source code | Breaking Cybersecurity News | The Hacker News

Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised. Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a " ghost ". Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it. Another hacker, ' Steven Hickson ' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person. " The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template m

Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites. In a blog post, the researchers mentioned that after the Pony Version 1.9  Source code was made public and they found a way to get into the Botnet 's Admin area, from where they collected stolen database and statistics. The Pony Control panel, written in Russian language, indicated Facebook was the worst impacted and two Russian Social Media sites i.e. vk.com and odnoklassniki.ru, credentials were also included in the database. It is not clear at this time that how exactly the login credentials were originally obtained, but one possibility is that, they were captured using some keyloggers or similar malware. Statistics of stolen login credentials: 1,580,000 website login credentials stolen (including 318,121 Facebook login credentia

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Bitcoin Talk , the popular Bitcoin discussion forum, has been hacked and as it stands the site is currently unreachable. Bitcointalk has been down for nearly 6 hours. The forums have been allegedly hacked and Defaced by " The Hole Seekers " and selling 150,000 emails and hashed passwords stolen from Bitcointalk.org for 25 Bitcoins , where the passwords are hashed with sha256crypt. Hacker embedded the "1812 Overture" song in the background with a dazzling animated picture show. According to Bitcointalk admin Theymos, it's possible that the hackers gained access to the database. He says the website will not be restored until he figures out precisely what vulnerability the hackers leveraged. He's offering 50 Bitcoin to the first individual who can pinpoint the security hole. See the video below for the Hack-in-Action: " Hello friend, Bitcoin has been seized by the FBI for being illegal. Thanks, bye " reads one the message in the video. To be safe, it is reco

The Tizen 2.0 source code and SDK has officially been released. Tizen is a Linux-based open-source software platform backed by Intel and Samsung Electronics, that is designed for smartphones, tablets, smart TVs and in-car systems and it's designed to run apps written using web technologies including HTML5. The list of new features and updates is an extensive one, though a lot of the changes are under-the-hood and aimed at offering a more attractive platform to application developers. Tizen 2.0 adds new APIs that developers can use to access Bluetooth and NFC function on phones with that hardware, as well as improved developer tools. There have been reports recently that Samsung is planning a line of phones built around the Tizen operating system, to reduce its dependence on Android after Google acquired mobile phone competitor Motorola Mobility. Samsung is already one of the top makers of phones and tablets, but right now the company's fortunes are very much tied into Goo

Many be many of you are not aware about this, but Facebook having a Secure Files Transfer service for their Employees at https://files.fb.com  and Hacker reported a very critical password reset vulnerability. Nir Goldshlager , a researcher told ' The Hacker News ' that how he defeat Facebook 's Secure Files Transfer service and help Facebook by reporting them about this issue in a responsible non-disclosure way till patch. After analyzing the site, he found that the script Facebook is using is actually " Accellion Secure File Sharing Service " script and so next he download the demo version of service from Accellion website and explore the source codes and file locations. He found that, there is a user registration page also available in source, that was also on files.fb.com. Unfortunately Facebook had removed the Sign up option (link) from homepage, but forget to remove the registration page from its actual location i.e (/courier/web/1000@/wmReg.html)

Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads,  " WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK #Anonymous #AntiSec ". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reason behind this wild leak by anonymous is that, Vmware continue producing on same level again and again which is not a good practice for better Security. " Bullshitting people and selling crap. But it's time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny. " Hacker said. A 1.89 MB uploaded on torrent and titled "VMware ESX Server Kernel LEAKED". I have download the archive and file inside archive as shown above. Dump seems to be produced by revers

A Hacker going by name - " LegitHacker97 " claiming that he successfully access a NASA subdomain website , that actually belongs to a US Government computer, as mentioned on homepage. ***** WARNING ***** This is a US Government computer Hacker also dump a  82.51 MB (compressed or 337 MB uncompressed) Archive five days ago on internet, includes the complete source code of the website (in ASP). After watching the pastebin note , we tried to contact the hacker for collecting more information about the hack. Hacker describe The Hacker News via mail that," This was hacked by a major LFI vulnerability which allowed me to upload my own shell (backdoor to the site) and I took advantage of it by downloading all off the website ! ". He add ," But now vulnerability is fixed ". I download the dump from the link posetd by hacker in pastebin note and tried to match the files with NASA website and subdomains, and found that these file actually belo