The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Dutch media report   Skype has Illegally (without court order) distributed a 16 years old user's personal information including user name, real name, email addresses and the home address used for payment to a private company consistently a police investigation into Anonymous-sanctioned cyber attacks on PayPal.  In 2011 most of the online payment solution companies blocked donations to WikiLeaks, in relation to this Anonymous Hacker DDOS paypal and Mastercard. During investigation of attack an IT firm reach skype for the information of their use and Skype  handed over the personal information of a 16-year-old  Illegally to them. Dutch media report that Police operating the case as 'Operation Talang' which is actually focussed on two persons. Joep Gommers, senior director of global research at the Dutch IT security firm iSIGHT Partners, was hired by PayPal to investigate the attacks. They are Alleged to...

Hacking group #NullCrew deface UNESCO Etxea website (unescoetxea.org), which is an internationally oriented NGOs working for the culture of peace, sustainable human development and human rights, at local and global levels. Deface page reads, " Welcome to the new front page of unesco etxea You have been targeted by NullCrew, as part of the FuckTheSystem movement. We have began the war, once again; but this time, good-luck even coming close to winning. " " The united nations, just a bunch of corrupt nations; united by one source of power.. And for that reason, we have came back; to repeat the process. Enjoy the candy. " After watching the data dumped on deface page including the kernel version of server and wordpress database configuration file we can judge that, hacker is able to upload the php shell on website of UNESCO Etxea and he deface the web page. #NullCrew today also hack  UK Ministry of Defence and dump database...

Google today released Chrome version 23 to the Stable Channel. 23.0.1271.64 for Windows, Mac, Linux, and Chrome Frame. Update includes patch for 12 vulnerabilities in the Windows version and two vulnerabilities in Mac OS X version. Chrome 23 is the support of the Do Not Track (DNT) protocol, number of new features including GPU accelerated video decoding on Windows and easier website permissions. " We recently enabled GPU-accelerated video decoding for Chrome on Windows. Dedicated graphics chips draw far less power than a computer's CPU, so using GPU-accelerated video decoding while watching videos can increase battery life significantly ." Out of  14 vulnerabilities , 6 vulnerabilities rated as high and rest are of either medium or low severity. CVE number of all bugs are - CVE-2012-5128, CVE-2012-5126, CVE-2012-5125, CVE-2012-5124, CVE-2012-5123, CVE-2012-5115, CVE-2012-5127, CVE-2012-5120, CVE-2012-5116, CVE-2012-5118, CVE-2012-5121, CVE-2012-5117,CVE-2012-5119, ...

The United Kingdom Ministry of Defence website (www.qhm.mod.uk) hacked by two Null Hacking Crew members  @OfficialNull  and @Timoxeline  and They extracted data published online . The data dump include 3400 email addresses and passwords from Ministry of Defence portal. Hackers trying to trend  #FuckTheSystem hashtag on twitter and related it to all their hacks against UK government. Hacker wrote on note : " Your webmaster made a terrible mistake... You may criticize us on the simplicity of the vulnerability. But if you can get so much useful data so easily, why wouldn't you? " "We hope that all governments and organizations realize that #FuckTheSystem is definitely not a joke. We hope that you have the decency to grasp the concept of it. But hey... You're the government right... Just some butthurt little fags. This security just proves how much of a joke our governments are. " note continue. Hackers mention that, they hack the website ...

Adobe release updates for Flash Player on Windows, Mac, and Linux to address 7 recently identified critical security vulnerabilities. Updated version is now 11.5.502.110 for Windows or Mac OS X users or to 11.2.202.251 for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. A recent Q3 2012 Threat repor t from Kaspersky Lab showed that nearly 30% of the exploits circulating online are targeting Adobe products. Java vulnerabilities were exploited in more than 50% of all attacks. According to Oracle, different versions of this virtual machine are installed on more than 1.1 billion computers. CVE number of 7 critical Adobe Flash Player Vulnerabilities are CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280. Adobe's advisory about this update is available here .

Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it will cost you somewhere in the region of $700. If you just want to hire someone else's botnet for an hour, though, it can cost as little as $2. There are at least 20 different types of services offered in Russian-speaking forums for just about anyone who wants to make a buck off of cybercrime, everything from crime-friendly VPN and security software-checking services to plain old off-the-shelf exploits. " As the Russian underground community continuously modifies targets and improves technologies, security companies and users must constantly face the challenge of effectively protecting their money and the information they store in their computers and other devices ," the ...

About five months ago, OLPC Project started a little experiment . They chose a village in Ethiopia where the literacy rate was nearly 0% and decided to drop off a bunch of Motorola Xooms there. The One Laptop Per Child project started as a way of delivering technology and resources to schools in countries with little or no education infrastructure, using inexpensive computers to improve traditional curricula. On the tablets, there was custom software that was meant to teach kids how to read. This experiment began earlier this year. Timeline of Experiment: 1st Four Minutes - One kid had opened the box and had figured out how to turn on the Xoom. In 1st Five Days -  The kids were using nearly 50 applications each every day. In Two Weeks - The kids were singing their ABC's in English. Now its 5th Month - They hacked the Motorola Xooms so they could enable the camera, which had been disabled by OLPC. OLPC founder Nicholas Negroponte at MIT Technology Review's EmTech confer...

A group of researchers has developed a side-channel attack targeting virtual machines that could pose a threat to cloud computing environments. Side-channel attacks against cryptography keys have, until now, been limited to physical machines, this attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen). A side channel is a form of information leakage that arises as a byproduct of resource exposure, such as the sharing of memory caches. A side-channel attack exploits such leakage to steal secrets, such as cryptographic keys. " In this attack, the researchers were able to extract a private ElGamal decryption key from the target VM's libgcrypt library; the target was running Gnu Privacy Guard. Over the course of a few hours of observations, they were able to reconstruct a 457-bit exponent accompanying a 4096-bit modulus with high accuracy. So high that the attacker was then left to search fewer than 10,000 possible...

According to the report from Bloomberg, In 2009, the FBI told Coca-Cola executives that hackers had broken into their computer systems, when a malicious link was emailed to a senior executive, but never revealed the incident. Hackers were able to spend a month operating undetected, logging commercially sensitive information. " Hackers had broken into the company's computer systems and were pilfering sensitive files about its attempted $2.4 billion acquisition of China Huiyuan Juice Group (1886), according to three people familiar with the situation and an internal company document detailing the cyber intrusion. " Bloomberg said . Coca-Cola, the world's largest soft-drink maker, has never publicly disclosed the loss of the Huiyuan information, despite its potential effect on the deal. Although the report claimed state-sponsored actors were involved, experts interviewed by the news wire said the attack had all the hallmarks of Comment a prolific Chinese hacking group. Re...

" Please don't mind, its 5th of November " slogan for today ! Anonymous Hackers hacked into " Telecom Italy " (www.telecomitalia.it) and dump Social Security Number, Social Insurance Number, 30000 credentials and lots of vulnerabilities exposed. In a blog post hackers said," Telecom Italy boasts 3000 XSS error and vulnerabilities that allow third parties to access the "htaccess" and other sensitive data. Anonymous will not publish sensitive information of individual users. This one can define a simple notice to show that you do not have appropriate security measures. In fact it is very simple appropriated credentials and social security numbers ." 3000 Cross site scripting ? wow its a huge number ! Hackers upload some paste regrading the hack as given below: 1.) Social Security Number and Social Insurance Number : Link 1 2.)  Some Credentials (sample only) : Link 2 In credentials disclosure we notice an interesti...