The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

GnackTrackR6 Released , available for Download ! GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it is most certainly not; it's very similar but based on the much loved GNOME! GnackTrackR6 has just been released. This version has many wireless patches precompiled in and also has the latest version of kismet, wireshark, xplico, metasploit, nmap, beef, w3af, aircrack, armitage and much more. R6 also sees the adoption of a social engineering mode which will quickly theme the distro to look like WindowsXP. Video Demo : GnackTrackR6 can be run live from DVD or USB and can also be installed natively. There is also a VMWare image available for those that test from within a virtual machine. The Developers are constantly taking new requests for tools and adding them pretty quickly. To get your copy just go to : Click Here

Now that the annual Pwn2Own hacking contest is around the corner, both Google and Mozilla are busy patching flaws in their respective browsers to appear competent in the contest. Both internet giants have reportedly updated their browsers for the contest that is due to take place next week at the CanSecWest Applied Security Conference. Google patched 19 flaws in its Chrome and rated 17 of them as "high" whereas the other three as "Medium". Mozilla followed Google's step and introduced patches for 10 flaws in its Firefox. It classified eight of the security flaws as "critical" whereas it rated others as "Moderate" and "High" respectively. Google rewarded the researchers who fixed the bugs with an attractive sum, the highest being $1,000. The patching was carried out in different areas including an integer overflow during the process of textarea handling. Google's URL bar spoof was also updated. The major flaw that was updated by Firefox consists of a bug that if activated by a corrupt...

Members of the hacker community are leery of working with the government and sharing their skills, if it means navigating through outdated regulations and being viewed as potential security risks. Hackers and other computer experts willing to collaborate with the Department of Homeland Security to bolster the nation's cyber-defense are unable to do so because of red tape, according to the former head of the department. Tom Ridge and Michael Chertoff, two former secretaries of Homeland Security, joined current DHS boss Janet Napolitano to discuss the evolution of threats facing the United States, including the challenges of securing cyber-space. They expressed their views during a March 2 roundtable discussion at Georgetown University, which was webcast by the Aspen Institute, marked the department's eighth anniversary. "The portfolio of threats is a lot broader," Ridge said. There are a number of possible scary scenarios, including a sophisticated hacker from another country break...

Islamabad: The first-ever 'Ethical Hacking and Countermeasures (CEH)' training course organised by the Riphah International University, in collaboration with internationally renowned information security certification body, EC-Council, concluded here on Wednesday. Riphah International University is the first academic partner of EC-Council in Pakistan. EC-Council offers trainings in over 60 countries and has trained over 80,000 professionals. Its certifications are recognised by US governmental agencies like National Security Agency (NSA), Federal Bureau of Investigation (FBI) and the Committee on National Security Systems (CNSS). Under the partnership, RIU offers the complete range of EC-Council certifications. The goal of a trained ethical hacker is to help an organisation take pre-emptive measures against malicious attacks by attacking the system himself to expose its vulnerabilities that can be exploited by malicious hackers. As technology advances and organisation depend on tec...

Readers of Financial Post or National Post blogs might have found them difficult, if not impossible, to access Thursday morning. That is because WordPress, the platform through which every FP and NP blog has been published for the past 10 months, has been under attack by hackers for the past several hours. Using the same method as the hackers who brought down the main websites of Visa, Mastercard and PayPal last year to support the whistle-blowing website WikiLeaks, Thursday's attacks have caused thus far untold numbers of WordPress-powered blogs to become nearly inaccessible. "WordPress.com is currently being targeted by an extremely large Distributed Denial of Service attack [DDoS] which is affecting connectivity in some cases," said Sara Rosso of WordPress VIP services in a blog post Thursday morning. "The size of the attack is multiple Gigabits per second and tens of millions of packets [of data] per second." "We are working to mitigate the attack, but because of the extreme si...

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool. Changelog Six news registry reports were added: user assist, recent docs, product keys, O.S. folders, user logon info, and computer info. Minor improvements were made. Installation As root, type:  python setup.py install Usage Run  mobius_bin.py . Download

Low Orbit Ion Cannon - An open source network stress tool Download Here

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. This is the updated change log: Added Proxy support for Cain's Certificate Collector. Added the ability to specify custom proxy authentication credentials for Certificate Collector. Added ProxyHTTPS Man-in-the-Middle Sniffer (TCP port 8080). HTTP, APR-HTTPS and APR-ProxyHTTPS sniffer filters are now separated. OpenSSL library upgrade to version 0.9.8q. Winpcap library upgrade to version 4.1.2. Download Cain & Abel v4.9.39

BMW Auto (Romania) & Sex Education Satan Has been Hacked By Dinelson Us [Tunisian Hacker ] Site : https:// www.satan-sex-education.com Mirror :  https://www.zone-h.org/mirror/id/131461153 Site : https://www.bmwauto.ro News Source : Freed 

26 Australian Beer/Wine shop websites Hacked By ' Pak Cyber Combat Squad ' ! 1. https://argentinewine.com.au/pccs.html https://www.zone-h.org/mirror/id/13164024 2. https://www.bestamericanwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164209 3. https://www.bestargentinianwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164213 4. https://bestbeers.com.au/pccs.html https://www.zone-h.org/mirror/id/13164216 5. https://www.bestchileanwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164220 6. https://besteuropeanbeer.com.au/pccs.html https://www.zone-h.org/mirror/id/13164221 7. https://bestitalianwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164222 8. https://bestliqueurs.com.au/pccs.html https://www.zone-h.org/mirror/id/13164225 9. https://www.bestnewzealandwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164226 10. https://www.bestpremiumwines.com.au/pccs.html https://www.zone-h.org/mirror/id/13164228 11. https://bes...

Whatismyipaddress.com got attacked ! A website whatismyip who gives the information about     * My IP     * IP Lookup     * Blacklist Check     * Trace Email     * Speed Test     * Hide IP     * Change IP     https://whatismyipaddress.com/  got attacked last day its gives a some Sql vulnerablities which shows a vulenerable site ..!! News Source : Cyber-India

Security researchers from Symantec warn of a new banking trojan capable of hijacking the SSL connections between browsers and online banking sites in a way that is hard to spot. Variants of this malware, which Symantec detects as Trojan.Tatanarg, have been in circulation since last October, but its code is believed to be based on an older threat called W32.Spamuzle. The trojan has a modular architecture, with separate components handling different tasks, and the functionality of most banking malware. It can inject rogue HTML code into pages (man-in-the-browser attacks), disrupt antivirus software, uninstall other banking trojans and enable Windows remote access. It also features a backdoor component through which attackers can issue commands to control the infected computers. However, the most interesting functionality of this trojan is its ability to function as a proxy between browsers and SSL-secured websites. This is achived by hijacking the legit SSL connection and esta...