The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

DirectoryScanner - Free Directory Server fingerprinting tool ! DirectoryScanner is the FREE Directory Server fingerprinting tool. It can help you to remotely detect the type of Directory servers (such as Microsoft Active Directory, Novell eDirectory etc) running on the local network as well as Internet. Also it can be used in penetration testing while evaluating client environments where multiple Directory servers are deployed. Directory servers are typically used to store crucial data in an organization including employee authentication information. Often getting hold of poorly configured Directory server can be a gold mine for the pentester. In addition to this, it can greatly help administrators to remotely keep tab on Directory Servers running in their network. At a time you can use it to scan single or multiple systems in the network. It can detect following popular Directory Servers Novell eDirectory Microsoft Active Directory Open LDAP Directory Sun One Directory ...

20 china government websites hacked by The 077 ( HamDi HaCker ) Hacked sites List :  https://pastebin.com/YbyS1Ghm

Calling All Hackers - Grand Prize in Sunshine State " Hacktacular " Challenge ! Calling all hackers: Data Analyzers, LLC (www.datanalyzers.com) in Orlando, Florida, is hosting the Sunshine State "Hacktacular" Challenge with a big prize for the top competitor – a full-time job with benefits and relocation allowance if you move to Orlando. Data Analyzers has an immediate job opening for a junior data recovery engineer. The four-year old firm specializes in data recovery, computer forensics and ethical hacking, and has enough corporate clients to keep its engineers working overtime to meet deadlines. Trouble is, very few people in the U.S. possess the skills to qualify. No two data recovery problems are ever the same, and security safeguards are evolving almost as fast as hacking technology. "Data recovery skills are so specialized that typical 'help wanted' ads, even at colleges and universities that offer graduate degrees in computer sciences, don't do the job," said An...

Hackito Ergo Sum 2011 slides available for Download ! HES aims at anticipating the challenges of the security world and gathers together underground or amateur security researchers together with professional security expert researchers and technical decision makers. During three days, HES will feature new research presentations, of the highest technical level, presented by some of the most respected international researchers. Its goal is to support networking and innovation while federating communities and key actors from the industry, from both the public and the private sectors. The topics covered will include : vulnerability analysis, SCADA architectures, reverse engineering, the underground economy, attacks on banking or telecom infrastructures, cloud computing security, botnets, threat intelligence. Slides of the conference are now available on slideshare at  https://www.slideshare.net/event/hackito-ergo-sum-2011/slideshows

Manila Water 's website hacked by Blackrain ! The website of water concessionaire Manila Water was hacked early Sunday, with visitors to the site seeing a small window indicating the breach. "Hacked by Blackrain!" read the message on the smaller window, which pops up when one logs on to the Manila Water site. Users could not access any part of the website until they click on the "Ok" button on the popup window. But aside from the popup, the other parts of the site appeared normal. Manila Water is one of two concessionaires of the Metropolitan Waterworks and Sewerage System, along with Maynilad Water.

Monash University website hacked by yaser007 Monash University has reported to "specialist agencies" the hacking of its website home page, which on Saturday displayed the words "Hacked by yaser007" in red above a picture of the Iranian flag within the outline of a map of the country. In an emailed statement on Sunday, Monash University chief information officer, Mr Ian Tebbett, said the site "was subject to an external hacker breach on Saturday" but that "the situation was quickly identified and dealt with". He said no university data had been compromised and that the effects were "limited to the publishing of non-Monash material on the externally-facing website". Advertisement: Story continues below It appeared, Mr Tebbett said, that neither Monash, nor the wider Australian higher education community, were a "specific target of the attack". Monash's own investigations of the matter were "ongoing", he said...

Lahore University,Shail Vac Engineers,Strengthening Democracy - SQLi Vulnerable found by Lionaneesh Lahore University of Management Sciences(LUMS) : Site : https://econ.lums.edu.pk Vulnerable URL : https://econ.lums.edu.pk/people_detail.php?id=%Inject_Here%6 Shail Vac Engineers website Site : https://www.vacuumsystem.co.in/ Target : https://www.vacuumsystem.co.in/product.php?prod_id=%Inject_Here%13 Strengthening Democracy through Parliamentary Development (sdpd) Site : https://www.sdpd.org.pk Vulnerable URL : https://www.sdpd.org.pk/news_detail.php?ID='82 Found by : Lionaneesh

326 Websites Hacked by   Hacked sites list :  https://pastebin.com/Q1er7vKh

OpenStack ' floating Linux kernel ' rides VMware hypervisor ! OpenStack – the open source "infrastructure cloud" project founded by Rackspace and NASA – has released a third version of its platform, offering support for all major hypervisors. With the new release, codenamed "Cactus", developers have added support for VMware's vSphere hypervisor – without help from VMware. The vSphere code was built mostly by Citrix, which had previously coded support for the Xen and XenServer hypervisors. "We're so committed to OpenStack and its hypervisor-agnostic approach that we felt it was important, since VMware wasn't going to contribute vSphere support, that we should do it ourselves," Gordon Mangione, vice president of business development for Citrix's datacenter and cloud division, tells  The Register According to Mangione, VMware has "always been invited" to contribute to the project. But this has yet to happen. The virtuali...

Emergency Adobe Flash Player patch coming today ! Less than a week after warning that hackers were embedding malicious Flash Player files (.swf) into Microsoft Word documents to launch targeted malware attacks, Adobe plans to release an emergency Flash Player patch today to fix the underlying problem. The patch will fix a "critical" vulnerability in Flash Player 10.2.153.1 and earlier versions for Windows, Mac OS X Linux and Solaris. According to this Secunia advisory, the flaw allows a hacker to completely hijack a vulnerable Windows computer: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when parsing ActionScript that adds a custom function to the prototype of a predefined class. This results in incorrect interpretation of an object (i.e. object type confusion) when calling the custom function, which causes an invalid pointer to be dereferenced. ...

We blogged about the Epsilon data breach to give our customers a heads-up on the situation. Recently, our ThreatSeeker® Network discovered a Web attack that takes advantage of the unfortunate news. As with anything our ThreatSeeker Network discovers, Websense customers are protected by ACE, our Advanced Classification Engine. The attack is hosted on a Web page that has a very professional look and feel, and uses convincing social engineering techniques to lure victims. The attack page is basically a cut-and-paste copy of the HTML code from the original Epsilon press release. This provides the professional appearance of the Epsilon site to lure victims. The big difference is that the attack page provides a malicious binary download. Screenshot of the attack page source code: The attack page tries to get visitors to download the malicious binary by convincing them that there was an update to the press release dated April 8th. The "update" states that Epsilon's inv...