#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

backtrack | Breaking Cybersecurity News | The Hacker News

Kali Linux 1.0.8 — New Release Supports UEFI Boot

Kali Linux 1.0.8 — New Release Supports UEFI Boot
Jul 26, 2014
Great news for Hackers and Backtrack Linux fans! Offensive Security, the developers of one of the most advance open source operating system for penetration testing known as ' KALI Linux ', has finally announced the release of the latest version i.e. Kali Linux 1.0.8 . Kali Linux is based upon Debian Linux distribution designed for digital forensics and penetration testing, including a variety of security/hacking tools. It is developed, maintained and funded by Offensive Security constantly providing users with the latest package updates and security fixes available. The new release supports Extensible Firmware Interface (EFI) boot  that allows you to start Kali Linux 1.0.8 using a USB stick on recent hardware, and especially on Apple Macbooks Air and Retina models. " This new feature simplifies getting Kali installed and running on more recent hardware which requires EFI as well as various Apple Macbooks Air and Retina models ," reads the blog post . Although

KALI Linux Mailing List Website Hacked Using Heartbleed Vulnerability

KALI Linux Mailing List Website Hacked Using Heartbleed Vulnerability
Apr 30, 2014
When it comes to Digital Forensics, Penetration and Security testing, we mostly relies on Kali Linux distribution (also known as Backtrack), which is designed for security professionals and packed with more than 300 security testing tools. But Today, Mailing List sub-domain of Kali Linux get hacked and defaced by Libyan hacking group known as ' The GreaT TeAm (TGT) '. A mailing list is simply a list of email addresses to which the same information is being sent. A discussion list is used to allow a group of people to discuss topics amongst themselves, with everyone able to send mail to the list and have it distributed to everyone in the group. Mailing lists have become a popular way for Internet users to keep up with topics they're interested in. At the time of writing, The Homepage of Kali Linux mailing list domain was displaying two lists, i.e. Kali with description "Hacked By The GreaT TeAm -TGT" Kali-Dev with description "Libyan Hackers" S

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

KALI Linux 1.0.6 released; officially added Emergency Self Destruct feature

KALI Linux 1.0.6 released; officially added Emergency Self Destruct feature
Jan 10, 2014
A few days back the developers of one of the most advance open source operating system for penetration testing called ' KALI Linux ' announced that they were planning to include " emergency self-destruction of LUKS ". They patched a utility called cryptsetup,  which introduces a self destruction feature that will allow the Kali user to encrypt the full hard disk to make the data inaccessible in an emergency case by entering a secret password at boot time. Offensive Security has finally announced today the release of the latest version i.e. Kali Linux 1.0.6 with Kernel version 3.12, and also added the Self Destruct feature along with many new penetration testing and hacking tools. The new release also includes an ARM image script, that allow the user to build Kali Linux images for various ARM devices. Some more scripts are also added that enables the user to build their own custom Amazon AMI and Google Compute cloud images. If you already have a Kali Linux insta

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Kali Linux introducing Emergency Self Destruct feature to Full Disk Encryption

Kali Linux introducing Emergency Self Destruct feature to Full Disk Encryption
Jan 08, 2014
Full disk encryption is expected to be the top security technology to be adopted this year. Take a moment to think about the information that is present on your personal computer, i.e. Photo s , passwords, emails, Important documents from work or  Financial data and  trade secrets. Many of us from the Security Industry obviously have enough confidential and important data regarding our work, source codes, or researches stored in our laptops or systems. What if your computer is stolen or seized by any Law enforcement agency at the Airport? Best example to explain the situation is as follows: We all know  Guardian journalist ' Glenn Greenwald ', who  has written a series of stories in July 2013 revealing the NSA's secret surveillance programs, leaked by whistleblower Edward Snowden . In August 2013,  The partner of the Guardian journalist ' Glenn Greenwald ', was returning from a trip to Berlin when he was stopped by officers at the Airport under Terrorism Act 20

Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features

Update : Backtrack Kali Linux 1.0.3 released with built-in accessibility features
Apr 26, 2013
BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. Security professionals have been relying on the BackTrack security distribution for many years to help them perform their assessments. A couple of weeks ago, futuristic major release of BackTrack was announced as   Kali Linux . Today Backtrack team released few updates to Kali Linux as version 1.0.3 and fixed couple of bugs. " Our first attempts at building an accessible version of Kali failed and after a bit of digging, we found that there were several upstream GNOME Display Manager (GDM3) bugs in Debian, which prevented these accessibility features from functioning with the GDM greeter. Working together with an upstream GNOME developer, we knocked out these bugs and had the fixes implemeted in Kali, and hopefully in future builds of GDM3 in Debian ." Download  new version of Kali Linux ( kali-linux-1.0.3-i386.iso ) wi

Download Kali Linux, from the creators of BackTrack

Download Kali Linux, from the creators of BackTrack
Mar 13, 2013
Great news for Hackers and Backtrack Linux fans! The most awaited penetration testing Linux distribution has been released called ' Kali Linux ' or ' Backrack 6 ', from the creators of BackTrack itself. From last 7 years we have seen five awesome versions of Backtrack Linux. But this time to achieve some higher goals, team decided to leave the 4 years old development architecture and ' Kali Linux ' born today. Kali Linux is based upon Debian Linux, instead of Ubuntu and new streamlined repositories synchronize with the Debian repositories 4 times a day, constantly providing users with the latest package updates and security fixes available. Another great feature introduced is that, because of Debian compliant system, it is now able to Bootstrap a Kali Installation/ISO directly from Kali repositories. This allow any user to easily build their own customization of Kali, as well as perform enterprise network installs from a local or remote repository. The Kali Li

UbnHD2 : Ubuntu based Pentesting OS for Mobiles

UbnHD2 : Ubuntu based Pentesting OS for Mobiles
Dec 27, 2012
Most of the crazy readers always demand for some solution to turn their Android Smartphone into a Hacking Machine. There are various solutions, like installing some penetration testing android based tools like ANTI, dSploit, FaceNiff etc and also Installing ARM version of Backtrack OS. Today I found another solution for same purpose i.e.UbnHD2, a Ubuntu based Pen-testing OS. UbnHD2 is a security and pentest focused ubuntu/debian system that runs natively on the HTC HD2 phone. The product right now in beta versions and various options may not work. Installations steps are described by developer . Features Based on Ubuntu 10.10 Maverick Meerkat, Kernel 2.6.32.15 (ARM) X.org 7.5, GNOME 2.32.0 & Cairo-Dock 2.2.0 USB-OTG, 3G Network & WiFi (Drivers not included, proprietary, check XDA Forum) Perl 5.10.1, Ruby 4.5, Python 2.6.6 and more than 170 Pentest Tools preloaded Download From Sourceforge

Fast Network cracker Hydra v 7.4 updated version download

Fast Network cracker Hydra v 7.4 updated version download
Dec 23, 2012
One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version. Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. Change Log New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!) Added support for win8 and win2012 server to the RDP module Better target distribution if -M is used

Review : Hacking S3crets - beginners guide to practical hacking

Review : Hacking S3crets - beginners guide to practical hacking
Dec 08, 2012
Most of People are curious to become Hackers, but they do not know where to start, If you are in the same situation, then " Hacking S3crets " Book will guide you through the basic and advanced steps of Hacking and will help you develop The Hacker Attitude. Author Sai Satish, and Co-Author K. Srinivasa rao with Aditya Gupta put together Ethical hacking with examples of live websites. Contents of the Book 1. Basic Hacking 2. email-Hacking 3. Google Hacking 4. Websites and databases Hacking 5. Windows Passwords Cracking in seconds 6. Backtrack 7. Metasploit 8. Wireless Cracking 9. Mobile Hacking To get reviews, we distribute book to few readers share the feedback after reading this book , as given below: Review from Nikhil Kulkarni An awesome book to start off with if you are interested in hacking. It unwraps various methods and techniques performed by hackers today. Being into security field from past 4 years, I've never read such

CTF365 – Capture The Flag – Next Generation

CTF365 – Capture The Flag – Next Generation
Nov 19, 2012
Prepare your tools, build your team, defend your country and conquer the World. It is well known that the best way to learn security is hands on. It's the kind of experience you earn in pentest labs or CTF competitions based on challenges or defensive and offensive security and it's aimed at improving your security skills. Every important Information Security conference has a CTF competition, the most prestigious universities host CTF competitions and major companies organize CTFs now and then. Just take a look at Stripe or Mozilla. CTF is everywhere and not just in the InfoSec Industry. The World is changing rapidly, and so is the InfoSec industry along with CTFs. It looks like CTF365 took this task seriously and they promise a brand new approach to CTF competitions that will change everything we know about those competitions. Is not a challenge nor scenario based game. They simply promise to build and internet within The Internet and replicate everything that ex
Cybersecurity Resources