hacked

A Palestinian programmer Hacks Mark Zuckerberg’s Facebook Page

August 27th, 2013

Khalil Shreateh, an unemployed Palestinian programmer said he was attracted by the $500 bounty the social network giant, Mark Zuckerberg offers to those who voluntarily expose its glitches.

As Facebook ignored his first two reports, Shreateh took his message to the top and hacked into CEO Mark Zuckerberg’s personal page to prove his point.

Khalil wrote the Facebook CEO that he had no other choice after all the reports he sent to facebook were ignored and that he was not in Mark’s friend list and still he could post on his timeline. He was also sorry for breaking his privacy.

This successful attempt cost Khalil the bounty, but it earned him praise and many jobs offers coming his way for being able to hack Mark’s personal facebook page.

Khalil has been unable to find a job since he completed his graduation in Information Technology two years ago. He told Facebook found a way that allowed anyone to post on anyone else’s wall, just wanted to make a point to Mark Zuckerberg.

In a message posted to the Hacker News, a user-driven security news site, Facebook software engineer Matthew Jones said the initial report was poorly worded, although he acknowledged that the company should have pressed for more information.

“As a few other commenters have pointed out, we get hundreds of reports every day. Many of our best reports come from people whose English isn’t great — though this can be challenging, it’s something we work with just fine and we have paid out over $1 million to hundreds of reporters. However, many of the reports we get are nonsense or misguided, and even those … provide some modicum of reproduction instructions.” said Jones in his message.

Shreateh said he was initially disappointed by the Facebook response but as the job offers started pondering from all over the world he is happy with how things worked out.

“I am looking for a good job to start a normal life like everybody. I am so proud to be the Palestinian who discovered that exploit in Facebook” He said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

League of Legends suffers security breach

August 20th, 2013

League of Legends players were warned of a security breach, which was expected to result in the theft of some user data. Affected payers were sent notifications depending on how they were affected. This security breach led to the promotion of implementation of some new security features that are now in development.

According to the company, the data breach resulted in compromise of some usernames, email addresses, names and passwords. As the passwords were encrypted, the hacker will not be able to use them to access accounts, but could use the other information stolen to breach accounts.

About 120,000 transaction records dated in 2011 were accessed in this breach. These transaction records contained credit card numbers, and were part of a system that it says has not been used since 2011, when the records were produced.

Players located in North America were only affected in this breach incident, all of whom were asked to change their password within 24 hours and the new ones should be more complex and hard to guess. The requirement will follow an automatic prompt that appears when a player tries to log in, but gamers can get a jump on this by changing the password on their own now.

As a result of this breach, new security measures have spawned, two of which are currently being developed: email verification and two-factor authentication. The email verification will require registration and account changes to be made by verifying a valid email address, while two-factor authentication will need to be verified using a text message or email.

“We’re sincerely sorry about this situation,” Riot Games’ Marc Merrill and Brandon Beck said in a statement. “We apologize for the inconvenience and will continue to focus on account security going forward.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Add Microsoft to list of hacked companies

February 15th, 2013

Updated to include Microsoft comment Security software companies must be smiling ear to ear as they read the news briefs coming off the transom. Microsoft said today that an undetermined number of computers in its Mac software business unit got infected with malware. The company said the number of infected PCs was small but that there was no indication customer data had been compromised.

In a blog post late Friday, Matt Thomlinson, who directs the company’s Trustworthy Computing Security program at Microsoft, wrote:

Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing. This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries (see our prior analysis of emerging threat trends). We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorized access to our networks.


Welcome to the new normal. The escalating number of reported attacks was underscored by a recent report on malware put together by McAfee which reported that the number of trojans created to steal passwords rose about 72 percent in the last quarter.

Last week Apple said that an unknown number of Macs had been compromised, but that “there was no evidence any data left Apple.” The malware was tied back to a site targeting iPhone developers. Employee computers for Facebook and most likely dozens of other companies were also breached.

The incidents occurred roughly around the same time that The New York Times, The Wall Street Journal, and The Washington Post disclosed that outsiders had also targeted their employees’ computers.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta