Lunar Commander Released for Free on Linux and Ubuntu Software Center

Lunar Commander

Lunar Commander, a remake made in the image of the original Lunar Lander launched in 1979 by Atari, has been released on Linux, for free.

Lunar Commander is a game developed by Three Liter Games and it’s already available for Android and iOS. The developer has decided to release the game for Linux, for free.

Besides the official link on the developer’s website, Lunar Commander is also available on Ubuntu Software Center.

Players will have to control a simple lander, in a 2D environment littered with obstacles, with just the help of three thrusters, right, left, and up.

Even if the game seems to be deceptively simple, the craft is affected by Newtonian physics and landing it will provide a continuous challenge.

If you want to know more about this project you should check the official website.


OpIranMenace: Anonymous Hackers Leak Data from Iranian Organizations

Documents leaked by hackers from Iranian organizations

Anonymous hackers have leaked confidential documents, reports, blueprints, passport scans, and other information they have allegedly obtained from high-profile organizations.

According to the hacktivists, the targets of this campaign, dubbed OpIranMenace, are the Export Development Bank of Iran, pipeline company Arkaline, hydro-mechanical and electrical equipment provider Aban Sanat Kara, and the United Nations offices in Teheran.

“In today’s release we deliver message to Iran, as part of our crusade. Inside is a stash of a few entities located in Tehran who heavily engaged in all kinds of funky stuff,” the hackers wrote next to the data leak.

One of the hackers has told me that this is just part of the 5 GB of information that they plan on leaking. Their next targets will be organizations from the United Arab Emirates, Iraq and Azerbaijan.

Apple Suspends iForgot Password Reset Page to Patch Security Hole

Apple shuts down iForgot page to address security issue

On Friday, we learned that Apple rolled out two-step authentication to allow users to better protect their accounts. Shortly after, reports started coming in about a serious vulnerability that could be exploited to reset passwords.

According to The Verge, the accounts of users could have been hijacked by anyone possessing the victim’s email address and date of birth.

Apple shut down its iForgot password reset page and immediately started working on addressing the issue.

However, while the Cupertino giant was working on the fix, the accounts of users who didn’t activate two-factor verification were at risk.

Unfortunately for some users who attempted to activate the new security measure, they were informed that it would take up to three days before two-step authentication was enabled, leaving their accounts vulnerable to hijacking.

Currently, the iForgot page has been restored. The Verge reports that the password reset exploit no longer works

AFP Twitter Account Hacked by Syrian Electronic Army

Twitter account of AFP hacked

Hackers of the Syrian Electronic Army have managed to hijack the “Photo Department” Twitter account (@AFPphoto) of Agence France-Presse (AFP). 

As soon as it learned about the hack, AFP had the account suspended. However, the hackers have managed to post several images related to the conflict in Syria.

“Starting at 16:45 GMT, the Twitter account of AFP’s photo service @AFPphoto was hacked. The documents posted after that on the account did not originate from the agency,” AFP representatives stated.

On their Facebook page, the Syrian Electronic Army said they were trying to “spread the truth about what is happening in Syria.”

AFP also reported that on Monday, cybercriminals started launching phishing attacks against their employees in an attempt to trick them into handing over their usernames and passwords.

Earlier this month, the Syrian Electronic Army hijacked the Twitter and Facebook accounts of Sky News Arabia.

BBC Weather Twitter Account Hacked by Syrian Electronic Army

BBC Weather Twitter account hacked

The Syrian Electronic Army, the hacker group that backs the Syrian government, continues its offensive against media organizations it accuses of spreading lies about the situation in the country. Their latest target is the official BBC Weather Twitter account.

The account, @bbcweather, was hijacker around two hours ago. The BBC has told security firm Sophos that it is currently investigating the breach, but the messages posted by the hackers have not been removed.

Here are a few of the tweets published by the hackers from the BBC Weather account:

“Forecast for Tel Aviv on Saturday – 5000 degrees Kelvin with northern fog and eastern high pressure front”

“Chaotic weather forecast for Lebanon as the government decides to distance itself from the Milky Way”

“Saudi weather station down due to head on-collision with camel.”

“Hazardous fog warning for North Syria: Erdogan orders terrorists to launch chemical weapons at civilian areas.”

“Scandal: Edinburgh storm warning station decommissioned after maintenance fund diverted to arming Syrian opposition.”

Over the past few weeks, the Syrian Electronic Army has targeted organizations such as Sky News, France24, AFP, the Human Rights Watch, and the Qatar Foundation.

Update. The Next Web reports that the BBC Arabic Online and BBC Radio Ulster Twitter accounts have also been hacked by the Syrian Electronic Army. It’s likely that all three accounts shared the same password or the same password reset email address.

Anonymous Hackers from Latin America Protest Against Discrimination of Chile Students

Anonymous Chile initiates OpMalEducados

Hacktivists of Anonymous Chile and Anonymous Latin America have initiated the second phase of a campaign called OpMalEducados (“mal educados” is Spanish for “poorly educated”).

The hackers are displeased with the fact that the quality of education offered in Chile depends on the students’ social status.

Members of Anonymous say they’ve been waiting for the Chilean government to address this issue, but since no solution has been found, they’ve initiated OpMalEducados.

“Anonymous believe that education should be equal, not depending on the social status of each family in Chile, as there are families who have a monthly income that’s too low,” reads the hackers’ statement.

The hackers haven’t announced any immediate plans, but they’ve promised to issue a second statement in the immediate future to “explain more” about the operation.

Most Indian Websites Abused for Phishing Attacks Are from IT and Education

Categories of Indian websites targeted in phishing operations (click to see full)

In the period between August and November 2012, 0.11% of all phishing pages identified by Symantec were hosted on compromised websites from India.

If in 2011, education sites were most targeted by phishers, in 2012, they dropped to second place, being overtaken by IT sites.

Information technology websites accounted for 14.4% of all the Indian sites abused for phishing campaigns in August-November 2012, followed by education sites (11.9%), product sales and services (9.8%), industrial and manufacturing (7.3%), and tourism, travels and transport (5.8%).

Healthcare, NGOs, religion and spiritual, employment and recruitment, and personal websites are also targeted by many cybercrooks.

Experts highlight that cybercriminals prefer to target less secure websites. This is demonstrated by the fact that only a small number of ISP, government and telecoms websites have been hijacked and exploited for phishing operations.

vSkimmer Malware Steals Credit Card Information from Payment Terminals

vSkimmer control panel

Researchers from security solutions provider McAfee have come across a Trojan that’s advertised as being capable of stealing payment information from the Windows machines to which credit card readers are attached.

Dubbed vSkimmer, the malware appears to be similar to Dexter, another malicious element that’s designed to target point-of-sale (POS) systems.

However, the cybercriminal that currently sells vSkimmer on the underground market says that his creation is much better than Dexter.

Once it infects a computer, the malware starts collecting information from the machine and sends it back to a control server.

The Trojan can harvest Track 2 data from the magnetic strip of payment cards. Track 2 data includes the number printed on the card, the expiration date, and the CVV.

What’s interesting about this malicious element is that it can also work without an Internet connection. If no Internet is present, it waits until someone connects a USB device labeled KARTOXA007 and copies all the information it harvested onto it.

Additional technical details on vSkimmer are available on McAfee’s blog.