The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

As expected, Canonical has released a third alpha for Ubuntu 11.04, code named "Natty Narwhal". This development milestone is the last of three planned alpha releases, which will be followed by two betas – as previously previously reported, there will be no release candidate for Ubuntu 11.04. Natty Narwhal Alpha 3 is based on the 2.6.38-rc2 Linux kernel and features indicator improvements, as well a new look for the Unity Dash and a resize function. Ubuntu 11.04 sees Unity, as the distribution's new default desktop developed in-house by the Ubuntu developers, replacing the GNOME Shell and, as previously announced, the replacement of Oracle's open source OpenOffice.org office suite with the LibreOffice community fork. Package updates in the development preview include version 3.3.1 of LibreOffice, Firefox 4.0 Beta 12, version 2.13 of the Transmission BitTorrent client and Upstart 0.9.0 – version 1.0 of Upstart was released on 2 March. Other changes include updates ...

Anonymous Hackers open letter to Google  against a Blogger ! One of the Anonymous just Publish a New OPEN LETTER to GOOGLE company for Reminding them the   Universal Declaration of Animal Rights adopted in Londonon September 23, 1977 , Because one of the Blogger Blog have publish a video in which shown a puppy was tortured physically and psychologically to his death for 20 agonizing minutes which is asphyxiated, beaten, burned and trampled , between other terrible actions. The Video & Words of Their Open letter are as shown below : English version: Dear Sirs of Google: On February 8, 2011 was published in a "snuff" video of your company blog Blogger, whose url was:  http://letumcanis.blogspot.com This video was shown as a puppy was tortured physically and psychologically to his death for 20 agonizing minutes which is asphyxiated, beaten, burned and trampled , between other terrible actions.Its author, who calls himself 'Asesino Knino' (Dog Murdere...

iTunes 10.2 comes with several new features, improvements and security fixes. libpng is updated to version 1.4.3 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. For Mac OS X v10.5 systems, this is addressed in Security Update 2010-007. A heap buffer overflow issue existed in ImageIO's handling of JPEG images. Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution. A buffer overflow existed in libTIFF's handling of JPEG encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. A buffer overflow existed in libTIFF's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. libxml A double free issue existed in libxml's handling of XPath expressions. Proc...

A dozen students were arrested by the Nye County Sheriff's Department for allegedly changing their grades in the school computer system. Police say Tyler Coyner is suspected of stealing the password to the grade system at Pahrump Valley High School and then selling the password to others. The alleged crime went on for two semesters. Police say Coyner even went as far as changing his own grades, making himself the salutatorian at graduation. Coyner and another suspect, Matthew Miller, are also accused of stealing a television from Wal-mart and possessing fake ID's. They are facing charges of altering computer data, conspiracy to commit a crime, burglary and grand larceny. Ten other un-named students, all under the age of 18, have also been charged in the incident.

Three teenagers who founded and operated one of the world's largest English-language internet crime forums, described in court as "Crimebook", have been sentenced to up to five years in custody. Police estimate that losses from the thousands of credit details traded over the site, Gh0stMarket.net, amount to £16.2m. The web forum, which had 8,000 members worldwide, has been linked to hundreds of thousands of pounds of registered losses on 65,000 bank accounts. Nicholas Webber, the site's owner and founder, was arrested in October 2009 with the site's administrator, Ryan Thomas, after trying to pay a £1,000 hotel bill using stolen card details. They were then 18 and 17. Webber was jailed for five years on Wednesday and Thomas for four years. After seizing Webber's laptop, police discovered details of 100,000 stolen credit cards and a trail back to the Gh0stMarket website. Webber and Thomas jumped bail that December, fleeing to Majorca, but were rearrested when ...

Next Tuesday, March 8, Microsoft will release  3 security bulletins and updates to address the 4 vulnerabilities addressed in them . One of the bulletins, affecting most versions of Windows, is rated critical, meaning that at most two vulnerabilities are so-rated, with the rest rated important. Two of the bulletins affect Windows and the third Office, specifically Microsoft Groove 2007 Service Pack 2, with a rating of important. All Groove users sound off! In addition to these security updates,  Microsoft will release non-security updates . Among these are the monthly Windows Malicious Software Removal Tool (obviously this is security related, but it's not an update so it gets classified here), the update for the Windows Mail Junk E-mail Filter, and an update "to resolve issues" in Windows 7 and Windows Server 2008 R2.

South Korea issued an alert against cyber attacks after websites run by government agencies, including the presidential office and the national intelligence agency came under assault. About 40 websites were targeted today at 10 a.m. local time in an attack known as “distributed denial of service,” or DDoS, and more incidents are likely around 6:30 p.m., according to Ahnlab Inc. (053800), South Korea’s largest maker of antivirus software. The government issued its third-highest alert against cyber assaults and boosted monitoring of major websites, the Korea Communications Commission said in a statement. Today’s attacks are similar to attempts made in July 2009 to cripple dozens of websites in South Korea and the U.S. North Korea’s postal ministry was responsible for the attacks, Won Sei Hoon, head of South Korea’s National Intelligence Service, told lawmakers in October 2009. Under the DDoS tactic, malicious codes infect computers to trigger mass attacks against targeted we...

GnackTrackR6 Released , available for Download ! GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it is most certainly not; it's very similar but based on the much loved GNOME! GnackTrackR6 has just been released. This version has many wireless patches precompiled in and also has the latest version of kismet, wireshark, xplico, metasploit, nmap, beef, w3af, aircrack, armitage and much more. R6 also sees the adoption of a social engineering mode which will quickly theme the distro to look like WindowsXP. Video Demo : GnackTrackR6 can be run live from DVD or USB and can also be installed natively. There is also a VMWare image available for those that test from within a virtual machine. The Developers are constantly taking new requests for tools and adding them pretty quickly. To get your copy just go to : Click Here

Now that the annual Pwn2Own hacking contest is around the corner, both Google and Mozilla are busy patching flaws in their respective browsers to appear competent in the contest. Both internet giants have reportedly updated their browsers for the contest that is due to take place next week at the CanSecWest Applied Security Conference. Google patched 19 flaws in its Chrome and rated 17 of them as “high” whereas the other three as “Medium”. Mozilla followed Google’s step and introduced patches for 10 flaws in its Firefox. It classified eight of the security flaws as “critical” whereas it rated others as “Moderate” and “High” respectively. Google rewarded the researchers who fixed the bugs with an attractive sum, the highest being $1,000. The patching was carried out in different areas including an integer overflow during the process of textarea handling. Google’s URL bar spoof was also updated. The major flaw that was updated by Firefox consists of a bug that if activated by a corrupt...

Members of the hacker community are leery of working with the government and sharing their skills, if it means navigating through outdated regulations and being viewed as potential security risks. Hackers and other computer experts willing to collaborate with the Department of Homeland Security to bolster the nation’s cyber-defense are unable to do so because of red tape, according to the former head of the department. Tom Ridge and Michael Chertoff, two former secretaries of Homeland Security, joined current DHS boss Janet Napolitano to discuss the evolution of threats facing the United States, including the challenges of securing cyber-space. They expressed their views during a March 2 roundtable discussion at Georgetown University, which was webcast by the Aspen Institute, marked the department’s eighth anniversary. “The portfolio of threats is a lot broader,” Ridge said. There are a number of possible scary scenarios, including a sophisticated hacker from another country break...

Islamabad: The first-ever ‘Ethical Hacking and Countermeasures (CEH)’ training course organised by the Riphah International University, in collaboration with internationally renowned information security certification body, EC-Council, concluded here on Wednesday. Riphah International University is the first academic partner of EC-Council in Pakistan. EC-Council offers trainings in over 60 countries and has trained over 80,000 professionals. Its certifications are recognised by US governmental agencies like National Security Agency (NSA), Federal Bureau of Investigation (FBI) and the Committee on National Security Systems (CNSS). Under the partnership, RIU offers the complete range of EC-Council certifications. The goal of a trained ethical hacker is to help an organisation take pre-emptive measures against malicious attacks by attacking the system himself to expose its vulnerabilities that can be exploited by malicious hackers. As technology advances and organisation depend on tec...

Readers of Financial Post or National Post blogs might have found them difficult, if not impossible, to access Thursday morning. That is because WordPress, the platform through which every FP and NP blog has been published for the past 10 months, has been under attack by hackers for the past several hours. Using the same method as the hackers who brought down the main websites of Visa, Mastercard and PayPal last year to support the whistle-blowing website WikiLeaks, Thursday’s attacks have caused thus far untold numbers of WordPress-powered blogs to become nearly inaccessible. “WordPress.com is currently being targeted by an extremely large Distributed Denial of Service attack [DDoS] which is affecting connectivity in some cases,” said Sara Rosso of WordPress VIP services in a blog post Thursday morning. “The size of the attack is multiple Gigabits per second and tens of millions of packets [of data] per second.” “We are working to mitigate the attack, but because of the extreme si...