The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Android.Bmaster Exploits root access to connect to Botnet A new piece of Android malware named Android.Bmaster , first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog . This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread.  RootSmart is designed to escape detection by being named " com.google.android.smart, " which the same name as a settings app included by default with Android operating systems. Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated.“ The malware posts some user and phone-specific data to t...

Hackers Claims to compromise Intel 's Sensitive Data A security researcher under the name of " WeedGrower ", or " X-pOSed " has been on a roll since the start of 2012. He has ambushed huge sites such as AOL, NASA, Hotmail, Myspace, Xbox, USBank, Yahoo, and VISA, he has also leaked sensitive data on most of those websites. Hackers today Claiming that he compromise Intel's Sensitive Data like User Base & Credit Cards. He found a way to expose sensitive data via the subscriber section on Intel.com and he also has access to the INTEL.com database which reveals Credit Card Numbers, Social Security Numbers, Emails, Passwords, and more. "WeedGrower", or "X-pOSed" has threatened that he's going to be leaking this soon if he doesn't get a response from Intel.com carriers. Hacker said ," I've got to give some applause to all these pseudo-security technicians out there. I cut Intel a break, I have access to a database and a...

Apple Supplier Foxconn ’s Servers Hacked, Exposing Vendor Usernames and Passwords Apple supplier Foxconn has reportedly been hacked, exposing the usernames and passwords of the company’s clients and employees. Hacker group SwaggSec just released a dump of Foxconn internal information, including a mail server login/password dump and logins to various online procurement sites and Intranets. " We encourage media, security experts, and other interested individuals to explore our leaks. Foxconn did have an appropriate firewall, but fortunately to our intent, we were able to bypass it almost flawlessly. Of course with funding ourselves we did have our limitations. But with several hacking techniques employed, and a couple of days in time, we were able to dump most of everything of significance. " Hacker said. The group made a 6.04MB file available earlier this evening first on Demonoid, and then on The Pirate Bay   which purported to contain login and password information for F...

“ Cyber China ”, from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from  Security Affairs  -  Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China’s hacking is on world internet security. Read and decide for yourself : When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threat to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are ...

Arab Countries websites urged to Increase Security Against Israeli Hackers Recent hacking attacks online have gotten the attention of the world's media outlets in a big way. What has been reported as beginning as a youth led hacker attack against an Israeli website quickly escalated when six Israeli hackers decided to strike back. The initial attack was against a sports themed web site based in Israel and exposed the credit card and personal information of a number of nationals in that country.  The response, exposed the credit card and personal details of more than 50,000 people in Arab countries such as Saudi Arabia. While this current episode is rather tame in comparison to the Stuxnet virus which hit Iran in June of 2010, which ended up destroying several centrifuges inside an Iranian nuclear facility. Experts say that the web application security of Arab web sites must be increased if they are to be prepared for the potential cyber warfare that Israeli hackers could one day...

Cryptographers : Satellite phones vulnerable to eavesdropping Researchers at a German university claim to have cracked the algorithm that secures satellite phone transmissions. They have broken the encryption of the two main standards used to protect calls from satellite phones, giving them the ability to intercept conversations that are meant to be private. The attacks on the GMR-1 and GMR-2 standards are thought to be the first such work against the satellite phone ciphers. After reverse engineering phones that use the GMR-1 and GMR-2 standards, the team discovered serious cryptographic weaknesses that allow attackers using a modest PC running open-source software to recover protected communications in less than an hour. The Ministry of Defence has said a satellite phone crack of the A5-GMR-1 and A5-GMR-2 encryption algorithms crack by researchers will not affect UK military use of satellite phones. " All military users of mobile satellite communication systems are ...

Anonymous Hack Syrian President's Emails with Password " 12345 " Hundreds of emails from Syrian President Bashar Assad's office were leaked on Monday after an attack by the hacker group Anonymous. The target was the mail server of the Syrian Ministry of Presidential Affairs and about 78 inboxes of Assad's aides and advisers were hacked and the password that some used was "12345", according to Israeli newspaper Haaretz. Click here to read the leaked documents,  part one Click here to read the leaked documents,  part two The interview took place amid Syria's increasingly harsh crackdown against civilian protesters. Assad's TV interview with Walters was memorable for his repeated denials that Syrian citizens were being killed. " We don't kill our people ... no government in the world kills its people, unless it's led by a crazy person ," Assad told Walters. [ Source ]

Symantec releases patch to address pcAnywhere source code exposure Anonymous activists have released source code for PCAnywhere onto the internet, hours after a hacker's negotiations for payment from Symantec broke down. Symantec code exposure turns up danger to pcAnywhere customers.Symantec has released new information and a patch to address the recent code exposure incident. The release followed failed email negotiations over a $50,000 payout to the hacker calling himself YamaTough to destroy the code. The code was posted on the Pirate Bay file-sharing website on Tuesday at around 5:40am. " Symantec has been lying to its customers. We exposed this point thus spreading the world that ppl need" - #AntiSec #Anonymous Spread and share! " said a statement accompanying the download link on Pirate Bay. Symantec has stated that users of pcAnywhere are at increased risk. The Symantec website states that, because of the age of the exposed source, “ Symantec anti-viru...

YamaTough Hacker Demanded $50,000 for not releasing Stolen Symantec Source Code According to email transcripts posted to Pastebin yesterday, and confirmed by the company, a group of hackers attempted to extort $50,000 from Symantec in exchange for not releasing its stolen PCAnywhere and Norton Antivirus source code. Hackers associated with the group Anonymous known as the Lords of Dharamaja leaked what appears to be another 1.27 gigabytes of source code from Symantec Monday night, what they claim is the source code of the Symantec program PCAnywhere.  A 1.2GB file labeled " Symantec's pcAnywhere Leaked Source Code " has been posted to The Pirate Bay. We have asked Symantec whether this code is authentic and will update when we hear back. The leak comes as little surprise: Symantec had previously revealed that the hackers had obtained 2006 versions of that code along with other Symantec products from the same time period, and warned users of PCAnywhere to disable its...

University of Washington Vulnerable and Database Leaked by Hacker A few days back, a Team INTRA member hacked into the University of Washington database and released much data. Today, N0B0DY and N0LIFE hacked into it again, releasing the most recent passwords on  Pastebin . The root MySQL password was also released, as well as many other MySQL users. The information_schema database was accessed, and they released the COLUMNS table completely, having 6363 records. Hackers also expose the vulnerable links in Pastebin note. University of Washington is a public research university, founded in 1861 in Seattle, Washington, United States. The UW is the largest university in the Northwest and the oldest public university on the West Coast. The exposed vulnerabilities are of SQL injection. It is a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a Web application for execution by a backend database. Attackers take adv...

Australian Nokia Sub Domain Defaced by Hackers Latest News coming from Zone-H that Australian Nokia Sub Domain Defaced by Hacker going with codename - " aldyfrz " an Indonesian hacker. Reason of Hacking is Unclear and Security Breach possibly just Damage the Site. The Hacker Sub domain of Nokia is :  http://press.nokia.com.au  Press Club Site and While writing this update Nokia Restore the site , So if anyone miss to see the Deface page, They can check at  Zone-H  mirror link.

British sensationalist Newspaper Daily Mail Hacked by TeaMp0isoN Yesterday Visitors to the Daily Mail's recipe pages ( http://recipes.dailymail.co.uk/index.htm )  had been confronted with a message left by hackers who defaced and disabled the site. British sensationalist newspaper the Daily Mail has been hit by hackers in support of the online movement Opcensorthis.  News of the hack spread via Twitter and it seems to have happened late afternoon on Sunday, 5 February, and lasted for a couple of hours. A mirror link posted on the TeaMp0isoN Twitter gives those that missed it a look at what the hackers were promoting. " For years you've poisoned the mainstream media with your sensationalist, ultranationalist nonsense, continuing to inject reader's minds with anti- immigration and borderline racist propaganda ," says the text on the deface web page. " Your distorted bias on news is wrongly justified by patriotism and conservatism, though we see through yo...

Malware automatically uploading stolen data to the File sharing sites Roland Dela Paz , a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage services offer several advantages for cybercriminals. SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote. Here is a screenshot of the Sendspace page leading to the archive of collected documents. Malware utilizing free online services are definitely not unheard of. Utilizing a public file hosting site is yet another clever way for cybercriminals to store stolen data as they do not need to set up a server that will store large amou...

In our Last Month Magazine Issue, Lee Ives from London, England and Admin of Security-FAQs - talk about internet security for your children and what to watch out for and how to protect them and yourself. You can Download Here Special The Hacker News Magazine January 2012 Edition. Have a look the interesting Article shared by Lee : The one thing that is great about the internet is that just like many of the other major mediums it has content for all different types of age groups. If you have older people that you need to entertain then you will be able to find something for them to be entertained by on the web. If you have younger kids that you have to entertain then you will find something for them as well. But unlike the other major mediums such as TV, you have a more diverse stock from which to pick from. With the internet you are getting content from all around the world and no matter which age group you need to entertain, you will be able to find something for the...

Citigroup sites hit by Brazilian Anonymous hacker Citigroup has confirmed its consumer banking sites were temporarily offline Friday because of what a bank spokesman referred to as temporary outages. Hackers with Anonymous have claimed to be behind the attacks. The operation behind the attacks waged against banks in Brazil, known as #OpWeeksPayment on Twitter, claims issues with government and capitalism were catalysts for the attacks. Anonymous Brasil said its attacks were only meant to fight corruption in BrazilA group of internet hackers, which calls itself Anonymous Brasil, continued its relentless attacks which began earlier last week by taking down the websites of the Citigroup and Citibank.The group, which is targeting financial institutions, issued a warning message to them, saying Anonymous Brasil does not forget you. Your turn will come. Apart from Citigroup, both in Brazil and in the US, the group had also targeted the websites of four major banks in Brazil, including B...

Joomscan Security Scanner updated to 611 Joomla vulnerabilities Database Another huge update coming from Security Team Web-Center that Joomscan Security Scanner is now updated to 611 Joomla vulnerabilities Database. Last update for this tool was in November, 2011 with 550 vulnerabilities in Database. In joomscan you can check for new updates with command: ./joomscan.pl check or ./joomscan.pl update Download for Windows  (141 KB) Download for Linux  (150 KB )

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, the computer developers/engineers just 10 years back did not have any clue as to how this industry is going to be, the way this industry we have today. The Computers and its applications nowadays are more powerful and much smarter than ever before. Computer applications are used in every industry like engineering, designing, music programming, web development etc which enables their users to come up with amazing products every day. So far so good the story of the computer development sounds amazing but there is a problem with its development. When computer applications are developed, they are not particularly a complete perfect solution. They contain some flaws or bugs which can be ex...

Sun Microsystems (Print) - Cross Site Scripting Vulnerabilities Today Ucha Gobejishvili ( longrifle0x ) a Pentester from Georgia reported 3 More important Cross Site Scripting Vulnerabilities in Sun Microsystem's and Java Printer Webpages. Java's Vulnerable Link   : Click Here Sun's Vulnerable Link 1 :  Click Here Sun's Vulnerable Link 2 :  Click Here Cross-Site Scripting occurs when an attacker can send a malicious script to a different user by relaying the script from an otherwise trusted or innocuous server. These flaws are extensive on the Web and allow an attacker to place malicious code that can execute attacks against other users in the security context of the web servers of the trusted host. Previous vulnerabilities  reported by longrifle0x : Click here to Read or Mirrors .

ProCredit Bank Georgia hacked by RetnOHacK #AntiSerbs Group of Hackers named - B!JemBeX, RetnOHacK, Weedh0aX, mR.Thg hack into ProCredit Bank of Georgia (procreditbank.ge) . They Deface the Administrator panel page located at  http://www.procreditbank.ge/admin/login.php  as shown in image attached. On Deface page Hacker said " This day have received that much time..when will you accept that you lose the fight ?in this game you do not have no chance to win..you always were and always will be losers remain losersMitrovica do not sell , Mitrovica is ours as alwaysWe do not want peace with you , because I hate slaves.Date of " 28 November " is approaching to unite all Albanians... ". Till now its unclear that Hacker damage anything else rather than site pages.

Anonymous Hacks FBI and Records Conference Call Earlier today, Anonymous released a confidential conference call between the FBI and law enforcement officers in the UK. The 16-minute call discusses ongoing investigations into hackers associated with Anonymous, AntiSec, and LulzSec. From all appearances, Anonymous retrieved the sensitive access code information and a list of attendees from an FBI email account. The group released a roughly 15-minute-long recording of what appears to be a Jan. 17 conference call devoted to tracking and prosecuting members of the loose-knit hacking group. The email, titled “ Anon-Lulz International Coordination Call ”, was published on pastebin earlier today: http://pastebin.com/8G4jLha8  . The email with details for accessing the call was sent to law enforcement officials in Britain, France, the Netherlands and others but the only people who identify themselves on the call are from the FBI and Scotland Yard.In a message on Twitter, An...

Call of Duty , Spider-Man and other 7 Largest Video Game Sites Hacked Today Turkish Hackers from group " GrayHatz " hack and Deface Call of Duty, Spider-Man and other 7 Largest Video Game Sites. Hacked Sites Include: - Call of Duty® Official Video Game Site : Link and Mirror - X-Men Origins: Wolverine Official Video Game Site :  Link  and  Mirror - Spider-Man: Edge of Time Official Game Website - Transformers: Fall of Cybertron Official Video Game Site : Link and Mirror - Prototype 2 Official Video Game Site : Link and Mirror - Infinity Ward Developer of Call of Duty : Link and Mirror - The Quantum Of Solace Game Official Video Game : Link and Mirror - DJ Hero 2 | Available Now Official Site : Link and Mirror - Guitar Hero Official Site : Link and Mirror

Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks The only app that is able to countermeasure " Man In The Middle " attacks on Android platform - Wifi Protector . No other app provides this type of high network security. Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning. WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access. Features - Uses very few resources - Uses no resources if Wi-Fi is disabled - Nearly zero battery consumption - Requires very few permissions. Requests only absolutely necessary permissions - Undetectable by the bad guy - 100% silent and passive inside the network. Generates no noise - Highly customizable notifications - Plays ringtone on atta...

DEF-CON Chennai Group DEF-CON Chennai Group 4th meet successfully was held this past weekend on 29th Jan at Le Waterina Resort, Chennai. Team THN also join this Event, It was a nice setup.  " We like to thank each and everyone who attended this meet and made it a success story. We like to thank all the speakers for giving wonderful presentations and speech . Blog post by DCG. List of people who made a difference at DCG Chennai (DC602028) 1) Mr. Hari Krishnan (Organizer) 2) Mr.Viknesvaran (Organizer) 3) Mr. Prateek Dwivedi 4) Mr. Adithya Gupta 5) Mr. Ravi 6) Mr. Kaushal Sharma 7) Mr.Amrinder Singh 8) Mr. Abhinab 9) Mr. Pranav Sharma 10) Mr.Karthick 11) Arush sal For DEF-CON Chennai (DC602028) Official photos:

Syrian president ’s e-mail hacked by Saudi hackers According to report received to THN editorial, A hacker based out of Saudi Arabia, identified as Salman Al Anzi, claims to have hacked the private email account of Syrian president Bashar Al Assad. He also hack a number of Syrian ministries, the Al-Arabiya TV Channel. The hacker threatened to reveal Assad's personal correspondence containing scandalous facts if the president doesn't meet his requirements. According to the city Saudi Arabia, the hacker threatened to Bashar al-Assad download scandals and scandals of his aides and Iran's support for him, and copies of e-Bashar by secret ballot, with said hacker to the size of these scandals, 4 GB, gave the hacker the Saudi ultimatum to President Bashar al-Assad for the implementation of conditions, and only carried out what threatened him. The wave of threats from the hacker, Israeli sources said that a Saudi, and announced several thwarted attempts to penetrate the sites ...

NASA and Pentagon Hacker - TinKode Arrested in Romania Romanian police have arrested a man believed to be TinKode, the notorious hacker responsible for several daring, high-profile cyberattacks, including last year's breach of NASA's servers , Royal Navy, The European Space Agency and MySQL.com. The 20-year-old man, named as Razvan Manole Cernaianu , allegedly attacked Pentagon and NASA computer systems, revealed security holes, and published information about SQL injection vulnerabilities he had discovered, the Romanian Directorate for Investigating Organized Crime and Terrorist (DIICOT) said in a press release . He also posted a video on his blog demonstrating an attack he carried out against the U.S. government, and created and offered for sale a computer program used to hack Web sites. Through his exploits, Cernaianu blocked access to systems and seriously disabled their proper functioning, authorities said. Currently, Cernăianu is being taken to Buc...