database program | Breaking Cybersecurity News | The Hacker News

Coalition of Law Enforcement Hacked & Agents Information Leaked The Official Website of Coalition of Law Enforcement and Retail Hacked by Exphin1ty, Claiming himself from Anonymous Team. The Database has been hacked using SQL Injection on the website. Passwords, Email ID's, Address & Phone Number of Various Agents leaked by him. The attack resulted in the temporary suspension of the website Hacker Said in a pastebin Note that " The American law enforcement's inhumane treatments of occupiers has caught our attention. You have shown through these actions that you are nothing more than puppets in the hands of your government. We have seen our fellow brothers & sisters being teargassed for exercising their fundamental liberal rights, the exact ones that were bestowed upon them by their Constitution. Due to this and several other reasons we are releasing the entire member database of clearusa.org (The Coalition of Law Enforcement and Retail). An organization wh

The Mole - Another Automatic SQL Injection exploitation tool The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command line interface. Different commands trigger different actions. Auto-completion for commands, command arguments and database, table and columns names. Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily. Exploits SQL Injections through GET and POST methods. Developed in python 3. Video Demonstration: 1.)  Installation Guide 2.) Tutorial to Use 3.) Download Mole

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Biggest Pakistan News site Dawn.com hacked by LuCkY Indian hacking Group " Indishell " hackers once again hit Pakistani cyber space. This time LuCkY from Indishell team deface the biggest Pakistani News site Dawn.com  ( Alexa Rank : 3540 ). He also post Database Info ie. Database Name - archives_wpress Database Name - archives_user2 Database Password - 'B,!R~T-K^L2)'); Deface page message include the possible hack reason " You Wont get kashmir by hacking sites lol , Kashmir is ours will be".  Hackers on both sides have indulged in sporadic attacks against each other ever since 1998 nuclear tests. The Indishell and PCA warriors hide behind coded named such as 'Zombie' , 'Lucky' and are thought to be young IT professionals.

DNS cache poisoning attack on Google, Gmail, YouTube, Yahoo, Apple Hacker with nickname AlpHaNiX deface Google, Gmail, Youtube, Yahoo, Apple etc domains of Democratic Republic of Congo. Hacker use strategy so-called DNS cache poisoning. DNS cache poisoning is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a name server. Hacked websites are : https://apple.cd/ https://yahoo.cd/ https://gmail.cd/ https://google.cd/ https://youtube.cd/ https://linux.cd/ https://samsung.cd/ https://hotmail.cd/ https://microsoft.cd/ [ Source ]

MySQL.com Once again Compromised using Sql Flaw A hacker with name " D35M0ND142 " claim to hack MySql.com website using Sql Injection Flaws. In September,  Mysql.com was hacked and it was serving BlackHole exploit malware on the site. In a pastebin dump Hacker Exposes various Admin user credentials and Database info. The Compromised Usernames and Passwords are from  Blog site  of MySql. MySql website is pretty embarrassed for not securing its own database's properly, Even hacker share that " Robin Schumacher is MySQL's Director of Product Management andhas over 20 years of database experience in DB2, MySQL, Oracle, SQLServer and other database engines. Before joining MySQL, Robin wasVice President of Product Management at Embarcadero Technologies. " Besides the hack on MySQL.com, D35M0ND142 also managed to breach the systems of the Urbino University in Italy and the Universal Language & Computer Institute in Nepal and Stream Database.

Another United Nations Web Site Hacked, Barack Obama info Leaked ! Hackers of Team Sector 404 have breached the Spanish Web site for the United Nations Refugee Agency ACNUR . Group claims to be working with Anonymous. Hackers was able to breach site with SQL Injection vulnerability . They leaked Barack Obama's email address, username, password (not in clear text), personal phone number and a login ID as shown. Other individuals whose information was leaked are Dirk Wildt from Die Netzmacher and Schaffstein from a non-profit organization called TYPO3 .Info of Other United Nation members also leaked from database. The team of hackers include  PHANTOM, RAWR, IO93, V, ZD4P50N, SPECTRUS, ANONGUS, FIBO,HACKW32, ADREX,NEKA, JJ, & ESCUADRON SPY PEOPLE Y HACKERSMX219 involve in this Hack as  Sector 404.

The Spy Files: Wikileaks expose Mobile Phone, Email Hacking capability Wikileaks has released  ( https://spyfiles.org/ ) dozens of new documents highlighting the state of the once covert, but now lucrative private sector global surveillance industry. According to Assange, over 150 private sector organisations in 25 countries have the ability to not only track mobile devices, but also intercept messages and listen to calls also. Site founder Julian Assange has held a press conference, revealing the secrets of the industry.­ The whistleblowing site has published some 287 documents from its huge database, collected from 160 international intelligence contractors. The database includes internal documents of such companies like Gamma corporation in the UK, Ipoque of Germany, Amesys and Vupen in France, VASTech in South Africa, ZTE Corp in China, Phoenexia in the Czech Republic, SS8 and Blue Coat in the US, among others. From the press release: " The Wikileaks Spy Files reveal the de

Nullcon GOA 2012 - International Security Conference The open security community is a registered non-profit society and by far the largest security community in India with more than 2000 members comprising of information security professionals, ethical hackers and law enforcement professionals that focuses on Infosec research and assisting Govt. and private organizations with cyber security issues. null has 7 chapters through out India - Pune, Bangalore, Mumbai, Hyderabad, Delhi, Chennai and Bhopal, interacting with around 5000-6000 people by various activities like monthly meets, security camps, workshops, talks at various events & organizations and executing security projects. Our portal https://null.co.in provides free information on security research, responsible vulnerability disclosure, open source security software project, white papers, presentations, monthly chapter meets. We see that currently there is a disconnect between the Govt. agencies and private organizations

National program for Cyber army to be launched in India Increasing attacks on cyberspace in India has brought several professionals and experts from the Industry, in support with the Government of India to jointly form a national level program to identify credible and valuable information security experts. The program " National Security Database " is all set to launch this Saturday in Mumbai at a major Information security conference, MalCon. The database will include ethical hackers and programmers who can protect country's cyberspace. They will all be registered with the National Security Database, a brainchild of Information Sharing and Analysis Centre (ISAC) , a non profit foundation which works closely with the Government on the issue of cyber security. The need of such database originated after 2008 attacks in Mumbai when the cyber security professionals realised that a lot needed to be done in the area. "It is observed that some or other form of electronic n

Sudan Airways mailbox database leaked Sudan Airways mailbox database Hacked By Sudan Cyber Army - SD. Alsa7r and Leaked on Pastebin . The Targeted domains are  sudanair.com  & omyalphaserver.com . This Include more than 100's of Usernames, Emails, Passwords. Sudan Cyber Army in past hack lots of Sudan Government Sites.

SecurityTube Metasploit Framework Expert Certification Launched ! Not so long ago, we had posted the launch of the SecurityTube Wi-Fi Security Expert (SWSE) program. The certification has been a success and it has students from over 25+ countries from around the world. The SecurityTube Metasploit Framework Expert (SMFE) is an online certification on the Metasploit Framework. This course is ideal for penetration testers, security enthusiasts and network administrators. The course leading to the certification exam is entirely practical and hands-on in nature. The final certification exam is fully practical as well and tests the student's ability to think out of the box and is based on the application of knowledge in practical real life scenarios. A brief list of topics to be covered in this course includes: Metasploit Basics and Framework Organization Server and Client Side Exploitation Meterpreter - Extensions and Scripting Database Integration and Automated Exploitation Pos

Joomscan Security Scanner - Detect more than 550 Joomla vulnerabilities Joomscan Security Scanner updated recently with new database have 550 vulnerabilities. Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla web site. Last update for this tool was in August, 2009 with 466 vulnerabilities. How to Use Joomscan, read here . In joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update . Download for Windows (141 KB) Download for Linux (150 KB ) More Info

New Approach to automatically detecting bugs and vulnerabilities in Linux Australian researcher Silvio Cesare , PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may "embed" or "clone" code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library's source or fork a copy of a library's source. The Approach of this tools is that if a source package has the other package's filenames as a subset, it is embedded, Packages that share files are related. A graph of relationships has related packages as cliques. Graph Theory is used to perform the analysis. Linux vendors have previously used laborious manual techniques to find holes in libraries. Debian alone manually tracks some 420 embedded packages, Cesare said at Ruxcon 2011. Silvio's tool also automates identifying if embedded packages have outstanding vulne

WAFP : Web Application Finger Printer Tool WAFP is a Web Application Finger Printer written in ruby using a SQLite3 DB. WAFP fetches the files given by the Finger Prints from a webserver andchecks if the checksums of those files are matching to the given checksums from theFinger Prints. This way it is able to detect the detailed version andeven the build number of a Web Application. Sample Scan Result:    wafp.rb --verbose -p phpmyadmin https://phpmyadmin.example.de    VERBOSE: loading the fingerprint database to the ram...    Collecting the files we need to fetch ...    Fetching needed files (#432), calculating checksums and storing the results to the database:    ............................................................................................    VERBOSE: request for "/themes/darkblue_orange/img/b_info.png" produced "Connection refused - connect(2)" for 1 times - retrying...    ................................................................

Maharashtra Highway Police website hacked Not only International Law Enforcement and Police Under Hacker's attack, Even our Local Police websites and Database also become of Victim of breaches mostly once a day. A hacker With name " powerin10 " take responsibility to hack  Maharashtra Highway Police website . A mirror of this hack is available here .  Hacker is member of Bangladesh Cyber Army.

Hackers destroyed a pump used by a US water utility Hackers destroyed a pump used by a US water utility after gaining unauthorized access to the industrial control system it used to operate its machinery. Five computer screenshots posted early Friday purport to show the user interface used to monitor and control equipment at the Water and Sewer Department for the City of South Houston, Texas. '' This is arguably the first case where we have had a hack of critical infrastructure from outside the United States that caused damage ,'' a managing partner at Applied Control Solutions, Joseph Weiss, said. The network breach was exposed after cyber intruders burned out a pump. '' No one realised the hackers were in there until they started turning on and off the pump ,'' he said. It said hackers apparently broke into a software company's database and retrieved usernames and passwords of various control systems that run water plant computer equipment.U

UCLA psychology department database hacked by Inj3ctor Inj3ctor team of Hackers take responsibility for the release of information from the psychology department's database which included the names, home addresses and dates of birth of 26 applicants to the university. The attacker also published some information that helped him access the database. He highlighted the open ports and the versions of the services he relied on to hack the site. This is not the first time that the department database has been dumped on Pastebin. In July 2011, another hacker posted psychology department faculty's phone number, first and last name, e-mail address, street address, and UCLA ID number. Webmasters from UCLA IT are still investigating the hacking, but Bollens said it is likely the result of a SQL injection, which makes programs give more information than intended for release. The psychology department's outdated database may have made it more susceptible to the SQL injection, where the hacke

UMP French Political Party got hacked & personal information leaked The personal data of several political parliamentarians, ministers, Minister of UMP French Political Party employees were released online by an unknown source. The leak contain the details of  Bernard Accoyer, Lionel Tardy, Jean Tiberi, Georges Tron, Christian Vanneste, Jean Luc Warsmann, Laurent Wauquiez, Michèle Alliot-Marie, Patrick Balkany, Jean Francois Cope, etc.. Korben  publish  that , The leak available in 4 files posted on Pastebin under the name " French Right Wing Hacked "which includes personal information on over 1000 frames of the UMP. Database Dumps: -  https://pastebin.com/kpGWv9qD -  https://pastebin.com/WG7Ffh5t -  https://pastebin.com/jWA4RkCG -  https://pastebin.com/9tcqrFBX The first four of these files reveals all the potential variables specified for each record. Status, title, date and place of birth, education, employees, telephone numbers, business addresses and private la

Anonymous Hackers hack neo-Nazis website & leak personal info of 16,000 Finns Anonymous Hackers have successfully hacked the neo-Nazi website and published the database of its 16000 membership application database containing personal data of some applicants from all around the country. The hack was motivated by an apparent desire to shame the Finnish government into improving data security. In a Statement Anonymous says " We have no tolerance for any group based on racial, sexual and religion discrimination as well as for all the people belonging to them and sharing their ideologies, which is the reason why we decided to carry out last Monday's attack. ". Authorities are investigating the security breaches, according to an online message attributed to Anonymous Finland. According to the Helsingin Sanomat, the published information seems stolen from several sources: the Work Efficiency Institute, Student Alliance Osku, WinNova Länsirannikon koulutus Ltd, and Adu

International Foreign Government  E-Mails Hacked by TeaMp0isoN TeaMp0isoN group of hackers claim to hack more than 150 Email Id's of International Foreign Governments. They Release the Email List with Password on Pastebin note . Hex000101 Hacker, A member of TeaMp0isoN team got these Login credentials from various Government sites after hacking their databases such as armynet.mod.uk and website of Parliament of Australia (aph.gov.au) .