HACKS OF AMAZON,WALLMART

Hackers leak 13,000 Passwords Of Amazon, Walmart and Brazzers Users

Hackers claiming affiliation with the hacktivist group "Anonymous" have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network.

The stolen personal information was released in a massive text document posted to the Internet file-sharing website Ghostbin (now deleted), on Friday. The document contains a huge number of usernames and passwords, along with credit card numbers and expiration dates.

The news came just a day after the hacker group Lizard Squad compromised Sony’s Playstation and Microsoft’s Xbox Live gaming networks on Christmas day, which is estimated to have affected Xbox's 48 million subscribers and PlayStation's 110 million users, making it a total of more than 150 million users worldwide.

However, data breach of 13,000 users is not the biggest data breach we've ever seen. When millions of passwords are used for sites around the globe, chances are very minor that our’s among those compromised. But still it’s important to note as these accounts come from a variety of online sources and among those, some are really very popular.

The Daily Dot's Aaron Sankin has compiled a comprehensive list of sites associated with the username and password leaks, and discovered that the leaks came from the sites run the gamut from pornography to gaming to online shopping. The list of the compromised websites is as follows:

• Amazon
• Walmart
• PlayStation Network
• Xbox Live
• Twitch.tv
• Dell
• Brazzers
• DigitalPlayground
• and more

Just to be on a safer side, users are recommended to change their passwords if they have accounts on these compromised websites, and also pay attention to your credit card transactions and if any suspicious activity found, immediately communicate with related banks and financial institutions.

Also, don't use the same passwords for banking and online shopping sites, and always keep an eye out for unusual activities or unauthorized purchases with your accounts.

SSL CERTIFICATE AND UR SECURITY

The SSL Certificate And Your Website’s Security

When you are surfing the internet, a lot of information is being exchanged between the web host and the device being used to surf the internet. This type of information can always be easily breached by hackers, especially if it involves online transactions and this has always been a major issue when dealing with the internet. Nowadays, cases of online theft are becoming increasingly popular. There is one way of determining whether a site is safe to use through an SSL Certificate which is powered by the beauty of cryptography.

How SSL Cryptography Works?

Cryptography ensures that data is transmitted in a means that only the intended party can access it. You can easily determine a site which has an SSL certificate by the padlock icon that is displayed beside the web address. So how do SSL certificates work? SSL in full is Secure Sockets Layer. An SSL certificate provides tight security during the exchange of data.

PadLock Icon Showing SSL Security

In SSL cryptography, encryption makes use of separate keys for the decryption and encryption of data. Encryption keys are public and anyone can use them. But the decryption keys (ones used to turn encrypted data into meaningful information) are private and are kept secret. The SSL certificate, on the other hand, can simply be described as a tiny data file that has the appropriate information about a certain website. The information can be quickly read by the host connection once the request for connection is received. It is through an SSL that a website can prove its authenticity to a web browser.

How To Get SSL Certificate?

An SSL certificate is not handed out like a college certificate. There are a number of companies called Certificate Authorities (CA)that authenticate that a site/server is legitimate and sign a resultant digital certificate which is then stored, just like a cookie is stored on your browser. The certificate will continuously alert all incoming connections and protocols that the connection is trustworthy.

SSL Certificate Advantages

SSL certificates make online data-exchange, especially financial transactions, safer. It is a common rule of thumb not to trust any e-commerce site that does not have an SSL certificate. There is just too much information floating around online nowadays such as credit card info, banking information etc. The safety of all these vital information will be ensured by the SSL certificate, and every browser will accept the websites incoming connections. However, most small websites, such as blogs, don’t really need to supply an SSL certificate.

Bug Bounty, Cross Site Scripting, Hacking News, Paypal Hacking, Vulnerability, XSS Vulnerability

German Spy-Agency Trades Citizens' Metadata in Exchange for NSA's Xkeyscore

 

 

  446  131  7  615

This is Really Insane!!

Germany's top intelligence agency handed over details related to German citizen metadata just in order to obtain a copy of the National Security Agency's Main XKeyscore software, which was first revealed by Edward Snowden in 2013.

According to the new documents obtained by the German newspaper Die Zeit, the Federal Office for the Protection of the Constitution (BfV - Bundesamtes für Verfassungsschutz) traded data of its citizens for surveillance software from their US counterparts.

Germany and the United States signed an agreement that would allow German spies to obtain a copy of the NSA's flagship tool Xkeyscore, to analyse data gathered in Germany. So they covertly illegally traded access to Germans' data with the NSA.

XKeyscore surveillance software program was designed by the National Security Agency to collect and analyse intercepted data it obtains traveling over a network.

The surveillance software is powerful enough to be able to pull up more than 20 Terabytes of data daily, including emails, chats, social media interactions, and even browsing histories all in real-time without bothering the need of any warrant, as The Hacker News reported in 2013.

It seems that when NSA demonstrated the XKeyscore software to Germany's domestic intelligence agency BfV back in 2011, the BfV was so impressed that it struck a deal with NSA to exchange data for computer software.

After two years long negotiation with the U.S., the German agency signed an agreement to receive the NSA spyware software and deploy it for analysing data gathered on German citizens.

In return, the German intelligence agency promised to share their citizens metadata. According to Die Zeit, the document "Terms of Reference" stated: "The BfV will: To the maximum extent possible share all data relevant to NSA's mission".

The BfV didn't fully informed Germany's data protection commissioner, nor it informed the Parliamentary Control Panel, which oversights the BfV, about the deal it signed with the United States.

"Once again, I have to learn from the press of a new BfV-NSA contract and the impermissible transfer of data to the [United States] secret service," Green Party parliamentarian Hans-Christian Ströbele, a member of the Parliamentary Control Panel, told Die Zeit.

However, the BfV still received a lower level of access compared to the other non-U.S. "Five Eyes" nations, including the United Kingdom, Canada, Australia and New Zealand, who all had direct access to the main XKeyscore system.

German spy vs NSA xkeyscore

German Spy-Agency Trades Citizens' Metadata in Exchange for NSA's Xkeyscore

 

 

  446  131  7  615

This is Really Insane!!

Germany's top intelligence agency handed over details related to German citizen metadata just in order to obtain a copy of the National Security Agency's Main XKeyscore software, which was first revealed by Edward Snowden in 2013.

According to the new documents obtained by the German newspaper Die Zeit, the Federal Office for the Protection of the Constitution (BfV - Bundesamtes für Verfassungsschutz) traded data of its citizens for surveillance software from their US counterparts.

Germany and the United States signed an agreement that would allow German spies to obtain a copy of the NSA's flagship tool Xkeyscore, to analyse data gathered in Germany. So they covertly illegally traded access to Germans' data with the NSA.

XKeyscore surveillance software program was designed by the National Security Agency to collect and analyse intercepted data it obtains traveling over a network.

The surveillance software is powerful enough to be able to pull up more than 20 Terabytes of data daily, including emails, chats, social media interactions, and even browsing histories all in real-time without bothering the need of any warrant, as The Hacker News reported in 2013.

It seems that when NSA demonstrated the XKeyscore software to Germany's domestic intelligence agency BfV back in 2011, the BfV was so impressed that it struck a deal with NSA to exchange data for computer software.

After two years long negotiation with the U.S., the German agency signed an agreement to receive the NSA spyware software and deploy it for analysing data gathered on German citizens.

In return, the German intelligence agency promised to share their citizens metadata. According to Die Zeit, the document "Terms of Reference" stated: "The BfV will: To the maximum extent possible share all data relevant to NSA's mission".

The BfV didn't fully informed Germany's data protection commissioner, nor it informed the Parliamentary Control Panel, which oversights the BfV, about the deal it signed with the United States.

"Once again, I have to learn from the press of a new BfV-NSA contract and the impermissible transfer of data to the [United States] secret service," Green Party parliamentarian Hans-Christian Ströbele, a member of the Parliamentary Control Panel, told Die Zeit.

However, the BfV still received a lower level of access compared to the other non-U.S. "Five Eyes" nations, including the United Kingdom, Canada, Australia and New Zealand, who all had direct access to the main XKeyscore system.