#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

Hacker News | Breaking Cybersecurity News | The Hacker News

iPhone 5 and 4 Hacked with same Exploit

iPhone 5 and 4 Hacked with same Exploit

Sep 23, 2012
iPhone 5  is vulnerable to the same attack that successfully breached an iPhone 4S at the mobile Pwn2Own hacker contest held this week at the EUSecWest event in Amsterdam . As we reported that Joost Pol and Daan Keuper won the mobile Pwn2Own contest by compromising a fully patched iPhone 4S device and stealing contacts, browsing history, photos and videos from the phone. The vaunted security of the iPhone (4S) took an epic fail tumble during the event when they was able to build an exploit for a vulnerability in WebKit to beat Apple's code-signing features and the MobileSafari sandbox. The same bug is present in the iOS6 Golden Master development code base, which means iPhone 5 is  also vulnerable to the same exploit. Apple iPads and iPod Touch devices are also vulnerable. " We specifically chose this one because it was present in iOS 6, which means the new iPhone coming out today will be vulnerable to this attack ," Pol said. The duo won $30,000 for their effor
Oracle Database stealth password cracking vulnerability

Oracle Database stealth password cracking vulnerability

Sep 20, 2012
Oracle suffered with serious vulnerability in the authentication protocol used by some Oracle databases. This Flaw enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user's password. A researcher - Esteban Martinez Fayo, a researcher with AppSec tomorrow will demonstrate a proof-of-concept attack. Martinez Fayo and his team first reported the bugs to Oracle in May 2010. Oracle fixed it in mid-2011 via the 11.2.0.3 patch set, issuing a new version of the protocol. " But they never fixed the current version, so the current 11.1 and 11.2 versions are still vulnerable ," Martinez Fayo says, and Oracle has no plans to fix the flaws for version 11.1. The first step in the authentication process when a client contacts the database server is for the server to send a session key back to the client, along with a salt. The vulnerability enables an attacker to link a specific session key with a specific password hash. Th
6 Million Virgin Mobile users vulnerable to Hackers

6 Million Virgin Mobile users vulnerable to Hackers

Sep 20, 2012
Virgin Mobile customers beware: Your phone number is the key to your personal information. According to independent developer Kevin Burke, who warned Virgin Mobile USA customers about a glaring security hole in the phone company's account login protocol said, " If you are one of the six million Virgin subscribers, you are at the whim of anyone who doesn't like you. " Virgin Mobile USA users manage their account by logging in through an online portal, which requires a mobile number and a 6-digit pin. Once inside, customers can check their call records, change the handset associated with their number, and update their personal details. In a blog post on Monday, Kevin Burke detailed how the username and password system used by Virgin Mobile to let users access their account information, is inherently weak and open to abuse. " It is trivial to write a program that checks all million possible password combinations, easily determining anyone's PIN inside of one day
Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969

Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969

Sep 19, 2012
Microsoft has confirmed reports that a zero-day vulnerability in its Internet Explorer browser is being actively attacked in the wild. Four active exploits of a zero-day vulnerability in the browser exists. Microsoft will push out an out-of-cycle Windows patch to temporarily fix the critical Internet Explorer flaw. Security researcher Eric Romang identified the exploit code on a server used by the "Nitro" hacking group, believed to have exploited the Java zero-day vulnerability reported last month.  Security firm Rapid7 advises that Internet users try a different Web browser. The malware may be linked to an ongoing attack on companies that has been dubbed "Nitro", and was first discovered in October by Symantec. The zero-day in IE 6-9 is a use-after-free memory corruption vulnerability , similar to a buffer overflow, that would enable an attacker to remotely execute code on a compromised machine. The original exploit payload dropped the PoisonIvy remote access Trojan (RAT)
Android 4.0.4 multiple Zero-Day Vulnerabilities

Android 4.0.4 multiple Zero-Day Vulnerabilities

Sep 19, 2012
The Samsung Galaxy S3 can be hacked via NFC, allowing attackers to download all data from the Android smartphone, security researchers demonstrated during the Mobile Pwn2Own contest in Amsterdam. Using a pair of zero day vulnerabilities, a team of security researchers from U.K.-based MWR Labs hacked into a Samsung Galaxy S3 phone running Android 4.0.4 by beaming an exploit via NFC (Near Field Communications). NFC is a technology that allows data to be sent over very short distances. For mobile devices, the protocol allows digital wallet applications to transfer money to pay at the register. While the technology has been slow to take off, despite the adoption by Google for its Wallet payment application, a number of recent high-profile announcements have boosted its adoption. " Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability
9 million PCs infected with ZeroAccess botnet

9 million PCs infected with ZeroAccess botnet

Sep 19, 2012
In recent months, we've seen the rootkit family Win32/Sirefef and Win64/Sirefef (also known as ZeroAccess Botnet ) update its command and control protocol and grow to infect more computers while connecting to over one million computers globally.  Before, disclosed that it creates its own hidden partition on the hard drive and uses hidden alternative data streams to hide and thrive. Then ZeroAccess developer changed infection tactics and stopped using kernel-mode components in the latest version Security firms tracked the growth of x64 version infections. But Recently uncovered by SophosLabs that ZeroAccess botnet took a major shift in strategy and operating entirely in user-mode memory. There are two distinct ZeroAccess botnets, and each has a 32-bit version and a 64-bit version, numbering four botnets in total. Each botnet is self-contained because it communicates exclusively on a particular port number hard-coded into the bot executable. The botnets can be categorised based o
Bharatiya Janata Party website defaced by Anonymous Hackers

Bharatiya Janata Party website defaced by Anonymous Hackers

Sep 19, 2012
Hackers from Indian Anonymous Group hacked Bharatiya Janata Party's website, BJP.org , last night, and defaced it. They post a set of messages with pictures, reflecting the group's condemnation of recent events including the government's approval of 51% FDI in multi-brand retail, diesel price hike, corruption, the cartoon controversy, and the Kudankulam Power Project, among others. Hackers also asked people to stand up and participate in the #OccupyIndiaground protest, which according to the message starts 23rd September 2012 (this Sunday) 3pm at India Gate, Delhi, Freedom Park, Bangalore, Marine Beach, Chennai, Park Street Crossing, Kolkata, MG Road, Pune and Subhash Park, Kochi. Defaced domains are: https://bjp.org https://bjpmp.org.in/ The group also posted a YouTube video with a message from anonymous: Video Saying that the group's been observing the deteriorating condition of free speech in India, and the government's attempts to block social media. Last month, Anonymous
Bank of America Website under Cyber Attack from Islamic Hackers

Bank of America Website under Cyber Attack from Islamic Hackers

Sep 19, 2012
Bank of America's website experienced periodic outages Tuesday due to cyber attacks launched in retaliation for " Innocence of Muslims ," the amateurish film whose mocking portrait of the Prophet Muhammad has incited deadly riots throughout the Middle East. " Cyber fighters of Izz ad-din Al qassam " said it would attack the Bank of America and the New York Stock Exchange as a "first step" in a campaign against properties of " American-Zionist Capitalists ." " After Successful attack to YouTube Servers in recent days made by Muslims around the world, many groups announce that they are ready to do similar attacks.When supporter of that sacrilegious movie try to punish the cast and crew, the publisher included, this story will end until that time these kinds of Cyber Attacks will be continued and the Cyber world will be an unsafe place for all of Enemies of Islam. " Hackers posted on their blog . People around the country reported on
Security in a Serious Way - The Hacker News Magazine September 2012 Edition

Security in a Serious Way - The Hacker News Magazine September 2012 Edition

Sep 16, 2012
Hey faithful readers and people interested in Internet Security! Enjoy our - The Hacker News Magazine  September 2012 Edition , Issue #14 packed full of computer security issues and a great interview with a young hacker who defines the world of hacking and the future. Let us know what you think and many thanks for following our website!
Electromagnetic Pulse Attacks : Are we prepared ?

Electromagnetic Pulse Attacks : Are we prepared ?

Sep 14, 2012
An electromagnetic pulse (EMP) attack is a threat few Americans are familiar with, yet one which could easily destroy their lives. What would you do if your electricity suddenly went out and didn't come back on for months or even years? How long would you last with the food in your pantry, the bottled water you have shelved, and your net worth reduced to the cash in your pocket? These are the factual consequences of EMP attack. A single EMP attack could disable all modern electronics in the United States, eliminating communications, food, water, transportation, medicine distribution, and our financial system. Experts from the Department of Homeland Security (DHS) and the US Department of Defense (DOD) have told a House Homeland Security subcommittee that Defense systems that depend on the commercial electric grid are vulnerable to electromagnetic pulse attacks and solar storms that could seriously damage the nation's infrastructure. U.S. power grids and other civilian infrastruc
BlackHole Exploit Kit 2.0 released with more latest Exploits

BlackHole Exploit Kit 2.0 released with more latest Exploits

Sep 14, 2012
According to release announcement on Pastebin by unknown developers in a Russian-language BlackHole Exploit Kit 2.0 released with more latest Exploits. BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security holes in order to install malicious software on victim's systems. The new variant doesn't rely on plugindetect to determine the Java version that's installed, thus speeding up the malware download process. Old exploits that were causing browsers to crash and "scary visual effects" have been removed. The exploit kit is offered both as a "licensed" software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server. Some interesting claims by developer about new version: prevent direct download of executable payloads only load exploit contents when client is considered vulnerable drop use of PluginDetect library (performance jus
Anonymous member Barrett Brown Arrested by FBI

Anonymous member Barrett Brown Arrested by FBI

Sep 13, 2012
Anonymous hacker Barrett Brown was arrested by the FBI last night, his apartment raided while he was in the middle of a live TinyChat session. For those that may not be familiar with Brown, he came to some notoriety last year for allegedly mounting an operation against the Zeta drug cartel in Mexico after they had kidnapped a member of Anonymous. Brown claimed to hold the names of 75 Zeta collaborators, which he threatened to release to the press unless the Anon member was set free. Brown is the founder of Project PM and has worked closely with the Anonymous hacker collective on several past operations. This is not the first time that Barrett Brown's home has been raided. Six months ago the FBI came knocking on Brown's door and confiscated his laptop, but no charges were filed against him. That incident followed the arrest of then-LulzSec leader Sabu, or rather Hector Xavier Monsegur, who then turned informant in exchange for leniency, although it's also been suggested that Sabu was
Eject any WiFi device from network using Android

Eject any WiFi device from network using Android

Sep 13, 2012
If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. May be you ever use " NetCut " tool in your windows to eject any WiFi device from network with one click. NetCut have ability to scan the network for all connect devices with their MAC address and then with one click you can disconnect anyone from Network using ARP SPOOF attacks. This application mostly used by students to save bandwidth in colleges or in any network where they want to disconnect all other users and use complete bandwidth for better speed or by some Network admins. But NETCUT comes for Windows only. A Android application released called " WiFiKill  v1.7 " , this is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can g
Chip and PIN payment card system vulnerable to Card cloning

Chip and PIN payment card system vulnerable to Card cloning

Sep 13, 2012
At a cryptography gathering in Leuven, Belgium, on Tuesday, Cambridge University researchers made it known that they do not like what they see in chip and pin systems. The chip and PIN system employed by most European and Asian banks is definitely more secure than the magnetic strip one, but it doesn't mean that it doesn't have its flaws. A flaw in the EMV protocol which lays out the rules for chip-and-PIN card transactions at ATMs and point-of-sale terminals could enable persistent attackers to carry out bogus card transactions. Five Cambridge (UK) University researchers released a paper today with the gory details. Bank cards are reportedly vulnerable to a form of cloning and researchers have pinpointed the poor implementation of cryptography methods in ATM machines as being the reason for the flaw. The chip in an EMV card is there to execute an authentication protocol, and is itself very difficult to clone. However, the authentication process also relies on the merchant
Anonymous dump 2.5 GB data from email of priest accused for child abuse

Anonymous dump 2.5 GB data from email of priest accused for child abuse

Sep 13, 2012
In July 2012 Italy police have arrested a Catholic priest over allegations he abused a teen girl. Father Don Giacomo Ruggeri , 43, was immediately suspended from all priestly duties and police had raided his home and seized his computer. Anonymous Hackers today publish 2.5 GB of private mails from the Gmail of a priest recently protagonist of a story related to alleged child abuse on  official blog of Anonymous Italy. " The story of Don Ruggeri is yet another demonstration of how your institution has undermined the principles that should inspire. Fomented hatred and stigma toward anyone who shows a sexual orientation different from what you call "natural", in line with a model of patriarchal society and discriminating. The real unnaturalness is disgusting in your modus operandi. Your greed, your greed is posted ." Hacker upload a series of documents containing more than 2 gigabytes of messages received and sent e-mail account on DepositFiles. In a statement by A
WhatsApp vulnerability can be misused for Spreading Malware

WhatsApp vulnerability can be misused for Spreading Malware

Sep 13, 2012
A Cross site scripting (XSS) vulnerability in WhatsApp website reported to The Hacker News by Edgard Chammas. WhatsApp is one of the most famous cross-platform mobile messaging app for iPhone, BlackBerry, Android, Windows Phone and Nokia used to send text, video, images, audio b/w Whatsapp users. Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. Reported vulnerability exist on payment procedure page as shown in above picture. The Sample code given below to demonstrate the vulnerability. Recently, there has been an increase in web malware and spam activities and such vulnerabilities can be misused by attackers to spread Malwares and rogue applications. Edgard also demonstrate that How this can be used to trick users to download a fake application (Malware - WhatsApp.apk) from o
Reliance Net Connect website Defaced by Hackers

Reliance Net Connect website Defaced by Hackers

Sep 13, 2012
Reliance Net Connect , a venture of Reliance Communications , one of the leading CDMA & GSM Service providers in India website was Defaced by Hackers two days back. No reason mentioned by hackers but on deface page, Hackers wrote " Hacked by Dr-FreaK and Napsters Cr3w ". Defaced site link -  https://reliancenetconnect.co.in , but at the time of writing this post, site has been successfully  restored by company. But you can see mirror of hack on Zone-H . In june 2012 due to Internet Censorship in India Reliance Communications blocks various sites, against to which Anonymous Hackers hacked their servers Reliance Communications in such a way that users trying to access Facebook, Twitter, Google, Gmail and Yahoo were greeted messages. Also in July 2012  Reliance Communications was successfully breached by another hacker with just information disclosure bug.
Plugx RAT targeting government organizations in Japan using spear phishing

Plugx RAT targeting government organizations in Japan using spear phishing

Sep 11, 2012
Roland Dela Paz (Threat Researcher) at TrendMirco reported that last year a Malware Campaign to target specific users in Japan, China, and Taiwan once again on rise using new breed of Remote Access Tool (RAT) called Plugx (also known as Korplug). This new custom made version comes for less recognition and more elusiveness from security researchers. He also mention that last year campaign used the Poison Ivy RAT, but now its Plugx take its place. " Similar to previous Poison Ivy campaigns, it also arrives as an attachment to spear-phished emails either as an archived, bundled file or specially crafted document that exploits a vulnerability in Adobe Acrobat Reader or Microsoft Office. We've also encountered an instance of Plugx aimed at a South Korean Internet company and a U.S. engineering firm ." Roland mentioned . The attached pdf exploits CVE-2010-2883 (with  Plugx  (RAT) payload connects to a command and control (C&C) server named {BLOCKED}eo.flower-show.org. CVE-2
Ankit Fadia site again Hacked and Suspended by Hosting provider

Ankit Fadia site again Hacked and Suspended by Hosting provider

Sep 11, 2012
Another Funny news, today India's most popular but Self Claimed Hacker - Ankit Fadia's website just got hacked by a 17 Year old kid Kul Verma. His official Website https://ankitfadia.in/ got hacked and seems like his Hosting Provider has suspended his website on noticing something not correct with his site. Hacker hacked by a kid, this Questions the capability of Mr. Ankit Fadia once again. We all know that, its not the 1st time Fadia's Website got hacked. In past several young hackers claim to hack and deface his Website. Hacker claim the responsibility on the Facebook Fanpage , says " 17 years old.Love to Hack " and statement " Come Catch if You Can ". If you want to see deface page, please have a look to the Mirror link .
Anonymous Hacker take down GoDaddy with IRC Bots

Anonymous Hacker take down GoDaddy with IRC Bots

Sep 11, 2012
GoDaddy.com, which hosts millions of websites mostly for small businesses, said Monday it was investigating an outage that had knocked some of its customers offline. A hacker using the " Anonymous Own3r " Twitter account claimed credit for the outage, " Hello https://godaddy.com/ now yes! all servers #tangodown by @AnonymousOwn3r ," a tweet said. We talk with  Anonymous Own3r to find out the way he used to take down this giant server. Hacker said," I am using thousand of Hacked server as bots to perform the attack. Sending dos attack commands using IRC  to all of them together. I just upload IRC connect on each server to control my every slave by commands ." On further talk, we came to know that he use  DDOS IRC Bot script , available on Pastebin . Its really easy to use, hack randomly hundreds of Servers online and upload your Script. Now just via IRC you can control your slaves to perform a huge DDOS attack. Email services from the company, and GoDaddy
More Resources

Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.