The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Twitter is offering users better protection from hackers with a new option to always use an encrypted connection to access its microblogging service. The measure is particulary designed to defend those who access Twitter via unsecured public Wi-Fi networks, which can make it easy for hackers to steal their passwords. If activated, the new option in users' account settings means that whenever a they log on, their browser will connect to Twitter's servers via HTTPS, an encrypted version of the basic web protocol. Virtually anyone trying to spy on the traffic will see only packets of completely unintelligible data. "This will improve the security of your account and better protect your information if you're using Twitter over an unsecured Internet connection, like a public WiFi network, where someone may be able to eavesdrop on your site activity," said Twitter spokeswoman Carolyn Penner. "In the future, we hope to make HTTPS the default setting," she adde...

Chinese Site Hacked by Cyber king (TEAM NUTS) Hacked Site :  https://www.bjname.com/NUTS.HTML

3 websites hacked by Team-Greyhat ! Hacked Sites : https://demoshop2.pentaconweb.dk/ https://suphamyenbai.edu.vn/index.htm https://impalamultiplex.com/index.html News Source :  Napster

Yahoo! India R&D will be hosting 'HACK U'– the University Hack Day event for IIT Kharagpur students on campus between 17 and 20 March. Close to 250 students are expected to participate in this four day event of learning, hacking and fun, which is part of Yahoo!'s on-going commitment to nurture talent and innovation among today's student bodies. Conceptualized along the lines of Open Hack Day, Hack U provides a platform for the student community to develop and build applications using Yahoo!'s Open APIs (Application Programming Interface) like YQL and YAP, or even to create a new product concept itself. This novel concept provides students with the opportunity to work on product ideas, develop working prototypes in a 24 hour 'Hackathon' and eventually stand the chance to win cool prizes. The event will kick off with a series of hack-related presentations and tech talks by Yahoo! engineers followed by a non-stop 24-hour hacking session by the students. Praveen Ramachandr...

Kevin Mitnick 's latest Book : Ghost in the Wires - My Adventures As The World's Most Wanted Hacker ! Kevin Mitnick, the world's most wanted computer hacker, managed to hack into some of the country's most powerful - and seemingly impenetrable - agencies and companies. By conning employees into giving him private   information and maneuvering through layers of security, he gained access to data that no one else could. The suspenseful heart of the book unfolds as Mitnick disappears on a three-year run from the FBI. He creates fake identities, finds jobs at a law firm and hospital, and keeps tabs on his myriad pursuers - all while continuing to hack into computer systems and phone company switches that were considered flawless. A modern, technology-driven adventure story, GHOST IN THE WIRES is a dramatic account of the joy of outsmarting security programs, the satisfaction of code-cracking, and the thrill of unbelievable escape.

Iran is planning to recruit hackers to combat enemies after suffering last year's coordinated and sophisticated cyberattacks that reportedly crippled its Natanz nuclear enrichment facility. Fox News quoted Brigadier General Gholamreza Jalali, who leads Iran's Passive Defence Organization, as saying that the Islamic Republic plans "to fight our enemies with abundant power in cyberspace and Internet warfare." Recruiting hackers by paying them with sufficient amount of money is reportedly a part of the organisation's plan. Meir Javedanfar, author of The Nuclear Sphinx: Mahmoud Ahmadinejad and the State of Iran, said that when it comes to projects that are important to them, "they have money." Mohsen Sazegara, a former member of the Iranian Revolutionary Guard, said that computer experts working on piecemeal projects would not be able to figure out that they were working on a government cyberattack plan. "It's a process. They write complic...

Web hosting administration company InterWorx Hacked ! Web-hosting administration outfit InterWorx has warned users to change their passwords following a deep penetrating hack attack. The assault on the firm's support desk database exposed users' login credentials because the support desk software was storing email and password data in plain text. Users were strongly advised to change their passwords on any site they accessed using the same login credentials as they used with InterWorx. The compromise – which ran between 28 February and 5 March – gave hackers admin control of websites administered through InterWorx, a facility they soon set about abusing in order to distribute malware. In a  notice  warning of the breach, InterWorx warns that a "few clients" have had their servers "modified to distribute malware javascript, as a direct result of this attack". InterWorx apologised for the breach in an email sent to users on Thursday and forwarded to E...

Adobe today released an advisory   to warn about a remote code execution vulnerability in Flash Player, which also affects Adobe Reader and Acrobat. This critical vulnerability has been assigned CVE-2011-0609. Currently seen attacks work through a malicious SWF file which is embedded inside an Excel file. The target must open a malicious XLS file for a vulnerability in Flash to be exploited. This kind of structure is a perfect setup for targeted attacks. And not surprisingly, targeted attacks have indeed been reported. During testing, the particular exploit was not able to run successfully on Windows 7. It did work on Windows XP. It's likely though a ROP-exploit would be able to exploit this vulnerability under Windows 7. Call me old-fashioned, but I don't really see the point of embedded SWFs inside Excel documents. From my point of view, this is a clear example of too much functionality in a product leading to security problems. As such, it would be great if Microsoft would ...

Times Square screens hacked using iPhone ! Hacker's Words : " The way it works is pretty simple: plug in my transmitter into the headphone minijack of an iphone 4 and play back any video clip. you can play it through the ipod feature or through the camera roll. the transmitter instantly sends the video signal to the video repeater and the video repeater overrides any video screen that it's being held next to. it doesn't matter what shape or size the hacked screen is because the hack video will simply keep its correct dimensions and the rest of the hacked space will stay black. i chose times square for my demo because it has lots of video screens to try it on. it is also one of the most monitored and secured areas in new york city and that made it that much more fun :). you can see in my video that the repeater is pretty powerful but the signal is not very stable yet. i'm working on that. i will post a new video later this week explaining how i made this pr...

BackTrack 5 " revolution " will Release on May 10th, 2011 As BackTrack 5 development rolls on full steam ahead, we've been getting numerous questions about the future release. We thought we'd publish a blog post with general information about BT5 for the impatient. The codename of this release will be " revolution ", for a bunch of reasons. BackTrack 5 will be based on Ubuntu Lucid (10.04 LTS) , and will (finally) support both 32 bit and 64 bit architectures. We will be officially supporting KDE 4 , Gnome and Fluxbox while providing users streamlined ISO downloads of each Desktop Environment (DE). Tool integration from our repositories will be seamless with all our supported DE's, including the specific DE menu structure. Perhaps most importantly BackTrack 5 "revolution" will be our first release to include full source code in it's repositories. This is a big thing for us, as it officially joins us to the open-source community and clears up any licensing issues which were pres...

This year marks the 40th anniversary of Creeper, the world's first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proof of concepts, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex business models. In the following story, FortiGuard Labs looks at the most significant computer viruses over the last 40 years and explains their historical significance. 1971: Creeper: catch me if you can While theories on self-replicating automatas were developed by genius mathematician Von Neumann in the early 50s, the first real computer virus was released "in lab" in 1971 by an employee of a company working on building ARPANET, the ...

So what is the difference between Seccubus V2 and Seccubus V2 ? Before you try something new you want to know if it is going to be worth it. This article should give you an idea of why we spend quite a lot of time and energy in rebuilding Seccubus V2 from scratch. I clearly recall the conversation between myself and my coworker Anton Opgenoort that resulted in the first (internal) release of Seccubus. We were discussing the pros and cons of different vulnerability management tools when he challenged me: .Surely you can set up a Cron job to start a Nessus scan yourself?. Anton claimed at one time, and now, more than three years later, it has led to the Seccubus as we know it today. This little history illustrates what is fundamentally wrong with Seccubus V1. While it functions quite well, and has been maintainable for much longer than I expected, it is still in the basis a bunch of shell scripts and some Perl CGI thrown together. ...