The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Wireshark 1.4.7 & Wireshark 1.2.17 Released Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.This update fixes many bugs. Supports for the following protocols have been updated – BSSMAP, DMP, GSM SMS, LDSS, NCP, PN/IO, PPP, SIP, SNMP. Download here

PSB.org was hacked with 0day exploit for MoveableType ! Yesterday  Public Broadcasting Service (PBS) was Hacked by Lulzsec, Users data & Database Leaked.  Lulzsec hackers today expose that, how exactly they hack all these database, site and Server. They Use 0day exploit for MoveableType, Using the vulnerability they uploaded php shell on ftp and Then root the server using localroot exploit for kernel 27 2.4.21-37.ELsmp 2005 i686 . Kevin Mitnick (World top hacker) says : " Yeah, they claim it's a bug in mt4... but I doubt they would reveal the vector until much later. " The /etc/passwd file of server is as shown below: They use  Havij 1.14 Pro - Sql injection tool, just to make hack faster and extract whole database. On Tuesday,  LulzSec tweeted on their twitter profile &  included messages directed to both Manning and Wikileaks." @WikiLeaks We hope our hacking gave Bradley Manning a smile. That man deserves somethin...

Server with 335 websites got hacked by PakH3X0r   An Indian Server with 335 websites has been hacked by PakH3X0r  and all sites get defaced . The list of sites are given at :   http://pastebin.com/BEChkwD9

Delhi University 's Control Panel & Fashion TV India's Data Hacked by Moofster   Delhi University's ( http://placement.du.ac.in/ ) & Fashion TV India's  ( http://ftv.co.in/ )websites are vulnerable to SQL injection. A hacker " Moofster " has been hack the admin panel of  Delhi University's website and He also extract the database of Fashion TV India's website, as shown below :

md5deep and hashdeep - Latest version 3.9.1 Released md5deep is a set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files. md5deep is similar to the md5sum program found in the GNU Coreutils package. hashdeep is a program to compute, match, and audit hashsets. With traditional matching, programs report if an input file matched one in a set of knows or if the input file did not match. It's hard to get a complete sense of the state of the input files compared to the set of knowns. It's possible to have matched files, missing files, files that have moved in the set, and to find new files not in the set. Hashdeep can report all of these conditions. It can even spot hash collisions, when an input file matches a known file in one hash algorithm but not in others. The results are displayed in an audit report. The programs are distributed as binaries for Microsoft Windows (7, Vista, XP, 2003, and 2000 are supported) an...

Exploit Database site - Exploit-ID was under DDOS attack ! On Friday 27 May 2011, exploit-id.com  was down by a lot of packet to our server ( DDoS Packet ) . Then System admin analyze get that server of exploit-id.com was under DDoS attack.  The analyse about attack and Server stats are here :  http://pastebin.com/ijPbL8pb

Shahrukh Khan 's upcoming Movie - Ra One Official Website hacked A hacker with name " Seeker " today hacked into the Cpanel of Shahrukh Khan's upcoming Movie - Ra One Official Website and Deface the main page of site as shown below...

3 websites hacked by Indian Girl Hacker - TriNitY ! Till now we was just listen about that, some Hackers (boys) do hacks and sites defacements, But wait ! Here we have an Indian Girl with codename " TriNitY " .TriNitY is I think 1st Indian hacker who is in news for defacing some websites. The list of websites hacked by her : http://demo-l.jahoma.de/administrator/images/index.html http://www.upes.edu.vn/trinity.htm http://www.xzdm.gov.cn/trinity.htm  Sites may get recover, You can check deface page mirror at : http://mirror.sec-t.net/defacements/?id=28312   http://mirror.sec-t.net/defacements/?id=27353

Pakistani hackers site got hacked by Indishell Yesterday a pakistani hackers websites  http://www.hackerz.pk/forum.php got hacked by Indian hackers group Indishell . Mirror of hack is :  http://www.zone-h.org/mirror/id/14125744

T-Series Media Company & Other Domains of T-Series Hacked By ZHC XtreMist ZHC XtreMist, Hacker group yesterday hack various domains of T-Series Media Company . Such as : http://www.tseries.com/ http://tseriesnew.hungamatech.com/ http://mobiles.tseries.com/ http://webstore.tseries.com/ These websites was got defaced by them, But now company have recover them. You can check mirrors of defaced sites at  http://pastebin.com/s2d10NZT

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive wiretapping technology (IDS or sniffer). An Internet client running SniffJoke injects in the transmission flow some packets able to seriously disturb passive analysis like sniffing, interception and low level information theft. No server support is needed! The internet protocols have been developed to allow two elements to communicate, not some third-parts to intercept their communication. This will happen, but the communication system has been not developed with this objective. SniffJoke uses the network protocol in a permitted way, exploiting the implicit difference of network stack present in an operating system respect the sniffers dissector. Download

SQLi vulnerability in United Nation's (UN) Website ! SQLi vulnerability in United Nation's (UN) Website has been exposed on  http://seclists.org/ . This Security flaw allow hackers to extract all Database of Chinese Part of  United Nation's (UN) Website. Proof of Concept is available here .

GMA-7 television networks website , twitter & Facebook hacked by D4RKB1T The website of one of the leading television networks in the Philippines has been hacked by a username “D4RKB1T”. GMA-7’s website - gmanews.tv, its Facebook and Twitter accounts have been simultaneously hacked on Sunday Morning. Users are redirected to google.com whenever they tried to enter the network’s website. “GMA HACKED BY D4RKB1T,” was displayed on the network’s official Facebook fan-page. The hacker however had managed to explain why he hacked the sites. “This is not about stupidity, but a message to webdevs [website developers]. Learn to secure your sites, user accounts and passwords with personal information are being stored there. We have to be ready for such cyber terrorism,” the hacker’s statement posted at the GMA’s fan-page. “No ‘database’ was altered or removed. The hacker continued, “We have to be vigilant on securing sites or else personal information will be leaked.” “I did...

Sonu Nigam's email hacked ! Singer Sonu Nigam pressed the panic button when all his friends started receiving random emails, supposedly from him at a time when he was shooting for a TV show. Nigam didn’t want to specify the content of the abusive mails but dismissed them saying that they were ‘unwanted’. “ The mails were sent to everybody on my address list. I want to apologise to everybody on my contact list — the mails were sent to my colleagues, my seniors and even to people I had not interacted for seven or eight years ,” says Nigam. The actor has regained control over his email ID and is considering informing the cyber crime cell of the Mumbai police. “ I have re-set my password and tackled all the security questions. But I still don’t know how many more people have received these mails supposedly from me. I want to clarify that I can never send such mails to them ,” he added.

Public Broadcasting Service (PBS) Hacked by Lulzsec , Users data & Database Leaked ! Lulzsec Hack Public Broadcasting Service (PBS) website http://www.pbs.org/lulz/ and Add their deface page as shown above, with a message on page " Hey Anonymous, we heard you were having trouble! "  The Title of the page is " FREE BRADLEY MANNING. FUCK FRONTLINE! " . They hack the site admin panel and published a report that claims legendary rappers Tupac and Biggie Smalls are alive in New Zealand. Not only the site, Even they also Leak whole database of Public Broadcasting Service (PBS) via Their Twitter account. The hack is using SQL injection Technique. The tool used for extarcting database is Havij - Automated sql injection tool. 1.)  PBS SQL database leaked 2.)  PBS Frontline logins 3.)  PBS all press passwords 4)  PBS all stations and passwords 5.)  PBS MySQL root passwords 6.)  PBS Network map disclosure 7.)  PBS staffer...

Value.net (ISP) hacked by Sec Indi According to Sec Indi " value.net ISP has security holes, actually the holes are unknown., no damages or changes done in server " Hack Proof:

4 Indian Govt. Websites Hacked By MaDnI [ ZHC ] 4 Indian Govt. Websites has been Hacked By MaDnI [ ZHC ], Pakistani hacker using Sql Injection Methods.Hacker is able to extract whole database of these following sites: : 1.) http://deosurat.gov.in/ 2.) http://hafed.gov.in 3.) http://hareda.gov.in/ 4.) http://nationallibrary.gov.in/

Freelancing Website freelancingjob.com hacked by lionaneesh Lionaneesh,an Indian Hacker this time hack a Freelancing Website, having 15000 freelancers(Programmers) data. Admin panel and all users data has been hacked.

QuickRecon v0.3.1 - Latest Version Download QuickRecon is a simple information gathering tool that allows you to: find subdomain names, perform zone transfer, gather emails and find human relationships using microformats. It is a simple information gathering utility based on Qt4 toolkit. Download QuickRecon v0.3.1

Pesca 0.75 Local Stealer - Download ! Steals: * MSN Messenger * Windows Messenger * Windows Live Messenger * Yahoo Messenger (5.x and 6.x) * Google Talk * ICQ Lite 4.x/5.x/2003 * AOL Instant Messenger (v4.6,6.x,Pro) * Trillian * Miranda * GAIM/Pidgin * MySpace IM * PaltalkScene * Outlook Express * Microsoft Outlook 2000 * Microsoft Outlook 2002/2003/2007 * Windows Mail * IncrediMail * Eudora * Netscape 6.x/7.x * Mozilla Thunderbird * Group Mail Free * Yahoo! Mail * Hotmail/MSN mail * Gmail *Internet Explorer 5.* *Internet Explorer 6.* *Firefox 1.* *Firefox 2.* *Firefox 3.* *Dialup Passwords *RAS Passwords *VPN Passwords *Outlook passwords *AutoComplete passwords in Internet Explorer *Password-protected sites in Internet Explorer *MSN Explorer Passwords * Login passwords of remote Computers * Outlook 2003 Passwords of mail accounts on exchange server * Password of MSN Messenger / Windows Messenger accounts * Internet Explorer 7 Passwords of pas...

Supply Network Collaboration of Uniliver Hacked by CrosS  | R00TW0RM CrosS , A hacker from R00TW0RM hack the Supply Network Collaboration of Uniliver at aasnc.unilever.com , The Screenshot submitted by him to us as shown above for Hack Proof.

Cyber Law India Website Hacked By MaDnI [ ZHC ] MaDnI [ ZHC ] Found sql vuln in Cyber Law India website at http://www.cyberlawonline.in/ , Because of that, he is able to extract whole database of site. MaDnI [ ZHC ] Posted his Hack info on a online text file at  http://pastebin.com/zuWN7jeT

Dating Website FindFriendz Hacked by lionaneesh , over 45,000 user data compromised. lionaneesh , An Indian Hacker this time hack a Dating Website FindFriendz.com . There are almost 45,000 users data got compromised. Proof of hack submitted by lionaneesh as follow :

Surveyspaysu.com ( Survey Company ) Emails/Passwords Exposed Mohit Pande find a Security hole in a Survey Company at  Surveyspaysu.com , whose whole database is visible to everyone without login. Almost 183500 Members data is Exposed to all.

XSS Vulnerability on Real Player Website by THEc7cREW    THEc7cREW Found XSS Vulnerability on Real Player Website ,   Click Here  to See the POC.

50 Cpanels Hacked By Ahmdosa Hacker Hacker with codename - Ahmdosa Hacker yesterday hack almost 50 website's Cpanel. The List of hacked sites are :  http://pastebin.com/Ghwfki6h More Hacked Cpanel Screenshots :

110 more Indian Websites Hacked by ZHC XtReMiSt Hacked Site list :   http://pastebin.com/x6MVjEzv

14 Year Old Hacker Hired by Microsoft after doing  phishing via Call of Duty Server ! These are the kinds of things dreams are made of, a 14 year old hacker on Call of Duty was just recruited by Microsoft. You heard me right, Microsoft . This is exactly what Sony should have done with George Hotz – given him a job as a security specialist, instead of suing him in court and getting its PlayStation Network and other Sony websites hacked day in and out. Microsoft is reported to be working with the 14-year-old Irish hacker who managed to stir up a little trouble with his Call of Duty: Modern Warfare 2 phishing scam alert. According to the managing director of Microsoft of Ireland, the company is helping the hacker “ develop his talent for legitimate purposes. ” Congrats to that young hacker, whose name was not disclosed. While the new prospect for the Dublin kid is not meant to be an example for other hackers to follow, companies do have to realize that there are many talent...

Sony Reply to Congress : We Still Don't Know Who Hacked Us ! Updates from the latest answers submitted by PlayStation executive Kaz Hirai , responding to the House Energy and Commerce Committee's subcommittee on Commerce, Manufacturing, and Trade . Hirai and this subcommittee last discussed PSN through letter writing in early May, not long after the attack took place, PSN went down, accounts were exposed and Congress started questioning. The letter is addressed for yesterday, May 26. " I would like to take this opportunity to express my sincere gratitude to the committee for its appreciation of the gravity of the situation that Sony faced and, accordingly, allowing Sony to defer an appearance before the Committee ," said Hirai. " Sony was unable to appear before the Committee due to exigent circumstancesSony was under attack and it was critically important that our key personnel remain available and ready to address critical issues as our network and game serv...

Cringley’s credit card was recently hacked. And if his card can be hacked, anyone’s can. Like many cardholders, Cringley received a notification from his credit card company’s fraud department, informing him that his card data was being used overseas, on an online dating website. A scammer used Cringley’s credit card number to create a fake profile, posing as a woman named Katya to lure desperate, unsuspecting men into dating scams. Cringley determined that the IP address associated with the fraud was anonymized, going through numerous channels to disguise its origin. A Russia-based email address may mean Russian criminals are involved in the hack. Cringley’s card was used to purchase Badoo credits, which are used to unlock certain features of the dating website, such as chatting with another user or requesting photos. The scammer used Cringley’s card to buy Badoo credits in numerous countries, making her profile internationally accessible. Cringley surmises that his card data ...