The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Starting with January 1st, 2011, Indian banks will require an additional security code in order to authorise phone banking transactions, according to regulatory guidelines issued by the Reserve Bank of India (RBI). Known as one-time passwords (OTP), these codes are part of what is known as two-factor authentication systems and provide an extra layer of security. The RBI directive is mandatory for all banks that offer phone banking services, including those based on Interactive Voice Response (IVR) systems. IVR refers to technology which offers customers to perform actions via their phone's keypad and get confirmation through pre-recorded audio messages. As their name implies, OTPs can only be used once, meaning that a new code must be generated for each separate transaction. This can be done by the bank and sent to the customer's mobile phone number or via an electronic device called a hardware token, which is supplied to the client in advance. In both cases the cus...

Sonic.net today announced it has been selected to operate and support the trial fiber-to-the-home network Google is building at Stanford University. This experimental project will test new fiber construction and operation methods, while delivering full gigabit speeds to approximately 850 faculty and staff owned homes on campus. Sonic.net will manage operation of the network, provide customer service and support and perform on-site installation and repair. Sonic.net is Northern California’s leading independent Internet service provider. The Stanford trial network is completely separate from the community selection process for Google’s Fiber for Communities project, which is still ongoing. Google’s ultimate goal is to build a fiber-to-the-home network that reaches at least 50,000 and potentially up to 500,000 people, and it plans to announce its selected community or communities by the end of the year. Sonic.net currently operates California’s largest open Internet access network, offer...

In China, a trojan has popped up that uses escalated rights to read out information such as the address book in Android cell phones, and sends the information via the internet to remote servers. As the Lookout blog reports, the contaminant called Geinimi is the most refined method of collecting personal data yet, as it not only acts independently, but can also be remotely controlled by a server. Geinimi hides itself by encrypting the data it needs to run and by using an obfuscator for Java byte code. In addition to the address book, the trojan can also read out the cell phone's position data, device ID (IMEI), SIM card number (IMSI), and a list of the installed apps. It is not yet clear what the developers of Geinimi are ultimately trying to do. Geinimi comes as an add-on for common apps, most of them games sold in third-party app catalogues. According to the Lookout blog, the following applications are affected: Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and...

At the 27th Chaos Communication Congress ( 27C3 ) hacker conference, security researchers demonstrated how open source software on a number of revamped, entry-level cell phones can decrypt and record mobile phone calls in the GSM network. Using a normal laptop and a homemade monitoring device, team leader Karsten Nohl of Berlin's  Security Research Labs  explained that GSM mobile communications can be decrypted in "around 20 seconds." He said his team was able to record and playback entire conversations in plain text. Last year, Nohl and his team showed how they managed to crack the A5/1 encryption algorithm used in GSM, in three months using 40 distributed computers. Since then, he says his team has considerably improved the rainbow tables needed for the attack; the tables are once again available from the BitTorrent peer-to-peer network. Nohl says he has also made a lot of progress with the other hardware and software needed for the attack. Furthermore, the scenar...

It’s a scene from an as-yet-unmade thriller: Across a country, tens of thousands of cellphones all blink white at the same, and turn themselves off. Calls are lost, phones are rendered useless, and the affected mobile operator is forced to pay a ransom or lose customers. It hasn’t happened yet. But speaking at the Chaos Computer Club Congress here, German researchers showed how vulnerabilities in some the simplest, but most common phones in the world could conceivably lead to just such a scenario. Mobile phone security has been a growing concern due to the increasing popularity of smartphones, whose web-browsing and app-running capabilities allow attacks similar to those made against computers. Yet more than 85 percent of the world’s cellphones are feature phones — simple devices with the ability to play MP3s or browse the web, but without the power of the iPhone or Android-based handsets. Vulnerabilities have been found in this type of phone before, but new open sou...

Criminals this week hijacked ChronoPay.com, the domain name for Russia’s largest online payment processor, redirecting hundreds of unsuspecting visitors to a fake ChronoPay page that stole customer financial data. Reached via phone in Moscow, ChronoPay chief executive Pavel Vrublevsky said the bogus payment page was up for several hours spanning December 25 and 26, during which time the attackers collected roughly 800 credit card numbers from customers visiting the site to make payments for various Russian businesses that rely on ChronoPay for processing. In the attack, ChronoPay’s domain was transferred to Network Solutions, and its domain name system (DNS) servers were changed to “anotherbeast.com,” a domain registered at  Network Solutions  on Dec. 19, 2010. The attackers left a message on the ChronoPay home page – designed to look as if it had been posted by Vrublevsky (see image above) – stating that hackers had stolen the personal data of all ChronoPay use...

Known to successfully slow down the Iranian nuclear program, the Stuxnet cyber worm is now expected to spawn variations that are predicted to disrupt non-traditional IT targets, from power grids to electronic voting stations. The Stuxnet cyber worm is a very complex, efficient and stealthy string of code that was first discovered in June 2010. And while it is likely the darling of Western governments for the disruption it unleashed on Iran's embryonic nuclear program, there are emerging concerns that variants of the Stuxnet virus could bring widespread havoc to systems around the world - beyond the traditional information technology targets. eWeek  reported on Tuesday that the Stuxnet worm is thought to have damaged as many as 1,000 Iranian centrifuges, after having already affected more than 62,000 computer systems in Iran alone. The genius of the Stuxnet code was reported in the mild manipulation of the centrifuge engine speeds, prompting the engines to operate just fas...

The Thai Netizen Network has issued a statement calling for a review of Thai cybercrime laws in light of curbs on free speech and has issued a book for netizens to help them safeguard their privacy and circumvent censorship at the same time. Supinya Klangnarong, co-ordinator of the Thai Netizen Network, said that the biggest problem was article 15 and 14, which is ambivalent, too encompassing and overlaps with criminal law. Over the years, articles 14 and 15 have been used to silence political dissent, she said. The case of Prachathai webmaster Chiranuch Premchaiporn was cited as an example of the arbitrary nature of the laws. She was arrested for leaving comments up on the site for 20 days. That number is not in any law. The problem is with the role of the intermediary - that of ISPs (Internet service providers), search engines or blog hosts. Under current law, they are treated as if they were editors. That is simply impractical without bringing the Internet in Thailand to a stop. Th...

Detectives from London’s Metropolitan Police Service’s cyber crime unit have in the past year shut down 1,800 bogus websites, which were either fraudulent or advertising counterfeit goods, ranging from tickets to Premier League soccer games to Ugg boots and jewelry from Tiffany & Co. The preventative action was carried out in partnership with Nominet–the public body for U.K. domain name registrations–and involved a boosted effort around the holidays, a time when there is traditionally a spike in this type of crime as fraudsters take advantage of the increased number of online consumers. “The removal of these websites will have prevented numerous victims from falling foul to this type of offense,” said Detective Inspector Paul Hoare of the Police Central e-Crime Unit in a statement. “Good advice for online shoppers can be found at the Consumer Direct and Get Safe Online websites but as always, are advice is that as a general rule, if something looks like it is too good to be tru...

5 websites Hacked By KiLLerMiNd {PakCyberHaxors Crew} Sites: http://blog.kozmetikdukkan.com/ http://zone-h.org/mirror/id/12792769 http://doviz.webkafe.net/ http://zone-h.org/mirror/id/12792770 http://forum.gknscript.com/ http://zone-h.org/mirror/id/12792772 http://www.gelibolugundem.com/ http://zone-h.org/mirror/id/12792773 http://www.kafe100.com/ http://zone-h.org/mirror/id/12792777

2 websites Defaced by CYBERSAM ! Links : http://www.aarausa.com/ http://www.happyhoundsnj.com/

Top-Channel.Tv DDOS Atack By Teo DownTurn (AHT-CREW) Top-Channel.Tv   The Best TV Channel In Albania...!!!