#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

free hosting | Breaking Cybersecurity News | The Hacker News

JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

Jun 23, 2011
JustHost Hosting Server Compromised, More than 1000's of websites at Risk ! JustHost.com Server Breached ! " Just host is one of the fast growing hosting industries with the good uptime reliability with the best support and it's new to the world wide in the year 2008.Just host .com is one of the uppermost web hosting suppliers and are identified for their uptime reliability with the most superb support. "  Millions of websites Hosted on various JustHost Servers. One of them got Hacked by some hacker. Breached data become public from twitter account of " ContraHax " . This Hack is seems to be Dedicated to " Antisec operation " Started by Anonymous and Lulzsec. The exposed data includes : 1.) DNS file :  https://pastebin.com/bXLEw0TL 2.) Directories of Websites  3.) /etc/passwd Backup :  https://pastebin.com/M637rkJz We Have Inform JustHost admins, Stay Tuned for their Comments on This Security Breach.
BrainNET ISP/TV Provider hacked by ProDom Security

BrainNET ISP/TV Provider hacked by ProDom Security

Jun 20, 2011
BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: https://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
NIIT Technologies GIS subsidiary’s server hacked by Tigers of Indian Cyber (TIC)

NIIT Technologies GIS subsidiary's server hacked by Tigers of Indian Cyber (TIC)

May 26, 2011
NIIT Technologies GIS subsidiary 's server hacked by Tigers of Indian Cyber (TIC) A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the 'Tigers of Indian Cyber' (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS' server was compromised — not the servers at NIIT Technologies. The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. "The executed query enumerates expected information from the database tables," says Omair. Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detec
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Fake antivirus campaign on India’s DNA e-newspaper website !

Fake antivirus campaign on India's DNA e-newspaper website !

May 16, 2011
Fake antivirus campaign on India's DNA e-newspaper website ! DNA (Daily News and Analysis) is an Indian daily English language newspaper. According to Wikipedia, DNA ranks 8th among the top ten English dailies in India. Recently, the Zscaler solution was blocking access to this site, as it contained malicious content. Here is the homepage of this website: The 'Today's E-newspaper' link (circled above) is an online version of the printed periodical. We discovered that one of the pages from this e-newspaper site was infected with malicious script. Here is the screenshot of that page: The malicious script tag had been inserted in plain text as can be seen in this screenshot of page source: The malicious script tag directs the victim's browser to 'hxxp://vcvsta.com/ur.php'. This page then redirects the user to another malicious site ('hxxp://www4.to-gysave.byinter.net,), which will again redirect victim to random sites hosting fake antivirus campaigns. Here is the screenshot disp
Preview : Web App Hacker's Handbook 2nd Edition !

Preview : Web App Hacker's Handbook 2nd Edition !

May 12, 2011
Preview : Web App Hacker's Handbook 2nd Edition ! The first draft of the new edition of WAHH is now completed, and the lengthy editing and production process is underway. Just to whet everyone's appetite, I'm posting below an exclusive extract from the Introduction, describing what has changed in the second edition. (And in a vain attempt to quell the tidal wave of questions: the book will be published in October; there won't be any more extracts; we don't need any proof readers, thanks.) What's Changed in the Second Edition? In the four years since the first edition of this book was published, much has changed and much has stayed the same. The march of new technology has, of course, continued apace, and this has given rise to specific new vulnerabilities and attacks. The ingenuity of hackers has also led to the development of new attack techniques, and new ways of exploiting old bugs. But neither of these factors, technological or human, has created a rev
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

May 10, 2011
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a vulnerable machine. The company said that they are not going to disclose the details of the bugs right now, but that they have shared information on them with some of their government customers through its customer program. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said. VUPEN published a video (  https://www.vupen.com/demos / ) that demonstrates an attack that exploits the Chrome vulnerabilities, although there is no further clues about the bugs themselves. "The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

May 07, 2011
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman The FBI has raided the Gig Harbor home of an alleged hacker suspected in a cyber attack against Kiss bassist Gene Simmons. The October attack purportedly conducted by Anonymous – the same hacker group Sony claims crashed the Playstation Network – left the 61-year-old glam rocker's websites down for about a week after he spoke at an anti-online piracy conference. Now, an FBI cyber crime squad has traced the attack to a Gig Harbor home where agents seized computer equipment late last month. In court documents filed with the U.S. District Court in Tacoma, a Los Angeles-based FBI special agent alleged the perpetrator of the attack was "most likely" someone living at the Gig Harbor residence. Writing the court, though, the agent, a member of the Bureau cyber crime unit, stopped short of saying so with certainty. "I believe that someone with access to the computer at the subject r
DDOS attack on Change.org from China !

DDOS attack on Change.org from China !

Apr 20, 2011
DDOS attack on Change.org from China ! Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody. The attacks, which started late Sunday, have nearly brought down the site, according to Change.org founder Ben Rattray. DDoS attacks work by using hundreds or thousands of hacked computers to send traffic to a website, overwhelming it with data so it becomes inaccessible to normal users. Change.org said the current attack originates from an expanding group of computers primarily based in China, and has yet to stop. This is the first time the site has been hit with a DDoS attack. Change.org has been hosting a online petition calling for the release of Chinese artist Ai Weiwei, who is currently under arrest. The petition has attracted almost 100,000 people from 175 countries, making it one of Change.org'
Calling All Hackers - Grand Prize in Sunshine State “Hacktacular” Challenge !

Calling All Hackers - Grand Prize in Sunshine State "Hacktacular" Challenge !

Apr 17, 2011
Calling All Hackers - Grand Prize in Sunshine State " Hacktacular " Challenge ! Calling all hackers: Data Analyzers, LLC (www.datanalyzers.com) in Orlando, Florida, is hosting the Sunshine State "Hacktacular" Challenge with a big prize for the top competitor – a full-time job with benefits and relocation allowance if you move to Orlando. Data Analyzers has an immediate job opening for a junior data recovery engineer. The four-year old firm specializes in data recovery, computer forensics and ethical hacking, and has enough corporate clients to keep its engineers working overtime to meet deadlines. Trouble is, very few people in the U.S. possess the skills to qualify. No two data recovery problems are ever the same, and security safeguards are evolving almost as fast as hacking technology. "Data recovery skills are so specialized that typical 'help wanted' ads, even at colleges and universities that offer graduate degrees in computer sciences, don't do the job," said An
Hosting company Hostkey.ru got Compromised !

Hosting company Hostkey.ru got Compromised !

Apr 04, 2011
Hosting company Hostkey.ru got Compromised ! A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here : 1.)  Cms Hacked 2.) PhpMyAdmin Hacked 3.) Shell on Server 4.) Config File https://pastebin.com/VbuD0acE 5.) Server Rooted https://pastebin.com/h5RW3w6c Full compromise step-by-step @ forum https://tinyurl.com/dusbitchez News Source :  anonymous 
Cybersecurity Resources