Several high-profile websites from Malawi, a landlocked country in southeast Africa, have been defaced after hackers of the Bangladesh Grey Hat Hackers group managed to breach the .mw domain registrar’s systems.

The defaced sites include nic.mw, registrar.mw, biz.mw, co.mw, com.mw, edu.mw, gov.mw and others. The hackers haven’t defaced the website’s index pages, but instead added their own .html file to each of the domains.

“We got a bug on their server. Consider it as warning to increase security. We didn’t deface index of those sites as warning. We request their government to increase security,” one of the hackers told Softpedia.

Currently, all the affected sites still display the defacement pages. A mirror of the defacement can be found here.

As some of you might remember, this is not the first time when the Malawi domain registrar is hacked. Back in February, several high-profile sites, including google.mw, cocacola.mw, fanta.mw, yahoo.mw, kaspersky.mw were defaced after hackers had breached the organization’s systems.

Hackers of the st0rmyw0rm group claim to have breached Compound Semiconductor – a website owned by UK-based Angel Business Communications – that provides news, analysis and other information for the compound semiconductor industry.

The hackers have leaked over 4,500 records consisting of usernames, email addresses and clear text passwords, including a couple of credential sets belonging to the site’s administrators. They claim that the database holds over 10,000 user records.

Considering that all the passwords are in clear text, we will not be providing a link to the data leak. However, it’s worth mentioning that the Compound Semiconductor website appears to be assigning the same default password to all users.

Only a handful of the site’s customers have taken the time to change their passwords, so most of the accounts are easily accessible.

The hacker group’s representatives have told us that they’ve attacked the site in support for WikiLeaks founder Julian Assange (OpFreeAssange), who’s currently confined to the Ecuadorian embassy in London.

“It’s a UK company, a lot of feds registered and we have some specific reason we won’t publish,” the hackers said regarding their motivation.

“Do not use any of their Apps, Administrator Access App, and do not buy anything from there,” the hackers wrote next to the leaked data.

We’ve reached out to Angel Business Communications to see if they can comment on the incident. The post will be updated if they respond to our inquiry.

If Cher was “upset” a couple of days ago when hackers hijacked her Twitter account to promote shady weight loss products, it’s safe to say Alec Baldwin was really upset when the same thing happened to him.

According to E Hacking News, Alec Baldwin’s “Alec Baldwin Foundation” Twitter account was also abused to lure his 1 million followers to shady websites.

“This [expletive] hacking weight loss [expletive]. GOOOOOODDD!!!” he wrote on Twitter shortly after recovering his account.

“IGNORE this weight loss trash. I mean, I'm all for weight loss. But DAMN!!!” he added.

The number of celebrities whose accounts are compromised by hackers is growing by the week, but actors and singers don’t seem to be willing to learn some basic security practices to help them avoid such incidents.

Of course, there are a lot of ways in which hackers can gain access to a Twitter account, but if you set a strong password and if you make sure you don’t enter your credentials on fake websites, you considerably decrease their chances of succeeding.

Alexander Waterland, aged 25, of Loveland, Ohio, has been sentenced to one year and one day in prison and two years of supervised release. He has been convicted for trying to blackmail the University of Pittsburgh.

Waterland downloaded some information, including student and faculty details, from a University of Pittsburg server. With the aid of an accomplice, Brett Hudson, he created YouTube and Twitter accounts with the name “AnonOperative13.”

Posing as Anonymous hackers, the two published a video and sent out some tweets and emails, threatening to release the data they copied from the server of the University of Pittsburgh unless the educational institution’s representatives posted a public apology to students, law enforcement and professors on their site’s home page.

Waterland and Hudson claimed to have obtained over 200 gigabytes of information, including credit card information. They accused the university of not securing their students’ information and of helping law enforcement arrest innocent individuals related to Anonymous.

At the time, the University of Pittsburgh was also facing another problem. Someone was making bomb threats against the institution.

However, the hackers highlighted the fact that they were not involved with the individuals who attempted to extort the university with bomb threats.

According to court documents obtained by SecurityWeek, investigators found several pieces of evidence connecting Waterland to the extortion scheme on his computer and smartphone.

His smartphone contained a large number of images of individuals with Anonymous masks and his computer was appointed as being the one that accessed the AnonOperative13 YouTube account.

Authorities have also learned that AnonOperative13 made threats against other organizations as well, including Georgia College and State University, and Alliance Computers.

Brett Hudson has also pleaded guilty, but the details of his sentencing have not been made public.

Hackers of the Anonymous movement have set their sights on People for the Ethical Treatment of Animals (PETA) after the organization decided to sue a number of anonymous individuals who posted comments to an article in which PETA was accused of “secretly slaughtering kittens and puppies.”

The article in question, published by Huffington Post, got around 5,000 comments, many of which condemned the organization that claims to fight for animal rights.

It appears that PETA doesn’t want to pursue the article’s author, but a few of the people who left comments, including one who compared it to Jack Kevorkian, the man known for championing a terminal patient's right to die via physician-assisted suicide.

“This kind of legal maneuver is typical of corporations and organizations who cannot accept opposing viewpoints and think freedom of speech and online anonymity are merely inconveniences to be dealt with by high powered and expensive lawyers and huge piles of cash,” the hackers stated.

“This is unacceptable. The hive must act both to bring publicity to the case of the critics and also to PeTA's other reprehensible actions. It is time PeTA was reminded that Anonymous does not forgive or forget those who oppose free speech and will not stand for legal threats against those voicing legitimate criticisms,” they added.

It’s uncertain what the hacktivists have in mind for OpPETA, but we can probably expect some data leaks, and maybe some distributed denial-of-service (DDOS) attacks.

“This Op is not against animal rights, it is against the cynical manipulation of well meaning people to fund lawsuits and advertising that do nothing but advance the agenda of PETA, not the animals it claims to want to protect but in fact simply euthanizes,” Anonymous members said.

“PeTA, for your attempt to use the law to extinguish the voices of those who voice contrary opinions you have gotten the attention of the hive, whatever the consequences, you should have expected us.”

GFI Software has acquired IASO, a Netherlands-based company that provides online backup software and storage solutions to companies of all sizes. Details of the deal are not being disclosed.

“We have been using IASO's technology in GFI MAX RemoteManagement for over a year and it has been a great success with our customers,” said Walter Scott, CEO at GFI Software.

“Acquiring IASO's technology provides us with a huge opportunity to expand this side of our business, target new opportunities in the MSP community and among businesses that want to reduce the technical and logistical overhead of backup and benefit from the fastest cloud based restore available,” Scott added.

On the other hand, IASO also seems to be pleased with GFI’s decision.

“We have worked with GFI for over a year now and we are very pleased that GFI has chosen to take our technology forward as its strategic solution for online backup. We see this as recognition of the value we have created so far in the Netherlands and in other regions,” IASO's Johan Jongsma commented.

“GFI has the vision, the ability and the resources to take our unique backup technology to a new level on a global scale.”

Indonesia’s Defense Ministry has revealed its intentions to set up a special force it dubs “cyber army.” The unit’s main goal will be to tackle cyberattacks aimed at government websites and portals.

According to Xinhua, ministry officials are preparing a law that would legalize the cyber army’s operations.

The new force will be formed of uniformed soldiers that possess the knowledge and skills necessary to protect the country against cyberattacks.

Pos M. Hutabarat, director general of security potentials at the ministry, has compared the cyber army to similar units in Iran, South Korea, China and the United States.

The unit will be embedded in the army, the navy and the air force.

The Defense Minister Purnomo Yusgiantoro says that the cyber army needs the support of the country’s Communication and Information Ministry, which is in the process of building a system called National Cyber Security.

Several government agencies are contributing to the National Cyber Security system, including the national intelligence body and the anti-terrorism desks.

Hackers of the Turkish Ajan group have breached the systems of the Akron-Canton Airport of Ohio, US. Besides defacing the airport’s official website, the hackers have also leaked some information.

The data leak comprises names, email addresses and contact information of over 15,000 users. In addition, the usernames, passwords, names and email addresses of administrators have also been published online.

“Since today, you have been trying to bring Middle East under chaos, United States of America, which is controlled by Zionist Jewish people to achieve their goals for centuries,” the hackers wrote on the defaced site.

“While you’re trying to draw the map of 100-200 years later from now, you are trying to make Muslim people fight each other and finish-waste themselves and, we can't just spectate it,” they added.

“You are a country which bombs its own state, kills its own citizens, and blames the Muslim for it and tries to equate terrorism with them. This only suits insincere people which lack of human values, you.”

Shortly after the breach, the Akron-Canton Airport took the website offline.

“Anyone who has booked a ticket or is flying from the airport, your information has not been affected by the attack on our website this morning,” the airport’s representatives wrote in a statement.

“Information that was obtained included entries to contests on the airport's website. This included names, emails, cities and phone numbers. No email address passwords or credit card information was on the airport's website,” they added.

“If you have signed up for an airport contest in the past two years, you should change your email password as a precaution. If you are flying from the Akron Canton Airport, it's business as usual. Your personal information or your flight itinerary has not been accessed or compromised.”

A total of 11 unique malware files, many of which disguised as updates for Adobe products, have been spotted by Trend Micro experts on two Brazilian government websites. The sites have been serving the malicious files since April 24.

The attack mostly affects users from Brazil, but some internauts from the US, Angola, Spain, Romania, and other countries have also downloaded the malware which helps criminals gain access to the sensitive information they need to access victims’ bank accounts.

Once it infects a system, the Trojan (TROJ_BANDROP.ZIP) creates an administrator account on the operating system and enables multiple concurrent remote desktop sessions.

The newly created account, called ADM123, allows the attacker to remotely connect to the infected computer and take complete control over it.

“Compromising and using government sites to deliver malware is not an unusual practice,” Trend Micro Threats Analyst Roddell Santos noted.

“This tactic provides a certain social engineering leverage, as government-related sites are usually deemed safe and secure. But as this incident clearly shows, there is no sacred cow when it comes to cybercrime. Everyone is fair game.”

John Suffolk, Huawei’s chief information security officer, has made yet another attempt to reassure the world that the telecom giant’s products are safe.

Speaking at the CeBIT conference in Sydney, Australia, Suffolk has explained that his company is the most poked, probed, prodded, and audited company in the world, which is why it has become as open and transparent as possible, ZDNet reports.

The CISO has urged other vendors to be transparent as well in order to address security concerns.

According to Suffolk, 70% of the components in Huawei equipment come from outside of Huawei and outside of China. In fact, he says 32% of all components come from American companies.

Most organizations have large supply chains, which means there are numerous possibilities for an ill-intended actor to compromise a product. That is why the security chief urges vendors to make sure they’re able to trace back every component and every party the devices pass through.

In the case of Huawei, the company claims to be able to trace 96% of the components integrated into their products.

In addition to urging vendors to be more transparent, Suffolk also urges customers to ask vendors to focus on the security of the products they sell.

Taiwan’s Criminal Investigation Bureau (CIB) has detained a man suspected of stealing the personal details of more than 10,000 individuals via an email scam that exploited the name and reputation of the country’s Bureau of National Health Insurance.

According to The China Post, the suspect, surnamed Pan, sent out emails that had malicious software attached to them. The program, presumably a Trojan, allowed the cybercriminal to retrieve sensitive information from the infected computers.

The CIB noted that Pan tested his malware to make sure it would not be identified by antivirus solutions.

Authorities are now trying to determine if the fraudster had any accomplices. They suspect he has utilized the stolen information to gain access to bank accounts and perform unauthorized transactions.

In addition to individuals, the CIB believes the man has also stolen information from local companies.

Anonymous hackers of the TeamBerserk group claim that they hack the systems of the Health Information Trust Alliance (HITRUST) – the alliance of healthcare, technology and information security leaders that have developed the Common Security Framework, one of the most widely adopted security frameworks in the US healthcare industry.

The hackers have published a file containing various pieces of information, including usernames, passwords, email addresses, physical addresses, and phone numbers.

The leaked data appears to be genuine, but we’ve reached out to HITRUST in hope that they can provide more details regarding the breach.

In addition to HITRUST, the hacker collective also claims to have breached the systems of Interactive Data, a company that provides financial market data, analytics and related services to financial institutions.

Usernames and passwords, including ones belonging to administrators, appear to have been leaked from Interactive Data’s databases.

State-sponsored Chinese hackers have stolen detailed plans for the Australian spy agency's new headquarters, the ABC alleges.


Secret and highly sensitive blueprints outlining the layout of Australia's top spy agency's new headquarters have been stolen by Chinese hackers, the ABC says.

The documents contained details of the ASIO building's floor plans, communication cabling layouts, server locations and security systems, potentially putting the entire organisation at risk, Monday night's Four Corners program alleges.

It is unclear precisely when the alleged theft took place, or if there have been diplomatic ramifications from the embarrassing breach.

But it comes amid deepening concern about widespread, aggressive state-sponsored hacking by China, with further allegations that its cyber spies have recently obtained sensitive Australian military secrets and foreign affairs documents.

Companies including BlueScope Steel and Adelaide-based Codan, which makes radios for military and intelligence agencies, are also said have been targeted by the Chinese, according to the ABC.

The allegation comes just weeks after Canberra softened its stance towards China, claiming in May's Defence White Paper that it no longer saw the rising superpower as a threat.

Aside from the diplomatic implications, the alleged ASIO theft may help explain why its new headquarters, overlooking Canberra's Lake Burley Griffin, is millions over budget and still not operational.

ASIO said in its October annual report that the building would cost taxpayers about $630 million - $41 million more than expected.

It was due to open in April, but staff are yet to move in.

The ABC did not cite the source of its claims, but said the blueprints had been taken from a contractor involved with the project.

"It reeked of an espionage operation. Someone had mounted a cyber hit on a contractor involved in the site," Four Corners reported.

"The plans were traced to a server in China."

Professor Des Ball, from the Australian National University's Strategic and Defence Studies Centre, suggested the theft meant China could bug the building.

"At this stage with construction nearly completed you have two options," he told the ABC.

"One is to accept it and practice utmost sensitivity even within your own headquarters.

"The other, which the Americans had to do with their new embassy in Washington ... was to rip the whole insides out and to start again."

Federal Attorney-General Mark Dreyfus refused to confirm the theft.

Whistleblowers interviewed by Four Corners also allege the Australian defence department's classified email and restricted networks have been hacked.

"A factor of ten times the entire database, or the entire amount of information stored within the Defence Restricted Network, has been leached out over a number of years," one worker said.

Another whistleblower said a "highly sensitive document" belonging to the Department of Foreign Affairs and Trade (DFAT) had been stolen by China.

"It's a project that would give an adversary a significant advantage when dealing with Australia," the source told the ABC about the DFAT document.

Facebook has to run a fine line between getting people to share more and respecting their privacy. Sometimes it manages to strike a balance, sometimes it doesn't.

Either way, the company gets a lot of scrutiny over privacy issues, as it should.

So it definitely doesn't need to be actively leaking out private information. But, as page admins using the Page Manager app for Android are discovering, a serious flaw does just that, leaking private photos publicly.

The Page Manager app enables admins to contact fans via private messages, or to reply to inquiries or any other issues.

These messages should normally end up in the private message inbox. However, if admins attach a photo to the message, the message and the photo are published to the page's timeline for everyone to see.

This, obviously, can create some awkward or even dangerous situations for those involved. And, of course, that's certainly not the intended behavior.

Android Police found out about the bug and tested it, disclosing it in full after attempts at contacting Facebook failed.

Only after the disclosure did the company reply by saying that it was looking into the issue and that a fix should be out soon. Since the problem seems to be on the server side, this likely won't require an app update.

If it does, Facebook can at least move fast and get the update on people's phones and tablets within hours rather than weeks in the iTunes App Store.

The Wikileaks documentary “We Steal Secrets” opened this weekend in a limited run in just four theaters.

Still, ahead of its public release, Wikileaks itself, true to its nature, released a transcript of the movie and provided commentary and what it says are corrections based on that transcript.

Wikileaks didn't particularly like the way the documentary portrayed several issues and believes that, on the whole, the documentary aims to cast the organization and its leader Julian Assange in a particularly bad light.

The organization also believes that the documentary misinforms about Bradley Manning, who is awaiting trial over leaking massive amounts of US diplomatic and military information to Wikileaks.

However, the documentary's creator Alex Gibney argues that the transcript is for an earlier version of the film and that it leaves out some parts about Manning, which are not spoken but rather shown as text on the screen.

In the end, we have two versions of the truth with not enough information to determine which closer to "the truth."

And, of course, Assange and Manning's stories are far from complete. Assange is still trapped in Ecuador's embassy in London, facing extradition, and Manning is due to appear in court next month.

The Syrian Electronic Army has done it again. They have now moved on from hacking Twitter accounts to Google Play.

The famous hacker group who hijacks Twitter and Facebook accounts of various media groups has compromised Sky News’ Google Play account, ITV reports via E Hacking News.

They have placed their logo and the signature “Syrian Electronic army was here” on the apps Sky News has on the Google Play store.

The logo and data can still be seen at the moment. All Sky News' Android apps seems to have been compromised and keeping them on your devices is no longer safe.

SkyNews confirmed the security breach through a tweet and said they are working on replacing the hijacked apps, advising users to uninstall the tools until further notice.

As mentioned above, this is the first time the Syrian Electronic Army has hacked into Google Play accounts, while they usually choose Twitter and Facebook accounts.

Friday, they compromised the Twitter account of ITV News London, but they have also targeted other publications in the past, like the Telegraph, Financial Times and E! Online.

Google has released several demo videos and trailers of the Google Glass augmented reality headset.

One would think that everything worth knowing about the gadget has already been disclosed, but this is not really the case.

It turns out that there is a Functional Chrome browser in there somewhere, and that there is a feature called OK Glass Everywhere that lets users start a voice command chain from anywhere in the interface.

A video stabilization mode is supposedly included as well, but not ready for prime time yet.

According to GitHub and Android Police, these features need polishing, and Google might not weave the Chrome browser into the user experience at all. Nevertheless, there is much room to grow, and I can definitely see future firmware updates enabling or adding new things.

Of course, Google will have to actually release the thing first, with or without Samsung OLED

This Is Another Achievement Of Group  Anonymous  In  #OP Petrol They Leaked Secrets Docs Of FBI and CIA and other Secret Agency on Dropbox.com


#OP Petrol

Secrets Docs Of FBI and CIA and other Secret Agency Hacked By AnonGhost

They were planning attacks secretly on other weak countries, and they had secret agents everywhere.

Also, the President of Iran was getting powerful , so the FBI sent an agent to overthrow the government.


Leaks are here:

#https://www.dropbox.com/sh/rbbloktxa6t1ge5/Ydj-Cgjk6r#/

#https://www.dropbox.com/sh/ada52cywwc14hhu/ICYnZb0fS5

Hacker group Anonymous has been pretty tight-lipped about its political beliefs — with operations in the organization’s name conducted against Western democracies, authoritarian countries like China, and Muslim countries like Egypt, Syria, and Iran. And, of course, Israel.

But one thing has become clear in the lead-up to its next major hacking attack: Anonymous members are “gold bugs,” people who believe that the yellow metal is the proper method for the exchange of goods and services and advocate the use of precious metals as the proper currency for the sale and purchase of oil.

That’s the main reason the group will be conducting “Operation Petroleum,” according to numerous videos released on websites around the world. Scheduled for June 20, #OpPetrol will target at least a dozen countries, including the US, Britain, Canada, numerous European countries, Israel (again), and China — along with Saudi Arabia, Kuwait, and Qatar.

It’s an interesting combination of countries for an attack, but in the video, Anonymous makes clear the connection between them. “Because Petrol is sold with the dollar ($) and Saudi Arabia has betrayed Muslims with their cooperation. So why isn’t Petrol sold with the currency of the country which exports it? Because the Zionists own us like this [sic].”

According to the anonymous Anonymous spokesperson, the Zionists are masters of the so-called “New World Order,” an international uber-government, and the purpose of their use of the dollar — and eventually credit cards, which are replacing paper money — is to be able to “control the population of the world like robots.”

“In the future, there will be no money paper and coins. The New World Order are planning, by 2020, to make ‘Electronic Money’ (like credit cards),” the voice-over says. “It’s a money that you can’t see and you can’t touch. So, I believe that humankind will become more and more like a machine, more robotic, and even more addicted to the seeming ‘convenience’ of it.

“Historically, the currency of Muslims was not the paper money that you know today, it was gold and silver,” the voice-over continues. “We are the new generation of Muslims and we are not stupid. We do not fear anyone or anything. We represent Islam. We fight together, We stand together, We die together,” the video continues.

The video has appeared in the name of Anonymous on Middle Eastern sites, said Tal Pavel, director of the MiddleEasternNet website and a professor at Netanya Academic College, but also on sites around the world, with specific Anonymous chapters — like Anonymous #OpUSA and Anonymous Brisbane — putting their own chapter names and logos on the video as a form of endorsement, said Pavel.

“Anonymous has no official membership, no committee that clears statements, or position papers. No one can claim to be a spokesperson or chapter chairperson. It’s the ultimate anarchy,” Pavel said. But the fact that numerous Anonymous imprimaturs have appeared on the video indicates that other hacker groups support, at least passively, an operation apparently hatched by Muslim hacker groups.

The group gave no details of what the operation would entail, or how it would affect the international oil market. And it was unclear how the operation, even if successful, would change the international oil market to discourage the use of dollars as the international currency to price oil. In recent operations, like #OpIsrael, hackers used denial of service attacks as their main weapon in a failed attempt to “remove Israel from the Internet.” But it’s unlikely the hackers would be able to seriously damage the computer infrastructure of oil companies in the US, Saudi Arabia, or anywhere else, Pavel said; they most likely don’t have the skills for it.

Like in #OpIsrael — and the more recent #OpUSA, in which Anonymous was supposed to upend America’s Internet infrastructure, but in the end caused just a few sites to crash — #OpPetrol is likely to feature much thunder, but little lightning, according to Nir Goldshlager, CEO of Break Security. #OpIsrael’s DDoS attacks were merely an annoyance, indicating “the lack of sophistication and knowledge of these teams.” The exploits of the hackers were limited, Goldshlager said, “and they told many lies to enhance their reputations. In the end, though, the only damage they were able to do was to small sites that were not well-defended, with the hackers taking advantage of well-known security holes in older web servers to enter systems and deface web pages or steal data.”

The Syrian Electronic Army has done it again. The Twitter account of British broadcaster ITV has been hacked on Friday.

ITV’s London news Twitter account was hijacked on Friday afternoon and used to promote fake stories about Syrian rebels before posting “The Syrian Electronic Army was here.”

Earlier this week, Twitter announced that it has introduced a two-step login process.

However, while this may thwart hackers, it can only do so if a mobile phone is connected to the account.

Thus, if ITV didn’t take the extra step to try and protect their account, the Syrian Electronic Army could just waltz right in.

ITV is Britain’s largest free-to-air commercial broadcaster. They said on their national Twitter account that they are aware of the hijack and that it was working to return to normal very soon.

Apparently, the spokesman said the security breach was triggered by a phishing email.

Last year, Russia got a brand new online censorship law designed to block things like child abuse, suicide guides, "extremist" material and so on. When the law was first enacted, the main criticism was that it would be abused.

Now, the very law was responsible for blocking VKontakte, the largest social network in Russia, in at least several regions of the country "by mistake."

Officials are blaming human error for the inclusion of one of the biggest sites in the country, with almost 50 million daily users, on a list that's supposed to be rigorously checked and to only contain the worst of the worst.

The site was later removed from the list and things have returned to normal. If this was indeed in error, it would still be a perfect example why laws that permit the government to block sites with absolutely no oversight are incredibly bad.

But VKontakte has been having some problems with the Putin administration in recent months.

The Russian FSB, the successor of the infamous KGB, tried to get the social network to shut down a group used by members of the opposition and activists to organize protests against the government.

VKontakte refused leading to tension between the Kremlin and the company. VKontakte's founder, Pavel Durov, has been having trouble with the authorities lately as well.

The Kremlin isn't too keen on the freedom allowed by the social network. The Russian government has already stamped out opposition press so the only dissent that can be heard is online.

An investment group with ties to the Kremlin recently bought a 48 percent stake in VKontakte. The assumption was that the deal was an attempt to get more control over the site.

Blocking sites as a "warning" isn't even new, as since the law was put into place, both Google and YouTube were blocked temporarily due to "technical errors."

Bungie has confirmed that it's exploring a lot of possibilities with its upcoming Destiny game, including a PC version of the shooter, as well as cross-platform save game files.

Destiny is Bungie's next big project as the studio that created the Halo franchise wants to deliver a new type of experience to platforms like the PlayStation 3 or Xbox 360 but also the PlayStation 4 and Xbox One.

According to Bungie's Eric Osborne, the studio can neither confirm nor deny that a PC version of Destiny is going to appear, but he did say that the team was quite fond of the PC platform, but that it wanted to focus on the consoles first.

What's more, Osborne told IGN that cross-platform save game files are possible, seeing how Bungie will store lots of data on its servers. However, there are still hurdles that need to be passed with the actual console manufacturers, so nothing can be announced just yet.

Destiny is set to appear in 2014 for current and next-gen consoles.

Amazon's German division has leaked the existence of Mirror's Edge 2, the next installment in the first-person free-running action game from DICE, hinting at a possible reveal at E3 2013 next month.

Electronic Arts' DICE studio has been hard at work on a variety of projects, including Battlefield 3 DLC and the upcoming Battlefield 4, not to mention the Frostbite 3 engine that will power most of EA's upcoming games, like NFS: Rivals.

Now, it seems that the studio is getting ready to release Mirror's Edge 2, the sequel to the popular first-person free-running experience that appeared in 2008.

The game's existence has been leaked through a listing on the Amazon Germany website, which is now offline but can be seen in the image above.

The listing mentioned the game's imminent arrival on the Xbox 360. The early box art, however, featured elements found on the new Xbox One games, so it's possible that Mirror's Edge 2 is a cross-generation title that appears on current and next-gen consoles.

Mirror's Edge fans should expect an official confirmation at E3 2013 next month.

The Xbox Live online service was down for a few hours yesterday and immediately after the outage happened, a hacker claimed to have broken into Microsoft's servers. The company has now denied the rumor, saying that its service wasn't affected by any intrusion.

The Xbox Live service is crucial to the success of the current Xbox 360 and, according to Microsoft itself, will be a winning factor for the next-generation Xbox One in front of Sony's PlayStation 4.

Unfortunately, the service went down for a few hours yesterday and a hacker called Reckz0r immediately bragged on Twitter that he cracked Xbox Live's servers, exposing the personal information of over 47 million users from around the world.

Microsoft immediately denied the report, telling GameSpot that the Xbox Live service was not hacked as there was no breach in its security systems.

As of yet, it's unclear if Reckz0r's claims were true or just made up, so expect to hear a bit more about it soon.

Electronic Arts has confirmed that Need for Speed: Rivals, the recently announced racing game, won't be released for the Wii U home console, as its Frostbite 3 engine can't run on the Nintendo device.

NFS: Rivals is the next big installment in the franchise and has been confirmed for current-gen consoles (PlayStation 3 and Xbox 360) but also next-gen devices (PlayStation 4 and Xbox One), as well as for PC.

Sadly for Wii U owners, the new game won't appear for their platform, as its Producer, Marcus Nilsson, has confirmed to Eurogamer that the Frostbite 3 engine isn't set up for the Wii U, so the studio can't bring NFS: Rivals onto the Nintendo home console.

EA already mentioned last week that it had no games in development for Wii U, largely because the platform wasn't profitable and that its Frostbite 3 engine couldn't run properly on the device.

Google has announced that it's beefing up the encryption in all of its SSL certificates by starting to use 2048-bit encryption across the board. It will be a gradual rollout, Google will start using the new certificates in August, but will complete the switch by the end of 2013.

In most cases and for most people, the switch won't mean anything, they won't notice anything, either problems or improvements, except, of course, for the fact that the data sent over the encrypted channels will be harder to break.

"We will begin switching to the new 2048-bit certificates on August 1st, to ensure adequate time for a careful rollout before the end of the year. We’re also going to change the root certificate that signs all of our SSL certificates because it has a 1024-bit key," Google explained.

But there will be some edge cases where the new certificates can cause problems, particularly in software on devices that don't get updated too often, things like some phones, printers, set-top boxes, gaming consoles and cameras.

To minimize problems, Google has published a list of requirements for software that uses Google SSL certificates as well as a list of configuration options that are likely to cause problems.

So you happen to be in the market to pick up a spanking new tablet, but are not quite sure whether you want to take the iOS powered route, or to handle things from the Android perspective. Sony Mobile might want to help nudge you to arrive at a particular solution with the introduction of the Sony Xperia Tablet Z, which is currently made available to the masses around the world. Yes sir, we are referring to a worldwide roll out here, so it should not matter just which continent you are residing on, you ought to be able to get hold of the Sony Xperia Tablet Z at a consumer electronics store near you in no time at all.


What makes the Sony Xperia Tablet Z so different from the other tablets that are in the market right now, vying for your attention as well as money? Well, how about this being the slimmest and lightest tablet in its category in the world? Touted to be the “ultimate entertainment tablet” (which is obviously an extremely high standard to live up to), you will be able to choose from black or white colors, where it will also come in either 4G or Wi-Fi connectivity. Just to get an idea on how design centric Sony Mobile has gone with the Xperia Tablet Z, it managed to pick up the gong for the Red Dot Design Award 2013.

The world’s slimmest and lightest premium Android tablet also has the proud distinction of having received the largest number of pre-orders of any Sony tablet to date. Not only does it look good, it also packs the relevant amount of technology underneath the hood to make this one stylish water-resistant tablet. Thanks to the now familiar OmniBalance design which perfectly complements its smartphone sibling, the hip and happening Xperia Z, the Xperia Tablet Z is also touted to be the best connected tablet available, where it continues with Sony’s unique one-touch function story thanks to the implementation of NFC connectivity.

It's one thing to have a good year, and another to have the best year ever. Lenovo can certainly attest to this, now that it has compiled its financial results for the fiscal year 2012-2013, which ended on March 31.

We already knew that Lenovo was the fastest-growing company on the IT industry. The Chinese hard-working spirit did wonders.

Nevertheless, even when expecting high numbers there are limits, and we dare say that Lenovo surpassed most of them during the March 31, 2012 – March 31, 2013 period.

For one thing, its revenues for the fourth quarter set a new record, of $7.8 billion / €5.59 billion.

Secondly, the revenues, for the whole year, also set a record, of $34 billion / €26 billion.

Of course, in comparison, profits were surprisingly low, of $127 / €98 million and $635 / €493 million, respectively.

Surprisingly, or perhaps not so surprisingly, PCs aren't the ones getting acclaim, or at least not the only ones.

Lenovo also experienced a significant increase in smartphone and tablet sales.

PC shipments rose 10.2% on year (overall industry declined 8.1%), and smartphone shipments went up by a factor of 3.7.

“Despite a challenging macro-economic environment and ongoing PC industry transformation, Lenovo delivered a strong performance in the 2012/13 fiscal year. Not only were we the fastest growing among all major PC players, with record market share, revenue and profitability, more importantly, our smartphone and tablet businesses saw dramatic growth,” said Yang Yuanqing, Lenovo chairman and CEO.

Only the laptop business actually suffered, as it fell 2%. Not nearly as much as the notebook divisions of rivals though, so it was still a win.

“Going forward, we will focus our investments on the fast-growing tablet, smartphone and enterprise hardware areas, while working to enhance the profitability of our core PC business. We are very confident in our ability to achieve success in these new areas, just as in the PC business,” added Yang Yuanqing.

This year, touch-enabled notebooks are expected to reach 24 million or so, a 400% increase over 2012. That would put them at 10% or a bit more of the total laptop market.

This percentage won't last though, according to IHS iSuppli analyst firm. And I mean that in a good way.

Long story short, mobile computers that also have touchscreens will keep shipping more and more each year.

Thus, they will make up a quarter of the industry by 2016, which means their shipments level will be somewhere around the 78 million figure.

Prices for low-end 14-inch capacitive touchscreens have been falling, which will help a lot, and I can imagine the same happening to all other sizes.

It all boils down to whether or not prospective buyers remain prospective. Which is to say, whether or not people continue to show strong interest in laptops and Windows 8.

It is true that Intel won't officially introduce the Haswell series of central processing units, the fourth generation Core series, before Computex Taipei, which will take place between June 4 and 8.

That doesn't mean the chips aren't already out though, or at least up for pre-order in certain regions. We've already seen them in China, among other places.

Now, the Core i7-4770 and i7-4770K chips have surfaced again, this time on eBay. Or at least they did briefly.

The auction for the former ended early, and the chip wasn't sold, while the latter should still be there.

The starting bid was of $990 / €990, but offers were at $1,289 / €1,289 at the time of this blog's posting.

Curiously, other online stores where the chips are actually up for order ask for less money than that.

A hacker named Reckz0r has just contacted me now with a Vulnerability that is on the main twitter support site (https://support.twitter.com/).

The Vulnerability is a POST SQL injection which has allowed Reckz0r to expose an SQL error and have also posted further information about this just now on pastebin with the following statement



Hello there, fine peasants, Yet. I’m here again, and this time. It’s even more big, but I have no malicious intentions since I don’t wanna get my ass suspended.

I located a POST SQL vulnerability on support.twitter.com in their api_general form box, the box uses a ‘referrer’ parameter which is vulnerable, and by that. We can inject twitter, and possibly extract confidental data from Twitter.

It seems as most ‘large’ websites are vulnerable to this kind of attack, including m.facebook.com which was exploited by this vulnerability by some argentinian hacker.

http://i.imgur.com/3btpI6W.png - screenshot

The vulnerability lies in http://support.twitter.com/forms/submitted?regarding=api_general – You see, there might be dozens of vulnerabilities lying in support.twitter.com. We can inject hidden boxes in this kind of atmosphere.

cheers,
twitter.com/Reckz0r

As you see above there is no intentions from them to exploits this further for fear of being suspended which is well known of twitter to do when you play around with their site a bit to much.

This also is going to add a lot of fuel to the fire from many who claim that information, breaches etc from Reckz0r are false with this one clearly showing it is anything but false and that they are doing the right thing and alerting the public about the insecurity of twitter.

Not long after I began writing about cybersecurity, I became a paranoid caricature of my former self. It's hard to maintain peace of mind when hackers remind me every day, all day, just how easy it is to steal my personal data.

Within weeks, I set up unique, complex passwords for every Web site, enabled two-step authentication for my e-mail accounts, and even covered up my computer's Web camera with a piece of masking tape -- a precaution that invited ridicule from friends and co-workers who suggested it was time to get my head checked.

But recent episodes offered vindication. I removed the webcam tape -- after a friend convinced me that it was a little much -- only to see its light turn green a few days later, suggesting someone was in my computer and watching. More recently, I received a text message from Google with the two-step verification code for my Gmail account. That's the string of numbers Google sends after you correctly enter the password to your Gmail account, and it serves as a second password. (Do sign up for it.) The only problem was that I was not trying to get into my Gmail account. I was nowhere near a computer. Apparently, somebody else was.

It is absurdly easy to get hacked. All it takes is clicking on one malicious link or attachment. Companies' computer systems are attacked every day by hackers looking for passwords to sell on auctionlike black market sites where a single password can fetch $20. Hackers regularly exploit tools like John the Ripper, a free password-cracking program that use lists of commonly used passwords from breached sites and can test millions of passwords per second.

Chances are, most people will get hacked at some point in their lifetime. The best they can do is delay the inevitable by avoiding suspicious links, even from friends, and manage their passwords. Unfortunately, good password hygiene is like flossing -- you know it's important, but it takes effort. How do you possibly come up with different, hard-to-crack passwords for every single news, social network, e-commerce, banking, corporate and e-mail account and still remember them all?

To answer that question, I called two of the most (justifiably) paranoid people I know, Jeremiah Grossman and Paul Kocher, to find out how they keep their information safe. Mr. Grossman was the first hacker to demonstrate how easily somebody can break into a computer's webcam and microphone through a Web browser. He is now chief technology officer at WhiteHat Security, an Internet and network security firm, where he is frequently targeted by cybercriminals. Mr. Kocher, a well-known cryptographer, gained notice for clever hacks on security systems. He now runs Cryptography Research, a security firm that specializes in keeping systems hacker-resistant. Here were their tips:

1. Forget the dictionary
If your password can be found in a dictionary, you might as well not have one. "The worst passwords are dictionary words or a small number of insertions or changes to words that are in the dictionary," said Mr. Kocher. Hackers will often test passwords from a dictionary or aggregated from breaches. If your password is not in that set, hackers will typically move on.

2. Never use the same password twice
People tend to use the same password across multiple sites, a fact hackers regularly exploit. While cracking into someone's professional profile on LinkedIn might not have dire consequences, hackers will use that password to crack into, say, someone's e-mail, bank, or brokerage account where more valuable financial and personal data is stored.

3. Come up with a passphrase
The longer your password, the longer it will take to crack. A password should ideally be 14 characters or more in length if you want to make it uncrackable by an attacker in less than 24 hours. Because longer passwords tend to be harder to remember, consider a passphrase, such as a favorite movie quote, song lyric, or poem, and string together only the first one or two letters of each word in the sentence.

4. Or just jam on your keyboard
For sensitive accounts, Mr. Grossman says that instead of a passphrase, he will randomly jam on his keyboard, intermittently hitting the Shift and Alt keys, and copy the result into a text file which he stores on an encrypted, password-protected USB drive. "That way, if someone puts a gun to my head and demands to know my password, I can honestly say I don't know it."

5. Store your passwords securely
Do not store your passwords in your in-box or on your desktop. If malware infects your computer, you're toast. Mr. Grossman stores his password file on an encrypted USB drive for which he has a long, complex password that he has memorized. He copies and pastes those passwords into accounts so that, in the event an attacker installs keystroke logging software on his computer, they cannot record the keystrokes to his password. Mr. Kocher takes a more old-fashioned approach: He keeps password hints, not the actual passwords, on a scrap of paper in his wallet. "I try to keep my most sensitive information off the Internet completely," Mr. Kocher said.

6. A password manager? maybe
Password-protection software lets you store all your usernames and passwords in one place. Some programs will even create strong passwords for you and automatically log you in to sites as long as you provide one master password. LastPass, SplashData and AgileBits offer password management software for Windows, Macs and mobile devices. But consider yourself warned: Mr. Kocher said he did not use the software because even with encryption, it still lived on the computer itself. "If someone steals my computer, I've lost my passwords." Mr. Grossman said he did not trust the software because he didn't write it. Indeed, at a security conference in Amsterdam earlier this year, hackers demonstrated how easily the cryptography used by many popular mobile password managers could be cracked.

7. Ignore security questions
There is a limited set of answers to questions like "What is your favorite color?" and most answers to questions like "What middle school did you attend?" can be found on the Internet. Hackers use that information to reset your password and take control of your account. Earlier this year, a hacker claimed he was able to crack into Mitt Romney's Hotmail and Dropbox accounts using the name of his favorite pet. A better approach would be to enter a password hint that has nothing to do with the question itself. For example, if the security question asks for the name of the hospital in which you were born, your answer might be: "Your favorite song lyric."

8. Use different browsers
Mr. Grossman makes a point of using different Web browsers for different activities. "Pick one browser for 'promiscuous' browsing: online forums, news sites, blogs -- anything you don't consider important," he said. "When you're online banking or checking e-mail, fire up a secondary Web browser, then shut it down." That way, if your browser catches an infection when you accidentally stumble on an X-rated site, your bank account is not necessarily compromised. As for which browser to use for which activities, a study last year by Accuvant Labs of Web browsers -- including Mozilla Firefox, Google Chrome and Microsoft Internet Explorer -- found that Chrome was the least susceptible to attacks.

9. Share cautiously
"You are your e-mail address and your password," Mr. Kocher emphasized. Whenever possible, he will not register for online accounts using his real e-mail address. Instead he will use "throwaway" e-mail addresses, like those offered by 10minutemail.com. Users register and confirm an online account, which self-destructs 10 minutes later. Mr. Grossman said he often warned people to treat anything they typed or shared online as public record.

Signing up for the service is pretty basic and you're good to go after a few steps. A note of advice here, captcha is case sensitive while verifying your account. Once in, you're greeted by a simple blue and white themed Inbox. The colour is set by default and you can always head to the settings menu to change it. Overall, the design incorporates Metro style Windows 8 touches.

You can now link social accounts such as Facebook, Twitter, LinkedIn and Flickr. Apart from that, you can also access a horizontal menu for your Mail, Contacts, Calendar and SkyDrive by clicking on the Outlook icon. 

Twitter integration allows you to tweet to your friends from Outlook.com and see their latest tweets in e-mails. But your contact list will appear overcrowded with all those you follow. Despite the option to search for contacts directly or jump through the alphabet by section using the lettered squares that is highly reminiscent of Windows, but it can get a bit tedious. Good news is Outlook.com has an option for merging contacts if you've imported them more than once.

The People Hub makes an appearance here which is used in Windows 8 and Windows Phone to manage contacts. Facebook Chat is integrated as well and your Facebook contacts shall appear should you choose to link with the social network.



Since the service is in its launch form, Skype integration is not available yet. But Microsoft plans to bring the video calling service once Outlook.com takes its final avatar.

Speaking of e-mail, a big standalone 'New' tab helps you create a new mail. The window is definitely quite different from the traditional Outlook that users are used to seeing. The sidebar offers access to enter recipient details. The right pane is a big white blank screen where you can type your message.

There's a formatting bar above and the subject line sits high on the top. Options to Send, Save, Cancel and more are situated in the command bar a little to your left. It did take some time to notice the new format but it's simpler once you get used to it.
Other features include the integration of keyboard shortcuts from Gmail and Outlook Desktop. There's also autocomplete when searching your inbox along with autoforwarding, message archiving and vacation alerts.

You also can rename your e-mail address, recover deleted messages, create an Outlook.com alias and save the contents of a chat thread or a new message.

All-in-all, Microsoft has made a decent attempt to rejuvenate the email-service. It has a refreshing look and will attract many more users in the coming weeks.

After it is released in its final form, Outlook.com will replace Hotmail. But Microsoft will allow users to retain their @hotmail.com, @live.com and @msn.com addresses as well as their contacts, messages, password and rules.

A word of caution if you are using anything other than the latest version of IE, Chrome or Firefox - your experience may be less than optimal, since Outlook is built using modern technologies available only in the new browsers.

Worried" that children can be exploited through social networking sites, Delhi High Court on wednesday asked Facebook and Google to submit within four weeks suggestions on safety measures for online usage of such sites by minors in India.

A bench of justices B D Ahmed and Vibhu Bakhru voiced concern about Indian children entering into agreement with Facebook and other social networking sites and then being lured knowingly and unknowing into illegality by adults.

"What we are worried about is children who have been part of the social network and some adults misleading them and taking advantage. We are also concern about the use of their data by the adults for their advantage," it said.

"The counsel for Facebook Inc and Google Inc will file suggestions regarding the online media sited used by the minors in India and how their rights were protected within four weeks," the bench said.

The court's direction came after counsel for Facebook Inc submitted that the site operated under the US law Children's Online Privacy Protection Act (COPPA) as per which a child below 13 is not allowed to open an account.

To this, the bench said in the US the rights of the children are protected by COPPA but what about the children in India.

"What will the Facebook do if a child is exploited online? Like American children, how do you protect the rights of Indian children," the court asked and fixed July 16 as the next date of hearing the matter.

The bench's direction came while hearing the plea of former BJP ideologue K N Govindacharya seeking recovery of taxes from the websites on their income from operations in India.

The court also expressed unhappiness over the Centre's argument that one has to enter into an agreement with the site while opening an account which is not a contract but agreement to the terms and conditions.

The government counsel also submitted that there is no mechanism to verify the identity and age of a child from online account.