Symantec hacked | Breaking Cybersecurity News | The Hacker News

A security researcher has disclosed critical issues in the processes and third-party API used by Symantec certificate resellers to deliver and manage Symantec SSL certificates. The flaw, discovered by Chris Byrne, an information security consultant and instructor for Cloud Harmonics, could allow an unauthenticated attacker to retrieve other persons' SSL certificates, including public and private keys, as well as to reissue or revoke those certificates. Even without revoking and reissuing a certificate, attackers can conduct "man-in-the-middle" attack over the secure connections using stolen SSL certs, tricking users into believing they are on a legitimate site when in fact their SSL traffic is being secretly tampered with and intercepted. "All you had to do was click a link sent in [an] email, and you could retrieve a cert, revoke a cert, and re-issue a cert," Byrne wrote in a Facebook post published over the weekend. Symantec knew of API Flaws Si...

5th November 2012 was the most exciting day in Cyberspace, yesterday we have report about few major hacks and leaks including Hacking of ImageShack Server , thousands of researchers database leak from Symantec portal, then  NBC Sports Rotoworld forums and NBC Mobile site was defaced by pyknic hacker and a claim that user names and passwords for the site had been compromised, Anonymous leaks the VMware ESX Server Kernel source code online , numerous Australian sites, and the Organization for Security and Cooperation in Europe. The Guy Fawkes Day start with the hack of  28,000 Paypal Accounts. AnonymousPress tweeted , " Paypal hacked by Anonymous as part of our November 5th protest privatepaste.com/e8d3b2b2b1 #5Nov " (File Removed now) Private Paste documents contained 27,935 entries from Paypal database table " mc_customers " including emails, names, passwords (encrypted) and corresponding telephone numbers. However acc...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Hackers hack into ImageShack server and expose all the files online, moreover Antivirus Company Symantec's portal also hacked by them and complete database of all 1000's of researchers dumped in a pastebin File. One of the hacker behind this hack avilable on twitter at  @ Doxbin . Hacker expose content of few most important files of the server, like /etc/passwd ,  /etc/shadow , Content list of ImageShack Web directory (/home/image/www) and many more. Hacker claimed to use some zero day vulnerability in order to get into the server. Whereas in  Symantec case, hackers leak complete database from online portal. Database information includes Phone numbers, email, domain, password, Name, Username etc. According to Hackers write up that exploit unknown zero-day bug of ZPanel used by Symantec to get into server. In same operation, hackers target  CrytoCC website (https://kerpia.cryt...