I have talked about ApacheKiller flaw in detail here with possible workaround to mitigate this flaw.
Last week, a DDoS mitigation service vendor Arbor Networks revealed a detailed report can be download from here which say,
Cyber War between two countries Pakistan & India is again seems re-established. I remember one meeting between Pakistan Cyber Army & Indian Cyber Army where they commit to stop these attacks and utilize their skills for good.
There are many websites related to Pakistani & indian government were defaced by these two groups.
This time two people Ro0t_d3vil & StRangeR from ICA involved in defacement of Chief Minister Khyber PukhtunKhwa Official Goverment website
We tried to check the site security and it looks really funny.
HG Analysis :
That’s from us. Stay tune for more updates.
Recently we released a bulletin about X-NerD 250+ domains defacement. This time X-NerD targets PandaSecurity’s channel domain for Pakistan.
Panda Security is a well known AntiVirus Company that delivery Antivirus applications globally to million of home and business users world wide.
As usual X-NerD publishes a message at http://www.pandasecurity.com.pk/why_panda.php
"OoooOOPss...I am ShockeD At YouR SecuritY..S3cuR!tY L3vEL Z3r0...YOu Dont KnoW HOw To SecurRe Your AsS n Pr0vidinG SEcurity to 0therS...Big LauGh..."
X-NerD performed SQL injection. There is no news about server’s security breach.
Once again Linux.com, Linuxfoundation.org and sub-domains have been taken offline for a possible security breach that is discovered on 8th September, 2011.
News bulletin from Linux.com says in the best interest of Linux community and security precautions we have taken all domains offline. Initial analysis shows this breach is connected to intrusion on kernel.org
Recommendations for the Linux.com users :
Change your password, if you are using the same password on other sites.
Services affected :
Note : Kernel repositories are not affected. It is safe.
We will update you further, as soon we have further announcements from Linux.com
X-NerD identify his self as a part of Pakistan Cyber Army. X-NerD has defaced many websites that includes blogs, forums, brand domains. This time the attacked seems to be RFI/LFI type.
A sample page can be seen on
You can see complete list of domains on pastbin
Google suggested all users that access gmail accounts from Iran. Google broadcasted this news on GoogleOnlineSecurity Official blog.
Last month Google updated a similar thread on blog where MITM (Man in the middle attack) was attempted.
Some precautions recommended by Google is as follows