The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Findmyhash - Find Cracked Hashes Online findmyhash is a Python script which has been developed to find different types of password hashes using multiple cracking online services. In case that it does not find a favourable “cracked” hash, it will also present you with relevant Google search results. This is open source script can mostly serve as a start up point for cracking any hash. It supports a lot many online hash cracking services. Cracking services supported by findmyhash: Schwett.com Netmd5crack.com MD5-Cracker.tk tools.BenRamsey.com md5.Gromweb.com md5.HashCracking.com victorov.su md5.thekaine.de tmto.org md5-db.de md5.my-addr.com md5pass.info md5decryption.com md5crack.com md5online.net md5-decrypter.com authsecu.com hashcrack.com objectif-securite.ch c0llision.net md5.rednoize.com cmd5.org cacin.net ibeast.com password-decrypt.com bigtrapeze.com hashchecker.com md5hashcracker.appspot.com passcracking.com askcheck.com cracker.fox21.at cra...

75 Indian Govt and University Sites hacked including Patiala Police by   Muslim Liberation Army Muslim Liberation Army hackers today hack 75 more Indian websites , Including Govt. and Universities sites and also Police websites. Patiala Police website is one of the target of hackers. List of all hacked sites is here . hackers are : XtReMiSt, KillerMind Haxor, Jerry Hassan, Mindy, Faisy Ali Laghari , according to deface  page.

Harvard University website hacked by Syria protesters Syrian hackers have hit the website of Harvard University, one of America’s top universities, Itar-tass reports. Along with a picture of Syrian president, Bashar al-Assad, the hacked home page showed a message saying the "Syrian Electronic Army Were Here". "The university's homepage was compromised by an outside party this morning. We took down the site for several hours in order to restore it. The attack appears to have been the work of a sophisticated individual or group," said a Harvard spokesman. They also criticized US policy towards President Assad`s regime and wrote several threats to the US. The new design stayed on the website for nearly an hour.

Mysql.com hacked, serving BlackHole exploit malware MySQL.com website is currently hacked and compromised with a JavaScript malware (and serving malware to anyone visiting it). The mysql.com website is injected with a script that generates an iFrame that redirects the visitors to http://truruhfhqnviaosdpruejeslsuy.cx.cc/main.php, where the BlackHole exploit pack is hosted. " It exploits the visitor's browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java, ...), and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge ," say the researchers. " The visitor doesn't need to click or agree to anything; simply visiting mysql.com with a vulnerable browsing platform will result in an infection." It is, of course, impossible to say who the attackers are. The domain reached through the iFrame is registered to one Christopher J Klein from Miam...

USA Today Twitter Account Hacked By Script Kiddie A group calling itself “ The Script Kiddies ” hacked USA Today’s Twitter account this weekend and used it to solicit requests for future targets and even to promote its own Facebook page. Although this recent hack seems like more of a childish prank, this group is being taken seriously by the FBI due to its earlier hacks involving false terrorism claims posted to NBC’s Twitter account. USA Today quickly regained control of the compromised feed. " @usatoday was hacked and as a result false tweets were sent. We worked with Twitter to correct it. The account is now back in our control ," it said. " We apologize for any inconvenience or confusion caused to our readers and thank you for reading @usatoday ." It’s possible that the new USA Today hack involved a spyware Trojan horse, like the earlier NBC hack did. For the NBC hack, NBC News’s director of social media Ryan Osborn could have received a Trojan horse conta...

[Hurry Up] Hacker Halted 2011 Special Offer For The Hacker News Readers Special for all The Hacker News subscribers (Offer ends Sep 30, 2011) Attend EC-Council's signature event in Miami - Hacker Halted USA - and  Get an iPad 2 + 2 nights hotel +  an additional 10% discount , when signing up for the conference pass at public prevailing rates, or for selected training. Held at the Intercontinental Miami from Oct 21 - 27, Hacker Halted USA will feature some of the best infosec superstars including  Bruce Schneier (Internationally acclaimed security guru), Philippe Courtot (Chairman - Qualys), Jeremiah Grossman (CTO - WhiteHat Security),  George Kurtz (Global CTO - McAfee), Dr. Charlie Miller (Accuvant), Moxie Marlinspike, Barnaby Jack and many others. There are a total of more than 70 speakers this year, and a very comprehensive agenda covering the major hot topics surrounding information security across 4 dedicated tracks. There is also a wide sele...

Facebook track your cookies even after logout ! According to Australian technologist Nik Cubrilovic: ' Logging out of Facebook is not enough .' He added, Even after you are logged out, Facebook is able to track your browser's page every time you visit a website. He wrote in his blog ' With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. ' After explaining the cookies behavior he also suggested a way to fix the tracking problem: ' The only solution to Facebook not knowing who you are is to delete all Facebook cookies.'

Official websites of 7 major Syrian city hacked by Anonymous for #OpSyria Official websites of 7 major Syrian city hacked by Anonymous hackers as part of hacktivists Anonymous' Operation Syria (  #OpSyria ). Anonymous has replaced the home pages of official Syrian websites with an interactive map of Syria, showing the names, ages and date of deaths of victims of the Syrian regime since the protests started in March. They call it  Martyrs of Freedom (March - October 2011).  The figure 2,316 commemorates the number of Syrians killed by the Syrian regime since anti-Assad protests started in Syria in March. The victims' names, ages and dates of death appear as you hover over the map of Syria. Hacked sites: http://tartous-city.gov.sy/ http://deirezzor-city.gov.sy/ http://palmyra-city.gov.sy/ http://homs-city.gov.sy/ http://aleppo-city.gov.sy/ http://latakia-city.gov.sy/ http://old-damascus.gov.sy/

Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser , A MD5 hash Cracker , Python and PHP Bind-Shells , Anti-Crawler Features etc! This shell has immense capabilities and have been written with some coding standards in mind for better editing and customization! New Features :- MD5 Hash Cracker Python Bind-Shell Anti-Crawler Function Shell Support for some Older Servers Better CSS Whole New Logo Ani-Shell Project Page : http://sourceforge.net/projects/ani-shell/ Ani-Shell Homepage : http://ani-shell.sourceforge.net/ Default login : lionaneesh Default password : lionaneesh

700,000 sites on Inmotion Hosting Server hacked by TiGER-M@TE in one shot ! 700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including  Trinity FM, Blast Magazine. It was not just a server hack, actually whole data center got hacked.   List of all hacked 700000 sites are available here .  Hackers copied over the index.php in many directories (public_html, wp-admin), deleted my images directory and added index.php files where they weren’t needed. 2,00,000 websites hack mirror already Submitted to Zone-H by TiGER-M@TE . We ( The Hacker News ) talk with hacker about the hack, He claim " I hack 700000 websites in one shot, this may be a new world Record. After submitting 200,000 domains,zone-h was going down again and again and became almost unresponsive in the end.so i was unable to submit all websites.so i've listed all domains in attachment .   It was not just a server hack, actually whole data center got hacked. " In Moti...

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a Trojan silently installs itself in the background as you try to sort out centuries-old territorial claims.The Trojan doesn't really do anything yet. But F-Secure, the Finnish security firm that discovered it, notes that it lays the groundwork for much more sophisticated attacks against Macs. The malware in question has been identified as Trojan-Dropper:OSX/Revir.A, which installs a backdoor, Backdoor:OSX/Imuler.A, onto the user's Mac. Currently, however, the backdoor doesn't communicate with anything. The command-and-control center for this particular malware is apparently a bare Apache installation, which has been sitting at its current domain since May of this year. Beca...

Singapore will setup National Cyber Security Centre Singapore has said it will boost its national capability to counter cyber security threats through the setting up of a ' National Cyber Security Centre ' in the coming months. The Centre, which will be headed by the Singapore Infocomm Technology Security Authority, will help the government deal more effectively with cyber security threats and vulnerabilities by enhancing capabilities in early detection and prevention, Deputy Prime Minister Teo Chee Hean said. In his address at the Second Singapore Global Dialogue here yesterday, Teo, who is also coordinating minister for national security and home affairs minister, said a safe and functioning cyberspace was critical to " our society, economy and national security. "

Lulzsec Hacker tracked by Proxy logs, can face 15 years prison The FBI believes that the homeless man they arrested on Thursday was "Commander X", a member of the People's Liberation Front (PLF) associated with Anonymous hacktivism. The logs maintained by HideMyAss.com, in addition to other evidence, has led to the arrest of another LulzSec member in Arizona, The Tech Herald has learned. Cody Kretsinger, 23, allegedly used the anonymity service during his role in the attack on Sony Pictures. According to HideMyAss.com, “ …services such as ours do not exist to hide people from illegal activity. We will cooperate with law enforcement agencies if it has become evident that your account has been used for illegal activities .” The service stores logs for 30-days when it comes to Website proxy services, and they store the connecting IP address, as well as time stamps for those using the VPN offerings. Emails seeking comment on HideMyAss.com’s level of cooperation with the ...

HTTPS SSL encryption Vulnerable To Crypto Attack The secure sockets layer (SSL) and transport layer security (TLS) encryption protocol, used by millions of websites to secure Web communications via HTTPS, is vulnerable to being decrypted by attackers. Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser. Juliano Rizzo and Thai Duong say the vulnerability compromises TLS (Transport Layer Security) 1.0, the encryption mechanism that secures Web sites accessed using HTTPS (Secure Hypertext Transfer Protocol). TLS is the successor to SSL (Secure Sockets Layer) and is widely used at financial sites. Companies, including Google, Facebook, and Twitter, are urging the wider use of TLS on the Web. The exploit – demonstrated with a tool called BEAST – targets a flaw that could leave transactions open to attack a...

Pscan 2.0 - multi threaded TCP Syn port scanner TCP Port scanner Multi threaded with possibility to scan 65535. TCP ports on an IP address.You can specify how many threads to run and the timeout. Further more it will tell you the MAC address of the target and the service runningFor LINUX and Windows. Change Log - Added option -s for Syn scan. - Scanning made faster thanks to Syn scan - Added even more default ports - Improved error handler for Syn scan - Improved text output - Fixed minor bugs: - changed pathname to oui.txt and port-numbers.txt files - added missing call to cleanup function WSACleanup Download multi threaded TCP Syn port scanner 2.0

Core Security Technologies victim of latest Hack Core Security Technologies itself become the latest victim of hack by sncope hacker. Hacker deface the websites, Mirror of hack can be seen here . Core Security offers the first and only real-world approach to security testing and measurement, but what if they got hacked ? that really terrific sometime...  More Domains of Core Security Hacked by him:

FBI Arrests Suspected LulzSec and Anonymous Hackers Search warrants were also being executed in New Jersey, Minnesota and Montana. The FBI  arrested two alleged members of the hacking collectives LulzSec and Anonymous on Thursday morning in San Francisco and Phoenix, According to Fox news. The suspected hacker arrested in California is homeless and alleged to have been involved in the hacking of Santa Cruz County government websites. The person arrested in Arizona is a student at a technical university and allegedly participated in the widely publicized hack against Sony. Both groups have been targeted by the FBI and international law enforcement agencies in recent months. Meanwhile, the FBI arrested an alleged Anonymous member in San Francisco. The man, who is reported to be homeless, is said to have been involved in internet attacks against Santa Cruz County government websites.Just because a man is homeless, of course, doesn't mean that he can't get an internet ...

BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook ( Security Ninja ) at BruCON 2011 in Belgium. You can Download Slide from here . Required for the Agnitio hands on demos: A 32bit Windows Operating System (XP or 7 preferably – VM will be fine) .NET framework 3.5 installed Agnitio v2.0 installed Download the Pandemobium Android and iOS source code Download the selected vulnerable open source application Optional In addition to the list above the following things are optional depending on how hands on you want to be: Internet connection to download an application from the Android market place Eclipse IDE installed Android SDK installed Android Debug Bridge (adb) installed, this should be installed as part of the SDK install An AVD configured with the Android market place app installed (instructions here) I think you can also use a rooted Android device if you don’t want to use the emulator Workshop format A quick look at stati...

Let’s Play a Game of Cyber Security at  CSAW CTF 2011   Ready for a little game of capture the flag? What if you weren't running around a field like a crazy person trying to grab a flag out of someone’s belt, but instead were navigating around a network overcoming technical challenges to find markers that you are awarded points for once submitted? Then CSAW CTF 2011 is where it’s at. CSAW CTF 2011 is hosting the qualifying round from Friday September 23, 2011 to Sunday September 25, 2011. The competition will begin at 8PM that Friday night, and is used to determine who will proceed on to the finals taking place in New York November 10-11 at NYU-Poly.   The event is centered on assessing application security abilities. For the qualification round there is no limit to the number of team members you can have, but if you move on to the final round your team will be limited to four players. If you attend the event you’ll have the chance to rub elbows with anyon...

Lilith: Perl script to audit web applications Lilith tool analyses webpages and looks for htmltags , which often refer to dynamic pages that might be subject to SQL injection or other flaws.Lilith basic function is to spider and analyses pages, following hyperlinks, injecting special characters that have a special meaning to any underlying platform. As most of us know web applications scanner can never perform a full 100% correct audit. A manual re-check eliminates most of the false positve. Features and changes made in lilith got rid of many many false positives (that’s good) when SQL error is found, it now goes onto next var improved (i hope) scanning engine (anti) coldfusion support better cookie handling and cookie tampering omitted perl HTML::Form limitation better verbose output extensive logging detects directory indexing recursive URL dissection cleaned up this pasta code Download Lilith

Win Free Copies of BackTrack 5 Wireless Penetration Testing Guide with The Hacker News Fellow hackers would be very pleased to know that to celebrate the release of their new book- BackTrack 5 Wireless Penetration Testing Beginner’s Guide , Packt Publishing is giving away 2 copies of the book to The Hacker News readers. Keep reading to find out how you can be one of the Lucky Winner. Here is a quick overview of BackTrack 5 Wireless Penetration Testing Beginner’s Guide · Learn Wireless Penetration Testing with the most recent version of Backtrack · The first and only book that covers wireless testing with BackTrack · Concepts explained with step-by-step practical sessions and rich illustrations · Written by Vivek Ramachandran ¬ world renowned security research and evangelist, and discoverer of the wireless “Caffe Latte Attack” Read More How To Win Sound like something you might be interested in? All you need to do is head on over to the bo...

50000 WordPress Sites infected with spam The attack consists of contacting the domain wplinksforwork.com to get a list of links to be displayed on the compromised sites. However, that domain has been down for the last few days and all the sites compromised. These sites supposed to be compromised. Most of the hacked sites had outdated versions of WordPress installed. Infected sites have following message at Footer : Warning: file_get_contents(http://wplinksforwork.com/56132.. 47509328/p.php?host=… failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in ..

Kazakhstan calls for global cyber security treaty to deter hackers at United Nations Today's security professionals - whether they are black hats, white hats or something in between - all have one thing in common: The knowledge of their craft probably did not come from a book or a classroom. Today's security skills - both good and bad - we learn online, in the unstructured jungle of the Internet. President Nursultan Nazarbayev told the debate’s opening session – held at United Nations Headquarters in New York – that it was worrying that “not a single international convention or multilateral treaty governs information processes. “ Is it not the reason why, in practical terms, most hacker attacks on banks, businesses, government institutions, [the] military and even nuclear facilities have been carried out with impunity? ” he asked. Mr. Nazarbayev stressed the need for what he called “ an international legal framework of the global information space .” He said suc...

More Android vulnerabilities exposed [Video Demonstration] It's been more than a month since researchers reported two serious security vulnerabilities in Android, but so far there's no indication when they will be purged from the Google-spawned operating system that's the world's most popular smartphone platform. Oberheide and Lanier are set to teach a two-day mobile security training course at SOURCE Barcelona this November where they will presumably refer to this and other Android vulnerabilities. Let's hope, for the sake of Android's reputation, that these things are resolved much sooner. The first vulnerability is known as a “ Permission escalation vulnerability ”, and allows attackers to install additional “ arbitrary applications with arbitrary permissions ”, without first asking the user if they want to permit such actions. This would allow attackers to access call records, texts, web browsing history and media stored on the device. The second bug...

Visual DuxDebugger Debugger - Disassembler for Windows 64-bit Main features Fully support 64-bit native processes Fully support 64-bit .NET processes Full code analysis Full memory analysis Code edition Memory edition Module export formats (EXE/DLL/CSV) Debug multiple processes Debug multiple child processes Minimum Requirements O.S: Windows 7 64-bit / Windows Server 2008 R2 Processor: Pentium 4 3.0 GHz Recommended Requirements O.S: Windows 7 64-bit / Windows Server 2008 R2 Processor: Dual Core 2.5 GHz Display: 1920 x 1080 Download

Vulnerability in its Identity Services Engine of Cisco Cisco is warning users of a critical vulnerability ( CVE-2011-3290 ) in its Identity Services Engine (ISE). In its security advisory, the company says that the underlying database used by ISE, its identity and access control policy platform, contains three sets of default credentials that could be exploited by a remote attacker without any end-user interaction. Using these credentials, an attacker could modify the configuration and settings, or even gain complete administrative control of a device. All hardware appliance and software-only versions of Cisco ISE prior to 1.0.4.MR2 are affected.The company says that it will release a free update to the software to address the vulnerability on 30 September 2011; no temporary workaround is available. Once released, the updates will be available to download from the Cisco Software Center. [ Source ]

Aldi Bot - Buy a Botnet just in 10 Euros Researchers of German security firm G Data have discovered that a bot builder dubbed " Aldi Bot " is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do with the discount supermarket chain and it is not clear why its author chose to name the bot after Aldi – it is thought it may relate to the bot's discount pricing. Company says " We’ve encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called “Aldi Bot” first appeared in late August and has been sold for the initial price of €10! Parts of the bot’s code oddly look like ZeuS code… " The Aldi Bot can read (saved) passwords from the Firefox web browser, Pidgin IM client and JDownloader download tool, and send them to a command and control server which is included in the €10 price tag. The Aldi Bot can als...

Bank of Melbourne Twitter Account Hacked Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing links to its followers. In a tweet , the bank said that: ATTN: Unauthorised DMs sent bw 4-5pm today, do not click link. No customer/personal data compromised. Apologies for the inconvenience. A recently relaunched subsidiary of Westpac, the Australian bank engages heavily with its customers through its @BankofMelb Twitter account. However, the security of the account proved not to be up to scratch when hackers managed to gain access and used the account to send direct messages containing phishing links.The hacking of corporate Twitter accounts is nothing new, neither are phoney messages claiming to come from a bank. What makes this case rather unique - and worrying - is that the account itself is genuine, thus significantly adding to the credibility of the links. Dancho Danchev believes that this is not the act of an am...

John the Ripper 1.7.8-jumbo-7 Released Change Log : * Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. (JimF) (This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates.) * Support for Mac OS X 10.7 Lion salted SHA-512 hashes has been added (enabled when building against OpenSSL 0.9.8+ only), with optional OpenMP parallelization. (Solar) * Optional OpenMP parallelization has been added for salted SHA-1 hashes used by Mac OS X 10.4 to 10.6. (Solar) * PoC support for DES-based 10-character tripcodes has been added (does not use the bitslice DES implementation yet, hence is slow). (Solar) * The DIGEST-MD5 authentication cracker has been revised to be usable without requiring source code customizations. (magnum) * Highly experimental support for dynamically loaded plugins (adding new formats) has been added (currently only enabled on Linux). (Davi...

Nmap 5.61 TEST1 Released This Nmap 5.61TEST1 is an informal test release with all of the latest features from the SVN. Nmap (“Network Mapper”) is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes a...

Radware’s Attack Mitigation System Delivers the First Fully Integrated Solution to Fight Cyber Attacks in Real Time The solution blocks the new breed of sophisticated attacks that target Multiple layers of the IT infrastructure .  Today's point security tools for IT infrastructures are not enough to protect against the new wave of sophisticated cyber attacks. That's why  Radware  (NASDAQ: RDWR), a leading provider of  application delivery  and  application security  solutions for virtual and cloud data centers, today announced Radware Attack Mitigation System (AMS), the industry's first fully integrated IT security strategy and portfolio that protects the application infrastructure in real time against network and application downtime, application vulnerability exploitation, malware spread, information theft, Web service attacks and Web defacement. Additional Resources   ·            ...

iPhone  Skype  XSS Vulnerability Lets Hackers Steal Phonebook [Video] A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says AppSec Consulting security researcher Phil Purviance. The problem is made more exploitable by the way Skype uses the embeddable WebKit browser; Skype developers have set the URI scheme for the embedded browser to "file://". This error allows an attacker to access the file system and read any file that the app would be allowed to read by the iOS application sandbox. One file that every iOS application has access to is the user's SQLlite AddressBook database. In a demonstration of the bugs, Phil Purviance, AppSec Consulting security researcher, showed how it was possible to extract the iPhone address book using the vulnerabilities. Skype is aware of the issue and is working on a fix. “We are working hard to fix this reported i...