#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

sell books | Breaking Cybersecurity News | The Hacker News

Coalition of Law Enforcement Hacked & Agents Information Leaked

Coalition of Law Enforcement Hacked & Agents Information Leaked

Dec 12, 2011
Coalition of Law Enforcement Hacked & Agents Information Leaked The Official Website of Coalition of Law Enforcement and Retail Hacked by Exphin1ty, Claiming himself from Anonymous Team. The Database has been hacked using SQL Injection on the website. Passwords, Email ID's, Address & Phone Number of Various Agents leaked by him. The attack resulted in the temporary suspension of the website Hacker Said in a pastebin Note that " The American law enforcement's inhumane treatments of occupiers has caught our attention. You have shown through these actions that you are nothing more than puppets in the hands of your government. We have seen our fellow brothers & sisters being teargassed for exercising their fundamental liberal rights, the exact ones that were bestowed upon them by their Constitution. Due to this and several other reasons we are releasing the entire member database of clearusa.org (The Coalition of Law Enforcement and Retail). An organization wh
Researcher Charlie Miller kicked out from iOS dev program for Exploiting iOS security flaw

Researcher Charlie Miller kicked out from iOS dev program for Exploiting iOS security flaw

Nov 08, 2011
Researcher Charlie Miller kicked out from iOS dev program for Exploiting iOS security flaw A major security flaw in Apple's iOS operating system that could allow hackers to remotely gain unauthorized access to an iPhone, iPod touch or iPad has been uncovered by a security expert "Charlie Miller ". Charlie Miller gets a kick of out defeating Apple's security mechanisms, using his hacking skills to break into Macbooks and iPhones. Now, Apple has kicked the security researcher out of its iOS developer program after word got out that he built a proof-of-concept iPhone app to showcase a bypass of the code signing mechanism. Hours before, a YouTube video that Miller released went viral. In it, he demonstrated how he hijacked an iPhone to run malicious code after installing his Instastock app, which was admitted into the App Store in September. According to the report, Miller plans to reveal the issue in a presentation at the SysCan security conference in Taiwan next week. As
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Its Fail 2011 - Year of Hacks !

Its Fail 2011 - Year of Hacks !

Sep 16, 2011
Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
100's of Indian Government, Education and Corporate websites Hacked By ZCompany Hacking Crew

100's of Indian Government, Education and Corporate websites Hacked By ZCompany Hacking Crew

Aug 15, 2011
100's of Indian Government, Education and Corporate websites Hacked By ZCompany Hacking Crew One of the Famous Pakistani hackers Group " ZCompany Hacking Crew " Once again Hit Large number of Indian websites and Deface. Hacked Websites and Their Mirrors of Hack are listed Here . These are  Indian Government, Education and Corporate websites. The Hack is done for the event of Indian and Pakistan independence day. Both Countries Hack Cyber war from last few years. Message and Reason of Hack mentioned by Hackers " This message is not for Indian government but common Indian people who dont know what their government hides. For those of your politicians who boast of Kashmir being an integral part of India read your own law books:" Indian Penal Code(Act No. 45 of 1860) CHAPTER-II SEC 18: "India".- "India" means the territory of India excluding the State of Jammu and Kashmir."The 15th of August is special for you because you got freedom on this day yet you shou
ZCompany Pakistani Hackers deface big Indian Websites

ZCompany Pakistani Hackers deface big Indian Websites

Jul 31, 2011
ZCompany Pakistani Hackers deface big Indian Websites Pakistani Hackers - ZCompany Hacking Crew again hit some big Indian Websites and Deface them. Hacked Sites: Indian Testing Board (ITB) is the International Software Testing Qualifications Board (ISTQB) : https://www.istqb.in/ https://payment.istqb.in/ Alpha Capital provides Multi Family Office ,Management , Private Wealth Management , Family Office , Private Banking , Financial Advisor https://alphacapital.in/ Asia's Largest Collection of Antique Carpets in Delhi and India. https://antiquecarpet.in/ https://www.bookswagon.com/ Indian National Science Academy, INSA, National Science, Indian Science, Fellowship, FNA, international Science https://insaindia.org/index.php https://www.indiapedia.org/ CPAI endeavors to put forth new & innovative ideas for smooth functioning and the growth of the commodity market operations https://commoindia.com/ Department of Financial Studies : University of Delhi, South Campus Of
Apple MacBooks Can Be Hacked Through The Battery

Apple MacBooks Can Be Hacked Through The Battery

Jul 23, 2011
Apple MacBooks Can Be Hacked Through The Battery Security researcher Charlie Miller is quite well known for his works on Apple products. Today he has come up with a very interesting way to hack the MacBook using the battery. Laptop battery contains its own monitoring circuit which reports the status of the battery to the OS. It also ensure that the battery does not overcharge even when the laptop is turned off. Miller has discovered that on the MacBooks, the batteries are shipped with the default password set on the chips. It means that if someone knows the default password, the firmware of the battery can be controlled to do many things from simply ruining the battery to installing a malware which reinstalls whenever the OS boots. Miller said that it might even be possible to overload the battery so that it catches fire. This is what Miller said: These batteries just aren't designed with the idea that people will mess with them. What I'm showing is that it's possible to use the
NATO Server Hacked by 1337day Inj3ct0r and Backup Leaked !

NATO Server Hacked by 1337day Inj3ct0r and Backup Leaked !

Jul 04, 2011
NATO Server Hacked by 1337day Inj3ct0r and Backup Leaked ! Team Inj3ct0r ( 1337day ) claim to hack Apache Tomcat Version 5.5.9 of NATO .  The North Atlantic Treaty Organization or NATO also called the (North) Atlantic Alliance, is an inter governmental military alliance based on the North Atlantic Treaty. They Leak a Backup of Random 2,646 files from Server as Proof of Hack . The archive uploaded by hackers is available at  https://www.mediafire.com/?s2chp1v2jqsf52z  . We talk to Team Inj3ct0r about this hack They said : 1.) The Reason of Hacking is "Nuclear weapons. its development and financing" 2.) They hack Tomcat 5.5 Server using 1337day privat exploit (0day) . 3.) They get the root privilege to the Server. 4.) They are able to Deface the website of NATO also, but they will not do this. They have just take the backup of server and trying to distribute that on Internet. This archive contains various configurations XML/Batch/Bash files. Some of them as l
Lulzsec Exposed, Long Live Anonymous !

Lulzsec Exposed, Long Live Anonymous !

Jun 26, 2011
Lulzsec Exposed, Long Live Anonymous ! Lulz war ! Today Hacking group "Lulzsec" completed their 50th day and also announce the retirement of Lulz boat . What are the Reasons behind this ? Lulz Security's rise to prominence has been extraordinarily fast.The hacking group first emerged in May and in the past few weeks has attacked the websites of some of the world's leading corporations and governments. The group specialises in locating websites with poor security and then stealing information from them and posting it online via Twitter account, well They have 278,429 Followers]in 50days. To understand who/what lulzsec is, you need to understand where they came from. Everything originates from the chan (4chan/711chan/etc.) culture. It's a culture built around the anonymity of the internet. If your anonymous no one can find you. No one can hurt you, so your invincable. According to Anonymous " The problem with Lulzsec is that they lack the skills to kee
50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue

50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue

Jun 26, 2011
50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue Hacker group LulzSec has announced that after 50 days of hacking companies and organizations, it is finally done. LulzSec tweet a message which was posted on Pastebin : https://pastebin.com/1znEGmHa The group confirmed its retirement on the LulzSec Twitter feed , which managed to amass 277,540 followers during its short stint online. " For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could ," writes LulzSec. " All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. " The group was also behind attacks on Sony, attacks on PBS, the US Senate, the CIA, and a slew of gaming sites popular with 4Chan users including EVE Online, Minec
NATO Reports Data Breach to One of Its Websites

NATO Reports Data Breach to One of Its Websites

Jun 25, 2011
NATO Reports Data Breach to One of Its Websites The North Atlantic Treaty Organization (NATO) has just issued a short statement that reads as follows: " Police dealing with digital crimes have notified NATO of a probable data breach from a NATO-related website operated by an external company. NATO's e-Bookshop is a separate service for the public for the release of NATO information and does not contain any classified data. Access to the site has been blocked and subscribers have been notified. " It's unclear whether Anonymous is behind this attack against NATO's e-Bookshop or LulzSec did this for "Operation Anti-Security" . Stay Tuned for Updates .
PBS (Public Broadcasting Service) & Writerspace Hacked Again by Warv0x (AKA Kaihoe)

PBS (Public Broadcasting Service) & Writerspace Hacked Again by Warv0x (AKA Kaihoe)

Jun 24, 2011
PBS (Public Broadcasting Service) & Writerspace Hacked Again by Warv0x (AKA Kaihoe) Yes ! Its True that  PBS (Public Broadcasting Service) Hacked once again .Last time, A month before Public Broadcasting Service (PBS) Hacked by Lulzsec and Users data ,Database was Leaked and then Lulzsec claim that PSB.org was hacked with 0day exploit for MoveableType . This time  Warv0x (AKA Kaihoe) expose the whole Database of  PBS.org  using SQL injection. According to Warv0x (AKA Kaihoe) " This wasn't done for fame or fun,just proving LulzSec aren't as goodas they think they are. I haven't rooted the box or been up to crack the hashes, I'm just proving that most of their attacks are very lame and basic (i'm pretty sure and automated) SQL injections and further privilege escalation, which is just matter of time. " He also said " Support for WebNinjas & Jester, good job at exposing them.Sad to mention, but I really agree with th3j35t3r & WebNin
Linux kernel 2.6.39 released - Update Now !

Linux kernel 2.6.39 released - Update Now !

May 19, 2011
Linux kernel 2.6.39 released - Update Now ! After just 65 days of development, Linus Torvalds has  released  version 2.6.39 of the Linux kernel. The new release includes support for  ipset  which simplified firewall configuration and deployment by allowing updatable and quickly searchable external tables to be used by the network filtering. Interrupt handling can now be handled almost entirely by kernel threads, the ext4 file system and block layers are now able to scale better and show better performance and the kernel now includes a network backend for Xen virtualisation. As always, the new kernel brings hundreds of new or enhanced drivers. For example, support for AMD's current "Cayman" family of high end graphics cards and GPUs arrived with a simple DRM/KMS driver. Also new in this release are drivers for the function keys of Samsung notebooks and the Realtek RTL8192CU and RTL8188CU Wi-Fi chips. Whats News in  Linux kernel 2.6.39 The latest Linux kernel offers dr
Facebook Security Update, Protection from Untrustworthy Websites With Web Of Trust (WOT)

Facebook Security Update, Protection from Untrustworthy Websites With Web Of Trust (WOT)

May 12, 2011
Facebook Security Update , Protection from Untrustworthy Websites With Web Of Trust (WOT) Web of Trust (WOT), the worlds leading crowd-sourced website reputation rating service, and Facebook, the Internets leading social platform, begin collaboration today to give Facebooks over 500 million users reliable protection against dubious web links. When a Facebook user clicks a link that leads to a page with a poor reputation rating given by the WOT community, Facebook shows a warning message. WOTs global community has reported five million sites for phishing, untrustworthy content, fraudulent services or various scams. Facebooks ability to protect its users from malicious links is significantly improved with the use of WOT reputation ratings. Whenever a Facebook user navigates to an untrustworthy site a warning will appear allowing the person to avoid the link, learn more about the rating or continue forward. Web users have rated more than 31 million websites with the free WOT add-on. WO
India's Railway Email System hacked by Pakistan Cyber Army !

India's Railway Email System hacked by Pakistan Cyber Army !

Apr 25, 2011
India's Railway Email System hacked by Pakistan Cyber Army ! The Indian Railway Email System is Hacked by Pakistan Cyber Army (pca), They have taken complete backup of all important mails and user-pass of all email id's . Have a look to the images below as HACK PROOF and thier statement on this Hack attack. Statement By Pakistan Cyber Army : Dear All, Answer to Indian hackers for hacking the server of Pakistan Air Force We are Pakistan Cyber Army (Real PCA is Reality). Many times we told Indian hackers out there from various groups that don't mess with any Pakistani site or server especially systems from government organizations. We observe another attack on 22nd April 2011 at Pakistan Air Force Server backup server and other 8 machines on the same network. We would like to tell you that Pakistan Cyber Army is looking at each and every move you do on the cyber front of Pakistan. Indian hackers were unable to do anything accept taking screenshot of the server. We told
Cybersecurity Resources