The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Domain name registrar and website hosting provider Go Daddy is responding to a DNS attack targeting a "small number" of its hosted websites that one security firm said is enabling cyber criminals to spread ransomware.  The DNS (Domain Name System) is what transfers host-names into IP addresses, meaning computers can talk to each other and users can access them online. Godaddy said, " We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems. " The Cool Exploit Kit targets a variety of vulnerabilities, including Java errors, and has been seen spreading via drive-by attack websites. The ransomware served depends on the country of origin. In the UK, it is malware posing as a legitimate message from the Met's Police e-Crime Unit (PCeU). It locks the computer, on the grounds that the computer ...

Symantec recently identified a database-corrupting piece of malware targeting systems mostly in Iran, but despite early speculation that it could be related to the likes of Stuxnet and Flame, it appears to be targeting small businesses rather than the country's infrastructure. Malware Dubbed W32.Narilam , is predominantly active in the Middle East, and it has also been detected in the USA and UK. The worm looks for particular words in Microsoft SQL databases and overwrites them. The worm specifically targets SQL databases with three distinct names, alim, maliran, and shahd. Once the targeted databases are found, Narilam looks for specific objects and tables and either deletes the tables or replaces items with random values. On Monday an alert was published on tarrahsystem.com warning of the W32.Narilam threat to its customers. The bulk of the infections thus far have been found in the Middle East, particularly Iran and Afghanistan. Kaspersky Lab took issue ...

Official website of President of Sri Lanka (president.gov.lk)  breached by hacker going by name " Broken-Security ", using Blind Sql Injection vulnerability. Vulnerability also posted by hacker on a pastebin note with database dump including table and column names. Dump include the Username and Encrypted password of admin also as shown in screenshot. Hacker didn't mention any reason of hacking. 

Several weeks ago we reviewed Incapsula , a Cloud-based Security service which can significantly enhance the security of your website, while also boosting its performance. Following this review we've received many responses from our readers who wanted to learn more about Incapsula protection services. Specifically, we were asked to explain more about Incapsula Enterprise plan features. To answer these questions, today we are going to take a look at Incapsula DDoS Protection services. Distributed Denial of Service attacks If your business has a web presence, chances are that you've already heard about Distributed Denial of Service attacks. In case you didn't, a Distributed Denial of Service (DDoS) attack is a DoS attack that is usually carried out by a "botnet", a network of computers acting in concert to overwhelm the server by depleting all available resources. Recently we all witnessed a large DDos attacks on U.S. banks by Muslim hacker group , an attack which crippled th...

The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many security experts attribute it to joint work of Israel and US development team. Let's remind that according the analysis on Flame source code conducted by Kaspersky the malware is linked to Stuxnet, a version of the famous virus shared a module with the spy toolkit. Frame is considered one of the most complex spy tool produced by a state sponsored project and its use in the attacks against French government suggests the existence of a cyber espionage campaign to collect sensible information. An official declaration coming from spokesmen of the Elysee Palace and reported by the magazine states: "Hackers have not only managed to get to the heart of French political power,...

Internet hacktivist group Anonymous has declared cyberwar on Israel, posting personal data of five thousand Israeli officials online. " It has come to our attention that the Israeli government has ignored repeated warnings about the abuse of human rights, shutting down the internet in Israel and mistreating its own citizens and those of its neighboring countries ," the hackers wrote in a statement. The document contains names, email addresses and ID numbers apparently belonging to Israeli officials. The group also said " Israeli Gov. this is/will turn into a cyberwar. " Earlier, the group hacked over 700 hundred Israeli websites, including the Bank of Jerusalem, the Israeli Defence Ministry, the IDF blog, the President's official website and many others. The Israel's finance minister has acknowledged the recent wave of attacks, saying the government is now waging a war on a "second front."

Protesting against attacks taking place on Gaza, Anonymous hackers attempts to hack most of the Israel websites in the past few days. " government and private websites are under siege from hackers, who have mounted 44 million cyberattacks in less than a week" , the government said. Today Pakistani   Hackers also deface Israeli Bing , MSN, Skype, Live and other big sites and In counter-attack  Israeli Hackers Leak Credit Card  Data from Palestine ISP website. Finance Minister Yuval Steinitz said just one hacking attempt was successful on a site he did not want to name, but it was up and running after 10 minutes of downtime. Israel said that it generally experiences a few hundred hacking attempts per day. The attacks are reportedly coming from around the world. Defence force sites have been the hardest hit, while the president's site has been hit 10-million times, the foreign ministry seven-million times and the prime minister three-million times. ...

Prepare your tools, build your team, defend your country and conquer the World. It is well known that the best way to learn security is hands on. It's the kind of experience you earn in pentest labs or CTF competitions based on challenges or defensive and offensive security and it's aimed at improving your security skills. Every important Information Security conference has a CTF competition, the most prestigious universities host CTF competitions and major companies organize CTFs now and then. Just take a look at Stripe or Mozilla. CTF is everywhere and not just in the InfoSec Industry. The World is changing rapidly, and so is the InfoSec industry along with CTFs. It looks like CTF365 took this task seriously and they promise a brand new approach to CTF competitions that will change everything we know about those competitions. Is not a challenge nor scenario based game. They simply promise to build and internet within The Internet and replicate everything that ex...

A Russian hacker going by name - " kOS " hack into the Bulgarian torrent tracker " Arenabg " website ( https://forum.arenabg.com/ ) and leak the complete database of their forum and accused of collecting IP of users like PirateBay. Hacker said, " Why I hack this tracker? Because they store IP information and NO tracker must do, not on any of their service - blog, forum, custom CMS or else. If ARENABG not fix mistake, I dump main tracker information with all IP/username/pass! " Leaked Database include data of 22675 Users with their name, email, encrypted password and IP address and other forum based information. This Torrent site provide links and tracers for downloading movies, music, games, serials, programs, pictures, mobile applications. Hacker upload the complete SQL database on File sharing site .

The FreeBSD team has announced over the weekend that two machines within the FreeBSD.org cluster have been compromised and have been consequently pulled offline for analysis. Security team said on Saturday. " The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution, ". However it added that the intruder had sufficient access to modify third party packages, many of which are compiled and installed through FreeBSD's ports system. Audits have been performed to verify the infrastructure and source trees are clean and the suspect machines " are either being re installed  retired, or thoroughly audited before being brought back online ," the cluster administration team said . The FreeBSD Project was gearing up for the FreeBSD 9.1 release, however as it is unable to verify the integrity of the package set, that has been removed and will be rebuilt prior to th...