The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The  European Network and Information Security Agency (ENISA) , Europe’s Cyber security agency, issued a report focused on botnets this week titled, “ Botnets: Measurement, Detection, Disinfection and Defence. ” The report discusses the reliability of botnet size estimates and provides recommendations and strategies to help organizations fight against botnets. In addition, ENISA published a list of what it considers the top 10 key issues for policymakers in ' Botnets: 10 Tough Questions. ' The 154 page " Botnets: Measurement, Detection, Disinfection and Defence " report includes different types of best practices to measure, detect and defend against botnets from all angles. The countermeasures are divided into 3 main areas: neutralizing existing botnets, preventing new infections and minimizing the profitability of cybercrime using botnets. The recommendations cover legal, policy and technical aspects of the fight against botnets and give targeted recommendations ...

A total of 35,000 websites on the Chinese mainland were attacked by hackers in 2010, including 4,635 government websites, according to the Internet security report released by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) on March 9. The report shows that the IP addresses of 5 million domestic host computers were infected with a trojan horse or corpse virus. According to the report, government websites are vulnerable to hacker attacks and websites of financial institutions have become the main targets of hackers. According to the monitoring by the CNCERT/CC, 35,000 websites on Chinese mainland were victims of hackers in 2010, a decrease of 22 percent from 2009. Of them, however, 4,635 were government websites, an increase of 68 percent from a year earlier. Around 60 percent of ministerial-level websites have potential security risks to various degrees. “Hackers use two main means to attack government websites. One means i...

CHINESE blogger and activist Michael Anti wants to know why he is less worthy of a Facebook account than company founder Mark Zuckerberg's dog. Anti, a popular online commentator whose legal name is Zhao Jing, said his Facebook account had been suddenly cancelled in January. Company officials told him by e-mail that Facebook had a strict policy against pseudonyms and that he must use the name issued on his government ID. Anti said his professional identity as Michael Anti has been established for more than a decade, with published articles and essays. Anti, a former journalist who has won fellowships at both Cambridge University and Harvard University, said he set up his Facebook account in 2007. By locking him out of his account, Facebook had cut him off from a network of more than 1,000 academic and professional contacts who knew him as Anti, he said. "I'm really, really angry. I can't function using my Chinese name. Today, I found out that Zuckerberg's...

BlackBerry OS fell during the second day of the Pwn2Own hacking competition as a result of a drive-by download attack that chained together several exploits. The trio that managed to hack RIM's mobile operating system, Vincenzo Iozzo, Willem Pinckaers and Ralf Philipp Weinmann, exploited two vulnerabilities in the open-source WebKit layout engine in order to do it. The attack was launched from a specially crafted web page that stole information like contacts and images from the device and also wrote a file to the storage system. The hackers chained together an exploit for an information disclosure bug and one for an integer overflow vulnerability, but what's most impressive is that they did it without any documentation. They didn't have access to any debugging tool, like the ones available for other systems, that could have helped them determine how the attack code interacts with the system. Instead, they had to rely on exploiting a separate bug to read the device...

Microsoft Windows Picture and Fax Viewer Library  Vulnerability ! I. BACKGROUND The Windows Picture and Fax Viewer "shimgvw.dll" library is used by Windows Explorer to generate thumbnail previews for media files. II. DESCRIPTION Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host. III. ANALYSIS Exploitation could allow attackers to execute arbitrary code on the targeted host under the privileges of the current logged-on user. Successful exploitation would require the attacker to e...

It's pretty bold and a cunning coup; criminals have installed a trojan in the Android Market Security Tool that Google is distributing to delete the contaminated apps that recently popped up on the Android Market. As users have been told to expect to see the application running on their phones clearing up the damage the Droiddream trojan did, there's a good chance they won't be suspicious of it. According to reports though, at present, the trojan-infested version of the tool is only in circulation on an "un-regulated third-party Chinese marketplace" and appears to only affect users of a particular Chinese mobile network. According to an initial analysis by Symantec, the trojan contacts a control server and is able to send text messages if commanded to do so. According to F-Secure, BGServ (as the contaminant is called) also sends user data to the server after being installed. Apps from sources other than the Android Market cannot, however, be installed unintent...

Stephen Fewer won Pwn2Own ! The annual Pwn2Own contest at the CanSecWest conference kicked off Wednesday and one of the winners this year was Stephen Fewer, who exploited Internet Explorer 8 on Windows 7. Dennis Fisher spoke with him about the contest, the challenge of attacking IE 8 and the utility of memory protections.

Reverse Engineering of Proprietary Protocols, Tools and Techniques ! This talk is about reverse engineering a proprietary network protocol, and then creating my own implementation. The talk will cover the tools used to take binary data apart, capture the data, and techniques I use for decoding unknown formats. The protocol covered is the RTMP protocol used by Adobe flash, and this new implementation is part of the Gnash project. Download Complete Video : http://www.filesonic.com/file/125296291/reverse.xvid.avi or http://www.fileserve.com/file/jWNATyJ/reverse.xvid.avi WMV3 1024x768 | MP3 48 Kbps | 183 MB

Hacker group Anonymous takes down websites across the world for the greater good: peace, freedom of information and solidarity. Anonymous, which began as a movement in 2003 on a series of internet chat boards, has gone from targeting small time hypocrites to large multinational corporations bringing it from the background of hacker culture to the forefront of global politics. Anonymous is considered a “hackivist” movement that became globally recognized in 2010 after shutting down Mastercard, Visa, and Paypal during what they called Operation Payback. These major corporations stopped providing their services to Wikileaks, which had been using them to accept donations into the Wikileaks defense fund. This action on the part of Visa, Mastercard and PayPal offended the Anonymous community as an affront to freedom and justice. Anonymous stated on Al Jazeera that they could have taken down the infrastructure of all three websites but didn’t because they wanted people to still be able to u...

EC-Council Launches Center for Advanced Security Training (CAST) to Address the Growing Need for Advanced Information Security Knowledge Mar 9, 2011, Albuquerque, NM  - According to the report, Commission on Cybersecurity for the 44 th  President, released in November 2010 by Center for Strategic and International Studies (CSIS), it is highlighted that technical proficiency is critical to the defense of IT networks and infrastructures. And there is evidently a shortage of such personnel in the current cyber defense workforce. The United States alone needs between 10,000 to 30,000 well-trained personnel who have specialized skills required to effectively guard its national assets. In essence, there is a huge shortage of highly technically skilled information security professionals. The problem is both of quantity, and quality, and this is not a problem just for the government space. Public and private companies are also in dire straits trying to fill such staffing needs. Th...

Jitendra Chohan College website hacked ! Hacked Site :   www.jccl.svkm.ac.in Mirror :   http://zone-h.org/mirror/id/13211084

Uzbek Embassy in Singapore Owned By SimMz K Uzbekistan.Org.Sg    Uzbek Embassy in Singapore Owned By SimMz K (Founder of Kashmir Exploit Worms – Currently Having One Members Only) Hacked Site :  http://www.uzbekistan.org.sg/admin/images/SimMz.htm   Mirror :  http://www.mirror-az.com/mirror/?id=14514

Pwn2Own, the annual three-day browser hackathon, has already claimed its first two victims: IE8 on Windows 7 64-bit, and Safari 5 on Mac OS X. Google Chrome looks set to survive for its third year in a row. Internet Explorer 8 was thoroughly destroyed by independent researcher Stephen Fewer. "He used three vulnerabilities to bypass ASLR and DEP, but also escape Protected Mode. That's something we've not seen at Pwn2Own before," said Aaron Portnoy, the organizer of Pwn2Own. Safari 5, running on a MacBook Air, was compromised in just five seconds by French security company Vupen. Both attackers netted $15,000 for successfully compromising a browser. The contest continues today and tomorrow. Firefox 3.6 is yet to be attacked, and tomorrow will see the very first mobile browser deathmatch. Windows Phone 7, iOS, Android and RIM OS, all with their stock browsers, will be attacked by security researchers to find out just how secure mobile browsing is. Again, $15,000 is...

EU cyber security agency ENISA has warned that ISPs, end users and governments all have a role to play in stopping the global menace of botnet-related cyber crime. Botnets, such as the one that uses the infamous Zeus malware to infect machines, are growing in scope and scale, and ENISA has released two reports in which it attempts to understand the root of the problem and how to tackle it. The security agency warned that combating botnet attacks will take a co-ordinated response and should only be tackled after careful consideration of their impact and motivation. "The botnet numbers define the political agenda and they determine hundreds of millions of euros of security investments. We should understand what is behind them," said Giles Hogben, the report editor. "Size is not everything - the number of infected machines alone is an inappropriate measure of the threat." ENISA's main report, Botnets: Measurement, Detection, Disinfection and Defence (PDF) is a...

A short while ago, I decided to prepare a presentation on web vulnerabilities and specifically on XSS attacks. This involved studying the way today’s filtration systems work. I selected the most popular Russian social networking website, VKontakte.ru, as a test bed. One thing that grabbed my attention was the updated user status system. The HTML code in the part of the page where users edit their status messages is shown below: As you can see, filtering is performed by the infoCheck() function. The status itself is located in this string: What we have here is two-step filtration. The first step is performed when the user enters the status message. The second step involves converting the status message to text and returning it to the page in the shape in which other users will see it. While the second step definitely works well and it would clearly be impossible to convert to active XSS, things are not as simple where the first step is concerned, so it is that step that we will look ...

'EC-Council Academy'  server compromised ! EC-Council Academy , Here a image show above that  http://www.eccouncilacademy.org  got rooted by a hacker. The image clear expose the shell on the server and via putty the hacker is login as root on their server :P Update : I wanna clarify that ' EC-Council  Academy' is not a part of 'EC-Council Organisation' , Actually in above image we have just shown that Academy's  web hosting server had been compromised, it  was not actually defaced by hacker. " I wish to clarify to our partners, clients and friends that the EC-Council Academy Sdn. Bhd. is neither a subsidiary, associate nor a sister concern of the International Council of Electronic Commerce Consultants (EC-Council). EC-Council Academy is purely one of the 450 training locations EC-Council has in over 80 countries. However, it is officially sanctioned to use the EC-Council name as it is a licensee of EC-Council's trai...

#Anonymous : An Open Letter To Broadcast Music, Inc. Anonymous Hackers just Release a new open letter for Broadcast Music , as shown Below : To: Broadcast Music, Incorporated Greetings from Anonymous, As you have no doubt gathered from various media outlets and our own information disseminated across the internet, we are an internet activist group independent of any and all national, political, or religious affiliations. Despite our differences, we are united in the preservation of intellectual freedom and fair copyright laws. Too long have the music and cinema industries, among others, abused copyright for their own gain. Legislation serves to protect artists not the companies managing them and should never attempt to prevent the spread of creativity to the general public. We have seen BMI consistently copyright legislation and consequently have decided to take action against it to show that the people will not stand for its crimes against the public. As of the time of the writ...

Summary The Facebook Translations tool’s search feature was vulnerable to a simple reflected XSS attack. How did it work? The  Translations tool  allows users to perform phrase searches within translations. In this case, when a search query returned 0 results, the script displayed a message (“Your search for “YOUR PHRASE HERE” did not match any results.”) which contained unsanitized user input (the search query). Why is this important? The XSS vulnerability was on Facebook.com. An attacker could have used it to access or change information on people’s accounts. Despite Facebook’s claims that they’ve  eliminated   XSS vulnerabilities , it’s clear that some portions of the site are better protected than others (ie: Translations was probably not using XHP). Lesser used portions of the site, like the Translations tool, are often the most vulnerable since they’re not updated as often or tested as frequently. More Information I want to thank Facebook for responding to ...

ClubHack : CHMag Issue 14th, March 2011 Download ! Description: 14th issue of ClubHACK magazine is out. Contents of this issue: Tech Gyan - Remote Thread Execution in System Process Tool Gyan - JS Recon: Java Script Network Reconnaissance Tool Mom's Guide - Choosing Right Secure Mobile Legal Gyan - Law Related Unauthorized Access Command Line Gyan - Backup & Bulk Copy Maruix Vibhag - Introduction Part 1 PDF download link: http://chmag.in/issue/mar2011.pdf News Source :  Abhijeet Patil URL: http://chmag.in

Tuesday, Google announced a few changes to Chrome, its engineered-for-speed web browser. The super-fast beta version that was announced a few weeks ago has already been updated to a stable version. For the Googlers working on Chrome, speed entails not only faster code (the latest version of Chrome boasts a 66% improvement in JavaScript performance) but also easier-to-navigate interfaces. With that in mind, the company is rolling out a new Settings interface for all Chrome users. One major change is that Settings are now presented in a Chrome tab rather than a dialog box — a change that will seem familiar to those using Google’s Cr-48 notebooks, which run Chrome OS and present absolutely everything in a browser tab. Settings are also searchable, which many users will likely find extremely helpful. Here’s a brief demo video showing Chrome’s new Settings pages in action: Google has also extended its sandboxing features to Chrome’s Flash player. Interested parties can download...

Security vulnerability testing is getting a boost this week with the release of Metasploit 3.6. Metasploit Pro, the commercial version of the product, now includes new PCI compliance reporting capabilities. There is also a new Project Activity Report, which helps organization manage and track penetration testing activities. While there have been improvements to the commercial tool, open source users also benefit from some of the work done on Metasploit Pro 3.6 "The work behind the Pro Console actually resulted in major usability improvements to the standard Metasploit Framework console," said HD Moore, chief security officer at Rapid7 and Metasploit's chief architect. "All 64 of the new modules (including 15 exploits) are available in the open source version as well as the commercial products."

#OperationPayback , Next Target Bmi.com by Anonymous Hackers ! Operation Payback's third target since its revival is www.bmi.com We will not rest until our demands our met. We are Anonymous We are Legion We do not Forgive We do not Forget Expect Us News Source : Anonymous :P

DENIAL OF SERVICE: HACKERS BROUGHT down the International Women’s Day website yesterday. Three separate “denial-of-service” attacks were directed at the internationalwomensday.com website, the organisers said. “As the centenary of International Women’s Day struck in the Asia Pacific region, perpetrators commenced attacking the internationalwomensday.com website in an explicit attempt to prevent users from accessing the global hub for International Women’s Day,” a statement on the site said. The site expected more than 100,000 visitors yesterday and has recently had about 25,000 users a day. According to the women’s day organisers, the website was the target of “a massive five gigabytes per second” directed at the site in an attempt to prevent “legitimate users” from accessing it. Denial-of-service attacks commonly involve bombarding the target with a huge number of external requests in order to prevent the intended users gaining access. “These type of attacks have brought ...