The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Japan's National Police Agency has offered a monetary reward for a wanted hacker, use programming languages like C# to create a virus called " iesys.exe " and Hijack systems of innocent people to post aggressive messages on Internet on behalf of Users.  Method called a " Syberian Post Office " to post messages to popular Japanese bulletin board. Hacker use cross-site request forgery exploit, that allow hackers to making online postings via innocent users automatically. The messages included warnings of plans for mass killings at an elementary school posted to a city website. It is the first time that Japan's National Police Agency has offered a monetary reward for a wanted hacker  and will pay up to 3 million yen (US$36,000). The case is an embarrassing one for the police, in which earlier this year four individuals were wrongly arrested after their PCs were hacked and used to post  such messages on public bulletin boards. " Up until now t...

The Homepage of BSNL ( Bharat Sanchar Nigam Limited ) https://www.bsnl.co.in/ was hacked today morning by hacking group Anonymous.  BSNL is an Indian state-owned telecommunications company, the largest provider of fixed telephony and fourth largest mobile telephony provider in India, and is also a provider of broadband services. The website's homepage was hacked saying, "  Hacked by Anonymous India,  support Aseem trivedi (cartoonist) and alok dixit on the hunger strike,  remove IT Act 66a,  databases of all 250 bsnl site has been deleted .............Do not think of BACKUP "  with a images of Mr. Aseem while he was arrested by Police. Hack was performed by Anonymous India hacking group and claiming to hack whole server, with 250 Databases. Hacker wrote on deface page, that they deleted all the databases and dump credentials of BSNL database servers in a pastebin File . Analyzing the dump of database After analyzing ...

The U.S. Department of Justice said on Tuesday that they've arrested 10 suspects from from Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States involved in a global botnet operation that infected more than 11 million systems. The ring is said to have caused more than $850m in losses in one of the largest cyber crime hauls in history. Officials said international cyber crime rings linked to Butterfly (aka Mariposa) botnet, first discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims. FBI said , " Facebook's security team provided assistance to law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by the malware. Yahos targeted Facebook users from 2010 to October 2012, a...

Some 22,300 purported student and staff records held by the Australian Defence Force Academy were stolen and published online last month. A member of the Anonymous group, known as Darwinaire , is claiming responsibility for the theft. The systems were compromised in November, with UNSW notifying staff and students within a day, but has only now come to light. Among the victims are hundreds of senior officers in the army, navy and air force, as well as military personnel from other nations who are enrolled at the academy. Hacker express the lack of security as '' I know, right, very surprised I didn't get kicked out. So simple, took like three minutes , ''. The University of Canberra in which the ADFA resides had warned students of possible phishing attacks but said the compromised passwords were mostly redundant.  Darwinare, who describes himself as ''black hacker'', has previously breached the networks of online bookstore Amazo...

The Izz ad-Din al-Qassam Cyber Fighters published a new message on their Pastebin profile , warning of a new round of cyber attacks against U.S. financial institutions, beginning this week. In September and October , al-Qassam launched widespread distributed denial-of-service (DDoS) attacks against numerous banking websites . A Bank of America spokesperson told that the bank is " aware of the reports of possible cyber attacks and [is] monitoring [its] systems, which are fully operational .". Hacker said in new warning note ," After stopping one month attack of Izz ad-Din al-Qassam Group to American banks, today, this group has announced a new cycle of attacks, via an Email which has been sent to us, and has acclaimed that its aim is to compensate guilty offends to holy Prophet of Islam, Mohammad(PBUH). Also, in internet conversations earlier, this group had been stated that these attacks won't stopped and even in new announcements, it's been marked that there will b...

With the release of the Microsoft security bulletins for December 2012, Company flag total 7 updates for Windows users, where one is rated as critical that could lead to remote code execution, where as other two are rated as important which fix flaws that could result in the operating system's security features being bypassed. All of the IE fixes involve use-after-free memory vulnerabilities. Where as kernel level exploits bundled into mass-exploitation kits is like Blackhole. In addition to IE, Microsoft is fixing a critical flaw in Microsoft Word that could enable attackers to execute remote code. The vulnerability could be exploited by way of a malformed Rich Text Format (RTF) document. Also Fonts can also be used as a potential attack vector, as this Patch Tuesday reveals. A pair of critical font parsing vulnerabilities are being patched this month, one for OpenType and the other for TrueType fonts. Details of all Updates : MS12-07...

ReVuln Ltd. , a small security company headed by Donato Ferrante and Luigi Auriemma, post a video that demonstrates that how attacks can gain root on the appliances. Samsung Smart TV contain a vulnerability which allows remote attackers to swipe data from attached storage devices. In this demonstration readers will see how it is possible to use a 0-day vulnerability to retrieve sensitive information, root access, and ultimately monitor and fully control the device remotely. Auriemma said, " We have tested different Samsung televisions of the latest generations running the latest version of their firmware.  Unfortunately we can't disclose additional information but we can only say that almost all the people having a Samsung TV at home or in their offices are affected by this vulnerability. ".

Saudi Arabia's national oil company " Aramco " is the country's largest oil production facility and is a significant exporter in the Organization of the Petroleum Exporting Countries. They said that a cyber attack against it in August which damaged some 30,000 computers was aimed at stopping oil and gas production at the biggest OPEC exporter. The interior ministry said it was carried out by organised hackers from several different foreign countries and Aramco employees and contractors were not involved. " The main target in this attack was to stop the flow of oil and gas to local and international markets and thank God they were not able to achieve their goals ," Abdullah al-Saadan, Aramco's vice president for corporate planning, said on Al Ekhbariya television. " Not a drop of oil was lost and the company was able to restore productivity in record time ," he added. The hackers used several methods to hide their location The attack used a computer viru...

Team Ghostshell a Hacktivists group of hackers, who before was in news for hacking Major Universities Around The Globe and leaked 120,000 records, are once again hit major organisations and expose around 1.6 million accounts  Hacker name the project as #ProjectWhiteFox , means " Freedom of Information " . These leaked 1.6 millions user accounts belongs to aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more. In a Pastebin Note hackers mention, " How we went from 'cyber-criminals' to 'hacktivists' to 'e-terrorists' to 'bad actors' to blacklisted. #ProjectHellFire got the US wary of us, at that time we still wasn't sure if GhostShell had gotten X'd, but when the second release of #ProjectWestWind came out, you guys got so hyped about it that we knew it had started to unfold. " Hacked ...

Anonymous hackers once again hit Egyptian Government Websites and taken down. Hackers react under operation named #OpEgypt and hit 30 websites with DDos attack. Hacktivist using the handle @AnonymousGrupo claimed the responsibility of attack. Attacked websites include, The Egyptian Presidency website, The Egyptian Cabinet, Trade Agreements Sector (TAS), Maritime Transport site, Central Agency for Public Mobilization and Statistics, parliament website, Income Tax and many more. At the time of writing, many sites has been restored, but a few like https://www.presidency.gov.eg/ is still under maintenance. The Reason of Hack is mentioned in the banner shown above, was posted their facebook page. Readers can find list of sites under attack at Pastebin Note here .