#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

server hosting | Breaking Cybersecurity News | The Hacker News

Irongeek's Shared hosting MD5 Change Detection Script

Irongeek's Shared hosting MD5 Change Detection Script

Feb 28, 2012
Irongeek 's Shared hosting MD5 Change Detection Script Adrian Crenshaw aka  Irongeek  just release another great tool for web admins that will monitor the files on a website, and report any changed via email. Actually " irongeek.com " was hacked few days back which is hosted on a shared hosting. There is an awesome article posted by him on his blog " How I Got Pwned: Lessons in Ghetto Incident Response ". I think after that  Adrian decide to make a handy tool/script to help web admins so that they can easily monitoring there files on a shared server. This simple shell Script user can run on a shared server. Let suppose once hackers get into your website either by exploiting known vulnerabilities in any of the installed programs OR by getting FTP access to your server, the first thing they usually do is to plant backdoor scripts to log them in again at a later date. They need some executable script on the server to gain access to MySQL passwords, installatio
r00tw0rm leak United Nations Environment Programme database

r00tw0rm leak United Nations Environment Programme database

Feb 27, 2012
r00tw0rm leak United Nations Environment Programme database r00tw0rm group of Hackers hack and leak the complete 82.8 MB database from The united nations environment programme ( UNEP ), which is the voice for the environment in the united nations system. Via a tweet, r00tw0rm shout ," United nations environment programme https://pastebin.com/pXXNv2rH @inj3ct0r @AntiSecOp @sanjar_satsura @Oblivi0u5 @AnonymousIRC @OpCensorThis_ " Hackers leaks data on various file hosting sites such as rapidshare . According to leak, 5 databases and 100's of tables with admin logins and users data.  The united nations environment programme ( UNEP ) website is currently down while writing this post. Other Hacks by r00tw0rm can be seen here .
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
38 Bangladeshi Government sites Defaced by Indian Hackers

38 Bangladeshi Government sites Defaced by Indian Hackers

Feb 11, 2012
38 Bangladesh Government sites Defaced by Indian Hackers Indians hacking Group " Indishell " took down 38 Bangladeshi government websites on Saturday, including ministry of  the ministries are communications, youth and sports, primary and mass education , Trading Corporation of Bangladesh. The Deface page include the name of hackers - Love the Risk, Amal Landhe, Lnx Root, Silent Killer . In the hacked pages, between two eyes resembling Indian flags, the hackers wrote, "We have an EYE on you. Indishell is non other that Indian Cyber Army Hacking group, who already deface most of the Pakistani Govt sites in Past.  Most of the Hacker Sites either Restored or Hosting Suspended by Providers, or Under maintenance. The Complete list of Hacked Sites and Mirrors of All hacks are listed below. Hacked Sites: https://www.www.moef.gov.bd/ https://www.mincom.gov.bd/ https://www.cga.gov.bd/ https://www.bdlaws.minlaw.gov.bd/ https://www.mopme.gov.bd/ https://www.rdcd.gov.bd/ http:
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Malware automatically uploading stolen data to the File sharing sites

Malware automatically uploading stolen data to the File sharing sites

Feb 06, 2012
Malware automatically uploading stolen data to the File sharing sites Roland Dela Paz , a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage services offer several advantages for cybercriminals. SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote. Here is a screenshot of the Sendspace page leading to the archive of collected documents. Malware utilizing free online services are definitely not unheard of. Utilizing a public file hosting site is yet another clever way for cybercriminals to store stolen data as they do not need to set up a server that will store large amount of dat
Panasonic China website hacked and Redirected

Panasonic China website hacked and Redirected

Jan 23, 2012
Panasonic China website hacked and Redirected Latest notification by DarkDevilz Crew to THN  , They hack  Panasonic's China websites and Redirect users to a Black color Deface Page as shown. " 3spi0n " named Hacker from team take responsibility to perform this Hack. Hacker compromise the URL :  https://pro2.panasonic.cn/autodoor/ , and add Refresh Meta tag in source code to redirect the page to a new location i.e.  https://www.kutanhosting.com/r3.html  . Mirror of Hack is also available, in case Site fixed before you see this , here : Mirror 1 & Mirror 2
#SOPA - The Hacker News say “NO WAY”

#SOPA - The Hacker News say "NO WAY"

Jan 19, 2012
#SOPA - The Hacker News say " NO WAY " Get mad and take action as you read how your internet privacy and freedoms are about to be taken away in our editor Patti Galle 's article on SOPA…….coming to your personal rights soon. The Stop Online Piracy Act (SOPA), or H.R. 3261, is a bill that was introduced on October 26, 2011 in the United States House of Representatives, by right-wing Texas Republican, Representative Lamar Smith and twelve initial co-sponsors. The Stop Online Piracy Act dramatically broadens the capacity of United States law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods. Proponents of bill H.R. 3261 state SOPA protects the intellectual property market and related industry, jobs and revenue, and is essential to reinforce and strengthen enforcement of copyright laws particularly against foreign websites. Opponents of the bill forcefully deem that the bill infringes on First Amendment rights, is e
SOPA in US and Censorship in India: A cocktail to destroy Internet Freedom !

SOPA in US and Censorship in India: A cocktail to destroy Internet Freedom !

Jan 19, 2012
SOPA in US and Censorship in India : A cocktail to destroy Internet Freedom ! As US senators mull over the SOPA(Stopping Online Piracy Act) and PIPA(Protecting Intellectual Property Act) bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook, Mozilla, Godaddy, etc are speaking in one unanimous voice against SOPA and Internet Censorship. The draconian provisions of SOPA/PIPA are bound to create the deathbed of internet freedom and free speech, and if a careful reading of the proposed legislation is done, one realizes that it is likely to have the same impact on India. In the disguise of protecting copyrights and stopping piracy its completely clear that the US government is trying to assert its control over the free flow of information on internet which is some time uncomfortable to them. Giving power to Attorney General to direct search engines like Google to filter particular search results, or asking an ISP to manipulat
Iran government websites now on local server to Protect them from Cyber Attacks

Iran government websites now on local server to Protect them from Cyber Attacks

Dec 22, 2011
Iran government websit es now on local server to Protect them from Cyber Attacks An Iranian official says the country has transferred the location of most of its government websites from foreign-based hosting agencies to new computer facilities inside the country to avert potential cyber attacks. The country's deputy minister for communications and information technology, Ali Hakim Javadi, Reuters reports that more than 90 percent of all the Iranian government's websites have had their hosting locations transferred inside the country. " Over 30 000 Iranian websites, including those of key institutions such as ministries, were hosted abroad, mainly in North America ," the Islamic Republic News Agency cited Ali Hakim Javadi, the Deputy Minister for Communications and Information Technology, as saying without specifying the countries involved. " The data was at risk of being accessed at any moment ."Iranian officials said last year that malicious software known as Stuxnet affected so
Breach confirmed in GlobalSign, SSL certificates not compromised

Breach confirmed in GlobalSign, SSL certificates not compromised

Dec 15, 2011
Breach confirmed in GlobalSign , SSL certificates not compromised GlobalSign said on Tuesday that the SSL certificate and key for www.globalsign.com may have been exposed after a hack on an external server in September. However, the company said that after investigating the breach it has found no evidence of rogue certificates being issued following the hack. A hacker known as " Comodohacker " compromised other certificate authorities including Comodo and DigiNotar. " I have access to their entire server, got DB backups, their linux / tar gzipped and downloaded, I even have private key of their OWN globalsign.com domain ," the hacker said in a Pastebin at the time. The investigation revealed that the compromise was limited to a peripheral Web server hosting the CA's website and did not affect the part of its network that deals with digital certificates. Companies use digital certificates as a cryptographic online trust technology. A stolen digital certificate can all
Exposing 25 Facebook phishing websites

Exposing 25 Facebook phishing websites

Nov 27, 2011
Exposing 25 Facebook phishing websites Geeks at Security Web-Center Found 25 Facebook and list them. Sometimes spammers create fake pages that look like the Facebook login page. When you enter your email and password on one of these pages, the spammer records your information and keeps it. This is called phishing . The fake sites, like the one below, use a similar URL to Facebook.com in an attempt to steal people's login information. The people behind these websites, then use the information to access victims' accounts and send messages to their friends, further propagating the illegitimate sites. In some instances, the phishers make money by exploiting the personal information they've obtained. List of Fake Sites Collected by  Security Web-Center : https://www.sanagustinturismo.co/Facebook/ https://www.facebook.pcriot.com/login.php https://deadlyplayerx.binhoster.com/Facebook/securelogin.php https://facelook.shop.co/login.php https://sigininto.horizon-host.com/facbook/face
DUQU – Another Stuxnet in the Making ?

DUQU – Another Stuxnet in the Making ?

Nov 06, 2011
DUQU – Another Stuxnet in the Making ? Article by :   Nidhi Rastogi is a Cyber security professional based in New York. Article shared from THE HACKER NEWS magazine - November Edition. You can download Complete Magazine here . Barely a year into discovering Stuxnet, the world recently saw its powerful variant in the form of Duqu. It is believed that a Hungarian blogger was the first to have a tryst with the virus in early September at an ISP hosting service. Why it is important: Duqu has gained a lot of attention because of striking similarities with its famous predecessor, Stuxnet. Several Security researchers have concluded that 99 percent of Duqu software rules are same as Stuxnet including source code and keys for encryption. There is reasonable evidence by now that the damage caused by Stuxnet was real. Hence, Duqu is of concern to every security professional at the moment. How it functions: Duqu camouflages its own data behind normal web traffic to avoid suspicion from n
Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Nov 02, 2011
Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from  Stopmalvertising  found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER . Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com . The URL is followed by a long string of parameters. The file  returns a 404, it's just there to fool people. Once the script decoded we obtain an iframe leading to vc-business.com/in.php .According to Analyse of Kimberly , If a vulnerable Java, Windows Media Player, Flash or Adobe Reader version is detected, the visitor will be redirected to 91.194.214.66/dng311011/c7a44076f6c722eb74725563b0a000a0/spl.php and from there to 30domaaaam.in/main.php?page=c76874df55550a3f . According to Norton Safe Web , 91.194.214.66 has been caught in distributing the ZeroAccess rootkit. Second Recent Attack by Blackhole Exploit discovered in  thousands of WordPress websites that use a popular non-upda
Duqu Trojan found in Indian Server

Duqu Trojan found in Indian Server

Oct 30, 2011
Duqu Trojan found in Indian Server Last week we update you about Duqu when Symantec said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malware believed to have wreaked havoc on Iran's nuclear program. Two workers at a web-hosting company called Web Werks told Reuters that officials from India's Department of Information Technology last week took several hard drives and other components from a server that security firm Symantec Corp told them was communicating with computers infected with Duqu. The equipment seized from Web Werks, a privately held company in Mumbai with about 200 employees, might hold valuable data to help investigators determine who built Duqu and how it can be used. But putting the pieces together is a long and difficult process, experts said. " This one is challenging ," said Marty Edwards, director of the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response
Anonymous Hackers Take Down 40 Child Porn Websites

Anonymous Hackers Take Down 40 Child Porn Websites

Oct 23, 2011
Anonymous Hackers Take Down 40 Child Porn Websites Anonymous has taken down more than 40 darknet-based child porn websites over the last week. Details of some of the hacks have been released via pastebin #OpDarknet , including personal details 1500 users of a site named 'Lolita City,' and DDoS tools that target Hidden Wiki and Freedom Hosting — alleged to be two of the biggest darknet sites hosting child porn. News of the Anonymous campaign to actively target anyone hosting child porn sites comes from statements associated with Anonymous on Pastebin and two Anonymous YouTube video channels. AnonNews has yet to issue a press release. The AnonMessage and BecomeAnonymous YouTube channels both posted videos with statements of intent to hunt, skin and kill pedobears everywhere, starting with Freedom Hosting.
700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot !

700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot !

Sep 25, 2011
700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot ! 700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including  Trinity FM, Blast Magazine. It was not just a server hack, actually whole data center got hacked.   List of all hacked 700000 sites are available here .  Hackers copied over the index.php in many directories (public_html, wp-admin), deleted my images directory and added index.php files where they weren't needed. 2,00,000 websites hack mirror already Submitted to Zone-H by TiGER-M@TE . We ( The Hacker News ) talk with hacker about the hack, He claim " I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment .   It was not just a server hack, actually whole data center got hacked. " In Motion  acknowledged the
Let’s Play a Game of Cyber Security at CSAW CTF 2011

Let's Play a Game of Cyber Security at CSAW CTF 2011

Sep 22, 2011
Let's Play a Game of Cyber Security at  CSAW CTF 2011   Ready for a little game of capture the flag? What if you weren't running around a field like a crazy person trying to grab a flag out of someone's belt, but instead were navigating around a network overcoming technical challenges to find markers that you are awarded points for once submitted? Then CSAW CTF 2011 is where it's at. CSAW CTF 2011 is hosting the qualifying round from Friday September 23, 2011 to Sunday September 25, 2011. The competition will begin at 8PM that Friday night, and is used to determine who will proceed on to the finals taking place in New York November 10-11 at NYU-Poly.   The event is centered on assessing application security abilities. For the qualification round there is no limit to the number of team members you can have, but if you move on to the final round your team will be limited to four players. If you attend the event you'll have the chance to rub elbows with anyone and everyone inter
Its Fail 2011 - Year of Hacks !

Its Fail 2011 - Year of Hacks !

Sep 16, 2011
Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth
100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group

100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group

Sep 04, 2011
100's of Israel Websites Hacked By Cyber-Warrior / AKINCILAR Group Cyber-Warrior / AKINCILAR Group has started an attack about the political tension between Turkey and Israel (Ahmet Davutoglu - Dr. Michael Ben-Ari), and they still keep attacking. Cyber-Warrior / AKINCILAR Group made a name for themselves by hacking thousands of websites that insults their country, religion and nation. The group is called as " Virtual Castle of Turkey ". Within the context of attack the website of Dr. Michael Ben-Ari who attracted attention by saying " Turkey should be declared as enemy country ". To show their protest in the virtual world Cyber-Warrior / AKINCILAR Group has also hacked the free hosting service called 020.com 's all the websites. After the attack the personal website and thousands of other Israel websites' homepages changed with the same text. The following text have put on hacked websites' homepages: " Israel has to apologize from Turkey and all Islamic world because of
Cybersecurity Resources