Hacker News | Breaking Cybersecurity News | The Hacker News

#OpUSA campaign is officially started, the day has come, today May 7 as announced by Anonymous , a coordinated online attack will hit Banking and government websites. The announcement made by popular group of hacktivists is creating great concerns between US security experts in charge of defense the potential targets. The message passed sent by Anonymous to US authorities is eloquent, " We Will Wipe You Off the Cyber Map "  A new wave of attacks, presumably distributed-denial-of-service attack , is expected to hit principal US financial institutions exactly as already happened in the last months. The hacktivists participating to OpUSA campaign protest against the policy of the US Government blamed to have committed war crimes in foreign states and in its countries. "A nonymous will make sure that's this May 7 will be a day to remember. On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afg

BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. Security professionals have been relying on the BackTrack security distribution for many years to help them perform their assessments. A couple of weeks ago, futuristic major release of BackTrack was announced as   Kali Linux . Today Backtrack team released few updates to Kali Linux as version 1.0.3 and fixed couple of bugs. " Our first attempts at building an accessible version of Kali failed and after a bit of digging, we found that there were several upstream GNOME Display Manager (GDM3) bugs in Debian, which prevented these accessibility features from functioning with the GDM greeter. Working together with an upstream GNOME developer, we knocked out these bugs and had the fixes implemeted in Kali, and hopefully in future builds of GDM3 in Debian ." Download  new version of Kali Linux ( kali-linux-1.0.3-i386.iso ) wi

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and new same gang of hackers are being blamed for a set of recently discovered spear-phishing attacks that aim to steal information related to American drones . These attacks exploited previously discovered vulnerabilities via document files delivered by email in order to plant a previously unknown backdoor onto victim systems. Operation Beebus is an APT-style attack campaign targeting government agencies in the United States and India as well as numerous aerospace, defense, and telecom industry organizations. FireEye Labs has linked the attacks to the China-based Comment Group hacker collective (a prolific actor believed to be affiliated with the Chines government), and Operation Beebus. " The set of targets cover all aspects of unmanned vehicles, land, air and sea, from research to design to manufacturing of the vehicles and their various subsystems. Other related malware have been discov

Last April 7th the Anonymous collective hit the Israeli networks with a huge as historic offensive, for the first time an independent group of hackers declared war to a Governments to protest against its policy. Many web sites of the country were hit by DDoS attacks, the data on the event reported by Israel government are totally different from the information published by Anonymous that produced a report for #OpIsrael in which total damage are estimated of $3-plus billion. According security experts at TrendMicro the collective adopted various botnet coordinating large scale attacks, analyzing traffic directed to one of the targeted website, the researchers discovered that meanwhile usually more of 90% of the traffic is originated in Israel, during the attack almost the entire traffic was originated outside the country and internal connections have fallen to 9% as shown in the following chart: What is surprising is that TrendMicro discovered that many IP addre

The mother of alleged Anonymous hacktivist Barrett Brown has pleaded guilty to helping her son hide two laptop computers from federal investigators. Brown's mother, Karen McCutchin , pleaded guilty last week to a charge of obstructing the execution of a search warrant. She faces a maximum sentence of 12 months in prison and a $100,000 fine. Sentencing has not yet been scheduled. On March 6, 2012, officers with the Federal Bureau of Investigation raided Brown's Dallas, Texas apartment in an attempt to execute a search warrant for computers that could contain information involving hacktivist group Anonymous and LulzSec. The feds hadn't found all the computers they were looking for during a search of Brown's apartment that morning and Brown, located at his mother's house, refused to volunteer them. Karen McCutchin Plea Agreement Barrett Brown is expected to stand trial in September, at which point he will have spent an entire year behind bars witho

The mastermind Russian Hackers who coded and distributed the Gozi malware,  Nikita Vladimirovich Kuzmin , 25 was charged along with Deniss Calovskis, 27, and Mihai Ionut Paunescu, 28 for infecting more than a million computers worldwide in order to steal banking and other credentials from tens of thousands of victims. They may face a maximum penalty of 95, 60 and 67 years in prison, respectively. Kuzmin allegedly created the Gozi program in 2005, hiring a programmer to write the source code and then leasing it to other criminal customers. According to latest reports , Nikita has agreed to cooperate with the United States. As potential evidence, the feds have been able to retrieve 51 servers in Romania as well as laptops, desktops and external hard drives. The data seized amounts to 250 terabytes. Paunescu, a Romanian national who went by the name " Virus " operated a bulletproof hosting service that provided criminal customers with servers and IP addresses from which to s

GitHub is a source code repository which lets developers work on programs together as a team, even when they are in different locations. Each repository on the site is a public folder designed to hold the software code that a developer is working on. This Tuesday GitHub announced a major upgrades to the site's search engine, " Finding great code on GitHub just got a whole lot easier, ". Yesterday few twitter users pointed out that there is no shortage of embedded private SSH keys and passwords that can easily be found via GitHub new feature. If you upload security information (keys/passwords etc) to a public repository, new search feature will allow anyone to find them. Today, GitHub's search function stopped working , though the site didn't acknowledge the cause. Updated message is " Search remains unavailable. The cluster is recovering slowly and we continue to monitor its progress. We'll provide further updates as they become available

Hackers crew Jember Hacker terrorists (JHT) deface the official website of Indonesian president (https://www.presidensby.info) with a message reads, " This is a PayBack From Jember Hacker Team ". Hackers deface website of president Susilo Bambang Yudhoyono (SBY) apparently in protest at growing corruption and wealth inequality in the country and because of increasing anger at the current administration. Deface page mention hacker code name as " MJL007 " who performed the hack and government is working with law enforcement teams to examine log files in a bid to trace the origin of the attack. " Corruption is rampant, the poor are everywhere. The rich get richer, the poor get poorer ," hacker told . Mirror of hack is available at Zone-H .

Dear Hackers, Warm up your keyboards! Because Facebook open Registration for third Hacker Cup 2013, an annual worldwide programming competition where hackers compete against each other for fame, fortune, glory and a shot at the title of world champion, with $5,000 top prize. The qualification round begins on January 25th. So Participate and enhance your programming competency. The dates have been set for Facebook Hacker Cup 2013 Jan 7 — Jan 27 — Registration Jan 25 — Jan 27 — Online Qualification Round Feb 2 — Online Elimination Round 1 Feb 9 — Online Elimination Round 2 Feb 16 — Online Elimination Round 3 March 22 -23 — Onsite Finals at Facebook Registrations Page -  https://www.facebook.com/hackercup/register This is your chance to compete against the world's best programmers for awesome prizes and the title of World Champion.

Another basic security loop-hole in NASA website lead to a Hack. This time hacker going by name " p0ison-r00t " deface a sub domain of NASA ( https://spaceyourface.nasa.gov/ ). The hacked sub domain running a web application using flash, that allow visitors to create some funny videos of Space using Faces. Hacker able to upload his text on the website, as shown in screenshot taken by ' The Hacker News '. We contact hacker to know more about the hack, on asking How ? Hacker said," I found a form on website, accepting file upload but without validating the extension, that allow me to upload a php shell on server ". Hacker also said that because of low privileges he was not able to modify any file, but was able to upload some text on the website, Check here . Mirror of hack also available on Zone-h .

Israel's Prime Minister officially opened a new national program to train teenagers in the art of cyberwarfare. The program named "Magshimim Le'umit", is to prepare them for their future role in the military and intelligence community. Israel Prime Minister Binyamin Netanyahu said the country's computer systems are facing attacks from Iran and other countries, and such attacks are set to increase in the digital age. The new program will accept outstanding pupils aged between 16 and 18 and train them to intercept malicious attacks through a three-year course. Cyber security has become a national priority in Israel, with significant resources being invested in protecting the military and civilian computing networks. Benjamin Netanyahu revealed plans to create a "digital Iron Dome" to protect vital infrastructure from hackers and viruses like last November, Israeli was under heavy cyber attacks from hacktivist group Anonymous as the latte prot

Web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected earlier this week. Hacker are suspected to be from China , who are exploiting a zero day  Internet Explorer vulnerability for Cyber Espionage attack against one of American most elite foreign policy web groups. According to Fireeye  researchers, a malicious content on the website was hosted by hackers, that is exploiting Internet Explorer version 8.0 (fully patched version) to hack windows systems of visitors. " We have chosen not to release the technical details of this exploit, as Microsoft is still investigating the vulnerability at this time. "  Once the system compromised, hackers look for valuable information from their computers, kinda Cyber Espionage. The FBI was notified of the attack and is said to be investigating. The CFR is one of the most elite foreign policy organizations in the United States with a membership of some 4,700 officials, former

Team Ghostshell a Hacktivists group of hackers, who before was in news for hacking Major Universities Around The Globe and leaked 120,000 records, are once again hit major organisations and expose around 1.6 million accounts  Hacker name the project as #ProjectWhiteFox , means " Freedom of Information " . These leaked 1.6 millions user accounts belongs to aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more. In a Pastebin Note hackers mention, " How we went from 'cyber-criminals' to 'hacktivists' to 'e-terrorists' to 'bad actors' to blacklisted. #ProjectHellFire got the US wary of us, at that time we still wasn't sure if GhostShell had gotten X'd, but when the second release of #ProjectWestWind came out, you guys got so hyped about it that we knew it had started to unfold. " Hacked

The Syrian government is almost certainly responsible for a blackout Thursday that shut down virtually all Internet service in the country. However, The Syrian government blamed the outage in internet service and mobile coverage in some areas on the armed groups' sabotage acts against cellular broadcast centers. Hacker with name Teamr00t has hacked and defaced Syrian government and showed their support for the people of Syria against President Bashaar Al-Assad's latest actions in shutting down the internet. Deface message President Bashaar Al-Assad You have taken a step too far in shutting down the internet so the outside world cannot see the horrific crimes you are committing upon your own people and this will not be tolerated by the world watching! The Syrian people have the right to freedom of speech, the right to live a normal happy life and the right to have access to the internet to connect with the rest of the world. By shutting down the internet you have denied your

Lulzsec Hacker , Jeffrey Hammond faces a potential prison sentence of more than 30 years if found guilty of all charges filed against him. U.S. District Court chief judge Loretta Preska, who presided over a bail hearing for Hammond want last week. Hammond was also charged with using some of the stolen credit card data to help make $700,000 in unauthorized charges, and accused of participating in a hack of the Arizona Department of Public Safety website. " In early May 2012, a federal grand jury handed down a superseding indictment in the case against alleged LulzSec and Anonymous leaders, accusing Hammond of masterminding the LulzSec and Anonymous attacks against the website of Stratfor (a.k.a. Strategic Forecasting), beginning in December 2011. " Informationweek said . " At last week's hearing in a Southern District of New York federal courtroom, Hammond's defense attorney, Elizabeth Fink, suggested that the FBI may have used entrapment to catch her client,

The UN nuclear watchdog has acknowledged one of its former computer servers had been hacked. The stolen information was contained in a statement by a group with an Iranian-sounding name calling for an inquiry into Israel's nuclear activities. The International Atomic Energy Agency (IAEA) is investigating Iran's nuclear program. A group called Parastoo Farsi for the swallow bird and a common Iranian girl's name claimed responsibility for posting the names on its website two days ago. The group had been known to be critical of Israel's undeclared nuclear weapons program. " The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago ," agency spokesperson said and agency experts had been working to eliminate any " possible vulnerability " in it even before it was hacked. Israel and the United States accuse Iran of seeking to develop a nuclear weapons capability, a charge Tehran denies, and says the Islamic state is th

Once again a zero day vulnerability exploit is sold by cyber criminals in the underground, once again a the flaw is related to Oracle's Java software that could allow to gain remote control over victim's machine. The news has been reported by KrebsOnSecurity blog that announced that the exploit being sold on an Underweb forum. The vulnerability is related to the most recent version of Java JRE 7 Update 9, it isn't present in previous versions of the framework, in particular the bug resides within the Java class "MidiDevice according the info provided by the seller that describes it with following statements: " Code execution is very reliable, worked on all 7 version I tested with Firefox and MSIE on Windows 7 ," " I will only sell this ONE TIME and I leave no guarantee that it will not be patched so use it quickly. " The exploited class is a component of Java that handles audio input and output. It's easy to understand that similar vulnerability has a great value du

Anonymous Hacker managing Operation Syria ( OpSyria ) have released 1 GB of emails dump from  Syrian Ministry of Foreign Affairs. Files are in files are in Arabic language. Documents includes scanned copies of Syrian ministers passports, details about an arms transport from Ukraine, report which shows that 200 tons of Syrian bank notes have been shipped from Russia. " Within the stash you will find details about cargo flights from Russia, each containing 30 tons of fresh Syrian Cash " Hackers said. " Furthermore you will find lulzy documents such as scanned passports from Syrian ministers (PDF) and details about arms transportation from Ukraine ". Emails are available here and Full Archive is available to download also.

Hacker group Anonymous claims he took down North-side Independent School District's website (www.NISD.net) on Saturday to protest the district's use of tracking badges. On Sunday, Nov. 25, the same hacktivist released a statement via Pastebin giving the school district "1-3 days" to meet with parents and explain the student tracking program in detail. If the district fails to comply with the request, hacktivist promise to "simply shut down" the school district website once again. The hacker group also sent a Twitter message to the NISD account on Thursday, teasingly notifying them that their site was down. " They're tracking students! They have rights too. I want a statement about this, nobody agrees with that, even the parents! " Anonymous said. NISD said it wanted to expand the Student Locator Project to 112 Texas schools and around 100,000 students to curb truancy, apparently a major problem at the school district in question. It was reported that by improv

TripAdvisor Inc., a hotel-review website, recently became a victim of the bug, said Trend Micro Inc., an Internet security solutions provider. Many of TripAdvisor's users received spam mail with booking confirmations for hotels they had checked out on the website , 1.89% of Indian Internet Users have already been affected. The email purporting to be in the name of one of the Hotels has a similar theme to its English counterpart as it contains confirmation and details on an alleged booking reservation.  TripAdvisor, which is among India's top five travel brands as per digital market research firm ComScore Inc., globally has 60 million unique monthly visitors and 2.4 million unique users per month in India. Gamarue is a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user. Trend Micro reported that one of their manager received the spam at his personal e-mail address but the addres