The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

50 Days of Lulz - LulzSec Says Goodbye & Operation AntiSec will Continue Hacker group LulzSec has announced that after 50 days of hacking companies and organizations, it is finally done. LulzSec tweet a message which was posted on Pastebin : http://pastebin.com/1znEGmHa The group confirmed its retirement on the LulzSec Twitter feed , which managed to amass 277,540 followers during its short stint online. “ For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could ,” writes LulzSec. “ All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. ” The group was also behind attacks on Sony, attacks on PBS, the US Senate, the CIA, and a slew of gaming sites popular with 4Chan users including EVE Online, M...

Wikileaks - We help you safely Get the Truth ! Note : The Article is Taken from "The Hacker News Magazine" - June Edition. Download Magazine here .. The United States Department of Justice has left no stone unturned in their ruthless attempts to uncover or fabricate evidence against Wikileaks founder Julian Assange. Their goal is to charge Assange with conspiracy to commit espionage. If the United States is successful Julian Assange will become the United States convenient scapegoat, along with others like US citizen and Army Pvt. Bradley Manning. These two will disproportionately take the blame for the United States failed policies and crimes.  Julian Assange has said that the long and cruel detention and forthcoming US government prosecution of Army Pvt. Bradley Manning is nothing more than an attempt to "terrorize whistle-blowers" and that Pvt. Manning like himself is a victim of alleged government repression and mistreatment. "There is no doubt t...

NATO Reports Data Breach to One of Its Websites The North Atlantic Treaty Organization (NATO) has just issued a short statement that reads as follows: " Police dealing with digital crimes have notified NATO of a probable data breach from a NATO-related website operated by an external company. NATO's e-Bookshop is a separate service for the public for the release of NATO information and does not contain any classified data. Access to the site has been blocked and subscribers have been notified. " It's unclear whether Anonymous is behind this attack against NATO's e-Bookshop or LulzSec did this for "Operation Anti-Security" . Stay Tuned for Updates .

TeaMp0isoN leak Former British PM Tony Blair Data Twitter Become the best place for Hackers to Leak data now and the best part is that , Twitter will never block you for such actions. After Lulzsec, Anonymous .. now Pakistani Hackers Group "TeaMp0isoN" is back with some New leaks. Last time they claim to deface the website of one Lulzsec team member . This time TeaMp0isoN leak data of Former British PM Tony Blair via there Twitter account. The Leak is done via pastebin post , which includes personal information on former British Prime Minister Tony Blair, including the contents of his electronic address book, with contact data for members of Parliament and for what could be Blair's dentist and his mechanic. TeaMp0isoN also tweet that " Tony Blair is a war criminal, he should be locked up. "  The contact list appears to be from when Blair was prime minister and includes a phone number for 10 Downing Street.  According to Hackers " THE INFORMA...

PBS (Public Broadcasting Service) & Writerspace Hacked Again by Warv0x (AKA Kaihoe) Yes ! Its True that  PBS (Public Broadcasting Service) Hacked once again .Last time, A month before Public Broadcasting Service (PBS) Hacked by Lulzsec and Users data ,Database was Leaked and then Lulzsec claim that PSB.org was hacked with 0day exploit for MoveableType . This time  Warv0x (AKA Kaihoe) expose the whole Database of  PBS.org  using SQL injection. According to Warv0x (AKA Kaihoe) " This wasn't done for fame or fun,just proving LulzSec aren't as goodas they think they are. I haven't rooted the box or been up to crack the hashes, I'm just proving that most of their attacks are very lame and basic (i'm pretty sure and automated) SQL injections and further privilege escalation, which is just matter of time. " He also said " Support for WebNinjas & Jester, good job at exposing them.Sad to mention, but I really agree with th3j35t3r & WebNin...

IBGE Hacked by FIREH4CK3R FIREH4CK3R hacker today deface IBGE ( http://www.ibge.gov.br/home/ ) website . Message By Hacker : This month, the government will experience the largest number of virtual nature of attacks in its history made ​​by Shell Fail. You see such attacks as a protest of a nationalist group that wants to make Brazil a better country.Be proud of being Brazilian, love your country, just so we can grow and evolve! Attacked by FIREH4CK3R. Brazil, a country of all! * There is no space for groups or ideology as LulzSec Anonymous in Brazil *

Black and Berg Cybersecurity Consulting Hacked in support of Operation Antisec Black and Berg Cybersecurity Consulting  ( http://www.blackbergsecurity.us/ )  website got hacked by some " handbanana " with email " antisec@gmx.com " . He make a Lots of Details public via a pastebin post. Black and Berg website is on Wordpress 3.1.3 and hacker use some Remote exploit to get into this.  Server Kernel Info :   Linux monkian 2.6.32.8-grsec-2.1.14-modsign-xeon-64 #2 SMP Sat Mar 13 00:42:43 PST 2010 x86_64 GNU/Linux  Directory List : Database Configuration : Username , Password Message by Hacker " Done in the name of #AntiSecGreetz to LulzSec, zf0, Topiary, and jericho ".

Th3J35t3r (The Jester) claim to expose identities of LulzSec Leader "Sabu" Th3J35t3r (The Jester) Just now Tweet " www.lulzsecurity.com - TANGO DOWN - 'this is General Hummel, from Alcatraz, Out' - http://t.co/oNm29Pv for the lulz. ". He doing ddos attack on Lulzsec website " www.lulzsecurity.com". and also he release a pastebin post, that includes some exposure about the Lulzsec leader "sabu". Some of the exposed info is: Name(s): Xavier Kaotico, Xavier de Leon Email: sabu@pure-elite.org, xavier@pure-elite.org, xavier@sentinix.org, xavier@tigerteam.se Age: 30 as of 2011-06-21 Location: Possibly New York City, NY (has lived there) Websites: sabu.net, pure-elite.org, confinement.org Profession: Independent IT consultant Interests: Python programming, Linux, network security, exploit development There are lots of Dox Information he posted in the pastebin :  http://pastebin.com/76TsPHeU  . There is Server Info ...

150 United Kingdom (.co.uk) Domains Defaced by Bl@ckZero Hacked Sites List :  http://pastebin.com/tVVzXMbf Mirrors: Posted on Zone-h, Mirror.sec-t and Legend-h http://zone-h.org/archive/notifier=BL@CKZERO

JustHost Hosting Server Compromised, More than 1000's of websites at Risk ! JustHost.com Server Breached ! " Just host is one of the fast growing hosting industries with the good uptime reliability with the best support and it’s new to the world wide in the year 2008.Just host .com is one of the uppermost web hosting suppliers and are identified for their uptime reliability with the most superb support. "  Millions of websites Hosted on various JustHost Servers. One of them got Hacked by some hacker. Breached data become public from twitter account of " ContraHax " . This Hack is seems to be Dedicated to " Antisec operation " Started by Anonymous and Lulzsec. The exposed data includes : 1.) DNS file :  http://pastebin.com/bXLEw0TL 2.) Directories of Websites  3.) /etc/passwd Backup :  http://pastebin.com/M637rkJz We Have Inform JustHost admins, Stay Tuned for their Comments on This Security Breach.

LulzSec shuts down Brazilian government Websites LulzSec has targeted another major government site & to bring down several major targets in Brazil, including the Websites of the Brazilian government and the President's office. " Tango down ," LulzSec trumpeted on its Twitter feed – a phrase used to describe the obliteration of an enemy. Later, LulzSec followed that tweet up with a second: " Our Brazilian unit is making progress. Well done @LulzSecBrazil, brothers! " As of this morning, both Brazilian sites remain offline.

The Social-Engineer Toolkit v1.5 Released The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. Official change log: Added shell.py to support both Linux and OSX for the SET Interactive Shell, uses same code repository Added shell to support Linux/OSX for SET Interactive Shell Added download to support Linux/OSX for SET Interactive Shell Added upload to support Linux/OSX for SET Interactive Shell Added ps to support Linux/OSX for SET Interactive Shell Added kill to support Linux/OSX for SET Interative Shell Fixed a bug in mass mailer where TLS would execute after ehlo not before. Thanks pr1me Changed download path to replace forward and back slashes with a _ so it would not cause strange nix issues with back slashes and forward ...

101 Sites hacked By Swats the Toxified Crew 101 websites Hacked by  Swats The TOxified Crew members: Bluff Master Hacker Shashank Gupta the D3c0mpil3r Sonam The Grey Hat Hacker Steve Antony D4rkShell Maroof   Hacked Sites List :  http://pastebin.com/6GHhzuY1

Ani-Shell v1.2 - Email-Alerts , Mass Code injector New Features :- Trace-back (Email Alerts) PHP Evaluate Better Command Execution (even supports older version of PHP) Mass Code Injector (Appender and Over-writer) Lock Mode Customization Release Note : 1. Email Traceback is set to Off as default and emails will not be sent , If you are setting  this feature on make sure you change the default email address  (lionaneesh@gmail.com) to Your email  address , Please Change it before using. 2. Username and Passwords are set to lioanneesh and lionaneesh respectively , Please change them for better   security. 3. As a default Lock Mode is set to on! This should not be change unless you want your shell exposed. DOWNLOAD

DOLE website  vulnerable to hackers ! A hacker with Codename  " No.One "  release some vulnerability regarding DOLE via a pastebin post. We analyse it & Explaining the possible Security Breach.  Hackers Find a vulnerable site on  125.5.39.135   , which having two domains on it :   http://www.dole.gov.ph/   Official Website of the Department of Labor and Employment - Republic of Philippines . Is it vulnerable ?   Yes ! see :  http://www.dole.gov.ph/secondpage.php?id=2113'  . Its SQL injection . Now Hacker is able to get database from this site . For example the current database name is " dolews_4a351sd " and Hacker also may be able to upload to upload shell on server using this. This Attack may lead to rooting of  125.5.39.135 Server, Which also other sites. Hackers may be able to deface the site or can steal source code too.  This Report is submitted by " No.One " Hacker a...

New XSS Vulnerability found on Sony PlayStation by c7-elixir - The C7 Crew YES ! Sony is still Vulnerable to various bugs like XSS. Today a hacker  c7-elixir from The C7 Crew has expose new XSS attack on Sony PlayStation's Website as shown. Sony got hacked 20 times in last two months by number of hackers from all over world. One more REQUEST to Sony : FIX IT BOSS ! Vulnerable Link 

Lulzsec member blog hacked by TeaMp0isoN Personal Blog http://sven-slootweg.nl/ of one of the Lulzsec Member get defaced by TeaMp0isoN . Get more details about  TeaMp0isoN . BREAKING NEWS: TEH LULZBOAT HAS OFFICALY SANK WITH 100S OF ANON MEMBERS ON BOARD!No matter how many bots you gather, no matter how much people you lie to, no matter how much pre-made tools you use, you will _NEVER_ represent the real hacking scene, we warned you, we told you we do not make empty threats, we gave u 48hrs to secure your ircs yet u failed to do so, instead u posted hashes from public forums and then claimed you doxed us and laughed at the fact that i was 17years old. stop telling yourself that u are hackers, putting a ip into a irc is NOT hacking nor is using pre-made tools and scripts to grab databases… you do not represent the anti-sec movement, u are not allowed to greet underground groups like zf0, ab, h0n0, el8 like your member “AnonSabu” was doing, you will never be apart of the un...

Firefox Version 5 release with fix of 5 remote code vulnerabilities Mozilla Delivers New Version of Firefox – First Web Browser to Support Do Not Track on Multiple Platforms Mozilla delivered two things today: Firefox 5 for personal computers and Android phones, and the promise to complete the new browser just a few months after its predecessor. The V5 critical fixes are: *  MFSA 2011-26  Multiple WebGL crashes *  MFSA 2011-22  Integer overflow and arbitrary code execution in Array.reduceRight() *  MFSA 2011-21  Memory corruption due to multipart/x-mixed-replace images *  MFSA 2011-20  Use-after-free vulnerability when viewing XUL document with script disabled *  MFSA 2011-19  Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) Download Firefox 5

LulzSec exposed details of alleged snitches In a Pastebin post, LulzSec explained that the two hackers allegedly tried to “snitch on [them]“, and so LulzSec took revenge. LulzSec boasted to the FBI “& other law enforcement clowns”, saying: “we just did your job for you with great ease”. The first alleged hacker, was named as Marshal Webb, who they claim was “involved in the hacking of the game “[Deus] Ex” and was/is involved in countless other cybercrimes.” Read complete Pastebin :  http://pastebin.com/MBEsm5XQ Hi FBI & other law enforcement clowns, LulzSec here with some juicy gossip. This is Marshal Webb, also known as "[redacted]" in the "#pure-elite" IRC logs you no doubt have enjoyed. He was involved in the hacking of the game "Dues Ex" and was/is involved in countless other cybercrimes. Also, he tried to snitch on us. Therefore we just did your job for you with great ease. This moron is trying to flee the country in order to ...

UK police arrest Suspected LulzSec 19 years old Mastermind British police say they have made a significant arrest in their investigation into hacking attacks on international business and intelligence agencies. Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The 19-year-old is currently in custody at a central London police station. This arrest comes just before the first major “ Operation Anti-Security ” information leak was about to take place. Police would not say whether the man is believed to be linked to either the Anonymous or Lulz Security. According to Mikko H. Hypponen , F-Secure CRO " The arrested person in Essex could be Ryan Cleary aka ViraL. Not sure of his relation to LulzSec. " Yes ! This can be Ryan, who hack Anonymous IRC networks - irc.anonops.net & irc.anonops.ru before & Also he was exposed by Anonymous . Name: Mr Ryan Cleary Alias: viraL...

LulzSec steal millions of records from the UK 2011 Census According to a Pastebin Link posted by LulzSec , they claimed to steal millions of records from the UK 2011 Census, with a public release coming soon. However, the group did post the a tweet  : Our next step is to categorize and format leaked items we acquire and release them in #AntiSec “payloads” on our website and The Pirate Bay. The release in full via  http://pastebin.com/K1nerhk0 Greetings Internets, We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census We’re keeping them under lock and key though… so don’t worry about your privacy (…until we finish re-formatting them for release) Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure! Ahoy! Bwahahaha… >:] Cap’n Pierre “Lulz” Dubois Leaked Data : LINKS: http://t...

Metasploit Framework 3.7.2 Released - Download  Metasploit Framework 3.7.2 includes 698 exploit modules, 358 auxiliary modules, and 54 post modules, 11 new exploits, 1 new auxiliary module, and 15 new post modules.This release addresses several issues with updating the framework, adds 11 exploit / auxiliary modules and brings a plethora of new features. Modules included are listed below. Notable modules include the Cisco Anyconnect ActiveX bug (which works against recent versions of the Cisco AnyConnect Windows Client), and the SCADA modules by sinn3r and MC. The multi-platform post-exploitation work continues with new modules for Linux and Solaris included in this release thanks to Carlos Perez. A number of password-stealing post modules are also included, courtesy of David Maloney. The updates to the signed_java_applet module are documented on the Metasploit Blog. Additionally, the cachedump module has been improved and merged thanks to great work by Mubix. New features ...

UK Serious Organised Crime agency website down after LulzSec Ddos attack The UK Serious Organised Crime agency has taken its website offline after ddos attack by hacking group Lulz Security. Soca said it had taken its website offline to limit the impact attack on clients hosted by its service provider. Soca.gov.uk had been unavailable from 1 day. Lulz Security has said it was behind the denial of service attack which had taken the website offline. LulzSec tweeted: " Tango down - in the name of #AntiSec ".

Blizzard's Mobile Server Database Exposed by Warv0x (AKA Kaihoe) Warv0x (AKA Kaihoe) Hacker today expose the Database structure of one of the biggest Company " Blizzard Mobile ". The exposed data can be seen on a pastebin link .  DATABASES EXPOSED LIST : [*] admin [*] egw [*] glpi [*] information_schema [*] lost+found [*] mboost_forum [*] multivea [*] mysql [*] openads [*] phpcollab [*] phpmyadmin [*] pixcatcher Blizzard's Mobile is Ringtone,Logo,Game, Java,Video,Theme,Mobile,Wallpaper,Screensaver etc. etc. Download Site with  Alexa  World Rank 3800.

BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: http://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.