the biggest company in the whole world which is Microsoft. The goal of Microsoft was to educate this self taught hacker(that's what they called him) and put his natural born talent of being innovative at a young age. And that they don't want young fellows like this Irish kid to end up by just pawning things and wrecking havoc in the cyber world.

We love to hear your thoughts. Post your feedback at our Forum.


Source:

http://www.thehackernews.com/2011/05/14-year-old-hacker-hired-by-microsoft.html


About the Contributor:

Shipcode is an InfoSec enthusiast from Cebu. During his high school days he was just an ordinary script kiddie. He loves to search for web exploits and other issues concerning network / wireless security.


ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

27.5.11

NMAP – Free Network Scanner for Network Exploration and Security Audits


In Die Hard 4: Live Free or Die Hard, Detective John McClane (Bruce Willis) is dispatched to retrieve hacker Matthew Farrell (Justin Long) because the FBI suspects him of breaching their computer systems. Later, Justin is enlisted to help thwart terrorist mastermind Thomas Gabrial's attempts at total World destruction. In this scene, Farrell demonstrates his Nmap skills.

Defending your network? You would feel comfortable if you know anything about the ins and outs of your own network structure.

Nmap is a free scanner and a very useful network-mapping utility for network exploration and security audits.
It determines what hosts are available, what operating systems they’re running, services they are offering, what filters and firewalls are in place to name a few.

I remember watching
Die Hard 4, The Bourne Ultimatum and The Girl with the Dragon Tatoo; and Nmap was featured in those movies.

More info is available
here.


About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.


ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

26.5.11

Third attack on Sony, Greece music site hacked — Sophos security

Finding no respite over the weekend after announcing it had been hacked a second time, Sony found the Greek website of its BMG record label under attack as well.

This is the third attack after the Sony Thailand website was hacked last Friday, May 20, less than a month after the Sony PlayStation Network was hacked.

“In what seems to be a never-ending nightmare it appears that the website of Sony BMG in Greece has been hacked and information dumped. An anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr," Sophos senior security adviser Chester Wisniewski said in a blog post Monday (Manila time).

He said the data appeared to be incomplete as it claims to include passwords, telephone numbers and other data that are either missing or bogus.

Also, he said the attacker may have used an automated SQL injection tool to find the flaw in the site.

Wisniewski recommended that users of SonyMusic.gr reset their passwords, and expect that any information they entered when creating their account may be in the hands of someone with malicious intent.

“Keep a close eye out for phishing attacks," he added.

What was needed was not a particularly skillful attack but “simply the diligence to comb through Sony website after website until a security flaw is found," according to Sophos.

On the other hand, Wisniewski noted it is nearly impossible to run a totally secure web presence, especially for a firm the size of Sony.

“As long as it is popular within the hacker community to expose Sony’s flaws, we are likely to continue seeing successful attacks against them," he said.

“While it's cruel to kick someone while they’re down, when this is over, Sony may end up being one of the most secure web assets on the net," he added.

Wisniewski said the lesson from the attack is the company to perform thorough penetration tests of its website which, he said, is far less costly than to suffer the loss of trust, fines, disclosure costs and loss of reputation these incidents have resulted in. — MRT/VS, GMA News

Source: GMA News

About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.



ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

ROOTCON Streamer



ROOTCON 5 (2011) streamer is hanged at Sikatuna Street corner Echavez Street, Cebu City. It's visible if you take the 13C, 62B, 13B and 62B jeepney route. You can see it clearly near the intersection road.


"ROOTCON: 5th Philippine Hacker Conference and Information Security Gathering" will be held on September 9 - 10, 2011, Parklane International Hotel, Cebu City, Philippines.

Early bird registration is now open until June 30, 2011.

For more info, visit the following links:


http://www.rootcon.org

https://groups.google.com/group/rootcon (Subscribe to our mailing list)
http://www.rootcon.org/xml/rootcon5/registration (Early Bird and Group Discount)
http://www.rootcon.org/xml/rootcon5/tracks (List of topics)
http://www.rootcon.org/xml/rootcon5/speakers (The Speakers)
http://www.rootcon.org/xml/rootcon5/sponsorship (The Sponsorship Packages)
http://blog.rootcon.org (ROOTCON Blog site)

How can you help ROOTCON? If you have ideas how to promote ROOTCON 5 (2011) please email us at info[at]rootcon[dot]org. We love to hear your thoughts and your support.


Keep on promoting ROOTCON and spread the word!


We hope to see you there!


About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.



ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

23.5.11

[Hacked] www.mytravelblog.com.ph

Searching on the Internet, here’s one of so many hacked websites here in the Philippines that I will feature first.



Above screen shot is the result of my research. Check the area I marked with red box. To view the previous state of that site, click the “cached”.


It is a snapshot of the page as it appeared on 30 Apr 2011 09:52:13 GMT.


After it was hacked.

Severity:
- Homepage defacement

- Mass defacement

Please comment on this topic at our ROOTCON forum. We all learn from each other when your views and opinions are shared.

To read our Disclaimer Notice, click here.


Related Post: Hackers: Coming Soon to a Website near You

About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.



ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.

Disclaimer Notice

All the information about hacked or defaced websites contained and archived here are either collected online from public resources or directly notified to us. ROOTCON is not responsible for the reported computer crimes nor it is directly or indirectly involved with them.

You might find some offensive contents about defaced websites but ROOTCON do not produce them so we cannot be responsible for such actions and its contents.

If you are the administrator of a hacked site, please note that ROOTCON is not related at all with the defacement itself.

Don’t ask us to remove the post of your defaced website; ROOTCON is and will always be a Philippine website to talk about security issues.


About the Contributor:

A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.



ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.