5

Pakistan’s PKNIC Says Hackers Exposed A Hole During Security Upgrade To Redirect Google.pk, Apple.pk And Hundreds More; Now Resorting To Whitelisting

view full story
linux-howto

http://techcrunch.com – Pakistan’s domain registry provider PKNIC has posted an explanation of what it says happened when visits to a number of high-profile websites last weekend redirected to another page — in many cases to one with a photo of penguins and a message from someone called Eboz claiming responsibility. It says that during a security upgrade, a vulnerability opened up, which let someone breach four user accounts, which in turn impacted nine DNS records, leading to “several website addresses” being impacted. It doesn’t categorically rule it out, but it believes that there was (IT news)

linuxgeek's picture
Submitted by linuxgeek on 11/28/2012 – Made popular on 11/28/2012

Stories similar to Pakistan’s PKNIC Says Hackers Exposed A Hole During Security Upgrade To Redirect Google.pk, Apple.pk And Hundreds More; Now Resorting To Whitelisting

Pakistan’s internet-using population were slammed today with a systematic take-down of local versions of some of the world’s biggest names in tech, and several hours after first going down, Google.pk, Google.com.pk, Yahoo.pk, Apple.pk, Microsoft.pk still do not appear to be working.

It all started with a score that needed to be settled. A couple of weeks ago, I wrote up some news about how various, high-profile sites in Pakistan and Romania were getting defaced by hackers. I did a little digging around to see who might have been behind the events, and then wrote that up in the posts. Apparently, I didn’t dig deep enough to get the whole story.

Multiple readers asked The VAR Guy today if he had suffered from a “new” Mac OS X virus. Let’s slow down, folks. The alleged Mac virus reports spreading across the web have little to do with Apple and Mac OS X, and a lot to do with a small security hole in Java — which is owned by Oracle.

It’s clear that Apple really doesn’t want users to think about security that much. So much so that the Cupertino giant is resorting to stealthy security updates.

Nadia Heninger Is Watching You 18 weeks 6 days ago

It’s been a bad week for online security. An “extremely critical” Ruby on Rails security hole; a Yahoo! Mail XSS exploit; and yet another Java 0-day vulnerability.

It’s not if, but when. Between crooks, hackers and foreign governments, Facebook probably can’t avoid a serious user data breach forever.

Looks like Pakistan is not the only place where major internet companies’ domain names can get hacked hijacked. This morning, google.ro was taken over, with the credit being taken by “Algerian Hacker” MCA-CRB, a serial website defacer. The site looked like the picture above for at least an hour, according to our tipster.

Hacktivist organization, Anonymous, appears to have hacked MIT’s website and left a tribute message to the late Internet activist, Aaron Swartz. ”We tender apologies to the administrators at MIT for this temporary use of their websites,” writes a postscript to a memorial note posted by Anonymous, on a subdomain of the official MIT.edu website.

Dashlane, a desktop and mobile app which helps you login to websites, fill out forms and speed through checkout faster, has launched a new feature which will alert you if one of your web accounts may have been compromised. This addresses a growing need, as high-profile hacks like those at companies like Zappos, LinkedIn, Dropbox and others seem to be making the news every few weeks.