Information Warfare Center’s Cyber Intelligence Report (CIR) Author: Jeremy Martin, CISSP-ISSMP/ISSAP, CISM, CEH/LPT/CHFI, CREA/CEPT/CSSA/CCFE

www.informationwarfarecenter.com

1

The IWC CIR is a weekly OSINT resource focusing on advanced persistent threats and other digital dangers. APTs fit into a cybercrime category directed at both business and political targets. Attack vectors include system compromise, social engineering, and even traditional espionage.

Commercial

Domain S F Category Mirror

cms.paypal.com

Phishing mirror

www.ebay.com Script Insertion mirror

www.ebay.com Script Insertion mirror

Government (US)

blumenauer.house.gov, cityjobs.sanjoseca.gov, ecuador.usaid.gov, go.usa.gov, jobs.fresno.gov, krgc.ks.gov, portal.daughertytownship-pa.gov, projectlead.lacounty.gov, recruit.icp.doe.gov, techtalk.seattle.gov, cia.gov, dotgov.gov, floodsmart.gov, healthcare.gov, isliptown-ny.gov, nasa.gov. nsf.gov. nyc.gov, training.admin.state.mn.us Education ats.immaculata.edu, cinsault.chem.hope.edu, crest-catec.hpcf.upr.edu, ece.gannon.edu, ece.uprm.edu, inscriptions.etc.ucla.edu, itexpo.birzeit.edu, sloansocialimpact.mit.edu, sloansocialimpact.mit.edu, www.add.ece.ufl.edu, www.sharif.edu

Section Page # Country Gov’t Defaced sites OS defaced #

In the News 2 108 United States 3 Windows 154

Special Focus 5 Mexico 3 Linux 418

Exploits 5 87 China 75 FreeBSD 24

Tools 8 6 Pakistan 42 F5 Big-IP 3

Papers 8 8 Brazil 32 Unknown 24 Advisories 9 97 India 26

Websites defaced 19 599 Argentina 36

Alerts

AppleNetWeaverAppleAvayaGoogleHPIBMMozillaOperaOracleRSASplunk

CIR

2

Government (25)

College Board CEO and Top Defense Industry Executives Named to National Math and Science Board of Directors

CUNA News Now: IC3 lists top nine frauds impacting eCommerce

Cyber Security in This Year’s Election – The Role It Played In 2012

Department of Energy fears cyber security weaknesses

EU and U.S. Sign Joint Declaration to Make the Internet Safer for Kids

Federal Agents Shut Down Over 100 Counterfeit Websites

Feds Kick Off Cyber Monday Counterfeit Countdown

Georgian Police Chiefs Cuffed In Cyber Spy Plot

Government Stays Mum On Fake James Bond Spy Ad

Government Website Hackers Post Fake James Bond Job Ad

Haley Admits Hacking Errors; Revenue Director Steps Down

HP Denies Selling Tracking Technology To Syrian Government

ICO Issues Anonymous Data Guidelines

Israel Hit With 44 Million Cyber Attacks In Gaza Protest

Report: French officials accuse US of hacking Sarkozy's computers

South Carolina tax chief resigns after taxpayers hit in cyber attack

SU to offer new cybersecurity program with year in Estonia

U.N. Atom Agency Says Stolen Information On Hacker Site

Update: SC Senate Panel Investigates Revenue Hacking Wednesday

US FBI Set Up Dotcom In Megaupload Raid

US Launched Flame Cyber Attack On Sarkozy's Office

Utah law agencies say January attacks on websites cost them nearly $180,000

VPN Ban Makes For Nervy Times Behind Great Firewall

WWII Hero Pigeon Crypto Message Stumps GCHQ Boffins

You Are Committing A Crime Right Now

Legal (4)

Casey Anthony detectives missed Google search

Texan Schoolgirl Expelled For Refusing To Wear RFID Tag

US School Tag Tracker Project Prompts Court Row

Weev Found Guilty Of Breaching AT&T Site To Obtain iPad Customer Data

Mobile (4)

Six ways to protect your mobile data - and yourself

TeleCommunication Systems' Commercial Mobile Alert System Recognized for Reliability and Innovation

The smartphone is 20 years old, believe it or not

ThreatMetrix Cites Mobile Devices as a Growing Cybersecurity Concern for Black Friday and Cyber Monday

SCADA/ICS (2)

Exploit Vendor Releases Videos Of Holes In SCADA Systems

Researchers Slam Weak Security In SCADA Appliances

CIR

3

Financial (6)

A timeline of the Revenue cyber-attack

Anonymous Activists Allegedly Cost Paypal £3.5m

Cyber criminals prey on cyber shoppers

Global homeland security market to hit $280.6 billion by 2022 says new report

Somerset Police Nab Card Skimming Mastermind

Top 10 Holiday Internet Scams for 2012

Technology (57)

A Time-Lapse Map Of Every Nuclear Explosion Since 1945

Add your PC to your new year to-do list

Ancient Vulnerability Sparks World-Wide Hypegasm

Anonymous Claims Stratfor Hacking Trial Is Partial, Unfair

Anonymous Hacker Behind Stratfor Attack Faces Life In Prison

Anonymous Takes Down Texan RFID-Tracking School

Antivirus software so ineffective it's a waste of money, report suggests

AVG and Google Sign New Internet Search and Advertising Services Agreement

Be alert: avoiding holiday email scams

Be part of an elite community and join in the fight: cracking codes and discovering threats

Beware the Instagram scam

'Big Data' can change the world

Bradley Manning To Speak In Public For First Time In Two Years

Bright Ideas For Home Security

Cambridge University To Study Threat To Humanity From Tech Advances

College Board CEO & Top Defense Industry Executives Named to National Math & Science Board of Directors

Cyber threats to watch for in 2013

Cybersleuths learn to spy in University of Tulsa program

DEFCON 20: bypassing endpoint security with USB keys

Europe's 14% cybersecurity research budget rise dismissed as paltry

Facebook To Roll Out Stronger Security for All North American Users

Fake Windows 8 key generators lurk in the wild

Famed Hacker Guilty of 'Stealing' iPad User Data

FBI Offers Tips for Safe Cyber Monday Shopping

Fedora 18 beta finally released

Five simple steps may fix a slow computer.

Google And Apple Among Hundreds Hit In High-Profile Pakistan Hack

Hacker protection needn’t cost firms a fortune

Hackers Break Into FreeBSD With Stolen SSH Key

Hotel Burglars Suspected Of Exploiting Lock Security Bug

How to spot fake designer websites

IT and employees see BYOD security (much) differently

Kiwi Googleplex Comes Clean On Unauthorized Data

Malware Made Which Can Share A Smartcard Over The Internet

Malware Uses Social Media

Mystery Chrome 0-Day Exploit To Be Unveiled In India On Saturday

New Career Opportunities Abound as Dependency on Computer Technology Grows

New Table-Munching Worm Ravages Iranian Biz Databases

CIR

4

New Unisys Intelligent Application Alignment Service Cuts Time for Migrating Applications to the Cloud

Nintendo Wii U Network 'Hacked' Hours After Launch?

Passwords are no longer enough to protect your privacy

Peter Hoss, Scam of the Month: Avoid unknown sources

Quantum Crypto With Nothing More Than Standard Broadband Fiber

Ransomware Continues Growth Spree

Researchers Dissect Linux Server Rootkit

Researchers Remotely Control Smart Cards with Malware PoC

Researchers Warn Of Cool Exploit Platform

Robert O'Block, ACFEI Founder, Announces Support of Dr. Internet Safety

Sourcefire Addresses Advanced Malware on the Network – Before, During and After the Threat

Southampton University opens cybersecurity research centre

Students Hack Their Way to Victory in Brooklyn

Symantec spots odd malware designed to corrupt databases

The Digital Development Group is Seeing Tremendous Growth in Holiday Sales for Internet TV Devices

Tips on recognizing and defeating website malware

Trojan Communicates Via Google Docs

Webroot Rolls Out Advanced Anti-Phishing Capabilities as Part of its Web Security Service

Websense Email Security Named a Leader in Independent Research Report

FBI News

CPKP (7)

Arizona Man Sentenced to 12 Years in Federal Prison

Former Marine Sergeant Sentenced to 12 Years in Prison in Child Pornography Case

Littleton Man Charged with Distribution of Child Pornography

New Jersey Man Convicted on Sex Trafficking Charges

Rockville Man Sentenced to Seven Years in Prison for Possessing and Distributing Child Pornography

Seymour Man Sentenced to Prison for Possessing Child Pornography

Tarrant County Man Sentenced to 160 Months in Federal Prison on Federal Child Pornography Conviction

Government (4)

Counter Inteligence Awareness

Four Men Charged for Conspiracy to Provide Material Support to Terrorism

Iranian National and His Company Charged in Plot Involving Export of Military Antennas from the US

Protecting Trade Secrets and National Security

Technology (9)

Cyber Scammers Target Holiday Shoppers

Former Rochester Woman Pleads Guilty to Role in Wire Fraud Conspiracy

Fraudulent Telemarketer Sentenced to 108 Months in Prison

Hanover Man Pleads Guilty to Fraud Scheme Involving eBay Sales

Hungarian Woman Pleads Guilty in Tennessee for Role in International Fraud Scheme Websites

IC3 Scam Alerts (November 26, 2012)

New Jersey Stock Trader Pleads Guilty to Conspiring with San Diego CEO in $28 Million Securities Fraud

New York Man Convicted of Hacking AT&T’s Servers

St. Charles County Man Pleads Guilty to Pointing a Laser at an Aircraft

CIR

5

The Black Devils

This group started posting to the www.zone-h.org website on 06/28/2012 for their site defacements.

They have attacked around 400 websites including many countries including Iran and China.

Hacker monikers affiliated with this group

AlGeRiAN H4cK3r, Asesino04, Black Devil, D3v!L M@cH!nE, £oNe£y DeVi£, Nuevo Asesino, Personne,

Inconnue, Salma~z , esino04

Oeb1590@hotmail.com

Below are some of the defacements that they consistently post.

CIR

6

Exploits (20)

Adobe Reader 10.1.4 Memory Corruption

Apple QuickTime 7.7.2 Buffer Overflow

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow

Apple WGT Dictionnaire 1.3 Script Code Injection

Aviosoft Digital TV Player Professional 1.x Proof Of Concept

BlazeVideo HDTV Player 6.6 Professional Proof Of Concept

Cisco WAG120N Command Execution

D-Link DSR-250N Backdoor

FormatFactory v3.0.1 Profile File Handling Buffer Overflow

LAN.FS Messenger 2.4 Command Execution

mcrypt 2.5.8 Stack Based Overflow

Microsoft Office OneNote 2010 Memory Corruption

Narcissus Image Configuration Passthru Vulnerability

NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution

Oracle Database Client System Analyzer Arbitrary File Upload

Skype Account Service Reset Credentials

Skype Account Service Session Token Bypass

WeBid 1.0.5 Directory Traversal

Websense Proxy Filter Bypass

DoS (6)

mcrypt <= 2.6.8 stack-based buffer overflow poc

MPC (Media Player Classic) XSS / Denial Of Service

Simple Lighttpd 1.4.31 Denial Of Service

TrouSerS Denial Of Service

TrouSerS Denial Of Service Vulnerability

Websense Proxy Filter Bypass

This section of the CIR is dedicated to inform the public exploits, tools, and whitepapers that may directly affect the security posture of an organization. The term “Proof of Concept (PoC)” is another term for working exploit. Many of these PoCs will eventually find themselves in malicious logic such as viruses, Trojans, and root kits.

CIR

7

Web (60)

Army Ezine Colombia XSS / SQL Injection

Beat Websites 1.0 SQL Injection

BuyClassifiedScript PHP Code Injection

dotProject 2.1.6 Cross Site Scripting / SQL Injection

ES CMS 0.1 SQL Injection

Feng Office 2.0 Beta 3 XSS / Privilege Escalation

Forescout NAC 6.3.4.1 XSS / Redirection / Filter

Gianni Messina CMS 2.0 2010 SQL Injection

Greenstone XSS / Password Disclosure / Log Forging

Incomedia WebSite X5 Evolution 9.0.4.1748 XSS / Bypass

jBilling 3.0.2 Cross Site Scripting

ManageEngine ServiceDesk 8.0 Cross Site Scripting

Narcissus Image Configuration Passthru

PayPal Community Forum Cross Site Scripting

PayPal Open Redirection

PayPal Plaza Cross Site Scripting

PHP Server Monitor Cross Site Scripting

PHP Server Monitor Cross Site Scripting

PHP-Nuke 8.2 SQL Injection

PRADO PHP Framework 3.2.0 File Read

Skype Community Body / Title Cross Site Scripting

Skype Community Username Cross Site Scripting

SmartCMS SQL Injection

SonicWALL CDP 5040 6.x Cross Site Scripting

Spotify Cross Site Scripting

SWF Upload f10 / f11 Cross Site Scripting

swfupload_f8.swf Cross Site Scripting

WordPress Ads Box SQL Injection

WordPress ASM SQL Injection

WordPress cstardesign SQL Injection

WordPress Finalist SQL Injection

WordPress FS-Real-Estate SQL Injection

WordPress Magazine Basic SQL Injection

WordPress Malmonation Theme SQL Injection

WordPress Myflash Local File Inclusion

WordPress Newstimes Package SQL Injection

WordPress Oberliga SQL Injection

WordPress Plg Novana SQL Injection

WordPress Shai-Saul SQL Injection

WordPress Simple Slider 1.0 Cross Site Scripting

WordPress st_newsletter SQL Injection

WordPress Starmark Local File Inclusion

WordPress Webplayer SQL Injection

WordPress WeddingsAtWork SQL Injection

WordPress WP-Basketball SQL Injection

WordPress wp-imagezoon SQL Injection

CIR

8

WordPress Yaren Tema SQL Injection

WordPress Zarzadzanie Kontem Shell Upload

WordPress Zingiri Web Shop 2.5.0 Shell Upload

Yii Framework 1.1.8 Search SQL Injection

Gleamtech FileVista/FileUltimate 4.6 Directory Traversal

BuyClassifiedScript PHP Code Injection Vulnerability

SmartCMS (index.php, idx parameter) SQL Injection Vulnerability

PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability

jBilling 3.0.2 Cross Site Scripting Vulnerability

ES CmS 0.1 Sql Injection Vulnerability

Yii Framework 1.1.8 Search SQL Injection Vulnerability

ManageEngine ServiceDesk 8.0 Multiple Vulnerabilities

PHP Server Monitor Stored XSS

SonicWALL CDP 5040 v6.x Multiple Vulnerabilities

Mobile (1)

Twitter 5.0 Eavesdropping Proof Of Concept

Tools (11)

Beginers Guide to the Internet Underground

CVE Checker 3.2

Entropy Broker RNG 2.0.1

GNU SIP Witch Telephony Server 1.4.0

HostBox SSH 0.1

IP Phone Scanning Made Easy 0.7

Linux 2.6 Kernel /proc Rootkit Backdoor

Seringa SQL Injection Framework

Spiga 0.7.5

SSH Scan 0.9

TOR Virtual Network Tunneling Tool 0.2.3.25

Papers (8)

[Spanish] Penetration Testing - Analisis Web - Evaluacion de Vulnerabilidades - Explotacion

[Spanish] Software Exploitation

Adobe Reader 10.1.4 JP2KLib&CoolType Crash PoC

Apple QuickTime 7.7.2 Targa image Buffer Overflow

D-Link DSR-250N Persistent Root Access

Exploitation Of MS-SQL Servers Explained

Guidelines for Pentesting a Joomla Based Site

lighttpd 1.4.31 Denial of Service PoC

Microsoft Office OneNote 2010 Crash PoC

Penetration Testing Whitepaper

Router Exploitation

SE-2011-01 Satellite Research

CIR

9

Apple (1)

Secunia Security Advisory 51270

Secunia Security Advisory - Carlos Reventlov has discovered a security issue in Instagram for iOS, which can be exploited by malicious people to disclose sensitive information.

Avaya (1)

Secunia Security Advisory 51388

Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya Call Management System, which can be exploited by malicious, local users to cause a DoS (Denial of Service)

Google (1)

Secunia Security Advisory 51437

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

HP (1)

HP Security Bulletin HPSBHF02821 SSRT100934

HP Security Bulletin HPSBHF02821 SSRT100934 - A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4. The vulnerability could be remotely exploited resulting in a disclosure of information. Revision 1 of this advisory.

IBM (4)

Secunia Security Advisory 51386

Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Endpoint Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).

Secunia Security Advisory 51319

Secunia Security Advisory - Some security issues have been reported in IBM WebSphere DataPower XC10, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).

Secunia Security Advisory 51342

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM IMS Audit Management Expert, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Secunia Security Advisory 51345

Secunia Security Advisory - Some vulnerabilities have been reported in IBM Business Process Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

CIR

10

Mozilla (4)

Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "DocumentViewerImpl::Show()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

Secunia Security Advisory 51358

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox and Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

Secunia Security Advisory 51382

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox and Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

Secunia Security Advisory 51381

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

Opera (1)

Secunia Security Advisory 51331

Secunia Security Advisory - A weakness and a vulnerability have been reported in Opera, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

Oracle (1)

Secunia Security Advisory 51318

Secunia Security Advisory - Oracle has acknowledged a security issue in ISC DHCP included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

RSA (3)

Secunia Security Advisory 51394

ecunia Security Advisory - A vulnerability has been reported in RSA Adaptive Authentication, which can be exploited by malicious people to conduct cross-site scripting attacks.

RSA Adaptive Authentication (On-Premise) 6.x XSS

RSA Adaptive Authentication (On-Premise) version 6.x contains cross site scripting vulnerabilities that could be exploited by malicious users.

Secunia Security Advisory 51289

Secunia Security Advisory - Multiple vulnerabilities have been reported in RSA Data Protection Manager, where some have an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

CIR

11

Splunk (1)

Splunk 4.x Denial Of Service

Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd.

Symantec (1)

Secunia Security Advisory 51365

Secunia Security Advisory - Symantec has acknowledged some vulnerabilities in multiple products, which can be exploited by malicious people to compromise a vulnerable system.

WordPress (4)

Secunia Security Advisory 51384

Secunia Security Advisory - A vulnerability has been discovered in the WP e-Commerce Predicitive Search plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Misc: (40)

Gleamtech FileVista / FileUltimate 4.6 Directory Traversal

Gleamtech FileVista / FileUltimate version 4.6 suffers from a directory traversal vulnerability.

FCKEditor 2.6.8 ASP File Upload Protection Bypass

FCKEditor version 2.6.8 ASP version suffers from a file upload protection bypass.

Samsung Printer Backdoor

Samsung Printer firmware contains a backdoor administrator account.

Piwik 1.9.2 Backdoor

It was discovered that Piwik version 1.9.2 has a backdoor embedded inside of it.

Secunia Security Advisory 51376

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the sh404SEF component for Joomla!

Secunia Security Advisory 51372

Secunia Security Advisory - A vulnerability has been reported in Symfony, which can be exploited by malicious people to disclose certain sensitive information.

Secunia Security Advisory 51408

Secunia Security Advisory - A vulnerability has been reported in EMC Smarts Network Configuration Manager, which can be exploited by malicious people to bypass certain security restrictions.

Secunia Security Advisory 51415

Secunia Security Advisory - High-Tech Bridge has discovered some vulnerabilities in Smartphone Pentest Framework, which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a vulnerable system.

CIR

12

Secunia Security Advisory 51385

Secunia Security Advisory - A vulnerability has been discovered in the WooCommerce Predictive Search plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51414

Secunia Security Advisory - Some vulnerabilities have been discovered in Smartphone Pentest Framework, which can be exploited by malicious people to conduct SQL injection attacks & compromise a system.

Secunia Security Advisory 51395

Secunia Security Advisory - A vulnerability has been reported in ClassifiedScript, which can be exploited by malicious people to compromise a vulnerable system.

Secunia Security Advisory 51406

Secunia Security Advisory - Metropolis has reported a vulnerability in Beat Websites, which can be exploited by malicious people to conduct SQL injection attacks.

Secunia Security Advisory 51304

Secunia Security Advisory - A security issue has been reported in Piwik, which can be exploited by malicious people to compromise a vulnerable system.

Secunia Security Advisory 51398

Secunia Security Advisory - A security issue and two vulnerabilities have been discovered in Greenstone, which can be exploited by malicious people for cross-site scripting attacks and disclose sensitive information.

Secunia Security Advisory 51368

Secunia Security Advisory - A security issue has been reported in phpCAS, which can be exploited by malicious people to conduct spoofing attacks.

BugTracker.Net 3.5.8 XSS / SQL Injection / File Disclosure

BugTracker.Net versions 3.5.8 and below suffer from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.

EMC Smarts Network Configuration Manager Bypass

EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.

Secunia Security Advisory 51329

Secunia Security Advisory - A vulnerability has been reported in Tor, which can be exploited by malicious people to cause a DoS (Denial of Service).

Secunia Security Advisory 51290

Secunia Security Advisory - Vulnerability lab has reported two vulnerabilities in ManageEngine ServiceDesk Plus, which can be exploited by malicious people to conduct script insertion attacks.

Secunia Security Advisory 51354

Secunia Security Advisory - Julien Cayssol has reported a vulnerability in Synology Photo Station, which can be exploited by malicious people to disclose sensitive information.

CIR

13

Secunia Security Advisory 49987

Secunia Security Advisory - A vulnerability has been discovered in WibuKey Runtime for Windows, which can be exploited by malicious people to compromise a user's system.

Secunia Security Advisory 51341

Secunia Security Advisory - Ingress Security has discovered a vulnerability in jBilling, which can be exploited by malicious people to conduct cross-site request forgery attacks.

MurmurHash Algorithm Collision Denial Of Service

A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue is similar to the one reported in oCERT-2011-003 and concerns the MurmurHash algorithm family. The condition for predictable collisions in the hashing functions has been reported for the following language implementations: JRuby (MurmurHash2), Ruby (MurmurHash2), Rubinius (MurmurHash3), Oracle JDK (MurmurHash), OpenJDK (MurmurHash). In the case of Java OpenJDK the hash function affected by the reported issue is not enabled by default, the default function is however reported vulnerable to oCERT-2011-003.

Secunia Security Advisory 51280

Secunia Security Advisory - ReVuln has reported a vulnerability in Call of Duty Modern Warfare 3, which can be exploited by malicious people to cause a DoS (Denial of Service).

Secunia Security Advisory 51332

Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in dotProject, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51380

Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in dotProject, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

Secunia Security Advisory 51356

Secunia Security Advisory - Two vulnerabilities have been reported in Feng Office, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51389

Secunia Security Advisory - MustLive has discovered a vulnerability in the Archiv plugin for TinyMCE, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51387

Secunia Security Advisory - MustLive has discovered a vulnerability in Liferay Portal, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51355

Secunia Security Advisory - A vulnerability has been reported in BIGACE Web CMS, which can be exploited by malicious people to conduct session fixation attacks.

CIR

14

Secunia Security Advisory 51362

Secunia Security Advisory - Multiple vulnerabilities have been reported in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system.

Secunia Security Advisory 51391

Secunia Security Advisory - MustLive has discovered a vulnerability in the upload_manager plugin for Radiant CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51392

Secunia Security Advisory - A weakness and two vulnerabilities have been reported in Jenkins, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct HTTP response splitting and spoofing attacks.

Secunia Security Advisory 51292

Secunia Security Advisory - DefenseCode has discovered a vulnerability in BugTracker.NET, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory 51361

Secunia Security Advisory - Francis Provencher has discovered a vulnerability in XiVO, which can be exploited by malicious people to conduct cross-site request forgery attacks.

Secunia Security Advisory 51357

Secunia Security Advisory - Multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting attacks.

vBulletin 5.0.0 Beta 19 Cross Site Scripting

vBulletin version 5.0.0 Beta 19 suffers from a cross site scripting vulnerability.

MODx 1.0.6 Brute Force / Path Disclosure

MODx versions 1.0.6 and below suffer from brute force and path disclosure vulnerabilities.

Secunia Security Advisory 51286

Secunia Security Advisory - A vulnerability has been discovered in ATutor, which can be exploited by malicious users to disclose certain sensitive information.

Belkin Insecure Default WPA2 Passphrase

Having a preconfigured randomly generated WPA2-PSK passphrase for wireless routers is basically a good idea since a vendor-generated passphrase can be much more secure than most user-generated passwords. However, in the case of Belkin the default password is calculated solely based on the MAC address of the device. Since the MAC address is broadcasted with the beacon frames sent out by the device, a wireless attacker can calculate the default passphrase and then connect to the wireless network. Vulnerable versions include, but are not limited to, Belkin Surf N150 Model F7D1301v1, Belkin N900 Model F9K1104v1, Belkin N450 Model F9K1105V2, and possibly Belkin N300 Model F7D2301v1.

CIR

15

Linux Distributions

Debian (2)

Debian Security Advisory 2573-1

Debian Linux Security Advisory 2573-1 - Ralf Paffrath reported that Radsecproxy, a RADIUS protocol proxy, mixed up pre- and post-handshake verification of clients. This vulnerability may wrongly accept clients without checking their certificate chain under certain configurations.

Secunia Security Advisory 51251

Secunia Security Advisory - Debian has issued an update for radsecproxy. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.

Gentoo (2)

Gentoo Linux Security Advisory 201211-01

Gentoo Linux Security Advisory 201211-1 - Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion. Versions less than 1.2.11 are affected.

Secunia Security Advisory 51199

Secunia Security Advisory - Gentoo has issued an update for MantisBT. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, conduct script insertion attacks, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

Mandriva (1)

Mandriva Linux Security Advisory 2012-171

Mandriva Linux Security Advisory 2012-171 - A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. The updated packages have been upgraded to the 1.1.7 version which is not affected by this issue.

Red Hat (10)

Red Hat Security Advisory 2012-1456-01

Red Hat Security Advisory 2012-1456-01 - Red Hat Storage is software only, scale-out storage that provides flexible and affordable unstructured data storage for the enterprise. GlusterFS, a key building block of Red Hat Storage, is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnects into one large, parallel network file system. Multiple insecure temporary file creation flaws were found in Red Hat Storage. A local user on the Red Hat Storage server could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack.

Red Hat Security Advisory 2012-1455-01

Red Hat Security Advisory 2012-1455-01 - GEGL is a graph-based image processing framework. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm image files. An attacker could create a specially-crafted .ppm file that, when opened in gegl, would cause gegl to crash or, potentially, execute arbitrary code. This issue was discovered by Murray McAllister of the Red Hat Security Response Team.

CIR

16

Secunia Security Advisory 51220

Secunia Security Advisory - Red Hat has issued an update for icedtea-web. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Red Hat Security Advisory 2012-1438-01

Red Hat Security Advisory 2012-1438-01 - Red Hat has updated the support life cycle for Red Hat Enterprise Virtualization version 2, extending the end of life for version 2 from November 3rd 2012 until March 1st 2013. During this period customers are recommended to upgrade their existing Red Hat Enterprise Virtualization 2.x installations to version 3.0. The upgrade from RHEV Manager version 2.2 running on Microsoft Windows to Red Hat Enterprise Virtualization Manager 3.0 running on Red Hat Enterprise Linux is fully supported and requires no downtime, during the upgrade all virtual machines will continue to run without loss of service.

Secunia Security Advisory 51186

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

Red Hat Security Advisory 2012-1434-01

Red Hat Security Advisory 2012-1434-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code.

Red Hat Security Advisory 2012-1431-01

Red Hat Security Advisory 2012-1431-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

Secunia Security Advisory 51228

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service)

Red Hat Security Advisory 2012-1426-01

Red Hat Security Advisory 2012-1426-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges.

CIR

17

Red Hat Security Advisory 2012-1430-01

Red Hat Security Advisory 2012-1430-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.

Suse (1)

Secunia Security Advisory 51222

Secunia Security Advisory - SUSE has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

Ubuntu (10)

Ubuntu Security Notice USN-1630-1

Ubuntu Security Notice 1630-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Ubuntu Security Notice USN-1629-1

Ubuntu Security Notice 1629-1 - Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code.

Ubuntu Security Notice USN-1626-2

Ubuntu Security Notice 1626-2 - USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update provides the corresponding updates for the v2 API. Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances. Various other issues were also addressed.

Secunia Security Advisory 51234

Secunia Security Advisory - Ubuntu has issued an update for glance. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

Secunia Security Advisory 51225

Secunia Security Advisory - Ubuntu has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

Ubuntu Security Notice USN-1628-1

Ubuntu Security Notice 1628-1 - Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security (TLS) protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression in Qt by default.

CIR

18

Ubuntu Security Notice USN-1627-1

Ubuntu Security Notice 1627-1 - It was discovered that the mod_negotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that the Apache HTTP Server was vulnerable to the "CRIME" SSL data compression attack. Although this issue had been mitigated on the client with newer web browsers, this update also disables SSL data compression on the server. A new SSLCompression directive for Apache has been backported that may be used to re-enable SSL data compression in certain environments.

Ubuntu Security Notice USN-1626-1

Ubuntu Security Notice 1626-1 - Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.

Secunia Security Advisory 51206

Secunia Security Advisory - Ubuntu has issued an update for icedtea-web. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Ubuntu Security Notice USN-1625-1

Ubuntu Security Notice 1625-1 - Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.

CIR

19

Notifier L

Domain OS View

1337

scholar.google.com.pk Linux mirror

1337

drive.google.com.pk Linux mirror

1337

video.google.com.pk Linux mirror

1337

code.google.com.pk Linux mirror

1337

adsense.google.com.pk Linux mirror

1337

www.code.google.pk Linux mirror

!nf3rN.4lL

sbc.gov.bd Linux mirror

1923Turk

www.regionucayali.gob.pe/agend... Linux mirror

1923Turk

cnai.acidi.gov.pt/wBm.php Linux mirror

1923Turk

www.oi.acidi.gov.pt Linux mirror

1923Turk

paknamwittaya.pkn2.go.th Linux mirror

1923Turk

pa-ternate.go.id Linux mirror

3n_byt3

www.foroiberoamericano.ambient... Win 2003 mirror

3n_byt3

hcfc.ambiente.gov.ar//peler.htm Win 2003 mirror

3n_byt3

gef-educacion.ambiente.gov.ar/... Win 2003 mirror

3n_byt3

gefpatagonia.ambiente.gov.ar/p... Win 2003 mirror

3n_byt3

gefpfo.ambiente.gov.ar/peler.htm Win 2003 mirror

3n_byt3

atlas.ambiente.gov.ar/peler.htm Win 2003 mirror

3n_byt3

reconversion.ambiente.gov.ar/p... Win 2003 mirror

3n_byt3

www.ambiente.gov.ar/peler.htm Win 2003 mirror

3n_byt3

cofema.ambiente.gov.ar/peler.htm Win 2003 mirror

3n_byt3

redplycs.ambiente.gob.ar/peler... Win 2003 mirror

3n_byt3

conadibio.ambiente.gob.ar/pele... Win 2003 mirror

3n_byt3

www2.medioambiente.gov.ar//pel... Win 2003 mirror

3n_byt3

medioambiente.gov.ar//peler.htm Win 2003 mirror

3n_byt3

cop15.ambiente.gob.ar//peler.htm Win 2003 mirror

3n_byt3

cofema.gov.ar//peler.htm Win 2003 mirror

This section of the CIR is dedicated to inform the public of website defacements that have targeted either larger organizations or government agencies. The perpetrators of these attacks are all over the world and have different reasons for hacking that range from curiosity to hacktavism to state sponsored espionage/cyber warfare activity.

CIR

20

3n_byt3

cofema.gob.ar//peler.htm Win 2003 mirror

3n_byt3

ambiente.gob.ar/peler.htm Win 2003 mirror

3n_byt3

aplicaciones.medioambiente.gov... Win 2003 mirror

3n_byt3

servicios.ambiente.gob.ar/pele... Win 2003 mirror

3n_byt3

redplycs.ambiente.gov.ar/peler... Win 2003 mirror

3n_byt3

www.thanundon.soc.go.th/index.... Win 2008 mirror

3n_byt3

perpusarda.tegalkab.go.id/perp... Linux mirror

4cHrf

groups.google.com.pk Linux mirror

4cHrf

jobs.google.com.pk Linux mirror

4cHrf

maps.google.com.pk Linux mirror

4cHrf

www.m.google.com.pk Linux mirror

4cHrf

groups.google.pk Linux mirror

Ak Ecks

www.ville-bruyereslechatel.fr Linux mirror

Ak Ecks

www.ville-viry-chatillon.fr Linux mirror

Ak Ecks

www.mairie-saix.fr Linux mirror

Ak Ecks

www.ville-boussy.fr Linux mirror

AL.MaX HaCkEr

www.isliptown-ny.gov/tmp/ Linux mirror

AL.MaX HaCkEr

dmc.kemhan.go.id/x.htm Linux mirror

AL.MaX HaCkEr

ecuador.usaid.gov/index.php Linux mirror

AL.MaX HaCkEr

www.cancilleria.gob.ni/tmp/x.htm Linux mirror

AL.MaX HaCkEr

www2.camara.sp.gov.br/sd.asp Win 2003 mirror

AL.MaX HaCkEr

cimahikota.go.id/tmp/x.htm Linux mirror

AL.MaX HaCkEr

www.dprneuquen.gob.ar Win 2008 mirror

AL.MaX HaCkEr

www.probation.go.ke/sd.txt Linux mirror

AL.MaX HaCkEr

lobo.minsa.gob.ni Linux mirror

alM511

www.hbthedu.gov.sa/vb/ Linux mirror

alM511

www.hbthedu.gov.sa/vb/ Linux mirror

AnarkH4ck

www.comala.gob.mx/index.php Linux mirror

Append-Hc.com

marine.mim.gov.ir/index.php?mo... Linux mirror

Arakloverz

kpu-mabarkab.go.id Linux mirror

Arakloverz

disdukcapil.sumenep.go.id Unknown mirror

Arakloverz

www.dprd.sambas.go.id Linux mirror

Arakloverz

www.dispendik.kotakediri.go.id Linux mirror

Ashiyane Digital Security Team

elibrary.nesdb.go.th/nesdb/faq... Win 2003 mirror

Ashiyane Digital Security Team

elibrary.deqp.go.th/index.html Linux mirror

Ashiyane Digital Security Team

km.ubon2-ed.go.th/icon/ Linux mirror

Ashiyane Digital Security Team

chiangrai.cad.go.th/temp/angol... Win 2003 mirror

Ashiyane Digital Security Team

chaiyaphum.cad.go.th/temp/ango... Win 2003 mirror

Ashiyane Digital Security Team

chumphon.cad.go.th/media/angol... Win 2003 mirror

Ashiyane Digital Security Team

chonburi.cad.go.th/templates/a... Win 2003 mirror

Ashiyane Digital Security Team

yaso-highways.go.th/images/cry... Linux mirror

Ashiyane Digital Security Team

thungsrihospital.go.th/images/... Linux mirror

Ashiyane Digital Security Team

www.qun-industry.gov.sy/images/ Linux mirror

Ashiyane Digital Security Team

hhdc.anamai.moph.go.th/lib/ind... Linux mirror

Ashiyane Digital Security Team

secretary.drr.go.th/tranche_file/ Win 2008 mirror

CIR

21

Ashiyane Digital Security Team

bangbuth.go.th/images/crypt0.htm Linux mirror

Ashiyane Digital Security Team

finance.ddc.moph.go.th Linux mirror

Audisoft Hacker Team

www.bnm.me.gov.ar Linux mirror

Audisoft Hacker Team

www.bnm.me.gob.ar Unknown mirror

Audisoft Hacker Team

server1.bnm.me.gov.ar Unknown mirror

Audisoft Hacker Team

www.mintrab.gov.cl Linux mirror

Audisoft Hacker Team

www.mintrab.gob.cl Linux mirror

Barbaros-DZ

daj.pingyuan.gov.cn Win 2000 mirror

Barbaros-DZ

xcwsfw.hldgaj.gov.cn Win 2003 mirror

Barbaros-DZ

ycjy.gssn.gov.cn Win 2008 mirror

BD

www.defensoria.ro.gov.br Linux mirror

BD GREY HAT HACKERS

www.drecoto.go.cr Linux mirror

BD GREY HAT HACKERS

munimorropon.gob.pe Linux mirror

Beyond r00t

prensa.mendoza.gov.ar Linux mirror

Beyond r00t

seguridad.mendoza.gov.ar Linux mirror

Black Angels

pakphun.tgc.familylove.go.th/i... Linux mirror

Black Angels

thapya.tgc.familylove.go.th/im... Linux mirror

Black Angels

makok.tgc.familylove.go.th/ima... Linux mirror

Black Angels

ferevi2012.villanueva.gob.mx/B... Linux mirror

Black devils

hjfgj.gov.cn/dz.htm Win 2003 mirror

Black devils

hjgyz.gov.cn/dz.htm Win 2003 mirror

Black devils

hjwgj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjdsj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjslj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjsfj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjslx.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjybz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjsjj.gov.cn/dz.htm Win 2003 mirror

Black devils

hjjtj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjfmz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjntx.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjblz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjcom.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjxsz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjbmx.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjlyj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjzhz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.sclznx-l-tax.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjmxx.gov.cn/dz.htm Win 2003 mirror

Black devils

www.nxtz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjcbx.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjysz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjcwz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjjsj.gov.cn/dz.htm Win 2003 mirror

Black devils

xm.lzst.gov.cn/dz.htm Win 2003 mirror

CIR

22

Black devils

www.hjfyz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjxmj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjwlz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjhbj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjgsj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjfbz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjbsz.gov.cn/dz.htm Win 2003 mirror

Black devils

www.xyxzjj.gov.cn/dz.htm Win 2003 mirror

Black devils

www.jypf.gov.cn/dz.htm Win 2003 mirror

Black devils

www.hjsnx.gov.cn/index.htm Win 2003 mirror

Black devils

www.hjjzz.gov.cn/dz.htm Win 2003 mirror

BMPoC

www.ccms.saude.gov.br/BMPoC/ Win 2003 mirror

BMPoC

redomenet.datasus.gov.br/arqui... Win 2003 mirror

Bozkurt97

www.welfare.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.sdc48.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.sdc35.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.sdc31.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.rehab-nongkhai.dsdw.go.th/... Linux mirror

Bozkurt97

www.rehab-khonkaen.dsdw.go.th/... Linux mirror

Bozkurt97

www.bsd.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.banratchaburi.dsdw.go.th/i... Linux mirror

Bozkurt97

www.adoption.dsdw.go.th/index.php Linux mirror

Bozkurt97

www.homeformens.dsdw.go.th/ind... Linux mirror

Bozkurt97

www.dsdw.go.th Linux mirror

CapoO_TunisiAnoO

fmbn4.fmbn.gov.ng/capoo.htm Win 2003 mirror

CapoO_TunisiAnoO

fmbn3.fmbn.gov.ng/capoo.htm Win 2003 mirror

CapoO_TunisiAnoO

fmbn2.fmbn.gov.ng/capoo.htm Win 2003 mirror

CapoO_TunisiAnoO

fmbn.gov.ng/capoo.htm Win 2003 mirror

CapoO_TunisiAnoO

npc.gov.ng/capoo.htm Win 2003 mirror

chinahacker

www.jxxzsp.gov.cn/dhthacker.co... Win 2003 mirror

chinahacker

www.jxcq.gov.cn/dhthacker.com.htm Win 2003 mirror

chokao

www.convambientais.gov.mz Linux mirror

chokao

www.prace.ufop.br/images/sampl... Linux mirror

COde InjectOr

developers.google.com.pk Linux mirror

ColombianH

www.ocanadigital.gov.co Linux mirror

ColombianH

inj.gob.hn Linux mirror

ColombianH

www.zolitur.gob.hn Linux mirror

ColombianH

sapp.gob.hn Linux mirror

Core Team

www.contraloriabuenaventura.go... Linux mirror

Cr3zy H4Ck3r

plus.google.pk Linux mirror

Cr3zy H4Ck3r

images.google.pk Linux mirror

crazy-3r3r

portal.riyadhedu.gov.sa Win 2008 mirror

crazy-3r3r

joufedu.gov.sa Win 2008 mirror

crazy-3r3r

bhrml.gov.sa Win 2008 mirror

CIR

23

crazy-3r3r

moimsd.gov.sa Win 2008 mirror

crazy-3r3r

training.dzit.gov.sa Win 2008 mirror

crazy-3r3r

updbox.dzit.gov.sa Win 2008 mirror

crazy-3r3r

jobs.dzit.gov.sa Win 2008 mirror

Cyb3rSec

www.kod.mil.my/s.txt Linux mirror

Cyb3rSec

www.munimancora.gob.pe/israhel... Linux mirror

Cyb3rSec

stats.ipacoop.gob.pa/israhell.png Linux mirror

Cyb3rSec

www.ipacoop.gob.pa/israhell.png Linux mirror

Cybercrookz

eaduan.mpspk.gov.my/_attachmen... Win 2008 mirror

cybertaziex

eaduan.mdraub.gov.my Linux mirror

d3str0yers

www.embajadadepanama.com.ve Linux mirror

d3str0yers

spcnu.gob.ve Linux mirror

DaiLexX

grad.gov.ua Linux mirror

DaiLexX

forum.grad.gov.ua Linux mirror

DaiLexX

kievgenplan.grad.gov.ua Linux mirror

DaiLexX

www.ifmp.vic.gov.au Linux mirror

DaiLexX

kielce.ap.gov.pl Linux mirror

DaiLexX

aulaprimaria.sunat.gob.pe Linux mirror

DaiLexX

cultura.sunat.gob.pe Linux mirror

DaiLexX

saladeprofesores.sunat.gob.pe Linux mirror

DaiLexX

www.deorolpa.gov.np Linux mirror

DaiLexX

www.lktn.gov.my/kenaf/images/f... Linux mirror

DaiLexX

i-minds.melaka.gov.my Linux mirror

DarkbiteX

cossies.miduvi.gob.ec Linux mirror

DarkbiteX

omg.miduvi.gob.ec Linux mirror

DarkbiteX

probador.miduvi.gob.ec Linux mirror

DarkbiteX

protrans.miduvi.gob.ec Linux mirror

DarkbiteX

regcivil.miduvi.gob.ec Linux mirror

DarkbiteX

japac.miduvi.gob.ec Linux mirror

DarkbiteX

concordia.miduvi.gob.ec Linux mirror

DarkbiteX

conoce.miduvi.gob.ec Linux mirror

DarkbiteX

pruebas.miduvi.gob.ec Linux mirror

DarkbiteX

empleo.miduvi.gob.ec Linux mirror

DarkbiteX

artesanias.miduvi.gob.ec Linux mirror

DarkbiteX

impkan.miduvi.gob.ec Linux mirror

DarkbiteX

rupa.miduvi.gob.ec Linux mirror

DarkbiteX

educacion.miduvi.gob.ec Linux mirror

DarkbiteX

historia.miduvi.gob.ec Linux mirror

DarkbiteX

expoin.miduvi.gob.ec Linux mirror

DarkbiteX

idet.miduvi.gob.ec Linux mirror

DarkbiteX

taurino.miduvi.gob.ec Linux mirror

DarkbiteX

sefoa.miduvi.gob.ec Linux mirror

DarkbiteX

migrante.miduvi.gob.ec Linux mirror

DarkbiteX

portal.miduvi.gob.ec Linux mirror

DarkbiteX

municipio.miduvi.gob.ec Linux mirror

CIR

24

DarkbiteX

media.miduvi.gob.ec Linux mirror

DarkbiteX

linea.miduvi.gob.ec Linux mirror

DarkbiteX

bomberos.miduvi.gob.ec Linux mirror

DarkbiteX

alcaldia.miduvi.gob.ec Linux mirror

DarkbiteX

juegos.miduvi.gob.ec Linux mirror

DarkbiteX

transparencia.miduvi.gob.ec Linux mirror

DarkbiteX

consultabono.miduvi.gob.ec Linux mirror

DarkbiteX

testbono.miduvi.gob.ec Linux mirror

DarkbiteX

testbono.lotaip.miduvi.gob.ec Linux mirror

DarkbiteX

consultabono.lotaip.miduvi.gob.ec Linux mirror

DarkbiteX

lotaip.miduvi.gob.ec Linux mirror

Dark-Devilz

genetics.bwh.harvard.edu/ggi/s... Linux mirror

Dbuzz

kejari-sangatta.go.id/db.htm Linux mirror

Dbuzz

www.regionayacucho.gob.pe/db.htm Linux mirror

Dbuzz

codo.ma.gov.br Linux mirror

Dbuzz

www.salatiga.go.id/tmp/index.htm Linux mirror

DeLaGhezzy

snet.gob.sv Linux mirror

DevilzSec

apps.kpkk.gov.my/eaduan/aduan/... F5 Big-IP mirror

Dg4nx

www.napachon.go.th/images/dg4n... Linux mirror

Dhom501

baha-p.gov.sa/baha/index.php Linux mirror

Dr.Freak

multiservicios.gov.co Win 2003 mirror

Dr.Freak

rmc.gov.in Win 2008 mirror

Dr.Freak

www.police.gov.bd/nts.php Linux mirror

Dr.Freak

nsdctg.navy.mil.bd/admin/image... Linux mirror

Dr.Freak

mha.gov.bd/allnews.php Linux mirror

Dr.SHA6H

www.japarliament.gov.jm Linux mirror

Dr.SHA6H

www.sdc.gov.jm Linux mirror

Dr.SHA6H

www.csjp.gov.jm Linux mirror

Dr.SiLnT HilL

errada.gov.eg/index.php?op=leg... Linux mirror

Dravide

www.sedes.ba.gov.br Linux mirror

Dr-spam

www.borckamuftulugu.gov.tr Linux mirror

Dz_ErRoR

gifmis.cagd.gov.gh Linux mirror

Dz_ErRoR

www.ville-nogent-sur-seine.fr/... Linux mirror

Dz_ErRoR

www.descentralizacion.gob.pe Linux mirror

Dz_ErRoR

www.ville-st-remy-sur-avre.fr Linux mirror

DZ27

ludotheque.mairie-saint-mande.... Linux mirror

DZ27

maisonpourtous.mairie-saint-ma... Linux mirror

DZ27

activitesmusicales.mairie-sain... Linux mirror

DZ27

etat-civil.mairie-saint-mande.... Linux mirror

DZ27

ccas.mairie-saint-mande.fr/DZ2... Linux mirror

DZ27

services-techniques.mairie-sai... Linux mirror

DZ27

sport.mairie-saint-mande.fr/DZ... Linux mirror

DZ27

police.mairie-saint-mande.fr/D... Linux mirror

DZ27

www.mairie-moulis-medoc.fr/DZ2... Linux mirror

DZ27

mairie-azaysurcher.fr/DZ27.txt Linux mirror

CIR

25

DZ27

www.mairie-grezillac.fr/DZ27.txt Linux mirror

DZ27

tradterm.vitis.uspnet.usp.br Linux mirror

DZ27

soc.vitis.uspnet.usp.br/templa... Linux mirror

DZ27

clcr.vitis.uspnet.usp.br Linux mirror

DZ27

festivalbdbuc.mairie-buc.fr/DZ... Linux mirror

DZ27

festivalbdbuc.mairie-buc.fr/DZ... Linux mirror

DZ27

ville-sainghin-en-weppes.fr/DZ... Linux mirror

Fatal Error

www.to.senai.br Win 2008 mirror

Filsof Hacker

camarafazendariogrande.pr.gov.br Linux mirror

FL1T0X_Dz

nongkhai.immigration.go.th/new... Linux mirror

FL1T0X_Dz

chachoengsao.immigration.go.th... Linux mirror

FL1T0X_Dz

singkhon.immigration.go.th/Cou... Linux mirror

FL1T0X_Dz

loei.immigration.go.th/images/... Linux mirror

FL1T0X_Dz

www.iutsd.univ-paris13.fr/gmp/... Linux mirror

GeL-Dz

sci4dev.uneca.org/innovation/g... Unknown mirror

GHoST61

tarlaccity.gov.ph/gh.html Linux mirror

GHoST61

comste.gov.ph/gh.html Linux mirror

h311 c0d3

translate.google.pk Linux mirror

h4x0r HuSsY

gra.munijulcamarca.gob.pe Linux mirror

h4x0r HuSsY

juventud.munihuancayo.gob.pe Linux mirror

h4x0r HuSsY

transportes.munihuancayo.gob.pe Linux mirror

h4x0r HuSsY

transparencia.munihuancayo.gob.pe Linux mirror

h4x0r HuSsY

turismo.munihuancayo.gob.pe Linux mirror

h4x0r HuSsY

cultura.munihuancayo.gob.pe Linux mirror

h4x0r HuSsY

nsc.gov.in Win 2003 mirror

h4x0r HuSsY

dgllnoida.gov.in/x.htm Win 2003 mirror

h4x0r HuSsY

direzionedidatticaferrara.gov.... Linux mirror

H4x0rL1f3

books.google.com.pk Linux mirror

HacKed By LaMiN3 DK

www.comune.paglieta.ch.it/tmp/... Win 2003 mirror

Haranobu

forum.banjarmasinkota.go.id Linux mirror

HaTRk

saweehospital.go.th/index.php Linux mirror

HaTRk

www.azus.gov.rs Linux mirror

hatrk

ipne.gob.ve Linux mirror

HaTRk

saimt.gob.pe Linux mirror

HaTRk

munisanjoaquin.gob.pe Linux mirror

HaTRk

munilunahuana.gob.pe Linux mirror

HaTRk

ugelcutervo.gob.pe Linux mirror

HaTRk

muniuchumayo.gob.pe Linux mirror

HaTRk

munishambuyacu.gob.pe Linux mirror

HaTRk

muniquilmana.gob.pe Linux mirror

HaTRk

muninkawasi.gob.pe Linux mirror

HaTRk

munilucanas.gob.pe Linux mirror

HaTRk

munilonyagrande.gob.pe Linux mirror

HaTRk

munilahuaca.gob.pe Linux mirror

HaTRk

municipalidadocana.gob.pe Linux mirror

CIR

26

HaTRk

munichirinos.gob.pe Linux mirror

HaTRk

marcahuamachuco.gob.pe Linux mirror

HaTRk

archivo2013.muniquilmana.gob.pe Linux mirror

HaTRk

planlima.gob.pe Linux mirror

Haxorsistz

munisanmiguelchicaj.gob.gt Linux mirror

Haxorsistz

capivaridosul.rs.gov.br Linux mirror

HaYaL-ET-06

municamana.gob.pe Linux mirror

HighTech

bpphp3.dephut.go.id/main/ Linux mirror

HighTech

bpphp4.dephut.go.id Linux mirror

HighTech

bpphp13.dephut.go.id Linux mirror

HighTech

bpphp1.dephut.go.id Linux mirror

HighTech

bpphp15.dephut.go.id Linux mirror

HighTech

bpphp10.dephut.go.id Linux mirror

HighTech

altafloresta.mt.gov.br Linux mirror

HighTech

www.laras.ufpr.br Linux mirror

HighTech

www.lapps.ufpr.br/novo/ Linux mirror

HighTech

www.lapeduh.ufpr.br Linux mirror

HighTech

www.lageo.ufpr.br/home3/ Linux mirror

HighTech

www.itcp.ufpr.br Linux mirror

HighTech

www.inovacao.ufpr.br Linux mirror

HighTech

www.imprensa.ufpr.br Linux mirror

HighTech

www.humanas.ufpr.br/portal/ Linux mirror

HighTech

www.emea.ufpr.br Linux mirror

HighTech

www.grupo.bioengenharia.ufpr.br Linux mirror

HighTech

gia.bio.ufpr.br/host.php Linux mirror

HighTech

www.gepete.ufpr.br Linux mirror

HighTech

www.geeppif.ufpr.br/downloads/ Linux mirror

HighTech

www.fisioex.ufpr.br Linux mirror

HighTech

www.enpecom.ufpr.br Linux mirror

HighTech

www.pgapv.agrarias.ufpr.br Linux mirror

HighTech

www.politicaesportelazer.ufpr.br Linux mirror

HighTech

www.saussure.ufpr.br Linux mirror

HighTech

www.educahis.ufpr.br Linux mirror

HighTech

www.educacao.ufpr.br/includes/ Linux mirror

HighTech

www.ecolab.ufpr.br Linux mirror

HighTech

www.decreto4074.anvisa.ufpr.br... Linux mirror

HighTech

www.ciclovida.ufpr.br Linux mirror

HighTech

www.cartografica.ufpr.br Linux mirror

HighTech

www.labap.ufpr.br Linux mirror

HighTech

www.cartografia.ufpr.br/wordpr... Linux mirror

HighTech

www.baturite.ce.gov.br/home/ Linux mirror

HighTech

www.canoas.rs.gov.br Linux mirror

HighTech

ead.prodeb.ba.gov.br Linux mirror

HighTech

www.cerb.ba.gov.br Linux mirror

HighTech

www.vigilanciaemsaude.ba.gov.br Linux mirror

CIR

27

HighTech

www.suvisa.ba.gov.br Linux mirror

HighTech

www2.ebda.ba.gov.br Linux mirror

HighTech

www.vidamelhor.ba.gov.br Linux mirror

HighTech

www.suvisa.saude.ba.gov.br Linux mirror

HighTech

www.rgm.ba.gov.br Linux mirror

HighTech

www.portalfiplan.ba.gov.br Linux mirror

HighTech

www.mulheres.spmba.ba.gov.br Linux mirror

HighTech

www.ipac.ba.gov.br Linux mirror

HighTech

www.fpc.ba.gov.br Linux mirror

HighTech

www.consorciospublicos.ba.gov.br Linux mirror

HighTech

www.conder.ba.gov.br Linux mirror

HighTech

www.bahiapesca.ba.gov.br Linux mirror

HighTech

sms.prodeb.ba.gov.br Linux mirror

HighTech

zwczj.gov.cn Win 2003 mirror

HighTech

portaltj.tjrj.jus.br/wp/ F5 Big-IP mirror

HighTech

www.tjrj.jus.br/wp/ F5 Big-IP mirror

Hmei7

www.oca.gov.jm Linux mirror

Hmei7

renault.com.bo Linux

Hmei7

renaultbolivia.com.bo Linux mirror

Hmei7

chevrolet.com.bo Linux mirror

Hmei7

canakkalesydv.gov.tr Linux mirror

Hmei7

images.google.com.pk Linux mirror

Hmei7

www.comune.cepagatti.pe.it/tem... Linux mirror

Hmei7

unwomen.is Linux mirror

Hmei7

south-ed.moe.go.th/www/templat... Win 2003 mirror

IndianCyberArmy

account.google.com.pk Linux mirror

Indishell

www.jms.gov.bd Linux mirror

Indishell

videos.google.com.pk Linux mirror

Indishell

support.pprasindh.gov.pk Linux mirror

indramayu cyber

www.pa-talu.go.id/dermayu.html Linux mirror

Invectus

translate.google.com.pk Linux mirror

Invectus

sites.google.com.pk Linux mirror

islamic ghosts team

www.thahai.go.th/x.html Linux mirror

islamic LAMERS team

www.trade.go.ke/x.html Linux mirror

jack_jahat

www.labanda.gov.ar/idc.htm Linux mirror

jago-dz

ghana.gov.gh/dz/ Linux mirror

k4L0ng666

www.dprd-sukabumikota.go.id/ro... Linux mirror

kahraman

www.inmueble-jujuy.gov.ar/arch... Linux mirror

KhantastiC

news.google.com.pk Linux mirror

KING.sa

adm.ssko.moph.go.th Linux mirror

KriptekS

www.google.com.pk Linux mirror

KriptekS

www.google.pk Linux mirror

KriptekS

www.hp.com.pk Linux mirror

KriptekS

www.hsbc.pk Linux mirror

KriptekS

www.coca-cola.pk Linux mirror

CIR

28

KriptekS

www.fanta.pk Linux mirror

KriptekS

www.microsoft.pk Linux mirror

KriptekS

www.yahoo.pk Linux mirror

KriptekS

www.windows.com.pk Linux mirror

kwgdeface

visatovietnam.gov.vn Linux mirror

LamerFarfar12

www.gebzeram.gov.tr Linux mirror

Learnersofcuriosity

www.jfse.jus.br Linux mirror

lendapop e lsh

www.cmi.sc.gov.br/mirim/ Linux mirror

LeqendSPY

www.pn-soasio.go.id Linux mirror

LOv3rDns

pkdkj.johordt.gov.my Unknown mirror

LOv3rDns

pkdjb.johordt.gov.my Unknown mirror

LOv3rDns

www.jps.johordt.gov.my Unknown mirror

LOv3rDns

www.kepak.johordt.gov.my Unknown mirror

LOv3rDns

pkdbp.johordt.gov.my Unknown mirror

LOv3rDns

pertanian.johordt.gov.my Unknown mirror

LOv3rDns

www.jpbd.johordt.gov.my Unknown mirror

LOv3rDns

www.jcs.johordt.gov.my Unknown mirror

LOv3rDns

www.jcs.johordt.gov.my Unknown mirror

LOv3rDns

www.jaj.johordt.gov.my Unknown mirror

LOv3rDns

www.infobanjir.johordt.gov.my Unknown mirror

LOv3rDns

www.earthhour.johordt.gov.my Unknown mirror

LOv3rDns

maserati.com.ua Unknown mirror

LOv3rDns

giadinhhanhphuc.kaspersky.vn Linux mirror

lucky

desktop.google.com.pk Linux mirror

LUN4T1C0

ayudawsipec.sag.gob.cl/paginas... Linux mirror

m0m0

pa-buol.go.id/index.php Linux mirror

M0sted

www.cise.columbia.edu Win 2003 mirror

MagelangCyber

www.sdwhzf.gov.cn/jundab.txt Win 2003 mirror

MagelangCyber

tour.hubei.gov.cn/jundab.txt Win 2003 mirror

MagelangCyber

www.hubeitour.gov.cn/jundab.txt Win 2003 mirror

MagelangCyber

hsta.gov.cn/jundab.txt Win 2003 mirror

MagelangCyber

www.qzta.gov.cn/jundab.txt Win 2003 mirror

MagelangCyber

www.lndangan.gov.cn/jundab.txt Win 2003 mirror

Maxney

chapternews.redcross.or.th Linux mirror

MCA-CRB

www.yahoo.ro Linux mirror

MCA-CRB

www.windows.ro Linux mirror

MCA-CRB

www.kaspersky.ro Linux mirror

MCA-CRB

www.microsoft.ro Linux mirror

MCA-CRB

www.google.ro Linux mirror

MDS

www.tradoc.mil.al Linux mirror

MDS

gs.mil.al Linux mirror

Metallanguid

www.bogdanci.gov.mk Linux mirror

MetalSoftHackersTeam

hidrica.sag.gob.cl/robots.txt Win 2003 mirror

MetalSoftHackersTeam

inspectores2.sag.gob.cl/robots... Win 2003 mirror

MetalsoftHackersTeam

phpmyadmin.mspd8pichincha.gob.... Linux mirror

CIR

29

MJL007

batangharikab.go.id Linux mirror

MoroccanGhosts

www.rosstc-herefordshire.gov.uk Solaris 9/10 mirror

Mr.H4rD3n

nyakabandasector.gov.rw Unknown mirror

Mr.H4rD3n

www.rppa.gov.rw Unknown mirror

Mr.H4rD3n

rwezamenyosector.gov.rw Unknown mirror

Mr.H4rD3n

gitegasector.gov.rw Unknown mirror

MrWanz

www.redsaludlimaciudad.gob.pe Linux mirror

MrWanz

www.reme.mil.my Linux mirror

Nob0dy

vanhocnghethuatyenbai.gov.vn Linux mirror

Nob0dy

www.hrbsc.gov.cn Win 2003 mirror

Nob0dy

www.scjjw.gov.cn Win 2003 mirror

Nob0dy

www.scssf.gov.cn Win 2003 mirror

Nob0dy

www.sxhddj.gov.cn/no.php Unknown mirror

Nob0dy

eid.dmsc.moph.go.th/phpbb2/ind... Linux mirror

Nob0dy

pretsedatel.gov.mk Linux mirror

Nob0dy

president.gov.mk Linux mirror

Nob0dy

pretsedatel.mk Linux mirror

Nob0dy

president.mk Linux mirror

Nob0dy

bangchaocha.tgc.familylove.go.... Linux mirror

Nob0dy

bangluang.tgc.familylove.go.th... Linux mirror

Nob0dy

bangsaothong.tgc.familylove.go... Linux mirror

Nob0dy

bangtabun.tgc.familylove.go.th... Linux mirror

Nob0dy

bangtho.tgc.familylove.go.th/m... Linux mirror

Nob0dy

banprok.tgc.familylove.go.th/m... Linux mirror

Nob0dy

banrai.tgc.familylove.go.th/me... Linux mirror

Nob0dy

bawa.tgc.familylove.go.th/medi... Linux mirror

Nob0dy

donchik.tgc.familylove.go.th/m... Linux mirror

Nob0dy

dongkhwang.tgc.familylove.go.t... Linux mirror

Nob0dy

huaipho.tgc.familylove.go.th/m... Linux mirror

Nob0dy

khaosaming.tgc.familylove.go.t... Linux mirror

Nob0dy

khoksalung.tgc.familylove.go.t... Linux mirror

Nob0dy

khoksi.tgc.familylove.go.th/me... Linux mirror

Nob0dy

nangrong.tgc.familylove.go.th/... Linux mirror

Nob0dy

phasuk.tgc.familylove.go.th/me... Linux mirror

Nob0dy

thatalat.tgc.familylove.go.th/... Linux mirror

NoEntry Phc

ldbz.zigui.gov.cn/x.txt Win 2003 mirror

NoEntry Phc

whly.zigui.gov.cn/x.txt Win 2003 mirror

NoEntry Phc

zyy.zigui.gov.cn/x.txt Win 2003 mirror

NoEntry Phc

gg.zigui.gov.cn/lol.txt Win 2003 mirror

NoEntry Phc

new.hubeitour.gov.cn/x.txt Win 2003 mirror

NoEntry Phc

aplicaciones.ambiente.gob.ar/x... Win 2003 mirror

NoEntry Phc

sifap.ambiente.gob.ar/x.txt Win 2003 mirror

NoEntry Phc

dcc.ambiente.gob.ar/x.txt Win 2003 mirror

NoEntry Phc

dcc.ambiente.gov.ar/x.txt Win 2003 mirror

NoEntry Phc

gefpatagonia.ambiente.gob.ar/x... Win 2003 mirror

CIR

30

NoEntry Phc

conflicto.ambiente.gov.ar/x.txt Win 2003 mirror

NoEntry Phc

tarrago.ambiente.gov.ar/x.txt Win 2003 mirror

NoEntry Phc

cop10.medioambiente.gov.ar/x.txt Win 2003 mirror

NoEntry Phc

ambiente.mercosur.int/x.txt Win 2003 mirror

NoEntry Phc

memoriacolectiva.ambiente.gob.... Win 2003 mirror

NoEntry Phc

jomgayut.kad.mil.my Linux mirror

omarxarmy

tech.moh.gov.iq Linux mirror

onestree

pa-tanjungpati.go.id Linux mirror

Over-X

imprensa.renault.com.br Win 2003 mirror

Over-X

play.google.com.pk Linux mirror

Over-X

docs.google.com.pk Linux mirror

Over-X

picasa.google.pk Linux mirror

Over-X

drive.google.pk Linux mirror

Over-X

maps.google.pk Linux mirror

Over-X

doc.google.pk Linux mirror

Over-X

books.google.pk Linux mirror

Over-X

sefi.unep.org/fileadmin/unep/ Linux mirror

Over-X

www.ville-montivilliers.fr/lib... Linux mirror

PAOK

www.1823.syzefxis.gov.gr Linux mirror

PAOK

www.adiyamanafetacil.gov.tr Linux mirror

PAOK

www.1263.syzefxis.gov.gr Linux mirror

PAOK

dpi.mon.gov.mk Linux mirror

Phoenix64

tuoitredalat.gov.vn Linux mirror

Q-Hack

sherpurgovtcollege.gov.bd Linux mirror

r00tc0d3rs

cardenas.catriel.gob.ar/r00tc0... Linux mirror

r00tc0d3rs

dari.catriel.gob.ar/r00tc0d3rs... Linux mirror

RevoluSec

syrian-es.org Linux mirror

SaccaFrazi

zwsafety.gov.cn/index.htm Win 2003 mirror

SanFour25

www.mocpa.gov.np/Dz.php Linux mirror

SanFour25

www.mnre.gov.in/Dz.php Linux mirror

sexshikayeleriniz.blogspot.com

sexhikaye.ynwd.gov.cn Win 2003 mirror

Sifreciler

www.dricm.gov.bd Linux mirror

SIMAVLI

www.kogias.mercedes-benz.gr/de... Win 2003 mirror

Sovalye

www.euclid.int/course-detailsv... Win 2003 mirror

Sovalye

www.training.admin.state.mn.us... Win 2003 mirror

surg4bij4k

www.fujixeroxprinters.co.id/we... Win 2008 mirror

syhmhfz

www.sclxgt.gov.cn Win 2003 mirror

syhmhfz

www.apcce.gov.in/newwebsite301... Linux mirror

sysbreak-crew

www.planverde.df.gob.mx Unknown mirror

TechnicaL

braun.vn Linux mirror

TechnicaL

braun.com.vn Linux mirror

Terminal_Pk

teaboard.gov.in/faq.asp Win 2003 mirror

The 077

atiwa.ghanamps.gov.gh Linux mirror

The GreaT TeAm

www.doa.go.th Linux mirror

The UnderTaker

www.unwea.org/index.aspx?lan=5 Win 2003 mirror

CIR

31

THE-AjaN

childrenandarmedconflict.un.or... Linux mirror

TheHackersArmy

www.mess.gov.bf Linux mirror

TheHackersArmy

www.commerce.gov.bf Linux mirror

TheHackersArmy

www.sports.gov.bf Linux mirror

TheHackersArmy

www.mjfpe.gov.bf Linux mirror

TheHackersArmy

www.meba.gov.bf Linux mirror

TheHackersArmy

www.culture.gov.bf Linux mirror

TheHackersArmy

www.messrs.gov.bf Linux mirror

TheHackersArmy

www.action-sociale.gov.bf Linux mirror

TheHackersArmy

www.mhu.gov.bf Linux mirror

TheHackersArmy

www.sante.gov.bf Linux mirror

TheHackersArmy

www.mrp.gov.bf Linux mirror

TheHackersArmy

www.agriculture.gov.bf Linux mirror

TheHackersArmy

www.mpdh.gov.bf Linux mirror

TheHackersArmy

www.ces.gov.bf Linux mirror

TheHackersArmy

www.conseil-constitutionnel.go... Linux mirror

TheHackersArmy

www.justice.gov.bf Linux mirror

TheHackersArmy

www.cour-cassation.gov.bf Linux mirror

TheHackersArmy

www.cour-comptes.gov.bf Linux mirror

TheHackersArmy

www.mrsi.gov.bf Linux mirror

TheHackersArmy

www.affaires-etrangeres.gov.bf Linux mirror

TheHackersArmy

www.mptic.gov.bf Linux mirror

TheHackersArmy

www.massn.gov.bf Linux mirror

TheHackersArmy

www.environnement.gov.bf Linux mirror

TheHackersArmy

www.conseil-etat.gov.bf Linux mirror

TheHackersArmy

www.sig.gov.bf Linux mirror

TheHackersArmy

www.sggcm.gov.bf Linux mirror

TheHackersArmy

www.matd.gov.bf Linux mirror

TheHackersArmy

www.fonction-publique.gov.bf Linux mirror

TheHackersArmy

www.mje.gov.bf Linux mirror

TheHackersArmy

www.mid.gov.bf Linux mirror

TheHackersArmy

www.mines.gov.bf Linux mirror

TheHackersArmy

www.defense.gov.bf Linux mirror

TheHackersArmy

www.information.gov.bf Linux mirror

TheHackersArmy

www.gcob.gov.bf Linux mirror

TheHackersArmy

www.finances.gov.bf Linux mirror

TurkHackArmy

portal2.munilosolivos.gob.pe/T... Linux mirror

Turkish Energy Team

ns1.educacao.mg.gov.br/magistra/ Linux mirror

Turkish Energy Team

magistra.educacao.mg.gov.br Linux mirror

Turkish Energy Team

www.educacao.mg.gov.br/magistra/ Linux mirror

Turkish Energy Team

promocion80.ejercito.mil.ve Linux mirror

ulow

wsxf.meizhou.gov.cn Win 2003 mirror

ulow

gdmz.lm.gov.cn Win 2003 mirror

ulow

www.mzqts.gov.cn Win 2003 mirror

ulow

www.jlxp.gov.cn Win 2003 mirror

CIR

32

ulow

fscourt.gov.cn Win 2003 mirror

ulow

mzwsjd.gov.cn Win 2003 mirror

ulow

mzci.gov.cn Win 2003 mirror

ulow

mzboftec.gov.cn Win 2003 mirror

ulow

www.xnczq.gov.cn/x.txt Win 2003 mirror

Unknown Core

www.comune.castelvenere.bn.it Win 2003 mirror

UR0B0R0X

www.saude.am.gov.br/fvs/admin/... Linux mirror

UR0B0R0X

www.achacachi.gob.bo/x0.txt Linux mirror

uykusuz001

www.dyqsl.gov.cn/tr.txt Win 2003 mirror

uykusuz001

www.pkgt.gov.cn Win XP mirror

uykusuz001

wjj.nc.gov.cn/tr.txt Linux mirror

uykusuz001

www.tstb.gov.cn/default.htm Win 2003 mirror

VolcanoHacker

ces.pnp.gov.ph Linux mirror

VolcanoHacker

pn-subang.go.id Linux mirror

VolcanoHacker

kpud-banjarkota.go.id/1/tmp/in... Linux mirror

VolcanoHacker

cavite.gov.ph/index.php Linux mirror

VolcanoHacker

www.procor.pnp.gov.ph/index.php Linux mirror

W1L3D4

www.muze.gov.tr/index.html Win 2008 mirror

xatli

fujifilm.hr Linux mirror

xatli

www.mnda.gov.ng Linux mirror

XMORS DIGITAL SECURITY TEAM

reprobio.stanford.edu/hpmr/Sea... Win 2003 mirror

ymh

www.borsindh.gov.pk Linux mirror

ymh

www.egyfellow.mohp.gov.eg Win 2003 mirror

ymh

www.egyfellow.mohealth.gov.eg Win 2003 mirror

ymh

www.egyboard.mohealth.gov.eg Win 2003 mirror

ymh

www.egyboard.mohp.gov.eg Win 2003 mirror

Z4R4THUSTR4

www.ppgs.ufba.br Win 2003 mirror

Z4R4THUSTR4

www.ppgcs.ufba.br Win 2003 mirror

ZiqoR

ofbh.gov.in/CandidatePhotos/zq... Win 2003 mirror

ZiyaretCi

www.yazmalar.gov.tr Linux mirror

ZoRRoKiN

www.mra.gov.bf Linux mirror

ZoRRoKiN

www.nsaf.gov.sy Linux mirror

CIR

33

N° Notifier Single def. Mass def. Total def. Homepage def. Subdir def. 1 Barbaros-DZ 3210 157 3367 1021 2346 2 Ashiyane Digital Security Team 2506 3246 5752 1053 4699 3 Hmei7 2074 1172 3246 708 2538 4 LatinHackTeam 1428 1276 2704 2254 450 5 iskorpitx 1322 953 2275 784 1491 6 Fatal Error 1020 1128 2148 1768 380 7 chinahacker 883 1317 2200 4 2196 8 MCA-CRB 851 621 1472 367 1105 9 By_aGReSiF 749 1424 2173 802 1371

10 3n_byt3 627 1809 2436 849 1587 11 HEXB00T3R 604 630 1234 405 829 12 Red Eye 579 1551 2130 2093 37 13 uykusuz001 543 155 698 34 664 14 brwsk007 525 177 702 24 678 15 Mafia Hacking Team 496 589 1085 322 763 16 Swan 495 258 753 219 534 17 Digital Boys Underground Team 461 441 902 179 723 18 Iran Black Hats Team 458 326 784 417 367 19 1923Turk 422 1487 1909 421 1488 20 DeltahackingSecurityTEAM 415 443 858 232 626 21 Over-X 403 1469 1872 1219 653 22 D.O.M 392 645 1037 824 213 23 kaMtiEz 391 390 781 238 543 24 ZoRRoKiN 386 198 584 107 477 25 Triad 375 315 690 397 293 26 [#Elite Top Team] 362 303 665 570 95 27 sinaritx 359 98 457 160 297 28 k4L0ng666 353 1205 1558 222 1336 29 Ma3sTr0-Dz 313 735 1048 300 748 30 core-project 313 325 638 629 9 31 linuXploit_crew 311 166 477 477 0 32 misafir 299 298 597 219 378 33 Turkish Energy Team 285 218 503 298 205 34 ISCN 274 123 397 96 301 35 !nf3rN.4lL 262 376 638 176 462 36 PoizonB0x 251 3 254 254 0 37 NeT-DeViL 249 258 507 334 173 38 eMP3R0r TEAM 240 306 546 136 410 39 PowerDream 237 164 401 174 227 40 Vezir.04 236 111 347 152 195 41 KHG 233 281 514 210 304 42 S4t4n1c_S0uls 230 144 374 311 63 43 XTech Inc 223 328 551 548 3 44 Hi-Tech Hate 223 6 229 229 0 45 BeLa 210 123 333 147 186 46 spook 209 31 240 40 200 47 m0sted 208 207 415 106 309 48 Prime Suspectz 205 0 205 205 0 49 the freedom 198 136 334 22 312 50 c4uR 191 383 574 397 177

CIR

34

Internet Storm Center Top 10 Ports

Port Reports

23 327088

445 225383

3389 202872

22 146292

1433 63610

47292 60803

139 57546

5900 41216

80 30401

8192 26984

Port Targets

22 64305

3389 63777

23 57624

1433 45853

445 44353

137 22027

5900 21745

1434 11809

3306 6957

443 6625

Port Sources

23 70269

445 20034

3389 9035

47292 3435

80 1861

210 1092

53 1086

25 902

6881 845

57695 830

Top 10 Source IPs

IP Address Reports Target IPs First Seen Last Seen

069.175.126.170 (US) 1,183,240 133,673 2012-07-11 2012-11-29

115.248.142.083 () 243,729 108,095 2012-11-16 2012-11-29

122.229.002.040 (CN) 1,334,359 99,037 2012-09-17 2012-11-28

202.070.136.023 (ID) 389,425 95,641 2012-11-05 2012-11-29

114.141.180.109 () 113,100 76,090 2012-07-30 2012-11-29

069.175.054.106 (US) 1,226,476 75,378 2012-07-14 2012-11-29

095.009.215.067 (TR) 364,774 74,269 2012-09-03 2012-11-29

085.025.109.138 (DE) 1,007,315 73,912 2012-11-11 2012-11-28

111.069.025.010 (NZ) 144,540 73,622 2012-10-12 2012-11-29

094.102.051.192 (NL) 305,478 71,883 2012-09-23 2012-11-28

Resources: DC3 DISPATCH dispatch@dc3.mil FBI In the New fbi@subscriptions.fbi.gov Zone-h www.zone-h.org Xssed www.xssed.com Packet Storm Security www.packetstormsecurity.org Sans Internet Storm Center isc.sans.org Exploit Database www.exploit-db.com Exploits Database www.exploitsdownload.com Hack-DB www.hack-db.com Infragard www.infragard.org ISSA www.issa.org Information Warfare Center informationwarfarecenter.com Secunia www.secunia.org Tor Network