The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook is not Exclusion, XML Vulnerability ! All of you know that there are many vulnerabilities on various web-sites. But Grands websites like facebook, google, microsoft are very well secure and sometimes it's impossible to find even xss or SQLi on them. But the code, behind this web sites, is written with PEOPLE , and you can only patch human vulnerability on their Mind or DNA. :)))  What we want to say is, this isn't serious flaw or bug, vulnerability, but this is proove that even such website's contain security holes, and if you look through you can take them over. ;)  best wishes and happy Hacking. Oh yes, see NASA's report about bugs, our UNIVERSE is vulnerable too. :)))  Vulnerable Link : https://www.facebook.com/ search/opensearch_typeahead. php?format=xml&q={ blablablablabla%20what%20is% 20this?%20xss%20or%20xmls?%20: ))))} Here some more Links, You should Analyse : https://www.facebook.com/ crossdomain.xml https://vthumb.ak.fbcdn.net/ vthumb...

Sony.com2.us database Exploited by Lionaneesh Lionaneesh extract database of sony.com2 and publish on :  https://pastebin.com/mZKtrT10  .

Lady Gaga 's Twitter Account Hacked ! Oh snap! Lady Gaga's Twitter account was hacked on Wednesday and as a result, the Mother Monster has threatened to involve the authorities in the matter. Don't fuck with Gaga's digital rights. And come to think of it…to hack the Twitter account of the world's most famous womam is probably dumb, since you're more likely to get caught and to be made an example of. A hacker gained access to Gaga's account and began posting a number of spam messages, all written in Spanish. Gaga's deleted the tweets and posted the following warning: "Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police." Do not mess with Gaga or her Monsters. Do you follow Lady Gaga on Twitter?

Famous Israeli company websites Hacked by OldChildz (Turkish Hackers) Hacked Sites and Mirrors : https://be10.co.il https://www.zero-h.com/mirror/id/66321 https://gagotreafim.com (An Israeli Construction Company) https://www.zero-h.com/mirror/id/66320 https://kasafot.com (A manufacturing company in the Israeli case) https://www.zero-h.com/mirror/id/66319 https://nadlan-plus.com (Nadlan-Plus Jerusalem Real Estate Israel is a leading firm, offering luxury properties) https://www.zero-h.com/mirror/id/66318 https://sick-sensors.co.il (SICK is a technology and market leader in Factory Automation and Logistics, as well as the Process Automation.) https://www.zero-h.com/mirror/id/66317 https://meholelim.org https://www.zero-h.com/mirror/id/66315 https://lama-wordpress.com https://www.zero-h.com/mirror/id/66313 https://backpackingisrael.com (Travel Forums and Tips) https://www.zero-h.com/mirror/id/66311

Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. As well as the standard Linux networking tools like ping, wget, curl, telnet and ssh, the Live Hacking DVD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities. The Live Hacking DVD is designed for ethical computer hacking, meaning that it contains the tools and utilities you need to test and hack your own network but using the tools and techniques that mor...

Ubuntu 11.04 Released ! For those of you watching Ubuntu's website recently, you may have noticed a new version of the popular and easy to use variant of Linux has been surfaced - Natty Narwal. It can be downloaded from the previously linked site free of charge. Among the various new features, the Unity interface is set as the default UI, and includes the launcher (an OS X like dock), the dash (a popup menu with user defined shortcuts), and workspaces (a virtual desktop manager). According to the Ubuntu website, the OS can boot in as little as 7 seconds (following POST). Driving all of this eye candy is Gnome 2.32.1 (according to Ubuntu Vibes). If your current equipment is not capable of Unity, the classic desktop experience will kick in as to keep you moving along with minimal lag. Those of you wanting to experiment with Gnome 3, it cannot be installed via the Ubuntu repositories, and there have been reports of system instabilities post installation, though there is a workaroun...

Buddie.me (Social Networking) Hacked by Fr0664/FCA , 15809 Users emails/passwords exposed ! A social Networking Site, Buddie.me hacked By some hacker, and about 15809 emails/passwords they have exposed on internet at : https://pastebin.com/4C91WVLN

Ncrack 0.4 Alpha - New Version download ! Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts. Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. This is the change log for the current release: Added the VNC module to Ncrack's arsenal. Thanks to rhh of rycon.hu for implementing the module and discussing about it for further improvement. Wrote...

Google's Chrome web browser is now at version 11, and its release is marked by a record payout for security fixes as well as a speech translation feature. A total of 27 security vulnerabilities are fixed in the latest stable release for Windows, Mac, Linux and Chrome Frame. Individual rewards were from $500 up to $3,000 for a particularly nasty looking bug that allowed a possible URL bar spoof leading to navigation errors and interrupted page loads. Among the researchers Google gave thanks to was Braden Thomas of Apple Product Security. This is most likely because Chrome's underlying open source browser engine Webkit is the same one that runs Safari. Chrome users will now also be able to play around with speech translation, thanks to a new speech input through HTML feature. Using the Google Translate application, you can speak after clicking a microphone at the bottom right of the input box. You'll be able to read and listen to the translated result. This isn't ne...

Election commission & Society of aircraft engineers of pakistan Hacked By Imm0rt4l5 Hacked Url : https://www.ecp.gov.pk/viewpressreleasenotific.aspx?id=1374&typeid=2 Mirror : https://i51.tinypic.com/1zgt9vc.jpg Hacked Url : https://saep.org.pk/documents/immortal.php Mirror : https://turk-h.org/defacement/view/383370/saep.org.pk/documents/

Nikon Image Authentication System Compromised ! ElcomSoft Co. Ltd. researched Nikon's Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon's Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras. The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature. Complete Story :   https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/