The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Warner Bros. is apparently hoping to attract new fans by offering movies for viewing on Facebook. The movie studio announced this evening it would begin testing a program that would offer movies for sale or rental for a brief period through its fan pages on the social-networking giant. Beginning tomorrow, Facebook users can use Facebook Credits to rent "The Dark Knight" through the movie's official fan page on the social-networking site, Warner said in statement. The movie can be rented for 30 Facebook credits or $3, and Facebook users will have access to the movie for 48 hours through their accounts on the social network. Facebook Credits is an alternative payment option for more than 150 games and applications on the social network. It's supported by games such as FarmVille and Mafia Wars, as well as Bejeweled Blitz and Madden NFL Superstars. Most titles still allow gamers to pay with credit cards, but it's Facebook's hope that eventually, users will buy a...

Android's little green robot mascot is pretty cute. Even one of Apple's biggest fans could admit he's cooler than a slightly bitten fruit. So seeing how commonly hacked Android is, when Instructables member Tanabata decided to hack a figurine to make it responsive--the Android robot is, of course, the natural choice. Tanabata's Mechanized Android Figure moves its head, displays light patterns, reacts to sound, and can send out messages in morse code. His model is from DYZPLASTIC, but you could use this hack on and figurine you have lying around that you don't mind altering. From there. you're going to need a whole lot of supplies--think four types of LED and resistors, plastic and metal micro servos, a Piezo and power supply to name but a few. Fortunately the full instructions and shopping list (with links!) are available on Instuctables to follow. After a bit of wiring (remembering to keep things small) all the gear up, then prising open the firgurine to ad...

The average website has serious vulnerabilities more than nine months of the year, according to a new report issued yesterday. According to a study issued by researchers at WhiteHat Security, the average site is exposed about 270 days of the year. "Information Leakage" has replaced Cross-Site Scripting (XSS) as the most common website vulnerability, the report says. The report examined data from more than 3,000 websites across 400 organizations that are continually tested for vulnerabilities by WhiteHat Security's Sentinel service. The study offers a look at sites' "Window of Exposure," which measures not only the vulnerabilities found in sites, but the length of time it takes those vulnerabilities to be remediated. "It's inevitable that websites will contain some faulty code -- especially in sites that are continually updated. Window of Exposure is a useful combination of the vulnerability prevalence, the time it takes to fix vulnerabilities, and...

BREMERTON  — The partially naked photograph of a Bremerton teenager has managed to circulate to her e-mail contacts, teachers and even to colleges where she'd applied to school, according to Bremerton police reports. The girl said she'd sent a picture of herself wearing only underwear to her boyfriend about six months ago, police said. Recently, her computer has had problems and she believes it may have been hacked. She then discovered the photo, which was on the computer, had gone out to her e-mail contacts and asked police to investigate. Bremerton detectives are on the case. Anyone with information is asked to call 911.

The French Ministry of Finance was hit by an unprecedented cyber attack in December, with over 150 computers compromised, according to reports. Hackers got their hands on documents related to the current French presidency of the G20 and international economic affairs, Paris Match reported. Patrick Pailloux, the executive director of l’ANSSI (Agence Nationale de la Securite des Systemes d’Information), said it was the first time the French state had been targeted by an attack of this scale. Pailloux also revealed other French Government departments had been targeted. The hackers used a Trojan to infiltrate systems, having sent emails to French Government workers, using what appeared to be standard social engineering tactics. Pailloux said an operation had been carried out to improve defences at the Government department. There have been rumblings the attack came from China, although no solid proof has emerged. “I can say that we know of hacker groups in China specialising in t...

Concerns about North Korea's cyber warfare squads are resurfacing after Friday's cyber and GPS jamming attacks, which are being blamed on the North. Pyongyang began developing electronic warfare capabilities in 1986 when it founded Mirim University, the present-day Automation University, to train specialists. A defector who graduated from the university recalled that 25 Russian professors were invited from the Frunze Military Academy in the former Soviet Union to give lectures, and some 100 to 110 hackers were trained there every year.  Mirim is a five-year college. The Amrokgang College of Military Engineering, the National Defense University, the Air Force Academy and the Naval Academy are also reportedly training electronic warfare specialists.  Jang Se-yul of North Korean People's Liberation Front, an organization of former North Korean military officers and servicemen, recalled that when he fled the North in 2007, "I heard that the North Korean military has about ...

How to join  Anonymous Hacker - Identity less Cyber Heroes  ? We have a long fight ahead of us. lets work toward a better world together. together we can do what our elected officials refuse to do. make the world a better place. We Are Legion. Expect Us. Protect your identity :  Click Here HOW TO JOIN ANONYMOUS - A BEGINNER'S GUIDE Preface: So you want to join Anonymous? You can not join Anonymous. Nobody can join Anonymous. Anonymous is not an organization. It is not a club, a party or even a movement. There is no charter, no manifest, no membership fees. Anonymous has no leaders, no gurus, no ideologists. In fact, it does not even have a fixed ideology. All we are is people who travel a short distance together - much like commuters who meet in a bus or tram: For a brief period of time we have the same route, share a common goal, purpose or dislike. And on this journey together, we may well change the world. Nobody can speak for Anonymous. Nobody ...

An official with Iran’s Revolutionary Guard has said that Iran welcomes hackers who are willing to work for the Islamic Republic.  “Regarding the cyber issue, we welcome the presence of those hackers who are willing to work for the goals of the Islamic Republic with good will and revolutionary activities,” said Brigadier General Gholamreza Jalali, adding that those hackers who he said are working against people will be dealt with. Jalali, who heads the country’s Passive Defense Organization, made the comments in an  interview with “Bultannews,”  a website said to be close to the Intelligence Ministry. Was Jalali trying to recruit new staff for the “Iranian Cyber Army” or for Iran’s newly launched cyber police? Or for a new entity called the “Cyber War Base “? Jalali said the "base" will be launched in the near future and will fight against cyber attacks. The  Iranian Cyber Army  has been responsible for hacking and bringing down a number of websites in ...

Ravi3ggsmindia.com Defaced by Fedora (Pak Hacker) Hacked site link :  http://ravi3ggsmindia.com/ News Source : Fedora (Pak Hacker)

Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list. In a note to “ Vendor-Sec ” members, moderator Marcus Meissner said he noticed the break-in on January 20 but warned that it might have existed for much longer. I have disabled the specific backdoor, but as I am not sure how the break-in happened it might reappear. So I recommend not mailing embargoed issues to vendor-sec@….de at this time. Immediately after Meissner’s warning e-mail, the attacker re-entered the compromised machine and destroyed the installation. The “Vendor-Sec” list is used by distributors of free/open-source OS and software to discuss potential distribution element (kernel, libraries, applications) security vulnerabilities, as well as to co-ordinate the release of security updates by members. This means that a compromise and the captu...

A vulnerability that a researcher planned to use to compromise an Android cellphone at a hacking contest later this week got squashed after Google fixed the underlying bug in the Android Market. Scio Security CTO Jon Oberheide notified Google of the XSS, or cross-site scripting, bug in the application bazaar because he didn't believe the vulnerability would qualify under terms of the Pwn2Own contest that is scheduled to start on Wednesday. The “incredibly low-hanging naive persistent XSS” allowed attackers to to remotely install malicious apps on Android handsets by tricking users into clicking a link on their phones or computer browsers while logged into a Google account. Oberheide later learned that the vulnerability didn't run afoul of contest rules, allowing him to collect $15,000 and a free handset if he was successful. But he recently discovered Google closed the security hole. The $1,337 awarded to Oberheide under Google's bug bounty program, is little consolati...

In coordination with Metasploit Express and Metasploit Pro, version 3.6 of the Metasploit Framework is now available. Hot on the heels of 3.5.2, this release comes with 8 new exploits and 12 new auxiliaries. A whopping 10 of those new auxiliary modules are Chris John Riley's foray into SAP, giving you the ability to extract a range of information from servers' management consoles via the SOAP interface. This release fixes an annoying installer bug on Linux where Postgres would not automatically start on reboot. The feature I am most excited about is the new Post Exploitation support. I hinted at this new module type in the 3.5.2 release announcement and with 3.6, more than 20 new modules are available. Post modules are a new, more powerful, replacement for meterpreter scripts. Scripts were clearly tied to a single platform: meterpreter for Windows. With modules it is much easier to abstract common tasks into libraries for any platform that can expose a session. For example, f...

Tor 0.2.1.30 fixes a variety of less critical bugs. The main other change is a slight tweak to Tor's TLS handshake that makes relays and bridges that run this new version reachable from Iran again. We don't expect this tweak will win the arms race long-term, but it buys us time until we roll out a better solution. Complete Release description : Click Here Click Here to Download

After recovering from the largest Distributed Denial of Service attack in the service’s history (“multiple Gigabits per second and tens of millions of packets per second”) yesterday morning, blog host WordPress.com was attacked again very early this morning, finally stabilizing its service at 11:15 UTC (around 3:15 am PST). WordPress.com hosts over 30 million blogs, many of them news sites like our own, which lead some to conjecture that the attacks had come from the Middle East, a region experiencing its own Internet issues at the moment. Not so says Automattic founder Matt Mullenweg, who tells me that 98% of the attacks over the past two days originated in China with a small percentage coming from Japan and Korea. According to Mullenweg one of the targeted sites was a Chinese-language site operating on WordPress.com which also appears to be blocked on Baidu, China’s major search engine. WordPress doesn’t know exactly why the site was targeted and won’t release the name until it ...

43 Indian sites hacked by KiLLerMiNd ! Hacked Site Links :  http://pastie.org/1642415

Security Event : Recon 2011 Conference ! WHAT RECON is a computer security conference held annually in Montreal, Canada. It offers a single track of presentations over the span of three days with a focus on reverse engineering and advanced exploitation techniques. The registration fee includes an access pass to the conference as well as breakfast, lunch, and coffee breaks for all three days of the conference. Provincial and federal sales taxes will be applied to all registration fees. All registration fees are payable in Canadian dollars (CAD). There will be 250 tickets sold. WHEN July 8, 9, and 10, 2011 CONFERENCE REGISTRATION Registration opens March 21. The rate is discounted for early registrations. March: $500 CAD April: $600 CAD May: $700 CAD June: $800 CAD July: $1000 CAD Student before April 30: $350 CAD Student between May and June: $450 CAD WHERE Recon will be held in downtown Montreal, Canada at the Hyatt Regency Montreal. Room rates are: $149 CAD per...

HACKERS have infiltrated Finance Ministry computers to access documents linked to France’s presidency of the G20. Between December and the start of March, the ministry was subject to a “gigantic cyber attack”, according to the magazine Paris Match, which broke the story on its website. Speaking on Europe 1 radio, Budget Minister François Baroin confirmed that “information has certainly been obtained” by hackers, probably from a source outside France, and that “what they were targeting was the organisation of the G20”. In total, 150 computers are said to have been hacked into after spyware was introduced via attachments on emails sent from pirated email addresses. Paris Match, which cited “sources close to the affair”, said “numerous documents” linked to the G20 group, which brings together major economies to discuss the world economy, had been copied. The head of national IT security agency ANSII, Patrick Pailloux, told the magazine “this is the first attack against the French...

Anonymous Internet users discovered Thursday that the United States Government plays a major role in the day-to-day operations of the most popular Internet news source used by internet activists, or “hacktivists.” Anonnews.org claims to serve decentralized hacker group Anonymous as its central source of information, including targets and Anonymous press releases, which anyone can submit. A number of Internet users frequenting both the chronicle.SU and anonnews.org websites discovered that the website selectively runs articles that only fall in line with the agenda of the U.S. Government, and brought this to the attention of chronicle.SU senior executives. As perhaps only a handful of our readers know, anonnews.org, whose slogan is Everything Anonymous, actively deletes any and all content submissions originating from chronicle.SU. We have fought this for a long time, out of fairness to Anonymous and outside objectors, but we too have come to realize anonnews.org is either owned by, or...

Geohot has been causing quite a disturbance due to his ongoing legal battle with Sony. Geohot jailbroke the Sony PS3 to run unsigned code. Sony is now suing him, and Geohot is under the tech industry’s spotlight more than ever. So, what does all this have to do with Windows Phone 7? Microsoft has shown interest in Geohot before, and the company even reached out to him financially for his legal fight against Sony. Geohot will know be using his hacking skills at an upcoming convention to try and jailbreak Windows Phone 7… George “Geohot” Hotz is renowned for his jailbreak exploits on the iPhone, and he has expanded his hacking interests to other platforms. Electronista reports, “At the fifth annual Pwn2Own competition next week, George Hotz (Geohot) will attempt to use his hacking skills that landed him in hot water with Sony to win prizes. This year’s target platform will be Windows Phone 7, though other devices and operating systems will also take part. An attack will be judged...

CHINESE computer hackers last June gained access to secret South Korean military files on a planned spy plane purchase from the United States, a Seoul lawmaker says. The hackers accessed information in defence ministry computers on the plan to buy unmanned Global Hawk aircraft, said Shin Hak Yong, an opposition Democratic Party lawmaker and a member of parliament's defence committee. 'A government official reported the incident to me... the government has not raised the issue with China yet and is still debating how to handle it,' Shin's spokesman quoted him as saying, confirming his comments reported in Monday's Chosun Ilbo newspaper. Seoul last year earmarked 45.2 billion won (S$51.2 million) for the spy plane purchase following the North's alleged attack on a South Korean warship that left 46 sailors dead in March 2010. Cross-border tensions escalated further after Pyongyang's shelling attack on a frontier island that killed four South Koreans inc...

Microsoft has opted not to release any patches to its Internet Explorer 8 browser prior to this year's Pwn2Own browser exploit challenge, which is set to run from March 9 to March 11 at the CanSecWest security conference. There's been no indication as to why Microsoft's not making one last effort to plug security vulnerabilities within Internet Explorer 8. Pundits have suggested that the company might be waiting to see exactly what exploits and security flaws are uncovered by the various contestants in the annual contest, such that the company can more quickly address them post-Pwn. For the uninitiated, Pwn2Own works like this: Security researchers square off in an attempt to hack through the browser or mobile operating systems of eight different targets. Each Pwn2Own entrant or team has 30 minutes to compromise the browser or phone, and each device or web browser has—at maximum—four individuals or teams competing. The first group to successfully hack a device or browse...

Your credit card number and its code is the new currency in contemporary world where thieves skim the money right from your banking account. It is the new world where the cyberspace poses threats along with its immense impact on how we live and conduct our day-to-day business - it is the topic of a two-day seminar on cyber crime that started at Bhaikaka Hall near Law Garden on Saturday. Organized by the Institute of Engineers ( India), Gujarat State Centre in association with DST, Gujarat Electronics and Software Industries Association and CSI, the seminar will see discussion on real-life cases and legal hassles where experts from various fields will share their thoughts on the subject. "With the reach of internet, it is a high time to educate ourselves about the threats looming large and find a solution for it," said Bharat Patel, convener of the seminar. Despite significant advancement in technology, cyber terrorism is one of the greatest challenges for our society,...

Facebook new Vulnerability , Lots of Accounts misused for Spamming !  Facebook New Vulnerability, This time Facebook Groups are Vulnerable , One by one we getting more on more bugs in Facebook. Last days their was lots of bugs in Facebook page, because of that lots of big pages got hacked, Now 1000's of facebook profiles are misused to do spam on facebook groups. Total Exposure :  The current bug allows you to post as any user whose email address you know. You don’t need any other user access, no password nothing. The only two things you’ll need are: 1.) User’s email address (from their facebook profile). 2.) A group email address of which user is a part ( on groups’ homepage). Final Hack : After you have both these details send a spoofed mail from user to group email and bang it will be posted from user’s profile without any need of password. Notice : We have already submit this bug to facebook authorities, Hope they will fix it ,as soon as p...

Shia Community Forums hacked by ALM3R3FH Hacked site :  www.shiaforums.com Mirror: http://zone-h.com/mirror/id/13185345 News Source : ALM3R3FH

10 Indian Websites Hacked By Shak (Pak Cyber Army) Hacked sites :  http://bschoolaffaire.com/ http://zone-h.org/mirror/id/ 13185121 http://creativeholidaysindia. com/ http://zone-h.org/mirror/id/ 13185121 http://oils-fats-technology. com/ http://zone-h.org/mirror/id/ 13185126 http://solventextraction.in/ http://zone-h.org/mirror/id/ 13185139 http://greatartprinters.com/ http://zone-h.org/mirror/id/ 13185143 http://heropaper.com/ http://zone-h.org/mirror/id/ 13185144 http://kotakinternational.com/ http://zone-h.org/mirror/id/ 13185146 http://ransalindia.com/ http://zone-h.org/mirror/id/ 13185148 http://ibdp.svkm.ac.in/ http://zone-h.org/mirror/id/ 13185151 http://sesameseed.co.in/ http://zone-h.org/mirror/id/ 13185149