The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A new rootkit that uses the master boot record (MBR) to hide itself has been discovered in China and is being used to install an online game password stealer. The bootkit is installed on the computer by a trojan downloader distributed from a Chinese adult site and is detected by Kaspersky as Rookit.Win32.Fisp.a. Once executed, the rootkit makes a copy of the old MBR and replaces the sectors with its own code which includes an encrypted driver. When the computer boots, the malicious code executes and restores the original MBR so that Windows can load normally. It then uses hooks to replace the fips.sys system driver with a malicious one. "It should be noted that the driver fips.sys is not required for the operating system to run correctly, so the system won't crash when it is replaced," says Kaspersky Lab expert Vyacheslav Zakorzhevsky. The driver scans loaded processes to determine if they belong to one of over a dozen antivirus programs and prevent them from running...

MumbaiITPro User Group Hacked by TriCk [TeaMp0isoN] MumbaiITPro User Group is an online technical community initiative for the IT Professionals. They are supported by Global IT Community Association (GITCA) and Microsoft Corporation. Hacked site :  https://mumbaiitpro.org/ Mirror :  https://mirror.sec-t.net/defacements/?id=7039

Hosting company Hostkey.ru got Compromised ! A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here : 1.)  Cms Hacked 2.) PhpMyAdmin Hacked 3.) Shell on Server 4.) Config File https://pastebin.com/VbuD0acE 5.) Server Rooted https://pastebin.com/h5RW3w6c Full compromise step-by-step @ forum https://tinyurl.com/dusbitchez News Source :  anonymous 

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

Multiple vulnerabilities in IBM Tivoli Directory Server Multiple vulnerabilities have been reported in IBM Tivoli Directory Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to cause a Denial of Service and compromise a vulnerable system, according to Secunia. 1. The application bundles a vulnerable version of IBM Java. 2 . An error within ibmslapd.exe when processing certain requests can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3. The TDS proxy server stores the user's password in cleartext in the audit log when the backend server is configured to audit extended operations. The vulnerabilities are reported in versions 6.1, 6.2, and 6.3.

 Hackers Changes Millions of Passwords to " password " ! Passwords from over 3,000,000 user accounts were apparently set to "password" late last night in a wide-spread hack that affected hundreds of news, retail and Web 2.0 sites. Most affected users are completely unaware of the attack. According to current statistics, 62% of affected users would not notice such a change as their password was already "password". Several sites have reported that they are taking steps to protect compromised accounts. In addition, many sites are creating a new rule to ban using the word "password" as a password. Users are reacting fiercely to the hack but even more so to the ban many sites are putting on one of the world's most popular passwords. Online riots are to be expected. The hacker group named "Obvious" has claimed credit for last evening's attack. Thousands of hacked Twitter and Facebook accounts posted the message "We are a...

Now it's official: HBA-crew v2, was hacked! Ip 'were logged, Database is public! An official statement is as early as the first April before. But was it so funny but not that it was serious: Hi, Now we can not hide it anymore. geloaded Since yesterday evening by a leak in the server the entire database of HBA, packaged and put on various public OCH's been. Because, unfortunately, still in some areas, no IP logging was disabled, we ask you immediately to secure your systems. It's just a matter of time. Starting with the great and stopped at the small. The forum is in the background already reorganized. According to the internals using Co.Admin TheSaint was - made possible the leak. No one can be trusted - unfortunately. Bitter ! be deceived by the private Co. Admin thereby. Well let's look at how the index looked like: "Hacked by a pro of the scene" The Happy Ninja's are the again the scene on its head: First of all, here is the plain tex...

The Hindi Times Hacked by TriCk & RoCk - ZHC & TeaMp0isoN Site: https://www.thehinditimes.com/ Mirror: https://zone-h.org/mirror/id/13410390

Bh-News Has Been Hacked By Dinelson US  Hacked Users : Website : www.bh-news.com

Channel.facebook.com cross-site-scripting (XSS) vulnerability by Edgard Chammas Security researcher Edgard Chammas, has submitted on 02/04/2011 a cross-site-scripting (XSS) vulnerability affecting 1.61.channel.facebook.com, which at the time of submission ranked 2 on the web according to Alexa. It is currently unfixed. Link :  https://1.61.channel.facebook.com/iframe/11?r=https://static.ak.fbcdn.net/rsrc.php/1.js%22%3E%3C/script%3E%3Cscript%3Ealert(%22The%20Hacker%20News%22)%3C/script%3E%3Cscript%3E

Crif.org defaced by participants in # Anonymous The website of the Conseil Représentatif des Institutions Juives de France or the Representative Council for Jewish Institutions of France was defaced by the hackers on steroids over in Anonymous' operation palestine or #oppalestine. At the time of this writing the website www.crif.org is still defaced. here's a picture to immortalize the action.

Anonymous successfully taken down https://www.sonypictures.com/ and https://www.sonypictures.co.uk The Sony PS3 console was "hacked" or more appropriately, jail broken, by iPhone hacker, Geohot. Anonymous managed to reverse engineer his own PlayStation 3 to run home brew applications on it.And then later released the method to the public, through his site, geohot.com Sony hit Anonymous with a lawsuit and demanded social media sites, including YouTube to hand over IP addresses of people who visited Geohot's social pages/videos.Pay pal have granted access to Sony for them to view Geohot's Pay Pal account. The judge of the case has given permission to Sony to view the IP addresses of everyone who visited geohot.com Sony are also after another group of hackers for the same case. The PS3 hack which GeoHot released can be compared to the "unlocking" of a phone. i.e. Once you purchase the phone, it's yours, you can do whatever it is you want with it. L...

QNet confirmed that E -commerce portal was down due to DDoS attack QNet has confirmed that its e-commerce portal was recently the target of a Distributed Denial of Service (DDoS) attack. This caused its main website to be offline for over 36 hours. QI Group IT Director, TG Kintanar said, "As a global direct selling company with a busy trading portal, it is not unusual for QNet to become a target for such attacks, although this has never happened before." QNet is a subsidiary of the QI Group of Companies. "Let me stress that the cyber-attack on our website was not the work of hackers. The DDoS merely blocked customers' access to our services, causing them great inconvenience. However, as QNet's online security measures were in place, our customer database remained intact throughout the attack. Nothing was compromised." Kintanar said. He added that upon noticing the attack on March 9, the QNet IT team immediately started working round-the-clock to set up an alternate transacti...