The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook hacker posts stolen pics on porn site ! A 26-year-old man faces 13 felony charges after being accused of hacking into Facebook accounts, stealing photos of young women and posting them on porn sites, reports the Kansas City Star. Along with content belonging to the 13 young women (ages 17 to 25), Timothy P. Noirjean is accused of victimizing, investigators found 92 folders on his computer containing names or photos of women, as well as 235 email addresses with security information. Noirjean confessed to accessing more than 100 Facebook accounts, and told police he was unaware that it's a crime. The shocking thing here isn't that there are predators on the Internet, that Noirjean claims ignorance of the law, that police arrested Noirjean in his parents' basement (which, according to the report, they totally did) or that young ladies of today have porn-worthy photos of themselves in unencrypted files on their computers. It's that Noirjean carried out his crime...

Cyberhackers.org - Hacked by GriAdamlar (Turkish Hackers Group) Hacked site : http://www.cyberhackers.org Mirrors http://zone-h.org/mirror/id/13526679 http://zero-h.com/mirror/id/65782

A Georgia man has pleaded guilty to fraud and identity theft after authorities found him in possession of more than 675,000 credit card numbers, some of which he obtained by hacking into business networks Rogelio Hackett Jr., 26, pleaded guilty on Thursday to one count each of access device fraud and aggravated identity theft after authorities executed a search warrant at his home and discovered the card numbers, used to conduct fraudulent transactions totaling more than $36 million, on his computers and storage devices. According to the indictment, authorities hunted Hackett down after monitoring his activity in internet relay chat (IRC) rooms and on underground forums, where he sold stolen card numbers, usually at $20 to $25 each to buyers around the world. He used the proceeds to make high-end purchases, such as a 2001 BMW X5 and a pair of $450 Louis Vuitton shoes. In addition, Hackett was charged with obtaining devices used to create counterfeit credit cards. According to p...

A federally funded U.S. lab that is suspected to have been involved in finding the vulnerabilities in Siemens SCADA systems used by the Stuxnet worm has shut down the Internet connection for its employees following the discovery of a breach into the facility's systems. The Oak Ridge National Laboratory - located in Tennessee and funded by the U.S. Department of Energy - is known for performing classified and unclassified research for federal agencies and departments on issues crucial for national security. Among other things, the lab also does cybersecurity research on malware, vulnerabilities and phishing. It is somewhat ironic, then, that the breach was the result of two employees falling for a malicious email containing a link to a page that exploited a remote-code execution vulnerability in the Internet Explorer browser. According to Wired, the email was sent to about 530 lab employees, of which 57 believed that the email was coming from the institution's human resour...

Pakistan Air Force Server Hacked by Code Breaker/Lucky (Indishell) Indishell, group of some Indian Hackers hacked PAF (Pakistan Air Force) server with 8 more server in LAN. They claimed that all those 8 more servers were in LAN with that PAF server. Here’s a screenshot of RDP.  'Code Breaker' claims to have backed up all the data using remote desktop protocols. Source

FBI cracks International Bot Network ! The Department of Justice and FBI declared that it has cracked a network of hackers, who have infected almost 2 million computers with a harmful "bot" program, Coreflood that steals private and monetary data from computers. Identified as a "bot" network- as the malware can be managed distantly like a robot- it compromises machines with a software program called Coreflood, which downloads itself by finding out the vulnerability in systems, that are running Windows operating systems. The legal actions are the key components of the "most complete and inclusive enforcement action ever taken by the U.S. authorities to put out of action an international botnet", as per the statement from the Department of Justice, reports cnet News on April 13, 2011. As per a request from a temporary restraining order that was granted, it's the first time USA law enforcement has taken consent from a court for controlling a botne...

Cyber jihadists could use Stuxnet worm to attack the west ! ACCORDING TO Mikko Hypponen , F-Secure’s chief security researcher, there has been a revolution in malware with Stuxnet. “ The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure – like blow up nuclear power plants or do something to our food chain. ”

McAfee study  - India is fourth lowest in security adoption ! McAfee and the Center for Strategic and International Studies (CSIS) revealed the findings from a global report ‘In the Dark, Crucial Industries Confront Cyber attacks’ that reflects the cost and impact of cyber attacks on critical infrastructures. Critical infrastructure refers to computer systems of vital economic assets such as power grids, railways, nuclear energy plants, etc. that make strong targets for criminal threats, industrial espionage and politically motivated sabotage. According to the report findings, India ranked fourth in terms of lowest levels of security adoption after Brazil, France and Mexico, adopting only half as many security measures as leading countries such as China, Italy and Japan. Concurrently, China and Japan were also among the countries with the highest confidence levels in the ability of current laws to prevent or deter attacks in their countries. The report states that currently ...

Scada systems are found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.Their scurity of these systems is getting worse and is big concern today. Application security management firm Idappcom reported 52 new threats in March targeted at supervisory control and data acquisition (Scada) systems of the sort hit by the infamous Stuxnet worm. “We quickly realised this was too much of a significant blip to be an anomaly. It may be an indicator towards a worrying trend,” said Haywood.Our records go back to 2004 and I’ve never recorded any sort of significant blip on the radar in an area like this previously.” said Tony Haywood, chief technology officer at Idappcom. Some of the xploits founded arecausing DOS (Denial Of Service), bringing system to halt. Scada systems are often at greater risk because they are connected to legacy operating systems such as Windows 95 for which there are no service packs or autom...

Codenomicon is a Finland based Information Security company. Recently it has released a universal fuzzer, a fuzz testing solution that combines heuristics and multiple fuzzers with a graphical user interface, automated test executions and reporting features. Fuzzing has been popular between hackers and security researchers to find bugs and0-days in software.This Universal Fuzzer can be used to test everything that can be presented in a file format, such as image files, captured protocol messages, text documents and wireless frames. It creates test cases from sample files, such as pdf-documents, media files and protocol files. The Universal Fuzzer uses heuristics to determine the structure of the sample files, thus it is able to generate more intelligent, targeted test cases and discover more vulnerabilities. The coverage of the tests is further improved by combining the abilities of 15 different fuzzers. The Universal Fuzzer is an easy and flexible solution for performing fuzzing. It...