The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook content restrictions bypass Vulnerability Blackhat Academy claims to have found a way to bypass content restrictions on links, as posted on their site and posts put on a user's public wall. Even Security Analysts claim that Facebook was notified of these vulnerabilities on July 31st, 2011. To date (October 4, 2011), Facebook has yet to do anything about this. Facebook has only recently purchased Websense to attempt to push this vulnerability under the rug, however the exploit still works.To access Facebook's FQL API, Facebook was even so kind as to give a reference of tables and columns in the documentation for FQL. FQL does not allow the use of JOINS, however it is not needed as everything is thoroughly documented. Attackers can misuse this during the creation of a malicious Facebook application or directly on the FQL development api page for information gathering. : <?php # User agent checking methods $fb_string = '/facebookexternal/i';         ...

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant search features and XML-based modules. A GPL license for the entire project helps to ensure the code will remain free. It also features a ranking system for contributors, tutorials for everyone who wants to learn how to create new exploits and a community to call for help. Why use Exploit Pack? It has a module editor that allows you to create your own custom exploits. There is an instant search feature built-in on the GUI for easier access to modules. Modules use XML DOM, so they are really easy to modify. It uses Python as its Engine because the language is more widely used on security related programming. A tutorial is also provided. If you want to earn money, they will pay you for eac...

Derbycon 2011 Videos Talks The idea behind DerbyCon was developed by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). Their motivation stemmed from a desire to see more of the old-style talks and events of the conventions of the past. DerbyCon was hosted by some specialized two-day training courses from 30th Sep-2nd Oct 2011 in Louisville, Kentucky. DerbyCon isn't just another security conference. They have taken the best elements from all of the conferences. DerbyCon is a place you can call home, where you can meet each other, party, and learn. Their goal is to create a fun environment where the security community can come together to share ideas and concepts. Whether you know Linux, how to program, are established in security, or a hobbyist, the ideal of DerbyCon is to promote learning and strengthen the community. Day 1 Adrian, Dave, Martin: Welcome to DerbyCon 2011 – Intro to the con and events KEYNOTE ~ HD MOORE – Acoustic Intrusions Johnny Long...

Hash Code Cracker V 1.2 Released ~ Password Cracking from BreakTheSecurity BreakTheSecurity is proud to release the Hash Code Cracker Version 1.2. Our latest release supports Online Cracking function. Description: This password cracker is developed for PenTesters and Ethical hackers. Please Use this software for legal purposes(Testing the Password Strength). Features: This software will crack the MD5, SHA1,NTLM(Windows Password) hash codes. No need to install. Supports All platforms(windows XP/7,Linux,..). V1.2 Changelog : Included Online cracking Support Minimum Requirements: Java Runtime Environment: JRE 1.6 should be installed.(you can get it from oracle.com) How to Run the Application? Download the .zip file and extract. Extract the zip file. Open the Terminal or command prompt. Navigate to the path of Extracted zip file (i mean HashCodeCracker Folder) in Terminal/CMD. Type this command "java -jar HashCodeCracker.jar". Now the applica...

Linux - Means Freedom [The Hacker News Magazine] October 2011 Issue Released Dear Readers,                          We here at The Hacker News were very humbled to be given the opportunity to celebrate 10 millions hits to the website. Wow! We are so very grateful for your support and as I told you last month, I don't think Hacking is going anywhere and neither are we!! Your feedback is very important to us. Feel free to send us your thoughts and desires for Hacking news. If you want to write an editorial, let us know. We'd love to include it next month. For now, we will see you in our daily and best wishes for a great month. Content of October Edition: Linux - Means Freedom How to make my Linux Secure ? Hackathon Insider Threads Vs Hackers Linux : How to Series by Alok Srivastav Window 8 - Touch the Future The Security Model of Window 8 Server Microsoft Security Development Cycle September Cybe...

Celebrating 5th Birthday of Wikileaks  (Born : 4th Oct 2006) The wikileaks.org domain name was registered on 4 October 2006. The website was unveiled, and published its first document, in December 2006. The site claims to have been " founded by Chinese dissidents, journalists, mathematicians and start-up company technologists, from the US, Taiwan, Europe, Australia and South Africa ". The creators of WikiLeaks have not been formally identified. It has been represented in public since January 2007 by Julian Assange and others. Assange describes himself as a member of WikiLeaks' advisory board. News reports in The Australian have called Assange the " founder of WikiLeaks ". According to Wired magazine, a volunteer said that Assange described himself in a private conversation as "the heart and soul of this organisation, its founder, philosopher, spokesperson, original coder, organizer, financier, and all the rest". 2006–08 WikiLeaks posted its fi...

Contest Winners Announcement : Wireless Penetration Testing Guide book We ran a competition for the book " Backtrack 5 Wireless Penetration Testing " last week. Today, Vivek Ramachandran, the author of the book and Founder of SecurityTube.net is announcing the winners in the video below. We will be contacting the winners via email soon. Two Best Comments Selected by Author are : Scott Herbert : For me it's the "man-in-the middle" and other cutting edge wireless attacks that make it a book worth getting (even if I don't win). neutronkaos : What interests me most about this book is that it is dedicated to wireless hacking. In an age where almost everybody is rocking a wireless AP, this book could do alot in offense and defense. I have been a Backtrack fan since Backtrack 3 and I have seen several of Mr. Ramachandran's primers on security tube. I am currently deployed to Afghanistan and I am working towards a degree in Network Security. I would love to have this boo...

Apache killer exploit modified for better Results " 4L4N4 K!LL3R " or Killapache  DDOS tool exploit, previously coded by kingscope 's , re-edited and coded by " S4(uR4 " , which kills apache and still many websites are vulnerable. S4(uR4 rewrite this exploit on php/curl (web based) with agressive mode. Exploit Consist of 2 part : 1) Test Part (for test u need use static content of site, maybe images, text, html, doc file, etc) 2) Xploiting Part Difference B/w Old and New Modified Exploit: 40c40 < $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; --- > $p = "HEAD ".($ARGV[2] ? $ARGV[2] : "/")."HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; 56c56 < $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; ---...

DarkComet-RAT v4.2 fwb (Firewall bypass) This version is firewall bypass it will inject to web browsers and bypass firewall rules. Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails (normally never) then it runs normally. Notice now you can use remote computers as SOCKS5 proxies changelog: - Now server module doesn't melt each times - SOCKS5 Server added – Multithread. - Camera streaming is now more stable - Camera capture interval added - Camera disable streatch enabled/disabled added - File Manager doesn't crash on transfer anymore - Sound capture more stable and a bit faster - New process manager GUI and more user friendly - Process Dump added to the new process manager - Screen capture totally recoded, faster in Vista and Seven than before - Screen capture control more stable - No more black screen in screen capture on resize (avoid using 16bit colors in some systems) Most performant is 8Bit. - New password ...

Thailand Prime Minister Twitter, Facebook accounts Hacked Prime Minister Yingluck Shinawatra's personal Twitter account was hacked yesterday in what officials said was possibly part of a conspiracy to embarrass the government. The false tweets accused her of cronyism and various failures. The final post read: " If she can't even protect her own Twitter account, how can she protect the country? " Authorities vowed to prosecute the guilty parties. Information and Communication Technology Minister Anudith Nakornthap said an investigation found the hacker used a prepaid phone card and an iPhone to access the accounts. He denied a report that an arrest was imminent, but said details from the investigation would be announced today.Ms. Yingluck won a clear victory in July, but is accused by her critics of being a puppet of her brother, former Premier Thaksin Shinawatra who was thrown out of office in a 2006 military coup. " This country is a business. We work for...

Proof of Concept : PuttyHijack - Hijack SSH/PuTTY Sessions PuttyHijack is a POC tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs hooks and creates a socket in guest operating system for a callback connection that is then used for input/output redirection. PuttyHijack does not kill the current connection, and will cleanly uninject if the socket or process is stopped. Leaves no race for further analysis. How to run/install PuttyHijack Start a nc listener on some fully controlled machine. Run PuttyHijack specify the listener ip and port on victime machine (Some socail engg skill may be helpfull) Watch the echoing of everything including passwords (grab it for further analysis) Help commands of PuttyHijack !disco – disconnect the real putty from the display !reco – ...

HTC Android Vulnerability - Exposes Phone numbers, Gps, SMS, Emails etc If you are running a HTC Android smartphone with the latest updates applied, chances are your personal data is freely accessible to any app you have given network access to in the form of full Internet permissions.This vulnerability isn't a backdoor or some inherent flaw in Android, it is instead HTC failing to lock down its data sharing policies used in the Tell HTC software users have to allow or disallow on their phone. The problem being, not only is your data vulnerable when Tell HTC is turned on, it's just as vulnerable when it is turned off. In brief, any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on: the list of user accounts, including email addresses and sync status for each last known network and GPS locations and a limited previous history of locations phone numbers from the phon...

Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones. Kaspersky's SecureList blog has a report of a malicious QR code on a web site which when scanned directs the user to a URL; the linked site doesn't have a file matching the name in the URL, but it does redirect the browser to another site where the file jimm.apk is downloaded.  The file is a trojanized version of the Jimm mobile ICQ client, infected with Trojan-SMS.AndroidOS.Jifake.f which sends a number of SMS messages to a $6 a message premium rate service. Once installed, the Trojan will send a number of SMS messages to premium-rate numbers, which will end up costing the victim some money, depending on how quickly she is able to find and remove the Trojan. Kaspersky's Denis Maslennikov reports that the malware itself is a Trojanized Jimm application (mobile ICQ client) which sends several SMS messages to premium rate number 2476 (US$6.00 e...

Open Source Awards 2011 launched - "Recognizing excellence in open source" The 'Packt Open Source Awards 2011' have been announced. Formerly the Open Source CMS Award, the contest has been running since 2006 and, according to a press release sent to .net, is "regarded as one of the most established platforms for recognising excellence amongst Open Source Software". The aim of the Open Source Awards is to encourage, support and reward open source projects, in part through cash prizes, which have topped $100,000 since 2006. This year, the categories up for awards are: Open Source CMS, Open Source Mobile Toolkits and Libraries, Most Promising Open Source Project, Open Source Business Applications, Open Source JavaScript Libraries, and Open Source Multimedia Software. To identify excellence, the public votes for finalists within each category are combined with ratings from a panel of judges. Packt itself notes that it has no input nor say in the finalist...

Samsung Galaxy S II (AT&T) trusted pattern lock Security Bypassed Major security flaw found in AT&T's upcoming Samsung Galaxy S II device. Guys at BGR noticed that the information on the upcoming AT&T version of the Samsung Galaxy S II isn't so safe behind a once trusted pattern lock, and that it can quite simply be bypassed. All you have to do : Wake the device using the lock key, then let the screen time out, then wake it again with the lock key and you can access all the data. AT&T's Version of Samsung Galaxy S II is confirmed to have this security flaw, but the Sprint version or other does not suffer from this. Even I just check my own Samsung Galaxy S II (Indian Version), Yeah - ITS SAFE :) Video Demonstration [ Source ]

Nmap 5.61 TEST2 -  IPv6 OS detection Added Nmap Added IPv6 OS detection, CPE, 30 more scripts, and more features in latest release Nmap 5.61 TEST2. Change Log for Nmap 5.61TEST2 Added IPv6 OS detection system! The new system utilizes many tests similar to IPv4, and also some IPv6-specific ones that we found to be particularly effective. And it uses a machine learning approach rather than the static classifier we use for IPv4. We hope to move some of the IPv6 innovations back to our IPv4 system if they work out well. The database is still very small, so please submit anyfingerprints that Nmap gives you to the specified URL (as long asyou are certain that you know what the target system isrunning). Usage and results output are basically the same as withIPv4, but we will soon document the internal mechanisms athttps://nmap.org/book/osdetect.html, just as we have for IPv4. For anexample, try "nmap -6 -O scanme.nmap.org". [David, Luis] [NSE] Added 3 scripts, bringing the ...

Virus removal website compromised to serving malware One of the Famous Virus Removal Service website : laptopvirusrepair.co.uk  is compromised and Hacker is Serving Malware on the website. In above screenshot Avira detects the JS/Blacole.psak Java script Virus hosted on the site.  The snippet of code is located at the bottom of the index page: It is an obfuscated iframe that redirects to a site that will deliver exploits:  zdesestvareznezahodi.com/tds/go.php?sid=1 . This Site is listed in  malwareblacklist .  Detected Virus is : Kaspersky: Trojan-Downloader.JS.Agent.geo and Effected Platforms / OS: • Windows 95 • Windows 98 • Windows 98 SE • Windows NT • Windows ME • Windows 2000 • Windows XP • Windows 2003 • Windows Vista • Windows Server 2008 • Windows 7 Side effects of JS/Blacole.psak Java script Virus: • Can be used to execute malicious code • Drive-by download

Russian firm Elcomsoft unveils tool to crack BlackBerry encryption security A Russian security company has upgraded a phone-password cracking suite with the ability to figure out the master device password for Research in Motion's BlackBerry devices. Elcomsoft said that before it developed the product, it was believed that there was no way to figure out a device password on a BlackBerry smartphone or PlayBook tablet. BlackBerry smartphones are configured to wipe all data on the phone if a password is typed incorrectly 10 times in a row, the company said. " ElcomSoft Phone Password Breaker " does exactly what it says, enabling its users to recover plain-text passwords governing encrypted backups for BlackBerry smartphones and PlayBook tablets. (The password-breaking tool also works on Apple devices running iOS, such as iPhones and iPads.) The new feature is wrapped into Elcomsoft's Phone Password Breaker. It costs £79 ($123) for the home edition and £199 for the fu...

Disable Social Networks From Tracking You with The Priv3 Firefox Extension In Earlier Post we Inform our readers about " Facebook track your cookies even after logout ". Did you know that social networking sites like Facebook, Google+, and Twitter can track your visits to any web page that uses the familiar "Like", "Follow", or "+1" buttons, even if you do not actually click these buttons? If you care about privacy, you must have already installed privacy addons like Ghostery, Adblock Plus, but here's a new addition to your privacy toolkit – Priv3. Priv3 is different from addons like Ghostery. For example, Ghostery blocks social sharing buttons (+1, Like, Tweet buttons) and other social snippets (Facebook comments, Facebook connect) completely, so you may feel disconnected. Priv3 protects your privacy by blocking trackers, but still shows social snippets like Facebook Comments, +1, like buttons so you don't miss any content. Once you intera...

4.9 million Tricare patients data exposed in data breach About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records, federal officials say. Some of the information included Social Security numbers, addresses, phone numbers and private health information for patients in 10 states. A statement posted on the Defense Department's Tricare health system website said no credit card or bank account information was on the backup tapes. " There is no indication that the data has been accessed by unauthorized persons ," the SAIC spokesman says. SAIC is working with the local police department, Defense Criminal Investigative Services and a private investigator to attempt to recover the tapes, the spokesman adds. TRICARE " does not have a policy " on encryption of backup tapes, a TRICARE spokesman says. SAIC did not i...

Security Solutions for Beast attack against SSL/TLS Vulnerability Juliano Rizzo and Thai Duong presented a new attack on Transport Layer Security (TLS) at the Ekoparty security conference in Buenos Aires, Argentina. The researchers found that encryption, which should protect us, when we connect to some sites over HTTPS, may be compromised. The researchers say that their code is called BEAST (Browser Exploit Against SSL / TLS) prove to the world that any cryptographic protocol designed to TLS 1.1, is vulnerable and can be quite easily deciphered. Researchers try to decode the authentication cookies used to login to your account PayPal, within 10 minutes, far faster than anyone expected. If successful, the faith of Internet users in one of the pillars of online safety is fully dissipated.BEAST is different from the many published attacks against HTTPS, - said Dwan. - While other attacks are focused on property, authenticity SSL, BEAST Attacks privacy protocol. As far as we know, BE...

JonDo 00.16.001 Released - Automatic error recognition and easier usability JonDos publishes a new version of the JonDo-Software, an IP changer and IP anonymization program, that you can use for anonymous surfing in the Internet with high security anonymous proxy servers. What is JonDo? JonDo is an open source and free-of-charge program for Windows, Linux and MacOS X. It hides the user's IP adress behind an anonymous IP address. In contrast to other anonymizers (VPNs, anonymous proxy servers), the user's anonymity stays protected even against the providers (operators) of the anonymous IP address. What is new? Statistics and support requests about the usage of JonDo let assume that several users of older versions do not use the software correctly, and may thereby surf the net unsecured. The current version warns the user in such a case and launches an assistant for fixing the problem if necessary. Of course, users may also consult the extensive online help for this purpo...

Atlanta IT Worker Hacked Ex-Employers Database An Atlanta man could receive up to five years in prison after pleading guilty Wednesday to hacking into a former employer's patient database, stealing information and then wiping the database clean. Federal prosecutors said Eric McNeal, 37, used the patient information from a firm identified as " A.P.A ." for a direct marketing campaign at his new employer in the same building. McNeal was an information technology specialist for the perinatal medical practice in Atlanta in November 2009 when he left to join the competing perinatal practice. McNeal used his home computer to hack into his former employer in April 2010, prosecutors said in a release.He downloaded patients' names, addresses and telephone numbers and then cleared his former employer's database, deleting all patient information from its system, prosecutors said. While he used the information for a direct-mail marketing campaign for the benefit of his new employ...

"SecurityTube Wi-Fi Security Expert" (SWSE) online certification Launched SecurityTube released their first fully online certification today - " SecurityTube Wi-Fi Security Expert " (SWSE) .  The most interesting thing and key difference from other certifications, is that they are giving out the entire course material free of charge! You only pay if you need the certification. If you are a hobbyist or a causal security enthusiast, the course material is free for you :) The SWSE is based on the Wi-Fi Security Megaprimer which we posted about a while back: https://www.securitytube.net/downloads Full details of the certification is available here: https://www.securitytube.net/certifications For an introductory price of $200 till October 15th, 2011 (only limited seats), they are providing all of the following: - Lifetime access to the Students Portal - Lifetime access to Bi-Monthly Webinars with Full Course Coverage and Live Doubt Clearing sessions - Lifetime...

Firefox Java update ready to stop BEAST attacks Firefox developers searching for a way to protect users against a new attack that decrypts sensitive web traffic are seriously considering an update that stops the open-source browser from working with Oracle's Java software framework. Johnath, the alias for Firefox Director of Engineering Johnathan Nightingale, weighed in: " Yeah - this is a hard call. Killing Java means disabling user functionality like facebook video chat, as well as various java-based corporate apps (I feel like Citrix uses Java, for instance?) " He went on to say that Firefox already has a mechanism for " soft-blocking " Java that allows users to re-enable the plugin from the browser's addons manager or in response to a dialogue box that appears in certain cases. " Click to play or domain-specific whitelisting will provide some measure of benefit, but I suspect that enough users will whitelist, e.g., facebook that even with those mechanisms (which don...

Supreme Court of Pakistan website defaced by Zombie_Ksa The official website of Pakistan's Supreme Court has been hacked.Visitors to the website found derogatory and abusive remarks about the court and Chief Justice Iftikhar Muhammad Chaudhry. Earlier the Supreme Court website was hacked by two boys also in the month of September last year to whom the court had granted bail on April 11 as they were less than 18 years of age. The hacker declared that his intent to deface the site was ideological in nature to send a message to the Chief Justice of Pakistan Iftikhar Muhammad Chaudhry: " I am here to request you to go out and help the poor, needy and hungry. They don't have money to eat one-time meal, they don't have clothes to wear, and they don't have accommodation … sitting in your royal chair won't make any changes to our Pakistan. ". According to the press release and independent website Zone-H, Zombie_Ksa had carried out at least 169 defacements, of which 69 were single I...

Man-in-the-Middle Remote Attack on Diebold Touch-screen Voting Machine The Vulnerability Assessment Team (VAT) at the U.S. Dept. of Energy's Argonne National Laboratory in Illinois has managed to hack a Diebold Accuvote touch-screen voting machine. Voting machines used by as many as a quarter of American voters heading to the polls in 2012 can be hacked with just $10.50 in parts and an 8th grade science education, according to computer science. " This is a national security issue ," VAT team leader Roger Johnston told me, echoing what I've been reporting other computer scientists and security experts telling me for years. " It should really be handled by the Department of Homeland Security. " " The level of sophistication it took to develop the circuit board" used in the attack "was that of basically an 8th grade science shop ," says Argonne's John Warner. " Anybody with an electronics workbench could put this together. ...

Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET) The Cyber Security Evaluation Tool (CSET) is a Department of Homeland Security (DHS) product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National Cyber Security Division (NCSD) by cybersecurity experts and with assistance from the National Institute of Standards and Technology. This tool provides users with a systematic and repeatable approach for assessing the security posture of their cyber systems and networks. It includes both high-level and detailed questions related to all industrial control and IT systems. The tool is available for download, and the program also offers training and support at no cost to organizations engaged in administering networks that control facilities identified as being crucial to both the nation's economy and national security. CSET is a desktop software tool that guides users through a step...

Anonymous releases 25,000 records of the Austrian police Anonymous Austria post via the official Twitter account about 25,000 records Austrian police officers. Observers suspect that the data from the Austrian section of the " International Police Association " could come. Meanwhile, the far-right Freedom Party tries to take advantage of the data leak. " This violation of the privacy of our policemen have become fair game for possible revenge attacks by criminals. Minister Mikl-Leitner, the political responsibility for this incredible gap in the IT system of their ministry and is increasingly becoming a security risk for our country ," criticizes FPÖ Speak Königsberg.

The Council on Governmental Ethics Laws (COGEL) hacked and complete database dumped Hacker With Name snc0pe claim to hack official website of The Council on Governmental Ethics Laws (COGEL) . He post a message on pastebin , along with the database download link  (1.88MB).

Anonymous Hackers Release alleged pepper spray  NYPD Officer 's Personal Info The Anonymous activist collective today released personal information  about a New York police officer who is believed to have sprayed pepper spray on women protesters on Wall Street. The group released phone number, addresses, names of relative and other personal data for a New York police officer, as well as photos that appear to show him at the protest and a closeup of his badge. The Occupy Wall Street organizers also called for the resignation of Police Commissioner Raymond Kelly and released additional video from the incident on the protest Web site . In a statement, Anonymous said: " As we watched your officers kettle innocent women, we observed you barberically (sic) pepper spray wildly into the group of kettled women. We were shocked and disgusted by your behavior. You know who the innocent women were, now they will have the chance to know who you are. Before you commit atroci...