The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Delicious.com Getting Problem with SSL Certificate Just now we have notice that Delicious.com  ( https://delicious.com/ ) getting some problem with their SSL Certificate. The Certificate is Valid unto 4/30/2012 as you can see below : But Secure SSL site Link :  https://delicious.com/  is Down and showing Error as shown :

DNA-Stuxnet.in Hacked & Database Leaked By Shadow008 (PakCyberArmy) Sites Hacked : http://dna-stuxnet.in/home/ Mirror : http://zone-h.com/mirror/id/14090295 Database BackUp -   http://www.multiupload.com/180BT14ZGK

Hackers attack on Norwegian military Computers The Norwegian security police is investigating a hacker attack that zoned in on military computers shortly after Norway joined the Libya air campaign in March. The army says about a hundred computers were targeted in the attack, where staff received a fake email from a Norwegian government agency containing a malicious code The unidentified hackers only managed to access non-classified information from one computer before the security systems fended them off. The army would not disclose more details about the type of data the hackers were trying to access.

Arachni v.0.2.3 - Open Source Web Application Security Scanner Framework Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling through the paths of a web application's cyclomatic complexity.This way attack/input vectors that http://www.blogger.com/img/blank.gifwould otherwise be undetectable by non-humans are seamlessly handled by Arachni. The main focus of this release has been on distributed deployment and bugfixing.Main additions include the update of the HTML report to include false positive reporting functionality and an updated WebUI with support for multiple Dispatchers. Download :  https://github.com/Zapotek/arac...

Infographic - The Sony PlayStation Hack We were doing an expose on the 'Sony Hack Fiasco' and realized no infographic was done on the subject - at least none we can find. Considering how big the issue was for our readers, we decided to create an infographic to summarize the events. Our sources include news site and commentary pieces. Because the subject matter is so time sensitive, we decided to include minimal information to the graphic and get it out when it matters. We will, however, be updating it with the latest information as it comes through. Source : http://www.creditcardfinder.com.au/the-sony-playstation-hack-what-it-means-outside-the-gaming-world.html

BlackHole Exploit Kit 1.0.2 - Download ! First Public Release of  BlackHole Exploit Kit . BlackHole exploit kit is yet another in an ongoing wave of attack toolkits flooding the underground market. The kit first appeared on the crimeware market in September of 2010 and ever since then has quickly been gaining market share over its vast number of competitors. In fact, many antivirus vendors now claim that this is one of the most prevalent exploit kits used in the wild. Even Malware Domain List is showing quite a few domains infected with the BlackHole exploit kit. Black Market Cost : Users can purchase the annual license for $1500, semi-annual license for $1000, or just a quarterly license for $700. The license includes free software updates for the duration of the contract. For those malicious users with a commitment phobia the makers of the kit offer yet another solution. You can rent the kit (on the author’s servers) for $50 for 24 hours, $200 for 1 week, $300 for 2...

Democrat website Youngdemocrat.org hacked by  ALLAH`U EKBER-Team ! A website of the Democrat Party, set up to attract young people, was hacked since Sunday night. Reports said an anonymous hacker broke into "www.youngdemocrat.org" while Prime Minister and Democrat leader Abhisit Vejjajiva was using social media for his party's election campaign. The hacker replaced the homepage with a black background with the message: "Don't Worry Admin! Your Files and Database Are Safe!!! I Just Wanna Tell You that Your Security Sucks!!!" The black background and the message were removed on Monday morning but the website was still down.

State highway police website hacked ! The state highway police's website was allegedly hacked by an unknown person, who changed the accident figures to show a steep decline in the number of deaths for the year 2010. The changed statistics show the number of fatalities went down by almost 9,000 between 2009 and 2010. In 2009, th e number of deaths was 11,396. The records for 2010 show the number of deaths to be 1,762, even though an earlier table shows the number of deaths between January and June 2010 to be 6,588. The highway police said they are in the process of correcting the data on their website. Superintendent of police (state highway) BG Shekhar told the Hindustan Times that the website was hacked some time ago. "We are trying to correct the data that appears on the website right now and we hope to put everything in order by Monday," Shekhar said. The police said figures between 2004 and 2008 have shown a consistent rise in fatalities on state highways. In...

6 sites Defaced by Cyb3r.pr3dat0r ( Team DNA Stuxnet) Hacked Sites : http://worldoffrank.co.uk/ http://scrutineer.co.uk/ http://worldoffrank.co.uk/ http://bloomsbury-interiors.co.uk/ http://davidwatkin.co.uk/ http://friedafrowhawk.co.uk/

Sony BMG Greece Hack , Complete Details Out ! Update :  10th Attack on Sony -->  Sony Ericsson Got Hacked by Idahca (Lebanese hacker Group) Yesterday , we have reported that On 5th May, 2011 - Sony BMG's Greek website was also got hacked.  One of Them Provided the Full extract database from the site.   b4d_vipera was the hacker who Deface the site using SQL injection method. There are 8385 users on this website. Sample of hacked Database was leaked at  http://pastebin.com/WqLysjiN  . This was 7th Attack on Sony. As from Source : DB Detection: MsSQL no error (Auto Detected) Method: GETType:  Data Base: SONYBMG Table: USERS Total  Rows: 8385 Fields are : u_id, u_usr , u_name, u_pwd , u_company , u_email , u_tel , FOREIGN_DOMAIN , u_regdate ,  u_lname Hacked Link :  http://www.sonymusic.gr/theodoridou/page/releases/lyrics.asp?id=2133 Mirror Link :  http://zone-h.org/mirror/id/13621890

Facebook Says - I am vulnerable, Please Hack Me ! I have so many friends on facebook and everyone of them always asks me why Facebook sucks ? So finally I am showing that facebook is completely against your Security & Privacy and there are more  other secure ways to connect with world, like Twitter, Orkut. Here we have One more Facebook vulnerable link , as shown below. It looks funny, but YES ! Facebook is the most vulnerable site on internet that is used by thousands of millions users daily. Link : https://www.facebook.com/connect/connect_to_node_error.php?body=I%20am%20vulnerable,%20Please%20Hack%20Me%20! Daily a new Vulnerability, 100's of Scams Lets have a look on Some of them here : 1.)  Police warns - Beware Facebook scams ! 2.)  New Facebook worm propagating : VERIFY MY ACCOUNT , Video Explanation of code ! 3.)  New Facebook Scam : WTF I can’t believe you’re in this video ! 4.)  Facebook new Vulnerability, Lots of Acco...

200+ Important & Some Govt. Websites of India Hacked by XtReMiSt Hacked Sites Link and Mirrors : http://pastebin.com/4mQU6Csd

Israeliens Websites Hacked By Ahmdosa ! Mirror and Hacked Sites Links : http://pastebin.com/nnRXgCLj

Sony Music Indonesia Defaced By k4L0ng666 After 5 serial attack on Sony, Its 6th attack by hacker named " k4L0ng666 " . He deface Sony Music Indonesia website as shown in above image.  Hacked Link : http://www.sonymusic.co.id/kiwi.php Update : Sony BMG Greece Hack , Complete Details Out ! Click Here to Read More On 5th May, 2011 - Sony's Greek website was also got hacked . Hacked Link :  http://www.sonymusic.gr/theodoridou/page/releases/lyrics.asp?id=2133 Mirror Link :  http://zone-h.org/mirror/id/13621890 Now Score Board is ,  Sony : 0  |  Hackers : 7  :D

What is Zeus - Technical paper Zeus by SophosLabs ! Zeus or Zbot is one of the most notorious and widely-spread information stealing Trojans in existence. Zeus is primarily targeted at financial data theft; its effectiveness has lead to the loss of millions worldwide. The spectrum of those impacted by Zbot infections ranges from individuals who have had their banking details compromised, to large public order departments of prominent western governments. We will explore the various components of the Zeus kit from the Builder through to the configuration file; examine in detail the functionality and behaviour of the Zbot binary; and assess emerging and future trends in the Zeus world. Download Paper : Click Here Download Zeus : Source code of ZeuS Botnet Version: 2.0.8.9

Unknown Exploit Kit  (Crimeware) leaked, Available for Download ! Another New Exploit kit is now in Black Market called Unknown Exploit Kit or Mushroom Exploit Kit  . After The Public Release of Source code of ZeuS Botnet Version : 2.0.8.9 , THN also provide  Crimepack 3.1.3 Exploit kit &   26 more Underground Hacking Exploit Kits  for Download and Research. Now  1st Public Release of Spanish version of   Unknown Exploit Kit is here... This kit offers the following exploits: MDAC, SpreadSheet, SnapShot, Aurora, CSSClip, IEPeers, PDF LibTiff, PDF GetIcon, PDF CollectEmail, JAVA, Shockwave, and AOL. Screenshots : Download Links : http://www.multiupload.com/6U6T4MB7SD Note : The Public Release of these kits are only for Educational and Research Purpose Only. May this help Antivirus and Security Companies to Analyse and develop advance Security wares. Thanks.

Underground Security Forums : Poisonhack.info & Team-xpc.com Hacked by 0p3nH4x ! 0p3nH4x Team of Hackers , Hack two big Underground Security websites :  Poisonhack.info & Team-xpc.com , who call them self as " Security Expert ".  0p3nH4x  hack them and provide all Hack details at  http://pastebin.com/peDbvkXz . Submitted By : 0p3nH4x

Indian Congress Party & Ebay Nepal Websites are vulnerable to Hackers ! MaDnI member of Pak Cyber Army found Serious Sql injection vulnerabilities in two famous sites, first is Ebay Nepal sites http://ebay.com.np/ and 2nd is of Indian Congress Party : http://www.congress.org.in  , The Detail of vulnerable links are shown below : 1.)  Ebay Nepal : Target : http://ebay.com.np/index.php?task=cms&id=3 Database : ebaycom_ebay 2.) Indian Congress Party Target : http://www.congress.org.in/new/renunciation-details.php?id=2 Attack Type : SQL Union Injection User :  aiccorg_usr@localhost Database : aiccorg_db

CodeMasters - Gaming Community Compromised, Back-End Users Data Leaked ! CodeMasters - Gaming Community has been hacked by " Kon " . He leak the back-end users login Information as shown below : Technical Details : Encryption: DES(Unix) Method: POST SQLi URL: Not providing Number of member accounts: 2524846 Database version: 4.1.22-max-log

Anonymous leaks PSN SSH Logs , Sony is responsible for Data Theft ? 1.) On the Sony servers running the highly outdated Open SSH version 4.4. 2.) Current version is 5.7. For those of Sony for encrypted version are used for more than five years several known security holes. 3.) Sony server running in part to the long-outdated software Apache 2.2.10. 4.) Current version is 2.2.17. The version used by Sony is vulnerable to damaging Internet attacks, such as overload attacks (DDOS). Outdated server software may have caused outage Allowing PSN hackers to enter PlayStation Network stealing more than 100 million user data sets from PSN and SOE. Since the allegation itself isn't exactly new, correct, there are new proofs that this rumor is. Report even claims that Sony lies when it comes to the statement of outdated servers. Computer Bild got an excerpt showing log files that proof that Sony was, as of the hacking attack, using very outdated server software, sea...

Indian Premier League | IPLT20 Website Defaced by Tyson_08 and Inferno ! Indian Premier League | IPLT20 Website Has been hacked, and some defaced by Tyson_08 and Inferno Hackers. They wrote a short message on deface page that, They have too many times inform about SQLi Vulnerability in T20 website at  http://www.iplt20.com/ , But none of Authority/Admin take it Seriously. They Put copy of Coding of Index Page at  http://pastebin.com/xn7Fe853  and Mirror of hack is available at  http://www.legend-h.org/mirror/166530/iplt20.com  . 

OpenDNSSEC 1.3.0rc2 new Version released ! Version 1.3.0rc2 of OpenDNSSEC  Match the names of the signer pidfile and enforcer pidfile. Include check for resign < resalt in ods-kaspcheck. Bugfixes: Bugfix #231: Fix MySQL version check. ods-ksmutil: Update now sends a HUP to the enforcerd. Signer Engine: Fix assertion failure if zone was just added. Signer Engine: Don’t hsm_close() on setup error. Signer Engine: Fix race condition bug when doing a single run. Signer Engine: In case of failure, also mark zone processed (single run). Signer Engine: Don’t leak backup file descriptor. signconf.rnc now allows NSEC3 Iterations of 0 Download the tarball from:  opendnssec-1.3.0rc2.tar.gz

Facebook Prepares to Launch Bug Bounty Program ! Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly. Mr. Joe Sullivan, Facebook's chief security officer, told us today at the Hack in the Box Amsterdam 2011 security conference that the company is currently testing such a system and hopes to launch it soon. Vulnerability reward programs are not new. In fact, they've been around since the Netscape era. In 2004 Mozilla introduced a bug bounty system for vulnerabilities discovered in Firefox, then last year Google did the same for Chromium, the open source project behind Google Chrome. However, it was Google that began rewarding vulnerabilities found in its web services first, a move that was mirrored by Mozilla a month later. Facebook has a pretty good relationship with security researchers already and many of them are reporting vulnerabilities to the ...

RKAnalyzer - kernel level rootkit analyzer ! RKAnalyzer is a kernel level rootkit analyzer and defender using Hardware Virtualization Techniques, based on the BitVisor Project(A VMM developed by Tsukuba University and open-sourced under BSD License). It tries to monitor kernel level rootkits' actions and log them. What differs RKAnalyzer with tranditional detection softwares(i.e. Rootkit Revealer, IceSword) is that RKAnalyzer actively intercepts rootkit actions, rather than reacting to rootkit after already infected. Also, RKAnalyzer support analysis mode, which differs from defend mode by presenting a much more transparent environment, in which rootkit would consider itself running without being monitored. How to Use :  http://code.google.com/p/rkanalyzer/wiki/HowToUse Download :  http://rkanalyzer.googlecode.com/svn/

Red Hat Enterprise Linux 6.1 is now available at http://www.redhat.com/rhel/ . Enhancements provide improvements in system reliability, scalability and performance, coupled with support for upcoming system hardware. This release also delivers patches and security updates, while maintaining application compatibility and OEM/ISV certifications. In addition to performance improvements, Red Hat Enterprise Linux 6.1 also provides numerous technology updates, including: Additional configuration options for advanced storage configurations with improvements in FCoE, Datacenter Bridging and iSCSI offload, which allow networked storage to deliver the quality of service commonly associated with directly connected storage Enhancements in virtualization, file systems, scheduler, resource management and high availability New technologies that enable smoother enterprise deployments and tighter integration with heterogeneous systems A technology preview of Red Hat Enterprise Identity (IPA) se...

Role of Hacking in Stealing and Selling Credit Cards ! People use the Internet in their everyday lives. With technology advancing as fast as it is, most modern day homes have gone online, turning to the Internet to save time with busy days, performing simple tasks like online banking, purchasing items on eBay or Amazon or getting deals on Buy.com , even taking college classes online. Internet Banking , Credit Cards are become the mode of Payments. Its 2011, Hacker have Eye on your Bank Balance, Credit Card details and Logins. These online Criminals get you Credit Card details and sell them to other customers. Credit card numbers can be purchased for a dollar or less if you buy in bulk And so-called full profiles, including a Social Security number and mother’s maiden name, are available for just $80. ATM pin numbers and platinum cards cost extra. Computer hackers have been found stealing and selling other people's credit card information in masses. Hacking happens just...