The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Linux kernel 2.6.38.6 ( stable) has been released ! The latest -Stable kernel has been raised again after Greg released a new version : 2.6.38.6. This is a maintenance update, so no new feature are included, only bug fixes and minor changes. Even though Greg urges users to upgrade to this version, it's wiser to look at the  ChangeLog  to decide whether you really need to upgrade to this version or not. Personally, i don't really see any important updates in this release, so if you have no problem with your current kernel (2.6.38.x series), you can stay with it until 2.6.39 comes up in probably a week or two. Download :  https://www.kernel.org/

India's Rajasthan State Co-operative Marketing Federation Ltd (https://rajfed.gov.in/) has been infected with a malicious script tag. This government site promotes the objectives of procuring agricultural produce from farmers through the member societies on support prices declared by the Govt. of India. Here is the home page of this site: The malicious script has been injected at the bottom of this page. Here is the screenshot of source page, Below, you can see a decoded version of the script using Malzilla. ( https://malzilla.sourceforge.net/ ) The decoded script tag leads to JavaScript from " hxxp://cs.cskick.cn/cs/sc.js ". Currently, this malicious site is down. A quick Google search for this domain shows that it has been involved with malicious activity in the past. Trend Micro has issued a report for a separate threat hosted at that same domain. Submitted by :  Umesh

Sony 3rd massive leak - 100 million user's personal info hacked in Japan ! Personal information on a total of 100 million people has possibly been hacked and leaked from online game and other Internet services provided by the Sony Group worldwide, sparking fears that it could develop into the worst information leakage case ever. Sony has been under fire for being slow to announce the incident. It is essential for the electronics and entertainment giant to clarify the whole picture of the damage as quickly as possible and gather itself together to follow up the case in order to recover consumers' confidence. According to the revelation, personal information including the names, IDs and passwords of about 77 million people in some 60 countries -- mainly in North America -- was hacked and leaked from Sony's Internet services that provide game software for PlayStation 3 and other game consoles and distribute movies and music for TV viewers. Furthermore, private inform...

SkidHacker.com , Underground-Hacking.Net & IndoCoder.or.id Hacked by Shadow008 (PakCyberArmy) Sites Hacked: Forum: https://www.indocoder.or.id/community/ Blog: https://www.indocoder.or.id/journal/ Mirror: Forum: https://www.k0-ka.in/attack/?id=1498 Blog: https://zone-h.com/mirror/id/13632754 ___________________________________________________ Sites Hacked: https://underground-hacking.net/ Mirror: https://zone-h.com/mirror/id/13667406 ___________________________________________________ Sites Hacked: https://www.skidhacker.com/ Mirror: https://zone-h.com/mirror/id/13668102

Cbseguess.com   4243  users data compromised ! https://cbseguess.com/ Hacked By Indian Hacker 'Akash Jain', and almost 4243 users data Compromised .

Samsung Data Management Server with Sql Injection Login Bypass vulnerability Here we have one more example of human stupidity. Samsung Data Management Server with Sql Injection Login Bypass vulnerability . Anyone can easy hack into admin panel of server... here a screen shot of admin panel : Sorry ! We can't Disclose the location/URL of Panel just because of security reasons. But Samsung should fix this as soon as possible !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a vulnerable machine. The company said that they are not going to disclose the details of the bugs right now, but that they have shared information on them with some of their government customers through its customer program. The vulnerabilities are present in the latest version of Chrome running on Windows 7, VUPEN said. VUPEN published a video (  https://www.vupen.com/demos / ) that demonstrates an attack that exploits the Chrome vulnerabilities, although there is no further clues about the bugs themselves. "The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it...

Patch for Metasploit that will enhance db_autopwn such that you will be able to Hack almost ANYTHING ! There is a small patch released , that will make your db_autopwn fully loaded and powerful . With which you will be able to hack almost anything... Lets have a look : Index: lib/msf/ui/console/command_dispatcher/db.rb =================================================================== --- lib/msf/ui/console/command_dispatcher/db.rb (revision 12572) +++ lib/msf/ui/console/command_dispatcher/db.rb (working copy) @@ -775,6 +775,9 @@ def cmd_db_autopwn(*args) return unless active? + puts 'https://www.pentest-standard.org/index.php/PTES_Technical_Guidelines' + return + stamp = Time.now.to_f vcnt = 0 rcnt = 0

Ethical Hacking Services - Appin Security hacked By 133t Indian h4x0rs ! Hacked Site 1. :  https://appinlabs.com Mirror 1. :  https://legend-h.org/mirror/157460/appinlabs.com Hacked Site 2. :  https://blog.appinonline.com Mirror 2. :  https://legend-h.org/mirror/158222/blog.appinonline.com

Scammers looking to flog cheap software have hacked Web pages on high-profile websites, including those belonging to NASA and Stanford University. NASA, just a week away from its penultimate space shuttle launch, has now removed dozens of Web pages that popped up on its Jet Propulsion Laboratory website. They were used to flog low-cost versions of Adobe's Creative Suite and other products, according to cached versions of the pages, still viewable on Google. The scammers loaded up the Web pages with nonsense text (a sample: "Edit buy adobe premiere pro cs4 some callouts and balloons to make this time it took you and saved you a long time") and links to many other hacked pages. Affected sites included those for NASA, Stanford University, Syracuse University and Northeastern University. NASA had cleaned up its site Monday, but others, including Stanford, had not. Visitors to those sites could encounter the hacked pages even if they weren't looking for cheap softwar...

Hackers release usernames, passwords of several FOX.com affiliate employees ! Hackers Post complete Usernames/Password of Fox.com users at : https://pastebin.com/zDMHmmAr