The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The cyber Security Analyst  ' Ebrahim Hegazy ' (@Zigoo0) Consultant at Q-CERT has found an " Unvalidated Redirection Vulnerability " in the website of the giant security solutions vendor "Kaspersky". Ebrahim, who found a SQL Injection in " Avira " website last month, this time he found a Unvalidated Redirection Vulnerability that could be exploited for various purposes such as: Cloned websites ( Phishing pages) It could also be used by Black Hats for Malware spreading In the specific case what is very striking is that the link usable for the attacks is originated by a security firm like Kaspersky with serious consequences. Would you trust a link from your security vendor? Absolutely Yes! But imagine your security vendor is asking you to download a malware! To explain how dangerous the situation is when your security vendor is vulnerable, Ebrahim Hegazy sent me a video explaining the malware spreading scenario to simulate...

The Palestinian hacker ' Khalil Shreateh ', who broke into the Mark Zuckerberg's Facebook Timeline  to expose a security lapse will be awarded nearly $12,000 but not from Facebook, it will come from an online crowdsourced campaign. The hacker initially used Facebook's whitehat disclosure program, a service that rewards bug hunters for reporting vulnerabilities, to inform the company about the issue. Facebook refused to pay him for finding the bug since he used it to post on Mark Zuckerberg's wall, because Facebook had ignored his earlier warnings. The exploit allows users to post to other Facebook user's timeline while they are not in friend list. Marc Maiffret, CTO of BeyondTrust, has kicked off a crowd-sourced funding to come up with a reward for Khalil Shreateh, and the results have already been impressive. ' Khalil Shreateh found a vulnerability in Facebook.com and, due to miscommunication , was not awarded a bounty for his work,'...

Yesterday we received a vulnerability report in web applications from some unknown Indian Hacker, who explained that how Hackers are hijacking Mobile recharge and Free SMS service related websites.  He detailed the loophole in password reset process, that could allow attackers to brute force many high profile websites that are actually not protected by the image CAPTCHA verification system, during the password reset process. The hacker used a Firefox Browser equipped with the Fireforce add-on , a very simple a Firefox extension designed to perform brute-force attacks on GET and POST forms. The technique proposed by him targets the unsecure password reset process used by many websites, where the web application used to send a code to the user's mobile or email for authenticity verification. Around 40% websites adopts password reset code composed of numbers and of some fixed length, typically having a length less than 5 digits. This information could advan...

A Palestinian Web Developer and Hacker, ' Khalil Shreateh ' found an interesting  vulnerability in Facebook, that allows hacker to bypass the Privacy settings to make a post on anyone's Timeline / Wall. He was forced to post vulnerability details on Mark Zuckerberg (Facebook Founder) Timeline to prove his point, after the Facebook Security Team failed to recognize his critical vulnerability three times. The flaw even working for those victims, who is not included in the attacker friend list.  According to Facebook's Bug Bounty program, a researcher has to submit the flaw details via email to Facebook Security Team without disclosing the details in Public. In order to get the minimum reward of US$500, the flaw should be valid. The reported vulnerability is in " composer.php " file on Facebook mechanism. First Khalil made a post on the timeline of a girl, " Sarah Gooden " who studied at the same college as Facebook CEO Mark Zuckerbe...

The recent "disconcerting" reports that India was being spied upon by American intelligence agencies has opened an all new chapter in the cyber security space. The revelation that the Indian embassy in the US was among the list of 38 diplomatic missions which were being spied upon by American intelligence agencies, as per the latest top secret US National Security Agency documents leaked by the whistleblower Edward Snowden has raised questions like How much of liberty should the cyber space grant to maintain national security and at what cost?  So far, legality is the main rationale US officials have used to defend the government's PRISM spying program. It's all perfectly legal, approved by govt. and the courts, but a more potent argument might be just because something is legal doesn't necessarily make it a good thing. In the context of the recent findings and the debate that it has just drawn, The Hackers Conference 2013 will raise important questions on the th...

A USB Internet Modems or Data card, is a type of modem that allows your computer to receive Internet access using USB Port and connect to a GSM/CDMA network there by creating a PPPoE  ( Point to Point protocol over Ethernet) interface to your computer. Indian Security Researcher ' Rahul Sasi ' found a new Innovative critical flaw in these USB Internet Modems that allows an attacker to execute malicious code remotely, just via sending an SMS. While talking to ' The Hacker News ' , he claimed that the reported vulnerability  allows him to even hack computers remotely to gain the Meterpreter shell or  full access to the victim's PC. Vulnerability can be used by a malicious attacker for Mass exploitation, since these modems have a phone number which lies in a particular series, so all the phone numbers starting with xxxxxx1000 to xxxxxx2000 would be running a particular version of the USB modem software. USB Internet Modems are supplied with d...

More than 9000+ participants enter the Guinness book of World Records for the largest congregation for information Security. E-Hack, world largest Ethical Hacking workshop was organized by InfySEC at SRM University on July 27 and 28,2013 . The expected participant count was 4500+ but on the day of the event the participant count were as high as 9637 students participated to be a part of E-HACK making it the LARGEST IT SECURITY AWARENESS MARATHON GLOBALLY , which made the organizing team to facilitate other two mini auditorium available in the same venue with speakers like Mr. Karthikeyan,founder of Zazvik Solutions, Mr.Santhosh Srinivasan, director of Symantec,Mr.Patrick Martinent, a Google developer Expert, Mr. Vinod Senthil,Director of Infysec, Mr.Ashish Chandra Mishra,Chief Information Security Officer at Tesco HSC, Mr. Rishi Narang,lead consultant with Aujas Networks , VT Gopal - Professor, Anna University and Dr.Prateep V.Philip IPS,AGDP, Tamil Nadu Crime Division. ...

The Kaspersky Lab researchers recently have discovered a number of Android malware apps are abusing the Google Cloud Messaging Service (GCM) as Command and Control server . The GCM  service allows Android app developers to send messages using JSON Format for installed apps, but hackers exploited it for malicious Purposes. Using Google Cloud Messaging Service (GCM) as Command and Control server for Android Malware is not a new concept, as last year Security researcher and Hacker ' Mohit Kumar ' demonstrated ' Android Malware Engine ' - One of the Most Sophisticated Android malware during Malcon conference. The Kaspersky Lab researchers have detected at least five Different Android Trojans that used JSON format: 1. SMS.AndroidOS.FakeInst.a 2. SMS.AndroidOS.Agent.ao 3. SMS.AndroidOS.OpFake.a 4. Backdoor.AndroidOS.Maxit.a 5. SMS.AndroidOS.Agent.az. The authors of the malware in Every case took advantage of Google Cloud Messaging Service to Exchang...

Edward Snowden has done enough to highlight how vulnerable electronic communications are to surveillance and Gmail users should not expect privacy from Google. Lavabit is no more. Silent Circle has shuttered its secure email service. A California watchdog group says  that Gmail users now have a reason to pause before hitting " send ". California-based Consumer Watchdog, which claims Google made a "stunning admission" in a recent legal brief when the tech giant wrote that people should expect the contents of their emails to be perused. " Google has finally admitted they don't respect privacy, " he said in a statement . " People should take them at their word; if you care about your email correspondents' privacy, don't use Gmail. " " Just as a sender of a letter to a business colleague cannot be surprised that the recipient's assistant opens the letter, people who use web-based email today cannot be surprised if their emails are processed by the recipient...

The Redhack hacking Group hacked into the websites of Istanbul Metropolitan Municipality, Water and Sewerage Administration. Hacker resets the credentials and announced the new login details on twitter i.e. " User: Redhack-Password: Redhack ". The hacked portal URL is : https://askiportal.adana-aski.gov.tr/default.aspx Redhack (Kızıl Hackerlar, Kızıl Hackerlar Birliği), is a Turkish Marxist Leninist computer hacker group which was founded in 1997. It's a group of ten alleged members were arrested in 2012 and charged with cyber crimes that could garner 8 to 24 year prison term. The group's website alleges that all of the arrestees are innocent, and not in fact members.

After months of disrupting the Twitter accounts of major U.S. media outlets, The Syrian Electronic Army Leader Says that they won't Stop hacking. Just two days before  SocialFlow,  a social media optimization platform was hacked by Syrian Electronic Army and readers on certain stories being redirected to the site of the Syrian Electronic Army. T he hackers hit four journalists employed by the New York Post, the tabloid's Facebook page, and a columnist for The Washington Post. Syrian Electronic Army today announced that they hacked into the admin panel of  Outbrain, a  content recommendation service, used my millons of websites including The  Washington Post, CNN, TIMES and also by us at ' The Hacker News '. They edit many parameters tp " Hacked by SEA " from the website panel , that actually reflects on major websites in widget as shown in above screenshot . Hackers also claimed to have access to  Outbrain's email box . The...

This week Microsoft has released several advisories to help their users update from weak crypto. Microsoft is beginning the process of discontinuing support for digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol . Microsoft's optional updates : Microsoft Security Advisory 2661254: The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks . Microsoft Security Advisory 2862973: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7 , Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate...

What would you do if a European Cybercrime Agency locked your PC until you paid a fine? A new Police Ransomware  family dubbed Trojan : HTML/Browlock by F-secure Antivirus firm, known as Browlock , which spreads by tricking unsuspecting web surfers into believing the police are after them. Ransomware is malware that, when installed on a device, can be locked down from remote locations by cyber criminals . Usually, ransomware appears to be an official warning telling the user that the computer has to be locked because it showed illegal activities and payment is necessary to access files. Ransomware is a global phenomenon, but the criminals have learned to localize and customize their software to make the threat seem scarier so that victims act quickly before they have time to think. Researchers said they are tracking this Malware from a while ago and now crooks behind the malware ate targeting users from some new countries including the United States,...

A cyber attack campaign  is ongoing and targeting thousands of Israeli websites by Pakistani hackers, in support of  Palestine people. They had already infiltrated reportedly 650 Israel  websites listen on Pastebin and upload their page with custom messages on servers. The hacker claimed and told 'The Hacker News' that they will release more hacked websites list soon. The hacker behind the massive attack mentioned his online name as " H4x0r HuSsY " and the message says, " LONG LIVE PALESTINE - PAKISTAN ZINDABAD HAPPY INDEPENDENCE DAY TO & FROM TEAM MADLEETS ". Hacked websites belong to Semi-Government, Personal and Israeli Corporates. At the time of writing, most of the websites still having deface page uploaded to their server. A few months back World wide Hackers and especially Anonymous group declared massive 'cyber war' on Israel after IDF threatens to cut off internet in Gaza.

Yeah, it's Patch Tuesday once again. Almost 10 years ago in October, 2003 - Microsoft  invented the process of regularly scheduled security updates on every second Tuesday of the Month, as  Patch Tuesday. Today, the Microsoft Security team will i ssue eight security updates in total, out of that -- three of which are designated as " critical ," and rest five as " Important " updates, that patches vulnerabilities in Microsoft Windows, Microsoft Server Software, and Internet Explorer. The eight bulletins that Microsoft is releasing fixes a total of 23 different vulnerabilities in Microsoft products. Microsoft will be rolling out a total of three Critical patches dealing with Remote Code Execution. Windows 8 is expected to get four of the updates, one of them is critical and dealing with Remote Code Execution with Internet Explorer 10, while the other three updates are Important and deal with Elevation of Privilege and Denial of Service . Windows RT i...

Just four days before the Independence day, The Pakistani hacker known as 'MindCracker' from Pakistan Cyber Army team hacked into the Indian Eastern Railways website and deface some internal pages, as shown in the screenshot taken by us few hours before. At the time of reporting, website ( https://www.er.indianrailways.gov.in/ ) was restored by the administrator. Other members of Team of the hackers behind the scene mentioned their digital name on deface page as, " We Are : Shadow008 | KhantastiC | Darksnipper | H4x0rL1f3 | Invectus ". They seem to have gained access to some part of the website, because homepage was not altered in any way.  Zone-H mirror record of the defacement is also available. A few days ago an Indian hacker 'Godzilla' hacked into the Pakistan Army website and few related Facebook pages. This hack appears as revenge hack against action of Indian hackers.

A critical vulnerability in the Android implementation of the Java SecureRandom random number generator was discovered , that leaves Bitcoin digital wallets on the mobile platform vulnerable to theft. Before the announcement was made, users on the forums had noticed over 55 BTC were stolen a few hours after the client improperly signed a transaction using the compromised random number generator. Bitcoin is a virtual currency that makes use of cryptography to create and transfer bitcoins. Users make use of digital wallets to store bitcoin addresses from which bitcoins are received or sent. Bitcoin uses public-key cryptography so that each address is associated with a pair of mathematically linked public and private keys that are held in the wallet. Because the problem is rooted in the operating system, every Bitcoin digital wallet generated by an Android app is affected by the weakness, including Bitcoin Wallet , blockchain.info wallet , Bitcoin Spinner , and...

There are so many ways to move money anonymously on the Internet and US Justice Department has declared war on currencies widely used by cyber criminals . Just after the Law Enforcement in 17 countries shuts down ' Liberty Reserve ', a $6 billion digital money laundering operation, now the criminals is switching to another online currency called " Perfect Money ".  Perfect Money, another private digital currency that has emerged to meet the demand of Criminals and hackers, those buying and selling kit anonymously and being used by people selling stolen credit cards in Internet hacker forums recently. Fraudsters are rapidly migrating to Perfect Money and  it allows users to transfer money anonymously by purchasing and exchanging the proprietary currency for dollars, euros and gold. These virtual currencies are often linked to bitcoin because it has also been used by criminals. It was thought Bitcoin would be a handy replacement for Liberty Reser...

No matter how much effort an ISP puts in or the government does, censorship always gets a backdoor . One of the biggest Controversial File Sharing site ' The Pirate Bay ' is censored in various capacities in some countries around the world, but Pirate Bay is celebrating its 10th birthday in Stockholm sponsored by an energy drinks maker. On their 10th anniversary the site is releasing its " Pirate Browser ," a custom Firefox browser that skirts Internet censorship and lets you access the Pirate Bay from anywhere.  However, Its founders recently served jail time for their activities, with one of the founders going back to prison in an unrelated Swedish hacking case. PirateBrowser is meant to focus more on unrestricted access to the Internet than it is about being able to download new episode of Breaking Bad without paying for them, but one tends to be a function of the other. According to the Pirate Browser website, It's a customized Firefox 23 and inclu...

As time goes on, though, the Malware Risk on Mobile Platforms appears to be increasing. A flood of scammy apps that are difficult for Google to detect, and therefore stays available for download for several days before being removed. The Russia-based firm Dr Web today said it has discovered several malicious  Android apps found on Google Play  which send SMS to premium numbers and  about 25,000 devices are infected by these malwares . A number of malicious programs have been discovered by Dr Web's analysts belong to the Vietnamese developer AppStoreJsc . These programs are published in the form of audio players and a video player that generally display adult content. Dr Web explains, " While running these carrier applications, dubbed Android . MulDrop, Android.MulDrop.1, and Android.MulDrop.2 by Dr . Web, can prompt the user to download the content they need, but their consent initiates the installation of another application rather than the ...

A second member of hacking group LulzSec - Raynaldo Rivera, 21, of Tempe, Arizona, has been sentenced to 1 year in prison, 13 months of house arrest, and 1,000 hours of community service for hacking into the computers of Sony Pictures Entertainment . Raynaldo who went by Internet names " neuron " was member of LulzSec Hacking Team in an attack on Sony Pictures which saw personal data belonging to 138,000 customers leaked. He's also been ordered to pay $605,663 in restitution.  The attackers distributed the stolen data on the Internet, information that included names, addresses, phone numbers and e-mail addresses for tens of thousands of Sony customers. Raynaldo also pleaded guilty to obtaining confidential information from various companies and posting it publicly. Another member of LulzSec ' Cody Andrew Kretsinger ' was given a one-year jail sentence back in April. Rivera and Kretsinger both studied at the University of Advancing Technology in Tem...