The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Drivers may have gotten a chuckle out of an electronic message board in Maine warning of zombies, but city officials were not amused. A Portland, Maine road sign is changed to a zombie warning on Wednesday, Oct. 10, 2012. It originally read " Night work 8 pm-6 am. Expect delays. " An electronic message board that typically warns motorists about impending roadwork instead read: " Warning Zombies Ahead! " as shown. City spokeswoman Nicole Clegg says the signs are a safety precaution and changing it could have led to driver distraction. She tells The Portland Press Herald tampering with a safety device is a misdemeanor punishable by up to a year in jail and a $1,000 fine. Subscribe  to our  Daily News-letter via email  - Be First to know about Security and Hackers.

Computer hackers broke into a Florida college's computer system and stole the confidential information of nearly 300,000 students statewide and the school's president. State and college officials said a breach that at first involved employees at Northwest Florida State College was much larger than suspected and now potentially involves student records from across the state. More than 3,000 employee records and 76,000 student records containing personal identification information were also stolen, including names, Social Security numbers, birthdates, ethnicity and gender for any student statewide who was eligible for Florida's popular Bright Futures scholarships for the 2005-06 and 2006-07 school years. The breach occurred sometime between late May and late September. The school notified the public on Monday. It was discovered during an internal review from Oct. 1 through Oct. 5. The school's president, Ty Handy, was among the employees victimized, the schoo...

The latest version of Mozilla's Firefox browser has been taken offline after a security vulnerability was discovered. Mozilla's Firefox 16 web browser got its regular six-weekly update yesterday but the organisation decided to pull the browser hours after the release. The outfit claimed it became aware of a security vulnerability in Firefox 16 and that updates are expected to ship at some point today. According to the Mozilla Security Blog , Firefox 16 features a security vulnerability that allows " a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters. " " As a precaution, users can downgrade to version 15.0.1 " - Firefox 16 offers several new features, most of which are aimed at developers. One such feature is the Developer Command Line, which provides keyboard control over the Developer Tools. Other features include CSS3 Animations, Image Values, IndexedDB, Transitions, and Transforms. ...

Anonymous Hackers  AnonSwedenOp  posted a video on YouTube on October 8 where it threatened the Estonian government with a possible cyber attack. " Estonian government had sacrificed its own people instead of helping its own people, Estonian government has channelled money to helping Greece that is much better off. " " Estonia says that it doesn't have money but then they give 357 million to Greece ," the statement declares. Anonymous Group will most probably attack on Friday, October 12, according to video and this attack will go as Operation #OpEstonia. The the end of the Video, Hacker with the promise: " This must end. Estonian people, we haven't forgotten you ". Anonymous Hacker last week took down the website of Swedish central bank also and this attack can also be on high rate, if they get possible massive number of attacks. Subscribe  to our  Daily Newsletter via email  - Be First to know about Se...

The Philippine Supreme Court on Tuesday suspended implementation of Republic Act 10175 or the Cybercrime Prevention Act for 120 days, while it decides whether certain provisions violate civil liberties. The law, signed last month, aims to combat Internet crimes such as hacking, identity theft, spamming, cybersex and online child pornography. Human Rights Watch, a human rights monitoring group, hailed reports of the TRO, and called on the tribunal to strike down what it called a "seriously flawed law." Many Facebook and Twitter users, and the portals of several media organisations in the Philippines, have replaced their profile pictures with black screens to protest against the law. Hackers also defaced several government websites in protest. Journalists and citizen groups are protesting because the law also doubles the normal penalty for libel committed online and blocks access to websites deemed to violate the law. They fear such provisions will be used by politic...

Hacker going by name " VenomSec " hacked the website of one of the biggest Islamic magazine IslamToday  ( https://magazine.islamtoday.net/ ) is an online magazine which is operated from Riyadh, the capital of Saudi Arabia and He leaked the database of the site also on a note in Pastebin . At the time of writing this article, the website was online and working without any interruption. One of the Hacker  Blog mention that : However, the reason for attacking the magazine site was not mentioned anywhere but from the message left by the same hacker on his previous attackwas to " protest against the on going war in the country and the Middle East, they are against the war and the anti-Islamic movie that has has resulted in spreading hate against the west ".  In Past  VenomSec hack few more Islamic sites including the website of Afghan Islamic Press and the official website of Lahore High Court of Pakistan. 

Hacker known as " Pinkie Pie " produced the first Chrome vulnerability at the Hack In the Box conference on Wednesday, just ahead of the deadline for the competition this afternoon. The exploit, if later confirmed by Google's US headquarters, will have earned the teenage hacker known as Pinkie Pie the top US$60,000 cash reward. In March, Pinkie Pie and Sergey Glazunov both won $60,000 for their exploits at the first Pwnium competition. Google established the Pwnium competition as an alternative to the Pwn2own contest in order to add the requirement that participants provide details of their exploit. Google will give away up to a total of US$2 million during the event. $60,000 - "Full Chrome exploit": Chrome / Win7 local OS user account persistence using only bugs in Chrome itself. $40,000 - "Partial Chrome exploit": Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows ...

Capital One Financial Corp. said it's the latest target in a new round of coordinated cyber attacks aimed at disrupting the websites of major U.S. banks, and SunTrust Banks Inc. and Regions Financial Corp. said they expect to be next. The so-called "Izz ad-Din al-Qassam Cyber Fighters" posted a specific timetable for its attack program on PasteBin.com, a website commonly used by hackers to brag about exploits. Izz ad-Din al-Qassam also threatened to pursue more cyber attacks next week and has long said it will not stop until the video is removed from the Internet. American banks will reportedly face a massive cyberattack in coming weeks. A Russian-speaking hacker is organizing a massive trojan attack based around fraudulent wire transfers--and American banks appear to be at the center of the raid. In the past, such attacks have sometimes caused websites to slow to a crawl or become inaccessible for some users; however, the impact cannot be gauged in advance. The sam...

Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system. There are no known exploits at this time, Details of the issue were disclosed on Sunday. Cloudstack is one of the largest open source cloud infrastructure management systems together with OpenStack and Eucalyptus. Mitigation against the vulnerability is possible by logging into the Cloudstack MySQL database, disabling the system user and setting a random password. " The CloudStack PPMC was notified of a configuration vulnerability that exists in development versions of the Apache Incubated CloudStack project. This vulnerability allows a malicious user to execut...

New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked, according to research from the University of Birmingham with collaboration from the Technical University of Berlin. Researchers said that standard off-the-shelf equipment, such as femtocells, could be used to exploit the flaw, allowing the physical location of devices to be revealed. The 3G standard was designed to protect a user's identity when on a given network. A device's permanent identity, known as International Mobile Subscriber Identity (IMSI) is protected on a network by being assigned a temporary identity called a Temporary Mobile Subscriber Identity TMSI. The TMSI is updated regularly while the 3G networks are supposed to make it impossible for someone to track a device even if they are eavesdropping on the radio link. Researchers have discovered that these methods can easily be sidestepped by spoofing an IMSI paging reques...