The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

DDOS attack on LIME ’s Internet system LIME says the majority of the customers experiencing degradation in their broadband services over the past few days are now back online and connecting at normal speeds. LIME says the type of attack is known in technology circles as a distributed denial of service, which is defined as an explicit attempt to prevent legitimate users from accessing or utilising the particular service. “ The attack, though confined to a small portion of LIME’s Internet customer base, inconvenienced the affected customers and gave the appearance of a widescale service-impacting problem on the company’s network, ” noted a statement from the company. LIME has announced plans to take legal action against the person responsible for an attack on its network, which resulted in internet service disruptions to hundreds of customers over the last week. Managing Director, Alex McDonald says engineers implemented some changes in the broadband network to isolate the IP ...

[Community Edition] Metasploit Framework Expert Certification DVD SecurityTube today launched a FREE community edition of the courseware it uses for the SecurityTube Metasploit Framework Expert (SMFE) course and certification. They already have students from over 40+ countries taking their courses and online labs. This DVD goes to show their long lasting commitment to FREE Infosec Education for one and all. Course Details and DVD Download Direct DVD Downlaod (2 GB) The DVD contains over 10+ solid hours of how to get started using Metasploit, Vulnerability assessment and hacking, and finally basics of Exploit Research with it! The course and online labs in the cloud are still running at the promotional pricing and we highly recommend you have a look.

#AntiSec hackers deface Panda Security site to protest LulzSec arrests Hackers aligned with Anonymous took credit on Wednesday for an attack on Panda Security's website shortly after charges were announced against five of the hacking collective's alleged members. Over 25 websites related to Panda Security have been hacked tonight by Antisec. Emails and md5 passwords have leaked to public. Panda was accused by anonymous for helping the FBI to lurk anonymous members. The attacks are believed to be in retaliation for the recent arrests made by the FBI. Yesterday biggest story of Hacking world exposed that, The world's most notorious computer hacker turned against his comrades because he did not want to go to prison and leave behind his two children. Monsegur, who has been described as the ringleader of LulzSec, and an 'influential member' of Anonymous, pleaded guilty to a dozen hacking-related charges last summer - crimes which carry a maximum sentence of 124 y...

Anonymous Sabu was working for FBI to Trace down other  LulzSec hackers Police on two continents swooped on top members of computer hacking group LulzSec early today, and acting largely on evidence gathered by the organisation's leader "Sabu" who sources say has been secretly working for the government for months arrested three and charged two more with conspiracy. FoxNews reports that the arrests were part of a multinational sting across the United Kingdom, Ireland and the United States. LulzSec leader Hector Xavier Monsegur, who operated online under the alias “Sabu,” provided the Federal Bureau of Investigation with information leading to the arrests. “This is devastating to the organization,” said an FBI official involved with the investigation. “ We’re chopping off the head of LulzSec. ” LulzSec, which became part of the larger hacker collective “ Anonymous Operations ” last year, has launched a number of high profile cyberattacks since last summer.  The ...

Rogue Antivirus advertised on 200000 hacked Web pages The Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign, a new mass injection attack has infected over 200,000 Web pages, amounting to close to 30,000 unique Web hosts. The attack uses SQL injection techniques to insert a rogue script element. Users who land on one of the compromised pages get redirected through several domains and finally land on a scareware site. These sites mimic antivirus scans and tell visitors their computers are infected with malware in an attempt to convince them to download fake security programs. The programs display even more false warnings and ask users to pay for a license in order to clean their machines.  The page looks like a Windows Explorer window with a "Windows Security Alert" dialogue box in it. The fake antivirus then prompts visitors to download and run their "antivirus tool" to remove the supposedly found Trojans. The executab...

Hackers disclose secret Ankara police files password '123456' Hackers from the "RedHack" group who brought down the Ankara Police Department's website and acquired secret information last week said one of the passwords of the secret police files was "123456." A member of the hacking group named “ Radikal ” saying that " RedHack was founded after deliberating on how to utilize our skills for the oppressed peoples ." " The question is, how serious can a police force be if they save secret files with a password like '123456’? ” The group member said the reason for targeting the Ankara Police Department was that it was the center of applications such as "E-State" and "E-Police," and the fact that it was "much more special and better protected" than other police department websites. RedHack had downloaded police files that contained tips from "informant" citizens that told of suspicious activitie...

DarkComet RAT Remover  Released The civil war in Syria rages not only on the ground but also on internet. The opposition has made increasing use of platforms such as Facebook to organize and spread their message. In response the regime have tried to disrupt these activities by defacing websites and spamming Facebook pages. The regime is using the DarkComet RAT (called Backdoor:Win32/Fynloski.A by Microsoft) to spy on their own people.The creator of the DarkComet RAT was disgusted by that behaviour and now has retaliated with a specially created tool to detect and remove his own DarkComet RAT to help the oppressed Syrian people, DarkComet RAT Remover. DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs. Features: [+] Detect DarkComet Even if crypted. [+] Detect DarkComet Even if visualized. [+] De...

#Security Alert : Facebook Two-Factor Authentication fail ! Last year Facebook has launched a security feature called Login Approvals or two-factor authentication. This is a follow-up security update regarding Facebook Login from Facebook. They have already integrated Facebook login email alerts to get notification emails or SMS messages whenever a suspicious person uses your Facebook account from a different location. Christopher Lowson , on his blog explains the Facebook Two-Factor Authentication, which is really another biggest fail of Facebook Security. But that feature is not enough to ensure your account’s security and that is why Facebook has launched “Login Approvals“. This feature is very similar with Google 2-step verification which associates a mobile device with your Facebook account and authenticates the login by sending a verification code at your mobile phone device. According to this feature, When user will logging into your Facebook accou...

THOR : Another P2P Botnet in development with extra stealth features The research community is now focusing on the integration of peer-to-peer (P2P) concepts as incremental improvements to distributed malicious software networks (now generically referred to as botnets). Because “botnets” can be used for illicit financial gain,they have become quite popular in recent Internet attacks. A “ botnet ” is a network of computers that are compromised and controlled by an attacker. Each computer is infected witha malicious program called a “bot”, which actively communicates with other bots in the botnet or with several “botcontrollers” to receive commands from the botnet owner. Attackers maintain complete control of their botnets, andcan conduct Distributed Denial-of-Service (DDoS) attacks,email spamming, keylogging, abusing online advertisements, spreading new malware, etc. However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines app...

Twitter, As secondary publisher  could be sued  for an illegal tweet If a Twitter user posts an illegal tweet, they could get sued, but Twitter could be sued itself as a secondary publisher according to  Zack Whittaker . Legal analysis site Out-Law published a very interesting, theoretical piece, which describes how Twitter could fall foul of the law through no apparent fault of its own but by giving its users free reign over what they say. A case of mistaken identity in Australia illustrates the point. Someone wrote a hateful blog about writer and television personality Marieke Hardy. She wrote a blog post accusing Joshua Meggitt of being its author and used her Twitter account to draw attention to her post.Hardy was wrong to finger Meggitt as the author of the original material and she reportedly paid Au$15,000 (£10,000) to settle the case. Will Twitter still be held liable for the libel? One more thing, Those who retweeted are not being pursued....

Anonymous : A Declaration of the Independence of CyberSpace Anonymous declare a Note on Independence of Cyber Space : Governments of the Industrial World, you weary giants of flesh and steel, we come from the Internet, the new home of Mind. On behalf of the future, we ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather. We have no elected government, nor are we likely to have one; therefore we address you with no greater authority than that with which liberty it always speaks. We declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us, nor do you possess any methods of enforcement we have true reason to fear. You are toothless wolves among rams, reminiscing of days when you ruled the hunt, seeking a return of your bygone power. Governments derive their just powers from the consent of the governed. You have neither solicited nor ...