The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Times Square screens hacked using iPhone ! Hacker's Words : " The way it works is pretty simple: plug in my transmitter into the headphone minijack of an iphone 4 and play back any video clip. you can play it through the ipod feature or through the camera roll. the transmitter instantly sends the video signal to the video repeater and the video repeater overrides any video screen that it's being held next to. it doesn't matter what shape or size the hacked screen is because the hack video will simply keep its correct dimensions and the rest of the hacked space will stay black. i chose times square for my demo because it has lots of video screens to try it on. it is also one of the most monitored and secured areas in new york city and that made it that much more fun :). you can see in my video that the repeater is pretty powerful but the signal is not very stable yet. i'm working on that. i will post a new video later this week explaining how i made this pr...

BackTrack 5 " revolution " will Release on May 10th, 2011 As BackTrack 5 development rolls on full steam ahead, we've been getting numerous questions about the future release. We thought we'd publish a blog post with general information about BT5 for the impatient. The codename of this release will be " revolution ", for a bunch of reasons. BackTrack 5 will be based on Ubuntu Lucid (10.04 LTS) , and will (finally) support both 32 bit and 64 bit architectures. We will be officially supporting KDE 4 , Gnome and Fluxbox while providing users streamlined ISO downloads of each Desktop Environment (DE). Tool integration from our repositories will be seamless with all our supported DE's, including the specific DE menu structure. Perhaps most importantly BackTrack 5 "revolution" will be our first release to include full source code in it's repositories. This is a big thing for us, as it officially joins us to the open-source community and clears up any licensing issues which were pres...

This year marks the 40th anniversary of Creeper, the world's first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proof of concepts, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex business models. In the following story, FortiGuard Labs looks at the most significant computer viruses over the last 40 years and explains their historical significance. 1971: Creeper: catch me if you can While theories on self-replicating automatas were developed by genius mathematician Von Neumann in the early 50s, the first real computer virus was released "in lab" in 1971 by an employee of a company working on building ARPANET, the ...

So what is the difference between Seccubus V2 and Seccubus V2 ? Before you try something new you want to know if it is going to be worth it. This article should give you an idea of why we spend quite a lot of time and energy in rebuilding Seccubus V2 from scratch. I clearly recall the conversation between myself and my coworker Anton Opgenoort that resulted in the first (internal) release of Seccubus. We were discussing the pros and cons of different vulnerability management tools when he challenged me: .Surely you can set up a Cron job to start a Nessus scan yourself?. Anton claimed at one time, and now, more than three years later, it has led to the Seccubus as we know it today. This little history illustrates what is fundamentally wrong with Seccubus V1. While it functions quite well, and has been maintainable for much longer than I expected, it is still in the basis a bunch of shell scripts and some Perl CGI thrown together. ...

Google has warned of politically motivated and targeted attacks against users of its services. According to the company, the attackers are also targeting the users of another undisclosed social network. In a blog posting, the Google security team says that the exploit is based on a security hole in a Windows DLL for rendering MHTML (MIME Encapsulation of Aggregate HTML) which has been known for some time. All versions of Windows are reportedly affected. Google and Microsoft say they are working to solve the problem. Until a solution has been found, Google service users have been advised to install a hot fix supplied by Microsoft. The hot fix can reportedly block the attack until an official patch becomes available. Google also said that it has deployed various server-side defences to make the vulnerability harder to exploit. However, the company added that this is not a tenable long-term solution, and that it can't be guaranteed to be fully reliable or comprehensive. News Source :...

Indianmicrofinance.com Defaced By HEX786 ! Hacked Site :  www.indianmicrofinance.com Mirror :   https://mirror-az.com/mirror/?id=14910 News Source : HEX786

China Government Site Hacked By Team Grey Hat ! Hacked Site :  www.jssjj.gov.cn News Source : Napster 

17 websites Hacked by Angel 4k4 4d0r4b13  Hacked sites :  https://pastie.org/1670234  

OperationLeakS by Anonymous Hacker leaks Bank of America Emails ! We may soon find out whether it's possible to shame one of the big U.S. banks by exposing its mortgage missteps. A series of  messages  on Twitter Sunday evening promised the release of emails supposedly documenting "fraud and corruption" at Bank of America (BAC). The post, from the anonymous @OperationLeakS handle, said "leaked emails" from the bank would be posted at 5 a.m. London time, which is 1 a.m. in New York. The release will come three and a half months after Wikileaks founder Julian Assange breezily promised to "take down a bank or two" by releasing "either tens or hundreds of thousands of documents." Assange likened the documents to the ones that prosecutors used in bringing top executives of failed energy trader Enron to justice. The bank didn't immediately respond to a request for comment. The document dump, billed in the Twitter posts as " Blac...

Blogger.com vulnerability, Gaining Administrative Privileges on any Account ! In the last 2 months, Nir.Goldshlager  participated in Google reward program and found some High, Serious vulnerabilities. The vulnerability that  Nir.Goldshlager  want to share first, Is a critical vulnerability in Blogger (Google Service). That vulnerability could be used by an attacker to get administrator privilege over any blogger account (Permission Issue). Here are the details regarding the issue in Blogger service, Nir.Goldshlager found a HTTP Parameter Pollution vulnerability in Blogger that allow an attacker to add himself as an administrator on the victim's blogger account, Technical details: Here are the steps for getting admin control permissions over any blogger accounts. 1.) The attacker Use the invite author options in blogger (add authors): Vulnerability location: POST /add-authors.do HTTP/1.1 Request: security_token=attackertoken&blog...

A Thailand-based news website critical of Myanmar's military government says it has been hacked by unknown attackers who posted fake articles on it. The Irrawaddy website is run by exiled  Myanmar  journalists. It said on its home page Sunday that it was trying to fix the problem and prevent further attacks. The Irrawaddy's coverage of Myanmar has included exclusive photos of secret military missions to North Korea . It has been the target of several denial-of-service attacks that are meant to make the site unreachable. The fake articles concerned an alleged feud between Irrawaddy's editor and pro-democracy icon Aung San Suu Kyi , and the purported death of a popular singer.