source code | Breaking Cybersecurity News | The Hacker News

Smartphone  is the need of everyone today and so the first target of most of the Cyber Criminals . Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat. The Head of knowledge delivery and business development for  RSA's FraudAction Group ,  Daniel Cohen  warned users about the new threat via a company  blog  on Thursday, that explains everything about the malware app, called  iBanking . iBanking , a new mobile banking  Trojan app which impersonates itself as an Android ' Security App ', in order to deceive its victims, may intimidate a large number of users as now that its source code has been leaked online through an underground forum. It will give an opportunity to a larger number of cybercriminals to launch attacks using this kind of ready-made mobile malware in the future. Since many banking sites use  two-fac

Last Friday at the 50th Munich Security Conference , Microsoft announced to launch ' Transparency centers ' around the World, where government customers will be able to verify the source code of Microsoft's products and can confirm that there are no backdoors. The recent chain of scandals over US global snooping has seriously damaged the trust in U.S. Government and top U.S. Tech companies, that could cost them billions of dollars over the next several years if international clients take their business elsewhere. German Chancellor Angela Merkel , whose private mobile phone was also allegedly bugged by the NSA , warned earlier that U.S. Spying operations are unacceptable. In an effort to re-gain the trust of its customers and Governments around the world, Microsoft has announced that it will expand encryption across its services, reinforce legal protections for customers' data and will also enhance the transparency of its software code. Encryption proced

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised. Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a " ghost ". Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it. Another hacker, ' Steven Hickson ' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person. " The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template m

Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites. In a blog post, the researchers mentioned that after the Pony Version 1.9  Source code was made public and they found a way to get into the Botnet 's Admin area, from where they collected stolen database and statistics. The Pony Control panel, written in Russian language, indicated Facebook was the worst impacted and two Russian Social Media sites i.e. vk.com and odnoklassniki.ru, credentials were also included in the database. It is not clear at this time that how exactly the login credentials were originally obtained, but one possibility is that, they were captured using some keyloggers or similar malware. Statistics of stolen login credentials: 1,580,000 website login credentials stolen (including 318,121 Facebook login credentia

Bitcoin Talk , the popular Bitcoin discussion forum, has been hacked and as it stands the site is currently unreachable. Bitcointalk has been down for nearly 6 hours. The forums have been allegedly hacked and Defaced by " The Hole Seekers " and selling 150,000 emails and hashed passwords stolen from Bitcointalk.org for 25 Bitcoins , where the passwords are hashed with sha256crypt. Hacker embedded the "1812 Overture" song in the background with a dazzling animated picture show. According to Bitcointalk admin Theymos, it's possible that the hackers gained access to the database. He says the website will not be restored until he figures out precisely what vulnerability the hackers leveraged. He's offering 50 Bitcoin to the first individual who can pinpoint the security hole. See the video below for the Hack-in-Action: " Hello friend, Bitcoin has been seized by the FBI for being illegal. Thanks, bye " reads one the message in the video. To be safe, it is reco

The Tizen 2.0 source code and SDK has officially been released. Tizen is a Linux-based open-source software platform backed by Intel and Samsung Electronics, that is designed for smartphones, tablets, smart TVs and in-car systems and it's designed to run apps written using web technologies including HTML5. The list of new features and updates is an extensive one, though a lot of the changes are under-the-hood and aimed at offering a more attractive platform to application developers. Tizen 2.0 adds new APIs that developers can use to access Bluetooth and NFC function on phones with that hardware, as well as improved developer tools. There have been reports recently that Samsung is planning a line of phones built around the Tizen operating system, to reduce its dependence on Android after Google acquired mobile phone competitor Motorola Mobility. Samsung is already one of the top makers of phones and tablets, but right now the company's fortunes are very much tied into Goo

Many be many of you are not aware about this, but Facebook having a Secure Files Transfer service for their Employees at https://files.fb.com  and Hacker reported a very critical password reset vulnerability. Nir Goldshlager , a researcher told ' The Hacker News ' that how he defeat Facebook 's Secure Files Transfer service and help Facebook by reporting them about this issue in a responsible non-disclosure way till patch. After analyzing the site, he found that the script Facebook is using is actually " Accellion Secure File Sharing Service " script and so next he download the demo version of service from Accellion website and explore the source codes and file locations. He found that, there is a user registration page also available in source, that was also on files.fb.com. Unfortunately Facebook had removed the Sign up option (link) from homepage, but forget to remove the registration page from its actual location i.e (/courier/web/1000@/wmReg.html)

Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads,  " WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK #Anonymous #AntiSec ". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reason behind this wild leak by anonymous is that, Vmware continue producing on same level again and again which is not a good practice for better Security. " Bullshitting people and selling crap. But it's time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny. " Hacker said. A 1.89 MB uploaded on torrent and titled "VMware ESX Server Kernel LEAKED". I have download the archive and file inside archive as shown above. Dump seems to be produced by revers

A Hacker going by name - " LegitHacker97 " claiming that he successfully access a NASA subdomain website , that actually belongs to a US Government computer, as mentioned on homepage. ***** WARNING ***** This is a US Government computer Hacker also dump a  82.51 MB (compressed or 337 MB uncompressed) Archive five days ago on internet, includes the complete source code of the website (in ASP). After watching the pastebin note , we tried to contact the hacker for collecting more information about the hack. Hacker describe The Hacker News via mail that," This was hacked by a major LFI vulnerability which allowed me to upload my own shell (backdoor to the site) and I took advantage of it by downloading all off the website ! ". He add ," But now vulnerability is fixed ". I download the dump from the link posetd by hacker in pastebin note and tried to match the files with NASA website and subdomains, and found that these file actually belo