Facebook offers bounty to security bug hunters

[AFP] Facebook began offering rewards of $500 or more on Friday to security researchers who identify vulnerabilities in the social network.

Italy's police website hacked in revenge attack

[TOI]:ROME: Hacker groups said that they had accessed the website of Italy's cyber police and published classified information online in revenge for arrests of hackers in Europe and the United States.

Military Meltdown Monday : 90,000 military emails Hacked.

Anonymous hackers group released 90,000 email logins stolen from the military contractor Booz Allen Hamilton in a leak it's branded "Military Meltdown Monday." Anonymous has also released exchanges between the contractor's executives--and claims it "found maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies. This material surely will keep our blackhat friends busy for a while." Some of the logins belong to American military personnel, including people working at U.S. Centcom.

The group, a spin-off of Anonymous that includes members of the now defunct hacking group Lulz Sec, claims it broke into the servers of technology contractor Booz Allen Hamilton and stole the login details. They have been published on BitTorrent file sharing sites for anyone to download.

"We infiltrated a server on their network that basically had no security measures in place," Anonymous said in an online statement.

[Via:govtinfosec]

Security flaw in Apple's iOS operating system Exposed

This wednesday hakers have explited a flaw in the iOS operating system which is being used on all apple products.

www.jailbreakme.com released code that Apple customers can use to modify the iOS operating system through a process known as "jail breaking."

Some Apple customers choose to jail break their devices so they can download and run applications that are not approved by Apple or use iPhone phones on networks of carriers that are not approved by Apple.

Security experts warned that criminal hackers could download that code, reverse engineer it to identify a hole in iOS security and build a piece of malicious software within a few days.

"If you are a malicious attacker, it is fairly doable," said Patrik Runald, a senior researcher with the Internet security firm Websense.

Apple has yet to release an update to iOS that protects customers against malicious software that exploits the flaw.

Apple spokeswoman Trudy Muller said the company was aware of the problem.

"We are developing a fix that will be available to customers in an upcoming software update," Muller said.

Apple has long been vocal against jail breaking, which if done voids the warranty on its devices.

Any security flaw in iOS software -- which runs Apple's iPhone, iPad tablet andiPod Touch -- has the potential to affect millions of devices that are at the core of Apple's business.

Apple has sold 25 million iPads since it launched last year. The company sold over 18 million of its popular iPhones in just the first three months of the year.

Hackers can exploit the iOS vulnerability by creating a malicious PDF document file. It would infect Apple devices when users attempt to open that document, according to Runald.

Once the device is infected, hackers could "do anything they want," Runald said. That includes stealing passwords, documents and emails.

Comex, a 19-year-old hacker from New York State who developed the jail-breaking tool, said that Apple might be able to patch the software before criminal hackers develop software that exploits the bug.

Last time he put out a version of his jailbreaking software, Apple was able to issue a patch before anybody exploited the bug for malicious purposes.

He said that Apple might not be able to move quickly enough this time.

"It's not that hard to reverse engineer," he said via telephone.