The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

10 pakistan  sites defaced by Hell Hax0r ! Hacked sites : http://esonsind.com/ http://friendsofsialkot.com/ http://pakviewsports.com/ http://www.hard-safety.com/ http://www.badhawaind.com/ http://www.westwearco.com http://www.urbanwearintl.com http://www.kravmagasupplies.com http://lawsonsports.com/ http://www.tackisports.com/

We are pleased to announce the release of version 1.4 (yes 1.3 squeaked by without a blog post) of the Open Pentest Bookmarks Collection. They have added a  large  amount of community submissions, with the addition of  several new sections.  They have also moved around some of the bookmarks to better organize everything.  The new wiki entry should be a mirror of the file. To submit to the project, please use the wikipage at  http://code.google.com/p/pentest-bookmarks/wiki/BookmarksList / and post in the comments section. To download the file for import straight into Firefox or Chrome go here:  http://code.google.com/p/pentest-bookmarks/downloads/list

Google on Thursday patched six vulnerabilities in Chrome, and as usual, silently updated users' copies of the browser. The update to Chrome 10.0.648.204 also included two more blacklisted SSL certificates that may be related to last week's theft of nine digital certificates from a Comodo reseller. All six bugs were rated "high," Google's second-most-serious ranking in its threat scoring system. Of the half-dozen bugs, two were "use after free" flaws -- a type of memory management bug that can be exploited to inject attack code -- while a second pair were pegged by Google as "stale pointer" vulnerabilities, another kind of memory allocation flaw. As is Google's practice, the company locked down its bug-tracking database, blocking access to the technical details of the patched vulnerabilities. Google usually unlocks the bug entries several weeks, sometimes months later, to give users time to update before the information goes public. G...

Nasa HaCkeD By The 077 & DinelSon Tunisian HaCker Hacked link by The 077 :  http://blogs.nasa.gov/cm/resource/1015442 Hacked link by DinelSon :  http://blogs.nasa.gov/cm/resource/1015440

Delhi University 's & Pakistani.pk  site is vuln to XSS ! angel (4d0r4b13) Found Xss cross site scripting vulnerability in Delhi University Website, as shown. vulnerable Link :  : http://du.ac.in/index. php?id=276&sitesearch=du.ac. in&client=pub- 017673838153185424638% 3Aoxnjzwaqtce&cof=FORID%3A10& ie=UTF-8&q=%22%3E%3Cscript% 3Ealert%28%22Vuln+found+by+ 4ng31+4k4+4d0r4b13..!+angelws+ here..!+enjoy....!+delhi+ university..!+hehe..!+%3D%29+% 3D%29+%3B%29+%22%29%3C% 2Fscript%3E and  http://pakistani.pk/?s=%22%3E%3Cscript%3Ealert%28%22angel%20w45%20here..!%20heheheh%20pakistani.pk%20vuln%20to%20xss%20yup%20it%20is//!%20greets:Indian%20r00ting%20w1z4rd5..!%20vuln%20found%20n%20executed%20by%20angel%204k4%204d0r4b13%22%29%3C/script%3E

Anonymous Open Letter to Citizens of United States of America ! Just Now another Open Letter by Anonymous hackers released on Twitter m as below : Dear US Citizens,                           We, Anonymous, would like to offer you, America, the opportunity to join and support our movement.We are a group that formed on the internet--one that knows no constructs or absolutes, and one that has recently grown exponentially. We would like to introduce an Operation. An Operation that involves Americans getting our Natural Rights and dreams back. Right now, you can help by passing on the Information. Information is Power. Share the Power of the Information with other like-minded individuals. The more people we represent, the more Power we have, both as individuals and as Anonymous. Thank you for your time and your Power.                    ...

Hackers hack into TripAdvisor 's members Database ! Travel site TripAdvisor has warned subscribers to expect more spam following the theft of its member database. The travel review and information website said that an unspecified vulnerability allowed miscreants to make off with a portion of its email database. TripAdvisor does not collect members' credit card or financial information, and no passwords were obtained as a result of the breach. TripAdvisor has promised to tighten up its security in the wake of the incident, which is under investigation internally. The US-based website, which serves an international client base, has also reported the matter to police. Subscribers were notified of the breach by email, a copy of which was passed onto El Reg.. The incident comes days after ne'er-do-wells got their hands on the Play.com email list, sending targets links to a supposed Adobe software update that actually served up malware. Play.com blamed the incident on it...

XSS vulnerable on dmoz.org ! http://www.dmoz.org/search?q=%3Cimg%20src=%22http://lh4.ggpht.com/_bCYQxIvMQ2U/TRG6cWyFNjI/AAAAAAAAAW8/ZEHFUPXBmLk/hackernews.jpg%22/%3E View the compromised page

Iran has tricked a web firm into issuing fake security certificates for Gmail, Skype, Hotmail and more. Comodo Group, a US-based certificate authority firm with 15% of the market, admitted that one of its affiliate's accounts in Southern Europe had been hacked, letting the attackers create fake SSL security certificates for six websites. Such digital keys let websites offer secure services, and fake versions could be used to spoof sites, gather login details and watch user activity. The fake certificates target Microsoft's Live platform, Gmail and Google, Skype, Yahoo, and Mozilla Firefox extensions. The attack was quickly discovered, with the attacker still using the account when it was shut down. Comodo's CEO Melih Abdulhayogl said the attack appeared to originate in Iran, as it would have required access to the country's DNS infrastructure. "We believe these are politically motivated, state-driven/funded attacks," he said in a blog post, adding it wa...

There's confusion tonight as to whether international cyber vandals have tried to hack websites run by the Department of Internal Affairs. A group called Anonymous has threatened to attack internal affairs because it operates a filter that identifies child porn websites - which the cyber activists believe is an act of censorship. They use YouTube to threaten - and now it's New Zealand’s turn. “On March 28, at approximately 5pm Eastern Standard Time, a series of coordinated anonymous server attacks will be carried out on the New Zealand Department of Internal Affairs website,” says their video. March 28 is next Monday, but since Tuesday this week the Internal Affairs website has been frequently off line, and the Civil Defence website has had to move to a temporary server. But it might not be an Anonymous attack. “Usually when they take a site down they will leave a message up saying ‘we’ve done this’ and why and how long it will go on for,” says Technology Writer Dylan ...

EC-Council Computer Hacking Forensics Investigator (CHFI) First Look Training ! Join this live online training led by EC-Council lead trainer Kevin Cardwell, as he shares with you some of the interesting topics from EC-Council Computer Hacking Forensics Investigator (CHFI) program. In this session, Kevin will be covering the following modules: Module 26: Network Forensics & Investigating Logs Module 27: Investigating Network Traffic Module 28: Router Forensics In this 3 hours online training session, you will be introduced to network forensics, you will learn how normal network traffic patterns look during protocol analysis, and you will get to see indications of attack attempts that are typically encountered when analyzing network traffic from a cybercrime event. This training session will conclude with an introduction to router forensics, an area that is often overlooked as a potential source of evidence, and Kevin will share and show why forensics investigat...

Email & Bank Account of DIRECTOR,Indian Ministry of Communications & IT Hacked by Zcompany Hacking Crew !  Last Night (24 March,2011) we (The Hacker News) got an email from id of Amar Singh Meena ,DIRECTOR (T)TEC, Ministry of Communications & IT. But this email was sent by a Hacker from his email id having codename " Hard Hunter " from  Zcompany Hacking Crew . Zcompany Hacking Crew or ZHC Hack for reason to raise awareness of the issues in the world with a main focus on Kashmir & Palestine. Now they have access to Personal Email ID of Mr. Amar Singh Meena and also have his ICICI Bank details.  Even Today 1389 Indian websites defaced/Hacked By ZCompany Hacking Crew & TeaMp0isoN : Read Here How ZHC hack into Email : Hard Hunter [ZHC] had a access to a Online Store where he found email of Amar Singh, they hack logged into his email and then went for his ICICI details. Message From ZHC : As in above image, The email send us (The Ha...

1389 Indian websites defaced By ZCompany Hacking Crew & TeaMp0isoN Hacked Sites List :  http://pastebin.com/ji5AsDgY Note :  Some sites have been restored & some may have 404 errors, but all sites were mirrored, if a site wasent mirrored it means the site was already hacked in the past by someone else. News Source : ZCompany Hacking Crew & TeaMp0isoN

(C.I.F) CyberIndiaForce.in Owned By Shadow008 (PakCyberArmy) CyberIndiaForce.in Is one of  India's  Hackers Forum Which Has been Hacked by Shadow008 From HackAll.Net And PakCyberArmy.Net Team Site Hacked:  http://www. cyberindiaforce.in/ Mirror:  http://zone-h.com/mirror/id/ 13316923 News Source :  Shadow008

HACKERS HAVE EXPLOITED a security vulnerability at the Bittorrent tracking website Pirate Bay, hacked its user database and harvested personal information to send out spam. Some Pirate Bay users have reported receiving dodgy spam emails claiming to come as official mail from the website. The spammers hardly pushed to make them seem like legitimate emails because they said users can make money from the website. Oh, really? The dodgy emails were sent to the Bittorrent news website Torrent Freak and Pirate Bay responded to say it hadn't sent any emails out to its users but it hasn't offered a response as to how its database was breached. "A course has been put together to show you how to use The Pirate Bay to make some serious money. This seriously works," said the spam. The spam is an obvious fraud but it will be a worry to the chaps at the Pirate Bay because it highlights that the website has a security flaw and its database has been compromised. Pirate Bay sho...

Federal investigators arrested and indicted a former Bridgeport resident who they say orchestrated a scam in which foreign nationals applied for and received credit cards on which they charged up to $465,000 worth of goods before leaving the country with the banks holding the tab. A federal grand jury late Wednesday indicted Mohammad Takhtarawanji, also known as Abu Terak, 58, formerly of Bridgeport and the man the FBI said headed the operation that recruited Arab nationals. Takhtarawanji faces a charge of conspiring to commit wire fraud and the reputed head is under arrest and facing seven charges of wire fraud. Each of charges carries a maximum of 20 years in prison. He has been arrested and is being detained without bond. An affidavit filed by FBI Special Agent Michael J. Wojciga claims Takhtarawanji was paid $5,000 to come to Connecticut from Florida to oversee the ring. Here helped recruit Arab nationals to apply for credit cards, run the cards to their maximum, pay off a porti...

As part of Google’s ongoing commitment to encouraging women to excel in computing and technology, Google is pleased to announce the HITB2011AMS Conference Grant. This grant is set up to enable more female computer scientists to attend and participate in HITB2011AMS. The grant includes a pass to the conference on 19th and 20th of May (accommodation not included) & travel expenses up to EUR500! We encourage all female hackers and computer scientists to apply. To be eligible for a conference grant, candidates must: • Be a female working in or studying Computer Science • Maintain a strong academic background with demonstrated leadership ability • Be able to attend the 2 full days of the main conference News Source :  http://www.hackinthebox.org/

Facebook made some important changes to the way in Facebook Pages, the fan pages set up by brands, bands and even cucumbers could be created. In the past the tabs which could be added to these pages have been set up in two ways; the first used the Facebook FBML app. This allowed page tabs to be created using static Facebook Markup Language (FBML) or HTML, it wasn’t particularly engaging but it was very simple to use. The second method for creating page tabs was by adding a custom Facebook app inside a standard FBML tab. This meant the custom app could request external data from a third party and display it inside the page tab. This content though was subject to many technical limitations, as it was all proxied through Facebook which broke many things including tracking pixels, JavaScript and Flash. So what is the big change? Well Facebook now allow iframes to be included inside Facebook apps on page tabs, meaning that all that Facebook proxying can be avoided. While this is no doub...

Songsmp3.pk  hacked by   Atul and Neo (Indishell) Songsmp3.pk is the famous paki website offerring downloads of indian songs has been hacked by Atul and Neo, member of Indian hacker group - Indishell ! H acked Site :   Songsmp3.pk News Source :  (Indishell)

Republic of Ecuador two Govt sites Hacked by AL3X 0WN5 ! Hacked site : http://nanegal.gov.ec/ http://pastaza.gov.ec/ News Source : Kai farmer

EC-Council News : Advanced Security Training First Look ! Information technology continues to rapidly evolve and as the dependence on Internet technology increases, so are the risks to information systems.  As such, information security professionals are required to stay up-to-date on the latest security technologies, threats and remediation strategies. EC-Council's  Center of Advanced Security Training (CAST)  was created to address the need for highly technical and advanced security training for information security professionals. CAST First Look Training Series As part of the launch of CAST, we are pleased to present a First Look training series that will give an insight into the following programs, where we invite the authors of the respective courses to conduct a "LIVE" online training on a selected module from the program. Advanced Penetration Testing (CAST 611) A highly technical and intensive course that focuses attacking and defending highly secured ...

Event : Bloggers meet at Microsoft TechEd India 2011 ! Calling all bloggers for exclusive session that will give you an insight on the latest technologies from Microsoft including the much talked about Microsoft web browser-Internet Explorer9, a new ICICI Direct portal on Silverlight and Windows Intune. Venue : Lalit Ashok Hotel Kumara Krupa High Grounds Bangalore - 560001, Karnataka, India. Bangalore, India

Play.com compromised and Security breach  Admitted ! Play.com , one of the largest online retailers of consumer goods, has suffered a security breach. In a warning to customers, Play.com has said that customer names and email addresses may have been compromised. Play.com is washing its hands of direct responsibility, claiming that a third party on its marketing communications team is at fault. Play advises customers to do the usual - to remain vigilant online and keep personal information under lock and key. Which is easier to do when trusted services do not suffer security breaches. It reminds its customers that it will not ask for passwords, bank account details or credit card numbers, and to forward suspicious activity to  privacy@play.com .  Specific details of the breach have not yet been revealed but with a wide customer base it's serious enough to have Play worried.  Here's the memo:

Milw0rm/Inj3ct0r 1337 Day Team clarify about their Team Membership ! Recently Inj3ct0r Received a Chat Log from one of the inj3ct0r team supporters.They post that chat on their Official Facebook Page as shown in image.The whole Chat is about a Guy Proclaiming himself to be from Milw0rm Team. Their was lots of Other same rumors,and finally1337day.com decide to clarify about their Team Membership ! Here the Note Released By 1337 Day Team : Click Here News Source : r4dc0re from 1337day Team

Accused youth created a Facebook account in the name of the girl and uploaded nude photos of the victim A Bangladesh court sent a young man charged for cyber crime and cyber bullying to prison on Saturday. Shakil Ahmed, 23, created a Facebook account in the name of his victim and uploaded photos, according to reports. He uploaded nude photographs of the girl on the social networking site, making him the second young person to be face legal action in a case like this in less than a year. Judicial magistrate A H M Anwar Pasha said that the elite anti-crime squad Rapid Action Battalion arrested Ahmed in the capital Dhaka on Saturday following a complaint from the victim. The victim complained that he was blackmailing her that he (Ahmed) would upload more photos, if she did not comply with his demands. Police refused to disclose the demands. He was sentenced to one-and-a-half months in prison after he confessed that he uploaded the photos, the magistrate said. "Ahmed uploaded...

25 Website Hacked By Xen0n (Bangladeshi Hacker) Hacked Site List :  http://pastebin.com/B50GsN7Q News Source :  Xen0n (Bangladeshi Hacker)

Jesse William McGraw , Clinic Hacker Gets 9 Year Sentence ! A former security guard at a Dallas medical office has been sentenced to more than nine years in prison in a hacking case that drew national attention because the hacker posted video of the crimes on YouTube. Jesse William McGraw was sentenced on charges that he broke into computers and installed malicious code while working the night shift in 2009 at North Central Medical Plaza, which houses a surgery center and medical offices. McGraw pleaded guilty to the hacking charges in May 2010; he has been in custody since his arrest in June 2009. McGraw was sentenced to 110 months in prison on each of the two counts, to be served concurrently, according to the U.S. Attorney for the Northern District of Texas. He was also ordered to make restitution to the occupants of the medical plaza, which include W.B. Carrell Memorial Clinic, the North Central Surgery Center and the Cirrus Group. McGraw, who went by the moniker "Gho...

70 Wordpress blogs HaCkeD By The 077 ( Hamdi HaCker ) Tunisian HaCker ! Hacked Wordpress Blogs :  http://pastebin.com/wqFjwCs2

10 Websites hacked by Cyberhunterxx ! Hacked sites List :  http://pastebin.com/EJkmySFK

  10 Argentina WebSite HaCkeD By The 077 ( Hamdi HaCker ) Tunisian HaCker Hacked Sites :  http://pastebin.com/2eGKSAiD

30 more Website Has Been Hacked By Dinelson Us Hacked sites :  http://pastebin.com/pfw04vZj News Source :  Freed

WikiLeaks is among the 241 Nobel Peace Prize nominees this year. The nominees come from 53 organizations and are greater in number than in any previous year. Read More Here . Nobel-watcher and Peace Research Institute Oslo Director Kristian Berg Harpviken says he is not surprised WikiLeaks has been nominated and he expects it will receive more than one vote. " WikiLeaks has been on top of the international news headlines for the last 12 months," he said. "It is also something very new in more ways than just bringing interesting news. It is, in fact, newsworthy in and of itself as a phenomenon. It is an interesting and many ways challenging candidate in its own right. " We did a online Poll voting on this issue and the Results are as shown Below : These 241 nominations will be considered by the Nobel Committee, which will create a short list of nominees. The Nobel Peace Prize is awarded by a committee of five people chosen by the Norwegian parliament presi...