More on the E2-Labs scam
29/10/2009 Written by Roberto Preatoni
With the previous article, we explained that the E2-labs company located in Hyderabad (India) is currently selling security trainings using Zone-H’s image, logos, material without permission to unaware students.
We are currently receiving emails from enraged students who, for example, attended such courses and never got a diploma/certificate in exchange. In particular, even those students who attended the first and only round of courses (Hands on Hacking, Web-apps and Wireless) genuinely held by Zone-H teachers (having Mr. Roberto Preatoni and Mr. Gerardo Di Giacomo as teachers) are complaining about that. To all those students who participated to such courses, we want to say that Mr. Zaki Qureshey, asked us to sign all the diplomas (for each of the three courses and for each of the students, but without putting the student’s name on them). At the end of the training sessions, he asked us to distribute the diplomas of one of the three courses to the attending students, in order to be able to make some “ceremonial pictures” but he also asked us NOT TO DISTRIBUTE the diploma of the other two courses, he would have done it by himself later on.
The suspect now is that he never handed over such diplomas (again, we signed them with no students names on them) in order to be able to give them to other students, maybe at the end of a FAKE Zone-H course organized later on by himself using our brand and material without permission.
To all of those who incurred in such scam we ask to mail us sending all possible details of it.
Click on the news title to read more…
[updated] Zone-H statement on security trainings offered by E2-labs.com
27/10/2009 Written by Roberto Preatoni
This is an official statement in which Zone-H.org declares that has NOTHING TO DO with those hands on hacking classes offered by the Indian company named e2-labs (www.e2-labs.com).
WE ARE SORRY TO SAY THAT ALL THOSE STUDENTS WHO ATTENDED ZONE-H LABELED COURSES OFFERED BY COMPANY E2-LABS IN THE LAST 24 MONTHS HAVE BEEN SCAMMED!!!
The facts:
Zone-H and E2labs indeed entered into an agreement in year 2007 so that Zone-H would have had to provide first-class security training within the Indian territory. Right after entering into the agreement, Mr. Zaki Qureshey the E2-lab CEO organized a single seminar session in which Zone-H provided training to some of E2-labs students.
Before entering into the agreement, Zone-H was warned by other renowned security professionals who formerly offered services to E2-labs that such company had the very bad habit not to pay for the rendered service and to misuse the name and brands of those with whom was cooperating.
We had a taste of this when Mr. Qureshey organized a press conference in which was announcing our partnership during which, without being previously informed, we discovered that behind the press-release table it was displayed a huge banner with E2-labs and Zone-H logos (which was fine) but also those logos and names of Zone-H partners (the list was supposedly taken from our website) that had nothing to do with E2-labs nor with our agreement (one for all: insecure.org).
click on the news title to continue reading…
FBI Jobs site gets hacked
10/09/2009 Written by Marcelo Almeida (Vympel)
“The FBI (Federal Bureau of Investigation) is seeking a senior security consultant for a permanent position.” This is probably the next job offer that will appear on the FBI job site (fbijobs.gov) as they got defaced yesterday.
A turkish crew, known as turkguvenligi.info, managed to exploit a SQL injection flaw and insert a record that redirected the “events” page to an image with their site name.
One sided hacktivism (updated)
22/06/2009 Written by Roberto Preatoni
Since Zone-H started its mirroring activity of defacements, it always witnessed any sort of hacktivism. Sure, most of the times defacers are/were/will be just defacing *just for the pleasure of it* but when it comes the time of big protests related to world’s events, we are used to see both regular defacers or improvized cyber protesters taking a stand and spell out their disappointments by posting something using the defacement media.
Because… yes.… defacement is a media, it has been proven in several occasion that by defacing just one well targeted website, defacers were capable to attract the attention of regular medias which were reporting his message to the world.
Today, I was reading the news related to the clashes happening right now after the results of the Iranian political election which has been won by Mahmoud Ahmadinejad with a percentage that usually belongs only to countries ruled by a strong dictatorship and that any sort of statistical analysis would label at least as an *anomaly*.
But what happened in the cyber-world? Did we witness any sort of digital protest as we used to see in the past like those related to the Kashmir dispute? Or something like the Estonian bronze statue protest? Or even the Prophet Mohammed cartoon protest?
So this morning I woke up with the wish to check the on-hold mirrors to see if some voices were raising in the cyber world.…
UPDATED: Yet another embarassing data leakage
03/06/2009 Written by Boris Mutina (minor)
Sensitive data leakage is nothing new, it’s sometimes pretty embarassing, when you realize the lack of what we call security awareness. Slovakia is not an exception at all when discussing the security incidents, just to mention interesting incident related to Slovak National Security Authority, or the disclosure of the whole cellphone number database of one operator, naturally also with the secret numbers of the politicians and other important persons.
One of the last really stupid incidents happened again online: secret service employee was fired after he posted his photo on popular dating website. The photo was found by his co-workers…