#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Defacements | Breaking Cybersecurity News | The Hacker News

AVX Corporation Hacked by Anonymous #OpColtan

AVX Corporation Hacked by Anonymous #OpColtan

Aug 27, 2012
Anonymous Operation #OpColtan have announced another attack in the name of this operation and this time its on a Manufacturer and Supplierof Electronic Components AVX Corporation (www.avx.com). AVX It's a big firm wich produce ceramic and tantalum capacitors, connectors, thick and thin film capacitors, resistors and integrated passive components.  UN accused AVX, and many other firms to be interested in illegal coltan extraction and war in DRC. According to Hackers " Usually Coltan was stealed by war groups from Congo mines and carried out to the firms.Million of people lost their lives in Congo war, nature was destroied in order to dig coltan and a lots of gorillas were killed.Unfortunatelly UN decided to abandon the case and never punish the responsibles of the war an nature devastation ." " AVX and other involved firms published an ethical code in 2010; they claim that they don't get tantalium from war areas.NOW a new civil war is growing up in Congo and is
Hackers Deface website of former British cabinet minister

Hackers Deface website of former British cabinet minister

Aug 26, 2012
Hackers claiming allegiance to the Anonymous movement of cyber-rebels have defaced the website of a former British cabinet minister in solidarity with WikiLeaks founder Julian Assange. " If the reason ... is revenge for Assange's treatment, it's weird to attack me," Hain said in comments carried by the BBC. "They have not done their research because I have supported Assange and opposed his extradition. " Hain's website was defaced Saturday by a group calling itself Anonymous UK, whose logo consisted of a dark, headless suit against a Union Jack. The group made a variety of allegations against the 62-year-old Labour Party politician, before adding: " The UK's persecution of Julian Assange will NOT be forgotten ." Assange's fight to avoid extradition took a dramatic turn in June, when Assange fled to the Ecuadorean Embassy seeking refuge. The ensuing standoff sparked a diplomatic crisis between Britain and Ecuador and could potentially drag on for months
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Turkish hackers hack FC Spartak Moscow Soccer team

Turkish hackers hack FC Spartak Moscow Soccer team

Aug 24, 2012
Turkish hackers recently hacked the Web site of soccer team FC Spartak Moscow after the Russian team's fans burned Turkish flags and pictures of AtatĂĽrk during a Champions League playoff match against Turkish team Fenerbahce on August 21. A portrait of AtatĂĽrk next to a Turkish flag was also posted on the website. The group replaced the website's original content with a statement that called on the team to "immediately apologize." " You will immediately apologize to the Turkish Republic and the Turkish people. No crime goes without punishment, and FIFA may forgive you, but we won't ," The Spartak site was running again by Thursday afternoon after the club used its Twitter account to blame the incident on 'Turkish hackers. Spartak Moscow fans burned flags and posters of modern Turkey's founding father, Mustafa Kemal AtatĂĽrk, during their team's 2-1 victory over the Istanbul giants in the first leg of their Champions League playoff.
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
AMD Blog Hacked, Database leaked on Internet

AMD Blog Hacked, Database leaked on Internet

Aug 19, 2012
A team of Hackers called, " r00tBeer Security Team " today hack into official blog of Advanced Micro Devices (AMD) which is a American multinational semiconductor company. AMD is the second-largest global supplier of microprocessors based on the x86 architecture and also one of the largest suppliers of graphics processing units. Hacker deface the blog page ( https://blogs.amd.com/wp-content/r00tbeer.html ) and also leak the complete user database of blog on his twitter account. Leaked database SQL file uploaded on Mediafire by Hackers which include 200 AMD user's Emails, Wordpress Blog Usernames and Passwords. During the time of writing, I think AMD is not aware about that they are the Victim of a Hack attack. We are tweeting to the AMD team for informing them. Screenshot of Hack as shown below: Now only AMD, these hackers also hack another High Profile website called " TBN - The Botting Network ", A Popular forum to learn How to make Money with 96000 member
Pakistani hackers deface Indian Southern Railways website

Pakistani hackers deface Indian Southern Railways website

Aug 07, 2012
Website of the Southern Railways www.southernrailway.gov.in has been defaced apparently by Pakistani hackers. The hacker group that calls itself ' Pak Cyber Pyrates ' replaced the home page of the website with a page with content that denounces India's role in Kashmir. Indian and Pakistani hacking groups are engaged in a cyber war of sorts with websites in both the countries being regularly attacked and defaced.
Fake Syria News Posted from Hacked Reuters blog and Twitter account

Fake Syria News Posted from Hacked Reuters blog and Twitter account

Aug 06, 2012
On Friday, Reuters blog platform was hacked with false posts and on Saturday, the @ReutersTech account on Twitter was taken over and renamed @TechMe. False tweets were sent before it was taken down. The first attack came Friday after Syrian hackers loyal to President Bashar al-Assad allegedly gained access to Reuters' blogging platform, which they used to post a fake interview with rebel Free Syrian Army (FSA) leader Riad al-Assad. The interview essentially said the general was withdrawing troops after a battle. Presumably, the same hackers are responsible for also compromising a Reuters Twitter account dedicated to technology news, which has about 17,500 followers. Reuters confirmed the breach today in a tweet on its main Twitter account: Earlier today @ReutersTech was hacked and changed to @ReutersME. The account has been suspended and is currently under investigation Several of the updates posted on the hacked Reuters account, which claimed that rebels in the city of Aleppo had
Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Jul 10, 2012
Sucuri Malware Labs notify that some zero-day exploits are available to Hackers which are being used to Hack into Parallels' Plesk Panel (Port Number 8443). These attacks was keep on raising from last few months as you can see in the Graph: At least 4000 new websites were infected each day, Sucuri malware researcher Daniel Cid. On other News Portals , there was a news recently that Some 50,000 websites have been compromised as part of a sustained iframe injection attack campaign. Security analyst found that, The majority of the sites being targeted are running Plesk Panel version 10.4.4 or older versions. Brian Krebs on his blog report that Hackers in the criminal underground are selling an exploit that extracts the master password needed to control Parallels' Plesk Panel. This zero-day exploit for Plesk is being sold on the black market for around $8,000 per purchase. Many of the queries probed for web hosting software Plesk, a finding backed by the Sans Internet Storms Centr
Anonymous Hackers shut down website of Colombia Justice Ministry

Anonymous Hackers shut down website of Colombia Justice Ministry

Jun 23, 2012
Anonymous Hackers shut down website of Colombia Justice Ministry Anonymous hackers shut down the websites of Colombia's Justice Ministry website on Friday evening. The website was back online Saturday morning. Also, The website of Cambio Radical, the political party of Interior Minister German Vargas Lleras, was hacked later Friday evening and was still showing a message saying " You have been hacked ". Anonymous said on its facebook page the Ministry's website was shut down to protest "impunity" granted to corrupt politicians by a justice reform that had been approved by Congress but was sent back to the legislative branch by President Juan Manuel Santos on Thursday because of its unconstitutionality and inconsistencies that " do not favor justice and transparency ." Last Year, Anonymous and Colombian Hackers were behind the shut down of the websites of Colombia's president , the interior and justice ministry, the intelligence service DAS and the g
Department of Homeland Security and U.S Navy hacked

Department of Homeland Security and U.S Navy hacked

Jun 23, 2012
Department of Homeland Security and U.S Navy hacked Department of Homeland Security and U.S Navy websites once again at Major Risk. This time hacking group called " Digital-corruption " hacked into subdomains of both sites and leak database info on pastebin . In its announcement on the pastebin.com website, the group said it has leaked database from  https://www.smartwebmove.navsup.navy.mil/ and twicinformation.tsa.dhs.gov using Blind SQL-Injection method. The Database include Usernames, Passwords, Email ID's, Security Questions - Answers of all users. Hackers shout: say("#FreeTriCk #FreeMLT #FreePhantom"); say("Knowledge is power!"); say("NAVY.MIL, care to share some of your staff information?"); Department of Homeland Security and U.S Navy websites are hacked lots of times in past one year by Different hackers from all over world.
Scamming site taken down by Hackers

Scamming site taken down by Hackers

Jun 22, 2012
Scamming site taken down by Hackers When hundreds of kids were duped into taking courses to improve their grades with a promise of an ipod if they succeeded, many pressured their parents to help find the company called Advantage Point Academy (https://www.advantagepoint.org/) a place to administer the lessons. Advantage point got parents in many schools through California, Oregon, and Washington to rent rooms and give their kids lessons that supposedly made them smarter........with a prize of an ipod when they finished. Advantage Point got their money for enrolling the kids but the kids got lessons and no ipods. Kids and parents have been calling, writing, reporting to the States and posting complaints on the companies Facebook page to no avail. In stepped xL3gi0n , who felt that if nothing else, a little web removal would bring solace to a disappointed and scammed group of parents and kids. On June 21st in the wee hours of the morning the site was taken down and all files remove
Call for Articles - July Edition | The Hacker News Monthly Magazine

Call for Articles - July Edition | The Hacker News Monthly Magazine

Jun 20, 2012
Call for Articles - July Edition | The Hacker News Monthly Magazine Attention Readers!! We know there is a writer in all of you and we invite you to submit your best work on the subject of BOTNETS for our July The Hacker News Monthly Magazine . Give us all your expertise and knowledge on the subject and we will give it a top priority! We'd like to thank our readers and supporters and know that we take your loyalty seriously and with great appreciation. See you in July! Ann Smith Executive Editor, The Hacker News
United States Department of Defense data leaked by Anonymous hackers

United States Department of Defense data leaked by Anonymous hackers

Jun 14, 2012
United States Department of Defense data leaked  by Anonymous hackers A group called the " Wikiboat " belongs to Anonymous hackers have attacked the Defense.gov website and leaked data from the website. They have published the leaked data to the pastebin note. Also, today the Wikiboat targeted the GEMA.de website and took it offline. The leaked data includes some officials name, Emails ID's and Phone numbers as shown below: Hackers claim that, they have not collect this data from any SQLi vulnerability, even this data is collected form other sources. Three weeks before they was threatening to take down the websites of companies like Apple, Bank of America and Toyota and leak sensitive data. As part of its "Operation New Son ' they announced to attacks on a number of international companies.
OpenVPN Defaced by Hackers

OpenVPN Defaced by Hackers

Jun 12, 2012
OpenVPN Defaced by Hackers OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features Got Hacked Yesterday by Hacker called " HcJ ". Hacked deface the page as shown in above picture. Words form Page: OPENVPN Hacked No News Is a Good News HcJ & Cyb3R-1sT & Egyptian.H4x0rZ & Sas-TerrOrisT & H311 c0d3 &ISM H4CK Quote of the Day Don't be lammer, Leave your computer and enjoy your summer ./ HcJ During the writing of post, OpenVPN officials restore the site back to original state. If you like to see the deface page, can visit Zone-H for mirror. VPN Hacks May Leak Information: Such hacks can also be carried out by investigation agencies to collect evidences against various hackers. Always use double VPN or Tor with VPN for better Security.
10000 Twitter User oauth token hacked and Exposed by Anonymous

10000 Twitter User oauth token hacked and Exposed by Anonymous

Jun 12, 2012
Anonymous Hackers, with Twitter account " LulzsecReborn " Hack into TweetGif (https://tweetgif.com) and Hack complete Database, Later they publish that on the Internet also. TweetGif is a website which allows you to use animated GIF image as your twitter picture. LulzSec Reborn, a 3.0 version of the earlier LulzSec, have leaked 10,000 Twitter profiles' passwords,  Usernames, real names, locations, bios, avatars and secret tokens used to authenticate their accounts. Pastebin message posted:  The leaked data was uploaded to embed upload and contains a 4 MB SQL file with all the user details . Users table from https://tweetgif.com/ nothing serious like 10.000 twitters… https://www.embedupload.com/?d=9ZMOMGIIQA How Hackers and Spammer can use this? OAuth is an authentication protocol that allows users to approve application to act on their behalf without sharing their password. If your Twitter oauth Secret Key and Token get compromised , then the application or H
Online game 'League of Legends' Compromised

Online game 'League of Legends' Compromised

Jun 10, 2012
Online game ' League of Legends ' Compromised A recent slew of security failures have left countless accounts hacked at sites like Linkedin and eHarmoney. Now League of Legends is the latest database to suffer from hackers this week. Riot has sent out a mail to registered League of Legends players in Europe, asking them to change their passwords due to a hackers accessing some player account information. Full details are below, but know that according to Riot," absolutely no payment or billing information of any kind was included in the breach. " but email addresses, encrypted account password, summoner name, date of birth, and for a small number of players – first and last name and encrypted security question and answer. Obviously, this information could be used in phishing scams. Riot Games does encrypt passwords through it warns " our security investigation determined that more than half of the passwords were simple enough to be at risk of easy cracking ". Marc Merr
Last.fm Confirms They Were Hacked, Change Your Passwords Now

Last.fm Confirms They Were Hacked, Change Your Passwords Now

Jun 08, 2012
Last.fm Confirms They Were Hacked , Change Your Passwords Now After this week's LinkedIn fiasco, it appears the latest tech giant to fall to bored hackers is Last.fm. Music-streaming website Last.fm is the latest organisation to urge its users to change their passwords immediately. The London-based site, owned by CBS, said in an advisory that it was currently investigating a possible leak of passwords but did not provide any further details. The dating site said it is "continuing to investigate" but "as a precaution" has reset affected members passwords.Affected members will receive an email with instructions on how to reset their passwords.eHarmoney, which brands itself as "#1 Trusted Online Dating Site for Singles" has around 20 million registered online users. The breach was confirmed by Last.fm on their official Twitter account overnight, and comes amidst a backdrop of similar breaches, including at LinkedIn where up to 8 million passwords may ha
LinkedIn Confirms Millions of Account Passwords Hacked

LinkedIn Confirms Millions of Account Passwords Hacked

Jun 06, 2012
LinkedIn Confirms Millions of Account Passwords Hacked LinkedIn Wednesday confirmed that at least some passwords compromised in a major security breach correspond to LinkedIn accounts. Norweigan IT website Dagens IT first reported the breach, noting that "Two days ago a package on the 6.5 million encrypted passwords posted on a Russian hacker site. Vicente Silveira, Director at LinkedIn, confirmed the hack on the company's blog Wednesday afternoon and outlined steps that LinkedIn is taking to deal with the situation. He wrote that those with compromised passwords will notice that their LinkedIn account password is no longer valid. "It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases," Linkedn director Vicente Silveira said in the blog post. The file only contains password
SwaggSec gained access to China Telecom and Warner Bros

SwaggSec gained access to China Telecom and Warner Bros

Jun 04, 2012
SwaggSec gained access to China Telecom and Warner Bros A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. Swagg Security, or SwaggSec, the same hacker collective that breached Foxconn a few months ago to highlight the poor working conditions, has made its comeback. The hacking group posted on their Twitter account (under the name Swagg Security) that they had acquired access to the databases of both sites, as well as posted a statement on Pastebin . The group has allegedly stolen documents and login credentials, which were then posted to Pirate Bay . The torrent file posted by SwaggSec on The Pirate Bay doesn't contain only the administrator details from China Telecom, but also some other information taken from their databases. SwaggSec said the China Telecom data is 900 user names and passwords for administrators on the company's network. The information was obtained through an in
UGNazi hackers attack on CloudFlare via a flaw in Google

UGNazi hackers attack on CloudFlare via a flaw in Google

Jun 04, 2012
UGNazi hackers attack on CloudFlare via a flaw in Google After the FBI arrested Cosmo, the alleged leader of the UGNazi hacking group, the hackers attacked CloudFlare via a flaw in Google's two-factor authentication system. The CloudFlare hack allowed UGNazi to change the DNS for 4chan, so visitors to the site were redirected to a UGNazis Twitter account. Hackers were able to infiltrate the personal Gmail account of CloudFlare CEO Matthew Prince. "The attack was the result a compromise of Google's account security procedures that allowed the hacker to eventually access to my CloudFlare.com email addresses, which runs on Google Apps," CloudFare's CEO Matthew Prince shared . According to the statement on Pastebin , the hackers are not sorry for attacking 4chan.  4chan.org is the playground that allows pedophiles to share their "collections" and the disgusting bronies to hang out. The site is loosely monitored and child porn threads are allowed to &quo
New Jersey mayor arrested for hacking recall website

New Jersey mayor arrested for hacking recall website

May 30, 2012
New Jersey mayor arrested for hacking recall website The FBI last week arrested the mayor of the northern New Jersey town of West New York, together with his son, on charges of hacking into a website and a related email account that called for the mayor's recall. Felix Roque, 55, the mayor of West New York, N.J., was arrested with his son, Joseph Roque, 22. They were released on $100,000 personal bond after neither entered a plea. According to the criminal complaint filed against Felix Roque and his son, on 2 February 2012 the two men began to conspire to hack into and disable a website called www.recallroque.com. Joseph Roque then allegedly performed a password reset for the Go Daddy account used to administer recallroque.com. This allowed him to cancel the domain name and effectively disable the website, the FBI agent said in the affidavit. The conspiracy and unauthorised computer access charges each carry a maximum possible sentence of five years in prison and a fine of u
Cybersecurity Resources