#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

server hosting | Breaking Cybersecurity News | The Hacker News

Emperor Hacking Team : iM4n account exposed

Emperor Hacking Team : iM4n account exposed

Aug 12, 2011
Emperor Hacking Team : iM4n account exposed Just a few days back, the Backbox Linux distribution based website got hacked by the Emperor Hacking Team. A few hours later, Backbox maintainers managed to reconstruct the attack step by step and found infos that proved "iM4n" as the attacker. He owns an account on www.server4you.de, a webhosting company specialized in virtually dedicated servers. His account has been hacked. Brief technical report:  https://raffaele.backbox.org/content/im4n-account-exposed Backbox Team : " Backbox is just a Linux distribution. Such an attack was absolutely unexpected. The 'dreaded' eMP3R0r_TEAM turned out to be a group of iranian activists who carry out random attacks on potential vulnerable websites by targeting mostly European ones. During our investigation and analysis we were able to obtain complete details of the man who personally performed the attack (nick iM4n) and we collected a variety of tests that confirmed his identity.
Israel Web Hosting Server Hacked For Palestine By Dr T

Israel Web Hosting Server Hacked For Palestine By Dr T

Jul 18, 2011
Israel Web Hosting Server Hacked For Palestine By Dr T Israel Web Hosting Server Rooted Via Server Intrusion and all Domains on Server are Mass Defaced For Palestine By Dr Torjan and Code5 named hackers.  Hacked Websites List is available at :  https://pastebin.com/WvQmSSKh  .
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
EC-Council Academy Hacked by GaySec (Malaysian hackers)

EC-Council Academy Hacked by GaySec (Malaysian hackers)

Jul 15, 2011
EC-Council Academy Hacked by GaySec (Malaysian hackers) EC-Council Academy ( https://eccouncilacademy.org )   Hacked by GaySec (Malaysian hackers). EC-Council Academy is a separate distinct company with no corporate connection between itself and EC-Council or EC-Council University. Some months before same site was got hacked by some other hacker. Read here ... Some Hack Proofs : [-] Enter Target: -> www.eccouncilacademy.org [-] Enter Path: -> / [-] Port: -> 80 [+] Connecting to www.eccouncilacademy.org... [+] Connected to eccouncilacademy.org [+] Searching for token... [+] W000t!! got it! "AMXhybB3FSBDBYJZU" [+] Convert the token to the RCE Payload [+] Execute the shell... [+] Trying... [+] Got it!!! -> Reverse Shell Started $ id; uname -a; pwd uid=7647041(ecco1665) gid=100450(inetuser) groups=100450(inetuser) context=user_u:system_r:unconfined_t:s0 Linux sg2nlhg017.shr.prod.sin2.secureserver.net 2.6.18-194.32.1.el5PAE #1 SMP Wed Jan 5 1
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

JustHost Hosting Server Compromised, More than 1000's of websites at Risk !

Jun 23, 2011
JustHost Hosting Server Compromised, More than 1000's of websites at Risk ! JustHost.com Server Breached ! " Just host is one of the fast growing hosting industries with the good uptime reliability with the best support and it's new to the world wide in the year 2008.Just host .com is one of the uppermost web hosting suppliers and are identified for their uptime reliability with the most superb support. "  Millions of websites Hosted on various JustHost Servers. One of them got Hacked by some hacker. Breached data become public from twitter account of " ContraHax " . This Hack is seems to be Dedicated to " Antisec operation " Started by Anonymous and Lulzsec. The exposed data includes : 1.) DNS file :  https://pastebin.com/bXLEw0TL 2.) Directories of Websites  3.) /etc/passwd Backup :  https://pastebin.com/M637rkJz We Have Inform JustHost admins, Stay Tuned for their Comments on This Security Breach.
BrainNET ISP/TV Provider hacked by ProDom Security

BrainNET ISP/TV Provider hacked by ProDom Security

Jun 20, 2011
BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: https://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.
NIIT Technologies GIS subsidiary’s server hacked by Tigers of Indian Cyber (TIC)

NIIT Technologies GIS subsidiary's server hacked by Tigers of Indian Cyber (TIC)

May 26, 2011
NIIT Technologies GIS subsidiary 's server hacked by Tigers of Indian Cyber (TIC) A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the 'Tigers of Indian Cyber' (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS' server was compromised — not the servers at NIIT Technologies. The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. "The executed query enumerates expected information from the database tables," says Omair. Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detec
Fake antivirus campaign on India’s DNA e-newspaper website !

Fake antivirus campaign on India's DNA e-newspaper website !

May 16, 2011
Fake antivirus campaign on India's DNA e-newspaper website ! DNA (Daily News and Analysis) is an Indian daily English language newspaper. According to Wikipedia, DNA ranks 8th among the top ten English dailies in India. Recently, the Zscaler solution was blocking access to this site, as it contained malicious content. Here is the homepage of this website: The 'Today's E-newspaper' link (circled above) is an online version of the printed periodical. We discovered that one of the pages from this e-newspaper site was infected with malicious script. Here is the screenshot of that page: The malicious script tag had been inserted in plain text as can be seen in this screenshot of page source: The malicious script tag directs the victim's browser to 'hxxp://vcvsta.com/ur.php'. This page then redirects the user to another malicious site ('hxxp://www4.to-gysave.byinter.net,), which will again redirect victim to random sites hosting fake antivirus campaigns. Here is the screenshot disp
Preview : Web App Hacker's Handbook 2nd Edition !

Preview : Web App Hacker's Handbook 2nd Edition !

May 12, 2011
Preview : Web App Hacker's Handbook 2nd Edition ! The first draft of the new edition of WAHH is now completed, and the lengthy editing and production process is underway. Just to whet everyone's appetite, I'm posting below an exclusive extract from the Introduction, describing what has changed in the second edition. (And in a vain attempt to quell the tidal wave of questions: the book will be published in October; there won't be any more extracts; we don't need any proof readers, thanks.) What's Changed in the Second Edition? In the four years since the first edition of this book was published, much has changed and much has stayed the same. The march of new technology has, of course, continued apace, and this has given rise to specific new vulnerabilities and attacks. The ingenuity of hackers has also led to the development of new attack techniques, and new ways of exploiting old bugs. But neither of these factors, technological or human, has created a rev
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

May 10, 2011
French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a vulnerable machine. The company said that they are not going to disclose the details of the bugs right now, but that they have shared information on them with some of their government customers through its customer program. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said. VUPEN published a video (  https://www.vupen.com/demos / ) that demonstrates an attack that exploits the Chrome vulnerabilities, although there is no further clues about the bugs themselves. "The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman

May 07, 2011
Gene Simmons v. Anonymous : FBI raids Gig Harbor home in search of hacker who targeted Kiss frontman The FBI has raided the Gig Harbor home of an alleged hacker suspected in a cyber attack against Kiss bassist Gene Simmons. The October attack purportedly conducted by Anonymous – the same hacker group Sony claims crashed the Playstation Network – left the 61-year-old glam rocker's websites down for about a week after he spoke at an anti-online piracy conference. Now, an FBI cyber crime squad has traced the attack to a Gig Harbor home where agents seized computer equipment late last month. In court documents filed with the U.S. District Court in Tacoma, a Los Angeles-based FBI special agent alleged the perpetrator of the attack was "most likely" someone living at the Gig Harbor residence. Writing the court, though, the agent, a member of the Bureau cyber crime unit, stopped short of saying so with certainty. "I believe that someone with access to the computer at the subject r
DDOS attack on Change.org from China !

DDOS attack on Change.org from China !

Apr 20, 2011
DDOS attack on Change.org from China ! Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody. The attacks, which started late Sunday, have nearly brought down the site, according to Change.org founder Ben Rattray. DDoS attacks work by using hundreds or thousands of hacked computers to send traffic to a website, overwhelming it with data so it becomes inaccessible to normal users. Change.org said the current attack originates from an expanding group of computers primarily based in China, and has yet to stop. This is the first time the site has been hit with a DDoS attack. Change.org has been hosting a online petition calling for the release of Chinese artist Ai Weiwei, who is currently under arrest. The petition has attracted almost 100,000 people from 175 countries, making it one of Change.org'
Calling All Hackers - Grand Prize in Sunshine State “Hacktacular” Challenge !

Calling All Hackers - Grand Prize in Sunshine State "Hacktacular" Challenge !

Apr 17, 2011
Calling All Hackers - Grand Prize in Sunshine State " Hacktacular " Challenge ! Calling all hackers: Data Analyzers, LLC (www.datanalyzers.com) in Orlando, Florida, is hosting the Sunshine State "Hacktacular" Challenge with a big prize for the top competitor – a full-time job with benefits and relocation allowance if you move to Orlando. Data Analyzers has an immediate job opening for a junior data recovery engineer. The four-year old firm specializes in data recovery, computer forensics and ethical hacking, and has enough corporate clients to keep its engineers working overtime to meet deadlines. Trouble is, very few people in the U.S. possess the skills to qualify. No two data recovery problems are ever the same, and security safeguards are evolving almost as fast as hacking technology. "Data recovery skills are so specialized that typical 'help wanted' ads, even at colleges and universities that offer graduate degrees in computer sciences, don't do the job," said An
Hosting company Hostkey.ru got Compromised !

Hosting company Hostkey.ru got Compromised !

Apr 04, 2011
Hosting company Hostkey.ru got Compromised ! A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here : 1.)  Cms Hacked 2.) PhpMyAdmin Hacked 3.) Shell on Server 4.) Config File https://pastebin.com/VbuD0acE 5.) Server Rooted https://pastebin.com/h5RW3w6c Full compromise step-by-step @ forum https://tinyurl.com/dusbitchez News Source :  anonymous 
Cybersecurity Resources