The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Buffer Overflow Vulnerability in GOM Media Player v. 2.1.37 Ucha Gobejishvili (longrifle0x)  from The Vulnerability Laboratory Research Team  discover Buffer Overflow Vulnerability in GOM Media Player v. 2.1.37. GOM Player (Gretech Online Movie Player) is a 32/64-bit media player for Microsoft Windows, distributed by the Gretech Corporation of South Korea. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In this case, The vulnerability can be exploited by local or remote attackers and Vulnerable module is GomU+0x125cb7. ...

Call for Article - THN Magazine "Cyber Warfare" April Issue As we move through March Madness and the recent arrests of our cyber soldiers, it is time for all good Anons and our faithful readers to take keyboards to Word and send in your articles on the topic of CYBER WARFARE. What do you know of this unconventional method of taking down governments and corporations and what does this mean for the world at large?   Send your articles to  admin@thehackernews.com

Symantec's Norton anti-virus 2006 source code Leaked by Anonymous Security firm Symantec confirmed Friday that the hacker group Anonymous has just posted some of its product source code, but strongly downplays any risk, because it's old code from a 2006 version of Norton security software. Anonymous claimed to have the information for a while but they finally published it on The website Pirate Bay . The information is a source code for the Symantec Norton Antivirus 2006 edition,which includes files that serve as a source code for software products like the corporate edition, the consumer version, and files for NetWare, Windows and Unix. The download file is 1.07GB. The file has a note that asks for the liberation of the LulzSec members that were arrested. Symantec the anti-virus and Security Company previously stated that the breach will “ not affect any current Norton product ”. Then added: “ The current version of Norton Utilities has been completely rebuilt and shares ...

' The New York Iron Works ' police supplier Hacked by Anonymous Anonymous Hackers with the Antisec movement have attacked the site of a company that sells equipment to US law enforcers such as the police. Members of Anonymous recently hacked the official site for law enforcement equipment supplier New York Iron Works . Defaced page include the message, “ To our fallen brothers Your work has not been forgotten, your skills and teachings has spawn another generation of an elite squander. Like the knights at the round table, we have shared may common interests but let us not forget the game we play. AntiSec is still alive and well ,”. The leaked data includes usernames, clear-text passwords and email addresses. The message posted to the New York Ironwork’s homepage called the attack a “ tribute to Jeremy Hammond ,” the LulzSec member arrested in Chicago on Monday and one of the men responsible for the attack on the intelligence firm Stratfor on December 25 last year....

Bugtraq-I : Distribution for Pentesting and forensics Bugtraq system offers the most comprehensive distribution, optimal, stable and automatic security to date. Bugtraq is a distribution based on the 2.6.38 kernel has a wide range of penetration and forensic tools. Bugtraq can be installed from a Live DVD or USB drive, the distribution is customized to the last package, configured and updated the kernel. The kernel has been patched for better performance to recognize a variety of hardware, including wireless injection patches pentesting that other distributions do not recognize. Some of the special features that you can appreciate are: · Administrative improvements of the system for better management of services. · Expanded the range of recognition for injection wireless drivers. · Patching the kernel 2.6.38 to recognize 4 gigs of RAM in 32-bit. · Tools perfectly configured, automated installation scripts and tools like Nessus, OpenVAS, Greenbone, ...

Duqu Trojan developed in unknown programming language Researchers at Kaspersky have reached out for assistance after an investigation into the Duqu Trojan uncovered a section that is written in an unknown programming language. The Russian security company says this new information could help them discover how the worm was able to communicate with its Command and Control (C&C) servers. The C&C servers essentially tell the worm what to do once it has accessed a system. While the majority of Duqu is written in C++, the Framework was not and was not compiled with Microsoft’s Visual C++ 2008. Other languages ruled out include Python, Java, Objective C, Ada and Lua.“ Given the size of the Duqu project, it’s possible that an entirely different team was responsible for creating the Duqu Framework as opposed to the team that created the drivers and wrote the system infection exploits ,” said Alexander Gostev, chief security expert at Kaspersky Lab, in a statement . The mysterious...

Albania is the most Malware infected Nation Researchers at Security firms Norman and Microsoft Analyse data from their security products that Albania is the most Malware infected Nation, with 65% of scanned computers reporting infections.  Rest Most Infected Countries are South Korea, Guatemala, Vietnam, Indonesia, Argentina, Thailand, Georgia, the Philippines, Algeria, Venezuela, Lithuania and Pakistan according to Norman Report . Where as Microsoft also shows such reports that the most common category in Albania in Second quarter of 2011 was Worms, which affected 43.7 percent of all computers cleaned in Albania, down from 44.9 percent in First quarter of 2011. The most common threat family in Albania in Second quarter of 2011  was Win32/Autorun, which affected 25.2 percent of computers cleaned in Albania. Win32/Autorun is a family of worms that spreads by copying itself to the mapped drives of an infected computer. The mapped d...

Anonymous Takedown several Vatican Websites The Italian Anonymous Hackers took down the Vatican's website ( Vatican.va ) on Wednesday in retaliation for the "corruption" of the Roman Catholic Church. On an Italian-language website Anonymous accused the Catholic Church of being responsible for various misdeeds throughout history including the burning of heretics during the inquisition. In their statement the group noted : “ Anonymous decided today to besiege your site in response to the doctrine, to the liturgies, to the absurd and anachronistic concepts that your for-profit organisation spreads around the world .” “ This attack is not against the Christian religion or the faithful around the world but against the corrupt Roman Apostolic Church. ” Meanwhile, late on Tuesday hackers associated with LulzSec took down and defaced more than 25 websites belonging to Panda Security , claiming the security firm had been " earning money working with Law Enforcement to lu...

THE “ TRUTH ” SIMMERS THE POT OF SABU By:  Patti Galle, Editor  THN. As I look at my guy fawkes mask and reflect on the recent arrest of several lulzsec members, I have a wrenching feeling in my gut to tell the “truth.” Gather around anonymous , lulzsec , FBI, passionate supporters, liberal haters, and people without a clue. I have something to tell you and although the truth may hurt, it is time to find that wrenching in your own gut and step up. Today all focus is on sabu and his taboo relationship with the FBI that caused the arrest of: Ryan ackroyd a.k.a. Kayla, lol, lolsoon jake davis a.k.a. Topiary, atopiary darren martyn a.k.a. Pwnsauce, raepsauce, networkkitten donncha o'cearrbhail a.k.a. Palladium Jeremy hammond a.k.a. Anarchaos, sup_g, burn, yohoho, pow As should yours, my heart goes out to these brave men and their families as they work their way through the corrupt and ill focused justice system for leading the only movement existing in our mis-shapened world...

Anonymous Hackers targets Turkish Prime Ministry Network Unidentified hackers have broken into the website of the Turkish government claimed to be Part of Anonymous Group of Hackers. The hackers aimed to access official documents on government correspondence but were prevented from doing so by on-duty information technology experts. Anonymous, members of which have so far attacked many websites worldwide for various reasons. The Prime Ministry tightened cybersecurity measures and implemented a new network firewall following the attack. The website was under DDoS attack for 2 hours. Turkish specialists managed to counter the attacks with new software. There has been no information on data leakage.Attacks were made from State Virginia, USA, and China.

Facebook down for two hours across Europe, May be DDOS attack ! In a DDoS attack, hackers deliberately render servers inaccessible by overloading them with traffic. Such a barrage aimed at DNS servers can make it impossible to connect users to a website when they type the address. Where as facebook said that its service was unavailable in some European countries this morning because of technical problems. Third parties suggested a problem with Facebook's European DNS servers may have been at the root. These machines connect the address "Facebook.com" with the actual content of the website, and during the outage attempts to contact to them as normal received no response. DownRightNow, which monitors major web services, showed Facebook having suffered ongoing intermittent service until mid-afternoon.CERT.Be, a Belgian government agency, claimed that the outage was due to a DDoS hacker attack, but this has not been confirmed. Later Facebook announce, ' The issue ha...

FBI get 4 more months to fight with DNSChanger On March 5th, a US District Court (New York) signed an order to extend the March 8th deadline to July 9th.This extension will allow for all affected entities to continue to track-down and remediate agains hosts which are still compromised. Current data indicates that there are still several million infected/affected hosts world-wide dealing with this issue. Over the last month, the temporary servers routed an average of 430,000 infected IP addresses according to the government request for extension. Security firm Internet Identity also found that at least 94 Fortune 500s and three major government agencies are still infected with DNSChanger . The remaining infected systems will now have an additional four months to get rid of the malware before having their DNS pulled. The malware hijacked users clicks by modifying their computers' domain name system (DNS) settings to send URL requests to the criminals' own servers, a tactic th...

DDOS attack on LIME ’s Internet system LIME says the majority of the customers experiencing degradation in their broadband services over the past few days are now back online and connecting at normal speeds. LIME says the type of attack is known in technology circles as a distributed denial of service, which is defined as an explicit attempt to prevent legitimate users from accessing or utilising the particular service. “ The attack, though confined to a small portion of LIME’s Internet customer base, inconvenienced the affected customers and gave the appearance of a widescale service-impacting problem on the company’s network, ” noted a statement from the company. LIME has announced plans to take legal action against the person responsible for an attack on its network, which resulted in internet service disruptions to hundreds of customers over the last week. Managing Director, Alex McDonald says engineers implemented some changes in the broadband network to isolate the IP ...

[Community Edition] Metasploit Framework Expert Certification DVD SecurityTube today launched a FREE community edition of the courseware it uses for the SecurityTube Metasploit Framework Expert (SMFE) course and certification. They already have students from over 40+ countries taking their courses and online labs. This DVD goes to show their long lasting commitment to FREE Infosec Education for one and all. Course Details and DVD Download Direct DVD Downlaod (2 GB) The DVD contains over 10+ solid hours of how to get started using Metasploit, Vulnerability assessment and hacking, and finally basics of Exploit Research with it! The course and online labs in the cloud are still running at the promotional pricing and we highly recommend you have a look.

#AntiSec hackers deface Panda Security site to protest LulzSec arrests Hackers aligned with Anonymous took credit on Wednesday for an attack on Panda Security's website shortly after charges were announced against five of the hacking collective's alleged members. Over 25 websites related to Panda Security have been hacked tonight by Antisec. Emails and md5 passwords have leaked to public. Panda was accused by anonymous for helping the FBI to lurk anonymous members. The attacks are believed to be in retaliation for the recent arrests made by the FBI. Yesterday biggest story of Hacking world exposed that, The world's most notorious computer hacker turned against his comrades because he did not want to go to prison and leave behind his two children. Monsegur, who has been described as the ringleader of LulzSec, and an 'influential member' of Anonymous, pleaded guilty to a dozen hacking-related charges last summer - crimes which carry a maximum sentence of 124 y...

Anonymous Sabu was working for FBI to Trace down other  LulzSec hackers Police on two continents swooped on top members of computer hacking group LulzSec early today, and acting largely on evidence gathered by the organisation's leader "Sabu" who sources say has been secretly working for the government for months arrested three and charged two more with conspiracy. FoxNews reports that the arrests were part of a multinational sting across the United Kingdom, Ireland and the United States. LulzSec leader Hector Xavier Monsegur, who operated online under the alias “Sabu,” provided the Federal Bureau of Investigation with information leading to the arrests. “This is devastating to the organization,” said an FBI official involved with the investigation. “ We’re chopping off the head of LulzSec. ” LulzSec, which became part of the larger hacker collective “ Anonymous Operations ” last year, has launched a number of high profile cyberattacks since last summer.  The ...

Rogue Antivirus advertised on 200000 hacked Web pages The Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign, a new mass injection attack has infected over 200,000 Web pages, amounting to close to 30,000 unique Web hosts. The attack uses SQL injection techniques to insert a rogue script element. Users who land on one of the compromised pages get redirected through several domains and finally land on a scareware site. These sites mimic antivirus scans and tell visitors their computers are infected with malware in an attempt to convince them to download fake security programs. The programs display even more false warnings and ask users to pay for a license in order to clean their machines.  The page looks like a Windows Explorer window with a "Windows Security Alert" dialogue box in it. The fake antivirus then prompts visitors to download and run their "antivirus tool" to remove the supposedly found Trojans. The executab...

Hackers disclose secret Ankara police files password '123456' Hackers from the "RedHack" group who brought down the Ankara Police Department's website and acquired secret information last week said one of the passwords of the secret police files was "123456." A member of the hacking group named “ Radikal ” saying that " RedHack was founded after deliberating on how to utilize our skills for the oppressed peoples ." " The question is, how serious can a police force be if they save secret files with a password like '123456’? ” The group member said the reason for targeting the Ankara Police Department was that it was the center of applications such as "E-State" and "E-Police," and the fact that it was "much more special and better protected" than other police department websites. RedHack had downloaded police files that contained tips from "informant" citizens that told of suspicious activitie...

DarkComet RAT Remover  Released The civil war in Syria rages not only on the ground but also on internet. The opposition has made increasing use of platforms such as Facebook to organize and spread their message. In response the regime have tried to disrupt these activities by defacing websites and spamming Facebook pages. The regime is using the DarkComet RAT (called Backdoor:Win32/Fynloski.A by Microsoft) to spy on their own people.The creator of the DarkComet RAT was disgusted by that behaviour and now has retaliated with a specially created tool to detect and remove his own DarkComet RAT to help the oppressed Syrian people, DarkComet RAT Remover. DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs. Features: [+] Detect DarkComet Even if crypted. [+] Detect DarkComet Even if visualized. [+] De...

#Security Alert : Facebook Two-Factor Authentication fail ! Last year Facebook has launched a security feature called Login Approvals or two-factor authentication. This is a follow-up security update regarding Facebook Login from Facebook. They have already integrated Facebook login email alerts to get notification emails or SMS messages whenever a suspicious person uses your Facebook account from a different location. Christopher Lowson , on his blog explains the Facebook Two-Factor Authentication, which is really another biggest fail of Facebook Security. But that feature is not enough to ensure your account’s security and that is why Facebook has launched “Login Approvals“. This feature is very similar with Google 2-step verification which associates a mobile device with your Facebook account and authenticates the login by sending a verification code at your mobile phone device. According to this feature, When user will logging into your Facebook accou...

THOR : Another P2P Botnet in development with extra stealth features The research community is now focusing on the integration of peer-to-peer (P2P) concepts as incremental improvements to distributed malicious software networks (now generically referred to as botnets). Because “botnets” can be used for illicit financial gain,they have become quite popular in recent Internet attacks. A “ botnet ” is a network of computers that are compromised and controlled by an attacker. Each computer is infected witha malicious program called a “bot”, which actively communicates with other bots in the botnet or with several “botcontrollers” to receive commands from the botnet owner. Attackers maintain complete control of their botnets, andcan conduct Distributed Denial-of-Service (DDoS) attacks,email spamming, keylogging, abusing online advertisements, spreading new malware, etc. However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines app...

Twitter, As secondary publisher  could be sued  for an illegal tweet If a Twitter user posts an illegal tweet, they could get sued, but Twitter could be sued itself as a secondary publisher according to  Zack Whittaker . Legal analysis site Out-Law published a very interesting, theoretical piece, which describes how Twitter could fall foul of the law through no apparent fault of its own but by giving its users free reign over what they say. A case of mistaken identity in Australia illustrates the point. Someone wrote a hateful blog about writer and television personality Marieke Hardy. She wrote a blog post accusing Joshua Meggitt of being its author and used her Twitter account to draw attention to her post.Hardy was wrong to finger Meggitt as the author of the original material and she reportedly paid Au$15,000 (£10,000) to settle the case. Will Twitter still be held liable for the libel? One more thing, Those who retweeted are not being pursued....

Anonymous : A Declaration of the Independence of CyberSpace Anonymous declare a Note on Independence of Cyber Space : Governments of the Industrial World, you weary giants of flesh and steel, we come from the Internet, the new home of Mind. On behalf of the future, we ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather. We have no elected government, nor are we likely to have one; therefore we address you with no greater authority than that with which liberty it always speaks. We declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us, nor do you possess any methods of enforcement we have true reason to fear. You are toothless wolves among rams, reminiscing of days when you ruled the hunt, seeking a return of your bygone power. Governments derive their just powers from the consent of the governed. You have neither solicited nor ...