The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Hacker News

Lulzsec hacker Jeffrey could face Life Imprisonment

Lulzsec hacker Jeffrey could face Life Imprisonment

November 28, 2012Mohit Kumar
Lulzsec Hacker , Jeffrey Hammond faces a potential prison sentence of more than 30 years if found guilty of all charges filed against him. U.S. District Court chief judge Loretta Preska, who presided over a bail hearing for Hammond want last week. Hammond was also charged with using some of the stolen credit card data to help make $700,000 in unauthorized charges, and accused of participating in a hack of the Arizona Department of Public Safety website. " In early May 2012, a federal grand jury handed down a superseding indictment in the case against alleged LulzSec and Anonymous leaders, accusing Hammond of masterminding the LulzSec and Anonymous attacks against the website of Stratfor (a.k.a. Strategic Forecasting), beginning in December 2011. " Informationweek said . " At last week's hearing in a Southern District of New York federal courtroom, Hammond's defense attorney, Elizabeth Fink, suggested that the FBI may have used entrapment to catch her client,
Hackers break into International Atomic Energy Agency servers

Hackers break into International Atomic Energy Agency servers

November 27, 2012Mohit Kumar
The UN nuclear watchdog has acknowledged one of its former computer servers had been hacked. The stolen information was contained in a statement by a group with an Iranian-sounding name calling for an inquiry into Israel's nuclear activities. The International Atomic Energy Agency (IAEA) is investigating Iran's nuclear program. A group called Parastoo Farsi for the swallow bird and a common Iranian girl's name claimed responsibility for posting the names on its website two days ago. The group had been known to be critical of Israel's undeclared nuclear weapons program. " The IAEA deeply regrets this publication of information stolen from an old server that was shut down some time ago ," agency spokesperson said and agency experts had been working to eliminate any " possible vulnerability " in it even before it was hacked. Israel and the United States accuse Iran of seeking to develop a nuclear weapons capability, a charge Tehran denies, and says the Islamic state is th
Java zero-day exploit sold in underground Market

Java zero-day exploit sold in underground Market

November 27, 2012Anonymous
Once again a zero day vulnerability exploit is sold by cyber criminals in the underground, once again a the flaw is related to Oracle's Java software that could allow to gain remote control over victim's machine. The news has been reported by KrebsOnSecurity blog that announced that the exploit being sold on an Underweb forum. The vulnerability is related to the most recent version of Java JRE 7 Update 9, it isn't present in previous versions of the framework, in particular the bug resides within the Java class "MidiDevice according the info provided by the seller that describes it with following statements: " Code execution is very reliable, worked on all 7 version I tested with Firefox and MSIE on Windows 7 ," " I will only sell this ONE TIME and I leave no guarantee that it will not be patched so use it quickly. " The exploited class is a component of Java that handles audio input and output. It's easy to understand that similar vulnerability has a great value du
Anonymous Leak Emails from Syrian Ministry of Foreign Affairs

Anonymous Leak Emails from Syrian Ministry of Foreign Affairs

November 27, 2012Mohit Kumar
Anonymous Hacker managing Operation Syria ( OpSyria ) have released 1 GB of emails dump from  Syrian Ministry of Foreign Affairs. Files are in files are in Arabic language. Documents includes scanned copies of Syrian ministers passports, details about an arms transport from Ukraine, report which shows that 200 tons of Syrian bank notes have been shipped from Russia. " Within the stash you will find details about cargo flights from Russia, each containing 30 tons of fresh Syrian Cash " Hackers said. " Furthermore you will find lulzy documents such as scanned passports from Syrian ministers (PDF) and details about arms transportation from Ukraine ". Emails are available here and Full Archive is available to download also.
Anonymous Takes Down NISD Over Student Tracking

Anonymous Takes Down NISD Over Student Tracking

November 27, 2012Mohit Kumar
Hacker group Anonymous claims he took down North-side Independent School District's website (www.NISD.net) on Saturday to protest the district's use of tracking badges. On Sunday, Nov. 25, the same hacktivist released a statement via Pastebin giving the school district "1-3 days" to meet with parents and explain the student tracking program in detail. If the district fails to comply with the request, hacktivist promise to "simply shut down" the school district website once again. The hacker group also sent a Twitter message to the NISD account on Thursday, teasingly notifying them that their site was down. " They're tracking students! They have rights too. I want a statement about this, nobody agrees with that, even the parents! " Anonymous said. NISD said it wanted to expand the Student Locator Project to 112 Texas schools and around 100,000 students to curb truancy, apparently a major problem at the school district in question. It was reported that by improv
TripAdvisor travel website infected with Gamarue malware, infect 2% Indian Internet Users

TripAdvisor travel website infected with Gamarue malware, infect 2% Indian Internet Users

November 27, 2012Mohit Kumar
TripAdvisor Inc., a hotel-review website, recently became a victim of the bug, said Trend Micro Inc., an Internet security solutions provider. Many of TripAdvisor's users received spam mail with booking confirmations for hotels they had checked out on the website , 1.89% of Indian Internet Users have already been affected. The email purporting to be in the name of one of the Hotels has a similar theme to its English counterpart as it contains confirmation and details on an alleged booking reservation.  TripAdvisor, which is among India's top five travel brands as per digital market research firm ComScore Inc., globally has 60 million unique monthly visitors and 2.4 million unique users per month in India. Gamarue is a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user. Trend Micro reported that one of their manager received the spam at his personal e-mail address but the addres
Go Daddy Sites Serve Up Ransomware Malware

Go Daddy Sites Serve Up Ransomware Malware

November 27, 2012Mohit Kumar
Domain name registrar and website hosting provider Go Daddy is responding to a DNS attack targeting a "small number" of its hosted websites that one security firm said is enabling cyber criminals to spread ransomware.  The DNS (Domain Name System) is what transfers host-names into IP addresses, meaning computers can talk to each other and users can access them online. Godaddy said, " We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems. " The Cool Exploit Kit targets a variety of vulnerabilities, including Java errors, and has been seen spreading via drive-by attack websites. The ransomware served depends on the country of origin. In the UK, it is malware posing as a legitimate message from the Met's Police e-Crime Unit (PCeU). It locks the computer, on the grounds that the computer was guilt
Narilam malware target Iran Financial SQL Databases

Narilam malware target Iran Financial SQL Databases

November 27, 2012Mohit Kumar
Symantec recently identified a database-corrupting piece of malware targeting systems mostly in Iran, but despite early speculation that it could be related to the likes of Stuxnet and Flame, it appears to be targeting small businesses rather than the country's infrastructure. Malware Dubbed W32.Narilam , is predominantly active in the Middle East, and it has also been detected in the USA and UK. The worm looks for particular words in Microsoft SQL databases and overwrites them. The worm specifically targets SQL databases with three distinct names, alim, maliran, and shahd. Once the targeted databases are found, Narilam looks for specific objects and tables and either deletes the tables or replaces items with random values. On Monday an alert was published on tarrahsystem.com warning of the W32.Narilam threat to its customers. The bulk of the infections thus far have been found in the Middle East, particularly Iran and Afghanistan. Kaspersky Lab took issue with repo
XSS Vulnerability in Apple website

XSS Vulnerability in Apple website

November 13, 2012Mohit Kumar
A 16 years old Spanish Whitehat hacker going by name " The Pr0ph3t " found XSS Vulnerability on Apple website. The Vulnerability reported in Apple subdomain -  https://locate.apple.com , where users can choose a service center location. About Cross site scripting : Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. The malicious script can access any cookies, session tokens, or other sensitive information retained by your browser. This vulnerability may be used by attackers to bypass access controls such as the same origin policy. After capturing HTTP headers, hacker found that there is a parameter called "location" which is actually not filtered for malicious inputs. Hacker. For proof of concept , he inject a JavaScript code - as shown in image.  Vulnerability existence verified by The Hacker News team and its still vulnerable.
Tunisians Voice - Nawaat Portal hacked

Tunisians Voice - Nawaat Portal hacked

November 13, 2012Mohit Kumar
Kosova Warriors Group deface a subdomain (https://events.nawaat.org/) of Nawaat Portal.. Its an independent collective blog hosted by Tunisians. It gives a voice to all those who, through their civic engagement, take the cover and spread. Our editorial decisions are guided by among other concerns that affect the lives of our countrymen and our fellow man. It seems that hacker is able to hack into the server and have control over two subdomains. After talking with hacker, we came to know that there is one more panel open for hackers at https://facebook.nawaat.org/ , where by default anyone is logging as admin user id. Zone-h Records of defacement are : https://www.zone-h.org/mirror/id/18587592 https://www.zone-h.org/mirror/id/18587594
Guadeloupe National Domain registrar hacked, Twitter & Google domain credentials leaked

Guadeloupe National Domain registrar hacked, Twitter & Google domain credentials leaked

November 10, 2012Mohit Kumar
Guadeloupe is a Caribbean island located in the Leeward Islands, in the Lesser Antilles. Today a hacker going by name "UR0B0R0X" claimed to hack into the " Network Information Center Guadeloupe " (nic.gp), which is Guadeloupe National Domain registrar having control over domains of big companies like Google.gp, Paypal.gp, twitter.gp, Yahoo.gp,  and many more. Hacker claimed to hack server of  nic.gp and leak credentials (encrypted) of 1271 Guadeloupe domains and user accounts including usernames, email addresses and phone numbers from server as shown via a  paste-bin note . and complete database uploaded on a  file sharing  site.
Pizza Hut defaced, Authorities denies theft of 240000 Credit Cards

Pizza Hut defaced, Authorities denies theft of 240000 Credit Cards

November 07, 2012Mohit Kumar
Yesterday Australian Pizza Hut website was compromised by a hacking group going by the name of 0-Day and Pyknic . Hackers defaced the website and claim that they made off with 260,000 Australian credit card numbers. Hack was 1st noticed by  Whirlpool Forum users. But a Pizza Hut spokeswoman said the company did not store such information on its website. " Pizza Hut can confirm that a layer of its website, pizzahut.com.au , was breached with access gained to names and contact information, including email addresses ". " We are working with our website providers to conduct a thorough investigation of the matter and have also reported the incident to the Office of the Australian Information Commissioner. We would like to reassure all of our customers that absolutely no credit card information was stolen and there is no need for concern regarding credit cards." "The security of our online ordering system has not been compromised in any way and our customers ca
UNESCO Etxea website hacked by #NullCrew

UNESCO Etxea website hacked by #NullCrew

November 06, 2012Mohit Kumar
Hacking group #NullCrew deface UNESCO Etxea website (unescoetxea.org), which is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels. Deface page reads, " Welcome to the new front page of unesco etxea You have been targeted by NullCrew, as part of the FuckTheSystem movement. We have began the war, once again; but this time, good-luck even coming close to winning. " " The united nations, just a bunch of corrupt nations; united by one source of power.. And for that reason, we have came back; to repeat the process. Enjoy the candy. " After watching the data dumped on deface page including the kernel version of server and wordpress database configuration file we can judge that, hacker is able to upload the php shell on website of UNESCO Etxea and he deface the web page. #NullCrew today also hack  UK Ministry of Defence and dump database online. Hackers threatened to hack &quo
Guy Fawkes Day start with Hack of  28,000 Paypal Accounts

Guy Fawkes Day start with Hack of 28,000 Paypal Accounts

November 05, 2012Mohit Kumar
5th November 2012 was the most exciting day in Cyberspace, yesterday we have report about few major hacks and leaks including Hacking of ImageShack Server , thousands of researchers database leak from Symantec portal, then  NBC Sports Rotoworld forums and NBC Mobile site was defaced by pyknic hacker and a claim that user names and passwords for the site had been compromised, Anonymous leaks the VMware ESX Server Kernel source code online , numerous Australian sites, and the Organization for Security and Cooperation in Europe. The Guy Fawkes Day start with the hack of  28,000 Paypal Accounts. AnonymousPress tweeted , " Paypal hacked by Anonymous as part of our November 5th protest privatepaste.com/e8d3b2b2b1 #5Nov " (File Removed now) Private Paste documents contained 27,935 entries from Paypal database table " mc_customers " including emails, names, passwords (encrypted) and corresponding telephone numbers. However according to PayPal's head of PR, they claim to be i
Anonymous leaks VMware ESX Server Kernel source code

Anonymous leaks VMware ESX Server Kernel source code

November 04, 2012Mohit Kumar
Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads,  " WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK #Anonymous #AntiSec ". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reason behind this wild leak by anonymous is that, Vmware continue producing on same level again and again which is not a good practice for better Security. " Bullshitting people and selling crap. But it's time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny. " Hacker said. A 1.89 MB uploaded on torrent and titled "VMware ESX Server Kernel LEAKED". I have download the archive and file inside archive as shown above. Dump seems to be produced by revers
National Telecommunications Commission website defaced

National Telecommunications Commission website defaced

November 01, 2012Mohit Kumar
Another Halloween hack, National Telecommunications Commission (NTC) was hacked Thursday noon, showed a pop-up message saying " Sh4d0wFiend_h4x0r and Wizkidl33t were here! " and would later redirect to another page (ntc.gov.ph/halloween) displaying the hacker's message - " hello and welcome: presented by Wizkidl33t and Sh4d0wFiend_h4x0r " Futher one click, a new page loads with the message " Welcome to the world of Halloween, in a moment you will see a couple of scary and entertainment media, this is not about a government issues this is for Halloween special click proceed to go to the next page ." The hacker group has claimed responsibility for the hacking of several government websites protesting the passage of the Cybercrime Prevention Act in the Philippines.
Indian Defence organisation DRDO website hacked

Indian Defence organisation DRDO website hacked

November 01, 2012Mohit Kumar
Algerian hackers going by name ' SanFour25 ' yesterday deface 7 Indian government  websites including Indian Defence Research and Development Organisation (DRDO), West Bengal police and the Prime Minister's Office (PMO) websites. According to TheHindu , The most sensitive website that came under attack was the one operated by the Recruitment and Assessment Centre (RAC) of the DRDO ( www.rac.gov.in/experts/Dz.php ). The website was down for over 9 hours, which actually deals with the recruitment of scientists to the several laboratories of the DRDO. List of Hacked domains: https://rciregistration.nic.in/rehabcouncil/Dz.txt policewb.gov.in/wbp/counter.txt www.rac.gov.in/experts/Dz.php www.diu.gov.in/departments/Dz.php gpra.nic.in/writereaddata/Dz.php birapdbt.nic.in/video/Dz.php iii.gov.in/tmp/Dz.php Mirrors of hacked sites are available on Zone-H at  SanFour25 archive. It is possible that  the hackers could have attacked the website to get details of the scientist
Virus threat hit Israeli Foreign Ministry computers

Virus threat hit Israeli Foreign Ministry computers

October 26, 2012Mohit Kumar
A number of Israel's government offices have fallen victim to a cyber attack over the past week, one apparently aimed at slipping a "Trojan horse" into the computer servers at these ministries. Israeli police immediately pulled the national computer network from the civilian Internet after this cyber threat . A Trojan horse has been sent as files attached to emails bearing the name of the IDF Chief of Staff Benny Gantz in the subject line. According to the reports from haaretz ,A senior government clerk stressed that the threat facing the police was being investigated by experts. It is also not clear that either breach involved a wide-scale cyber-attack, or a virus infecting only a few computers. Government employees were advised not to open their emails or Facebook messages if such strange activity was noticed. Dozens of identical emails were sent Wednesday to Israel embassies abroad and to Foreign Ministry employees in Israel. The intelligence tip did not indicate t
Think Like a Hacker for Better Security

Think Like a Hacker for Better Security

October 15, 2012Mohit Kumar
Computer hacking is truly an epidemic. It's not enough to apply the latest patches to your servers and workstations or otherwise defend yourself reactively. If you're in charge of your network's security, you must understand how hackers minds work and what tools they're using for their attacks.  Also one of the best ways to protect yourself is to think like a hacker. Evil hackers aren't just a threat to national security. They're a threat to your privacy and even your livelihood. Your personal information? Nothing more than a commodity in their billion-dollar black-market enterprise. There's no product that can prevent hackers from plastering passwords and usernames on the Web. But some white hat hackers are not only chasing these cybercriminals but also thwarting the attacks before they can be launched. Vulnerabilities appear in your environment every day. For example, everyone wants to use their tablet or smart phone to conduct business. A
#OpJubilee - Anonymous Hackers deface UK police forums

#OpJubilee - Anonymous Hackers deface UK police forums

October 13, 2012Mohit Kumar
Anonymous  Hackers declare another operation name called -  ANONYMOUS OPERATION JUBILEE . Under this there will be Rally of Millions people To Parliament, London on 5th of November 2012. As planned this will be a peaceful gathering at the Parliament Building in London to declare the true jubilee. This operation was started by Anonymous with Twitter account  @OpJubilee . They have a website with a countdown timer on it till 5th Nov, 2012. Today hackers deface two UK Police sites and post a  YouTube video on it, with the message for all protesters to say that GET READY FOR 5TH NOV . Defaced domains:  https://policespecials.com/ https://policeuk.com/ Mirror of Hack :  https://www.zone-h.org/mirror/id/18466119 https://www.zone-h.org/mirror/id/18466115 Subscribe  to our  Daily Newsletter via email  - Be First to know about Security and Hackers. or Join our Huge  Hackers Community  on  Facebook ,  Google+  and  Twitter .
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.