#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for NASA | Breaking Cybersecurity News | The Hacker News

NASA HACKED! AnonSec tried to Crash $222 Million Drone into Pacific Ocean

NASA HACKED! AnonSec tried to Crash $222 Million Drone into Pacific Ocean

Feb 02, 2016
Once again the Red Alarm had been long wailed in the Security Desk of the National Aeronautics and Space Administration ( NASA ). Yes! This time, a serious hacktivism had been triggered by the Hacking group named " AnonSec " who made their presence in the cyber universe by previous NASA Hacks. The AnonSec Members had allegedly released 276 GB of sensitive data which includes 631 video feeds from the Aircraft & Weather Radars; 2,143 Flight Logs and credentials of 2,414 NASA employees, including e-mail addresses and contact numbers. The hacking group has  released a self-published paper named " Zine " that explains the magnitude of the major network breach that compromised NASA systems and their motives behind the leak. Here's How AnonSec Hacked into NASA The original cyber attack against NASA was not initially planned by AnonSec Members, but the attack went insidious soon after the Gozi Virus Spread that affected millions of systems a
Mayday! NASA Warns Employees of Personal Information Breach

Mayday! NASA Warns Employees of Personal Information Breach

Dec 19, 2018
Another day, another data breach. This time it's the United States National Aeronautics and Space Administration (NASA) NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency's servers was hacked. In an internal memo sent to all employees on Tuesday, NASA said the unknown hackers managed to gain access to one of its servers storing the personally identifiable information (PII), including social security numbers, of current and former employees. The agency said NASA discovered the breach on October 23 when its cybersecurity personnel began investigating a possible breach of two of its servers holding employee records. After discovering the intrusion, NASA has since secured its servers and informed that the agency is working with its federal cybersecurity partners "to examine the servers to determine the scope of the potential data exfiltration and identify pot
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
NASA Computer Networks Have Potentially Catastrophic Security Holes !

NASA Computer Networks Have Potentially Catastrophic Security Holes !

Mar 30, 2011
NASA's internal computer network is full of holes and is extremely vulnerable to an external cyberattack, an audit by the Office of the Inspector General has found. Even worse, it appears several of the vulnerabilities have been known for months, yet remained unpatched. "Six computer servers associated with IT [information technology] assets that control spacecraft and contain critical data had vulnerabilities that would allow a remote attacker to take control of or render them unavailable," the audit report released today (March 28) by Inspector General Paul K. Martin said. "The attacker could use the compromised computers to exploit other weaknesses we identified, a situation that could severely degrade or cripple NASA's operations," the report continued. "We also found network servers that revealed encryption keys, encrypted passwords, and user account information to potential attackers." It is not unusual for previously unknown network security holes to be found in large orga
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Hacker leaks source code of NASA website belongs to US Government computer

Hacker leaks source code of NASA website belongs to US Government computer

Oct 26, 2012
A Hacker going by name - " LegitHacker97 " claiming that he successfully access a NASA subdomain website , that actually belongs to a US Government computer, as mentioned on homepage. ***** WARNING ***** This is a US Government computer Hacker also dump a  82.51 MB (compressed or 337 MB uncompressed) Archive five days ago on internet, includes the complete source code of the website (in ASP). After watching the pastebin note , we tried to contact the hacker for collecting more information about the hack. Hacker describe The Hacker News via mail that," This was hacked by a major LFI vulnerability which allowed me to upload my own shell (backdoor to the site) and I took advantage of it by downloading all off the website ! ". He add ," But now vulnerability is fixed ". I download the dump from the link posetd by hacker in pastebin note and tried to match the files with NASA website and subdomains, and found that these file actually belo
NASA website Hacked; Protest by Hackers against US action on Syria and Brazil Spying

NASA website Hacked; Protest by Hackers against US action on Syria and Brazil Spying

Sep 10, 2013
Earlier reports based on Snowden 's documents revealed the existence of the NSA's PRISM program , and indicate that the National Security Agency spied on Brazilians. On other End, President Obama said that the Syrian government used chemical weapons on its citizens and The United States may have to take military action against Syria. Against same issues, yesterday various pages on  NASA 's website were hacked by a Brazilian Hacker named " #BMPoC " and the visitors to the pages were first greeted with a pop-up window which reads "DO NOT ATTACK THE SYRIAN " followed by another reading " U.S. SPY STOP THE BRAZIL " before the deface page appears. The complete deface message on the page was: Stop spying on us. The Brazilian population do not support your attitude! The Illuminati is now visibly acting! Obama heartless! Inhumane! You have no family? The point in the entire global population is supporting you. NOBODY! We do not want
NASA, Stanford sites hit by search engine scammers !

NASA, Stanford sites hit by search engine scammers !

May 10, 2011
Scammers looking to flog cheap software have hacked Web pages on high-profile websites, including those belonging to NASA and Stanford University. NASA, just a week away from its penultimate space shuttle launch, has now removed dozens of Web pages that popped up on its Jet Propulsion Laboratory website. They were used to flog low-cost versions of Adobe's Creative Suite and other products, according to cached versions of the pages, still viewable on Google. The scammers loaded up the Web pages with nonsense text (a sample: "Edit buy adobe premiere pro cs4 some callouts and balloons to make this time it took you and saved you a long time") and links to many other hacked pages. Affected sites included those for NASA, Stanford University, Syracuse University and Northeastern University. NASA had cleaned up its site Monday, but others, including Stanford, had not. Visitors to those sites could encounter the hacked pages even if they weren't looking for cheap softwar
NASA SSL Digital Certificate hacked by Iranian Hackers

NASA SSL Digital Certificate hacked by Iranian Hackers

May 23, 2012
NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers ' Cyber Warriors Team ' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that they're currently investigating the incident. The group said the certificate was compromised by exploiting an existing vulnerability within the portal's login system, but they didn't outline the entire attack. Once they had control over the certificate, they claim to have used it to "obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic]." " These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives, " Paul K.
"NASA Own3d Again" - NASA Database Leaked by r00tw0rm

"NASA Own3d Again" - NASA Database Leaked by r00tw0rm

Feb 12, 2012
" NASA Own3d Again " - NASA Database Leaked by r00tw0rm Hackers from Team  r00tw0rm again hit NASA . According to Latest tweet by Hackers,  They claim to hack the one of the Sudomain of Nasa (Link is not exposed by hackers and claimed to be reported for Fix). Hackers claim to hack GB's of database and they  Leaked sample of database include Users names, emails and Passwords , Contact as shown: Same Hackers Yesterday Hack and Expose the Database of United States Census Bureau and Vulnerable link was also Exposed.
NASA Jet Propulsion Laboratory Vulnerable to Cross Site Scripting (XSS)

NASA Jet Propulsion Laboratory Vulnerable to Cross Site Scripting (XSS)

Oct 27, 2012
Yesterday, we report about the security breach in US Government computers belongs to NASA  restricted area website and Hacker dump out the complete source code and files from server of the website. Today another hacker claim a quick XSS (Cross site scripting) Vulnerability in NASA's Jet Propulsion Laboratory website (https://onearth.jpl.nasa.gov/) via a pastebin note. Hacker is going by name " Antraxt Hacker " and said about vulnerability exposure that,"I just want to proof that NASA is and never will be secured as human kind thinks they are". The xss vulnerable link is disclosed in pastebin note. I feel this not a offensive hack by hacker, even NASA should take advantage of free of cost Penetration testing services from individual like , who even not looking for Bug Bounties.
NASA and Pentagon Hacker - TinKode Arrested in Romania

NASA and Pentagon Hacker - TinKode Arrested in Romania

Feb 02, 2012
NASA and Pentagon Hacker - TinKode Arrested in Romania Romanian police have arrested a man believed to be TinKode, the notorious hacker responsible for several daring, high-profile cyberattacks, including last year's breach of NASA's servers , Royal Navy, The European Space Agency and MySQL.com. The 20-year-old man, named as Razvan Manole Cernaianu , allegedly attacked Pentagon and NASA computer systems, revealed security holes, and published information about SQL injection vulnerabilities he had discovered, the Romanian Directorate for Investigating Organized Crime and Terrorist (DIICOT) said in a press release . He also posted a video on his blog demonstrating an attack he carried out against the U.S. government, and created and offered for sale a computer program used to hack Web sites. Through his exploits, Cernaianu blocked access to systems and seriously disabled their proper functioning, authorities said. Currently, Cernăianu is being taken to Bucharest
OpenStack 'floating Linux kernel' rides VMware hypervisor !

OpenStack 'floating Linux kernel' rides VMware hypervisor !

Apr 16, 2011
OpenStack ' floating Linux kernel ' rides VMware hypervisor ! OpenStack – the open source "infrastructure cloud" project founded by Rackspace and NASA – has released a third version of its platform, offering support for all major hypervisors. With the new release, codenamed "Cactus", developers have added support for VMware's vSphere hypervisor – without help from VMware. The vSphere code was built mostly by Citrix, which had previously coded support for the Xen and XenServer hypervisors. "We're so committed to OpenStack and its hypervisor-agnostic approach that we felt it was important, since VMware wasn't going to contribute vSphere support, that we should do it ourselves," Gordon Mangione, vice president of business development for Citrix's datacenter and cloud division, tells  The Register According to Mangione, VMware has "always been invited" to contribute to the project. But this has yet to happen. The virtuali
TinKode Hack FTP of NASA Goddard Space Flight Center !

TinKode Hack FTP of NASA Goddard Space Flight Center !

May 17, 2011
TinKode  Hack FTP of  NASA Goddard Space Flight Center  ! TinKode  Give another big Hack. This time he hack FTP of  NASA Goddard Space Flight Center  at  servir.gsfc.nasa.gov  , Some Months before  European Space Agency (ESA.INT) was also Hacked by TinKode . In Above image you can see the proof of hack.
Nasa HaCkeD By The 077 & DinelSon Tunisian HaCker

Nasa HaCkeD By The 077 & DinelSon Tunisian HaCker

Mar 25, 2011
Nasa HaCkeD By The 077 & DinelSon Tunisian HaCker Hacked link by The 077 :  https://blogs.nasa.gov/cm/resource/1015442 Hacked link by DinelSon :  https://blogs.nasa.gov/cm/resource/1015440
NASA sub-domain and Australian Police targeted by Hackers

NASA sub-domain and Australian Police targeted by Hackers

Mar 20, 2012
NASA sub-domain and Australian Police targeted by Hackers Hacker with name " Black Jester " hack another subdomain (  https://airtrafficconflictresolutions.arc.nasa.gov )   of  NASA. Hacker compromise the database of site and leak password hashes of Users and Database Info also. The leaked info posed on Pastebin Note . In Another Attack, Hacker - S3rver.exe managed to breach the official website of the International Police Association of Australia (ipa-australiapolice.com.au). A Pastebin paste made by the hackers contains the site's database structure along with names, usernames, email addresses and password hashes, Softpedia Reported. The hackers claim that they have warned International Police Association representatives that the site contains some serious vulnerabilities, but apparently they did nothing to secure it. The hackers also tried to root the servers, but apparently it can't be rooted.
TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked !

TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked !

Aug 08, 2011
TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked ! TeaMp0isoN Hackers crew today Reveal on twitter that the discussion forum on NASA website at  https://worldwind35.arc.nasa.gov/forum/ is Vulnerable to SQL injection. The discussion Forum script is Powered by Vbulletin. According to hacker, He use Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability Exploit for hacking the Database of Forum . Hacker also expose the Login details of Admin of website on Pastie .
NASA 'Space your Face' domain hacked

NASA 'Space your Face' domain hacked

Jan 07, 2013
Another basic security loop-hole in NASA website lead to a Hack. This time hacker going by name " p0ison-r00t " deface a sub domain of NASA ( https://spaceyourface.nasa.gov/ ). The hacked sub domain running a web application using flash, that allow visitors to create some funny videos of Space using Faces. Hacker able to upload his text on the website, as shown in screenshot taken by ' The Hacker News '. We contact hacker to know more about the hack, on asking How ? Hacker said," I found a form on website, accepting file upload but without validating the extension, that allow me to upload a php shell on server ". Hacker also said that because of low privileges he was not able to modify any file, but was able to upload some text on the website, Check here . Mirror of hack also available on Zone-h .
Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ?

Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ?

May 15, 2011
Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ? Over the past couple of weeks there has been a series of discussions around why the U.S defense and Intelligence agencies are moving so quickly to adopt cloud computing. Are there any Security Holes in their Security ? Or has someone already hacked them and their documents ?. In the last week we have noticed lots of hackers activity. If you have missed something then have a look to  Super Saturday : The Hacker News Featured Articles  ! Below you are going to read about Security Holes in the U.S defense and Intelligence agencies! A Hacker named " sl1nk " claims that he has: SSH access to a Network of 140 machine's layer 1 to 3 in the Pentagon Access to  APACS (automated personel air clearance system)  Thousand's of documents ranging from seizure of a vehicle up to private encryption key request forms. Database of all usernames/passwords of Webmail of Nasa. Access to ASSIST
Google, Paypal, Facebook Internal IP disclosure vulnerability

Google, Paypal, Facebook Internal IP disclosure vulnerability

Dec 31, 2013
Do you have any idea about an Internal IP Address or a Private IP Address that too assigned for Multinational Companies? Yeah, today we are gonna discuss about Internal IP or Private IP address Disclosure. Disclosure of an Internal IP like 192.168.*.* or 172.16.*.* , can really Impact ? Most security researchers call it as "bull shit" vulnerability. But when it comes to impact calculation even if the server is behind a firewall or NAT, an attacker can see internal IP of the remote host and this may be used to further attacks. Internet Giants like Facebook, Google, PayPal and Serious National Security organizations like FBI, Pentagon and NASA are taking initiatives for their Security Issues. At same, we at ' The Hacker News ' stand together for organizations that talk about national security in a serious way. I guess,its the time to understand about the flaws and its impacts where I would like to share my findings about our Internet Giants and Organiza
India - US sign Cyber Shield deal

India - US sign Cyber Shield deal

Jul 20, 2011
India - US sign Cyber Shield deal India and the US on Tuesday inked a pact on cybersecurity to intensify information exchange on threats to computers and networks and initiate joint work on technologies against cyber-attacks. A joint statement on the India-US strategic dialogue has announced the cybersecurity agreement among new initiative by the two countries. These initiatives also include a plan to develop a software platform to make available non-sensitive government data to the public and to award $3 million each year to entrepreneurial projects that commercialise technologies to improve health. A memorandum of understanding between the Indian and the American Computer Emergency Response Teams (CERT) is expected to lead to routine exchange of information on vulnerabilities and co-operation on cybersecurity technologies, Indian CERT officials said. "This comes at a time when cybersecurity-related incidents are increasing in number and becoming more and more sophistic
Texas Man admits hacking into e-commerce servers of NASA !

Texas Man admits hacking into e-commerce servers of NASA !

Feb 24, 2011
A Texas man has admitted hacking into servers owned by an e-commerce company and making off with about $275,000. Jeremey Parker of Houston also copped to charges of breaking into servers maintained by NASA's Goddard Space Flight Center in Maryland and causing some $43,000 of damage. The hacking spree spanned a 10-month stretch starting in December 2008 with the breach of systems owned by SWReg. A subsidiary of Digital River of Minnesota, the company manages royalties for independent software developers. "Parker hacked into SWReg's system, created the money by crediting the SWReg accounts, and then caused that money to be wire transferred to his bank account instead of the accounts of several developers," a press release issued by the US Attorney's office in Minnesota said. The NASA servers Parker hacked gave paying members of the scientific community access to oceanic data being sent to Earth from satellites. Eventually, the data was made available to everyone. Parker
Cybersecurity Resources