Auto-generate Flow Chart from Java/C++ Codes:

Raptor Flowchart Tutorial For Beginners

Monday, October 28, 2013

Error messages in webapps may help hacker to dig more info


Today I logged into maybank2u for several times only to get error messages.
While these may be helpful for the admin to troubleshoot problems, it also provides opportunities for hacker to help "solving" the problem as well. That's why in computer security training, developers are reminded to hide error messages. Otherwise, the whole world knows your problems and weaknesses. The worrying part is that public users become "sceptic" of your security assurance.

Wednesday, October 23, 2013

AmBank officer shot in the head

from: Astro Awani| Updated: October 23, 2013


Bank officer shot in the head

SUBANG JAYA: A female bank officer was shot in the head by a security guard who wanted to rob the vault on Wednesday.

A police source said the incident, which took place in USJ Sentral 2 in Subang Jaya, happened when the suspect was with the victim and four other officers inside the vault.

The bank officers had wanted to keep an undisclosed amount of money at 6.18pm.

However, the suspect, believed to be from Sabah, fired a shot from his pump gun and hit the 37-year-old victim in the head, killing her instantly.

The suspect got away on a motorcycle together with an undisclosed amount of money.

Meanwhile, quoting Selangor deputy police chief Deputy Comm Datuk Abdul Rahim Jaafar,The Star Onlinereported that the suspect was the only male staff among the five stationed at the bank.

He said according to the security firm, the suspect who had only been employed for a year, was meant to be a replacement guard and had worked in another bank next to the crime scene.

Abdul Rahim said facts over the suspect’s identity were, however, dubious.

“Checks on his I.C. reveal that it was a fake. We are going to look into this more and find out how he was employed with a fake IC,” the portal quoted him as saying.

He warned the public to be cautious as the suspect is still at large and urged those with any information on the suspect to come forward.

It was reported that the victim has been identified as Norazita Abu Talib, 37, a mother of two.

AmBank security guard shoots colleague dead in robbery

Ditembak mati rakan sekerja sendiri....

(Photo Of The SUSPECT)

BY ELIZABETH ZACHARIAH
OCTOBER 23, 2013
‎A security guard shot dead a bank operations officer in a robbery at the Ambank branch in USJ Sentral, Subang Jaya today.
Noazita Abu Talib, 37, was shot once in the face with a pump-gun in the 6.20pm incident.
It is learnt that the victim was opening the door to the vault‎ when she was shot.
Noazita is a mother of two and had been working at Ambank for 16 years.
The security guard, who fled with an undisclosed amount of cash on a motorcycle, has been identified as a 37-year-old Sabahan with a fake IC.
Subang Jaya deputy superintendant Tan ‎Ah Chua was at the scene when contacted and confirmed the incident. But he declined to elaborate further.
State deputy police chief Datuk Abdul Rahim Jaafar said the suspect was armed and considered to be dangerous, cautioning the public to stay vigil.
Meanwhile, police are looking for Ardi Hamza whose last known address is 70, Jalan Apas, Batu 2, ‎Tawau, Sabah to facilitate investigations. - October 23, 2013.

Tuesday, October 15, 2013

Saturday, October 12, 2013

Google Malaysia Site DNS Hacked

copied from: http://techcrunch.com/2013/10/10/google-malaysia-site-hacked-credit-claimed-by-team-madleets/
-----

Google Malaysia Site DNS Hacked, Credit Claimed By ‘Team Madleets’ Hacker 1337

MATTHEW PANZARINO

Thursday, October 10th, 2013
147 Comments
google
Google’s Malaysian site has been hacked and replaced with a splash screen giving credit to a group called “Team Madleets.” The normal site has been offline for several hours as of late Thursday afternoon and the page lists a series of handles that are ostensibly part of the team responsible.Updated with brief statement from the hackers below.
The attack appears to have been of the DNS poisoning variety, in which a hacker gained access to the Malaysia Network Information Center and changed the DNS records of Google’s site to Madleets-controlled servers. So no information appears to have been changed on Google’s servers at this time, as this is a redirect attack of sorts.
The stamp at the top says ‘[!] Struck by 1337′, which is apparently a reference to an individual hacker within the group called 1337, who has recently (allegedly) performed hacks on domain registrars of several countries. A message on 1337′s Facebook page says “Google Malaysia Stamped By 1337″ and references the google.com.my and google.my domains. The only other indicator about who the group could be is a reference to them being Pakistani in origin.
The Madleets address leads to a Facebook page for the team that has the following message posted:
We feel we need to alert anyone, that we don’t hack any country tlds for example google.com.my as a result of any kind of hate, We don’t hate anyone, We love all humanity, there is no obvious reason for stamping the tlds.
Least the reason is not any kind of hate.
Whatever the reason is we can’t explain except we love all of you.
Regard’s
H4x0rL1f3
The page info states that “MadLeets is a Ethical and 1337 White Hat Hackers Community. We are Anti Hackers , we teach how to protect yourself from getting hacked.”
Screen Shot 2013-10-10 at 3.43.54 PM
If the reasoning on the team’s Facebook page is accurate, then this is simply a matter of doing it because they can and not to make a political statement. A link placed in the source code of the page leads to a music video for the artist Instrumental Core.  The music is auto-played on the site while visitors are there.
Google Malaysia was hacked back in July, along with several other Malaysian sites, by a group protesting the treatment of Bangladeshi workers in that country. One possible motivation for the group taking action now, if it is indeed not simply “exposing vulnerabilities” would be the Global Entrepreneurship Summit in Kuala Lumpur, which will be attended by Secretary of State John Kerry in lieu of President Barack Obama.
We’ve reached out to both the email address given for the team on the site and to Google. We will update this story if we receive a response from either side.
Update: The hackers responded with a brief statement to TechCrunch:
There’s not much reason behind it, only to prove that security is just an illusion. It does not exist.
We have no political intentions whatsoever, as you have already stated.
Regards, LeeT
Catherine Shu contributed additional reporting to this story.