The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Election commission & Society of aircraft engineers of pakistan Hacked By Imm0rt4l5 Hacked Url : https://www.ecp.gov.pk/viewpressreleasenotific.aspx?id=1374&typeid=2 Mirror : https://i51.tinypic.com/1zgt9vc.jpg Hacked Url : https://saep.org.pk/documents/immortal.php Mirror : https://turk-h.org/defacement/view/383370/saep.org.pk/documents/

Nikon Image Authentication System Compromised ! ElcomSoft Co. Ltd. researched Nikon's Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon's Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras. The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature. Complete Story :   https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/

John the Ripper 1.7.7 new version Released ! "John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes." This is the change log for JtR version 1.7.7: Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils). A "dummy" "format" is now supported (plaintext passwords encoded in hexadecimal and prefixed with "$dummy$") – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself. Apache "$apr1$" MD5-based password hashes are now ...

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on...

FBI vs Coreflood botnet The FBI's unprecedented effort to behead the Coreflood botnet—comprised of millions of hacked Windows machines—appears to be working, at least for now. The bureau has tracked a dramatic decline in the number of pings from the botnet since the takedown operation began earlier this month, according to court documents filed by the Justice Department on Monday. The number of pings from infected US systems plummeted from nearly 800,000 to less than 100,000 in about a week after authorities began sending out "stop" commands to those machines—a drop of nearly 90 percent. Pings from infected computers outside the US have also dropped about 75 percent, likely as a result of a parallel outreach effort to foreign ISPs. The government's efforts have "temporarily stopped Coreflood from running on infected computers in the United States," writes the government in its filing, "and have stopped Coreflood from updating itself, thereby enabling anti-virus software vendors...

IRC chat of PlayStation Network hacker and How PSN hacked ! Now known that the PlayStation Network has been compromised, there are more details out. First came the log of the hacker who penetrated inside the PlayStation Network and we just had information from Sony itself that the burglary had been working over the PSN taken offline. Now we have for you a chat log between hackers who talk about security and encrypting the PlayStation Network. They say that the known credit card information easily available to hackers that they can not even enter their data via the PSN. The Credit Card encrypted data simply were not enough, so everything is easy to read. Watch the full chat was held on February 16 between hackers. [user1] xxx: I don't think there are many people involved in circumventing PSN access in /this/ channel [ "application/x-i-5-ticket" reason=40 > PSN error 80710101 ] [user2] talk about network stuff? [user2] nice [user2] i just finished decrypting 100...

Yenepoya University Hacked by The INFERNAL DANTE Hacked Site Link : https://www.yenepoya.edu.in/notice_board.php More Hack Pictures : https://img691.imageshack.us/i/64275385.png/ https://img121.imageshack.us/i/90340593.png/ ​https://img839.imageshack.us/i/51799700.png/ ​https://img833.imageshack.us/i/44978948.png/ ​https://img696.imageshack.us/i/20967849.png/

Cambridge Networks hacked by Shak [PCA] Hacked Site : https://cambridge-networks.co.uk/ Mirror : https://zone-h.org/mirror/id/13556467 Hacked Site : https://cambridgewebworks.com/ Mirror : https://zone-h.org/mirror/id/1355

WordPress 3.1.2 released – Security fixes ! The WordPress team just released a new version of WordPress (3.1.2) to fix a security issue where contributor-level users were allowed to publish posts. It is a small release, and everyone using WordPress should upgrade to it! From the WordPress site: WordPress 3.1.2 is now available and is a security release for all previous WordPress versions. This release addresses a vulnerability that allowed Contributor-level users to improperly publish posts. The issue was discovered by a member of our security team, WordPress developer Andrew Nacin, with Benjamin Balter. We suggest you update to 3.1.2 promptly, especially if you allow users to register as contributors or if you have untrusted users. This release also fixes a few bugs that missed the boat for version 3.1.1. Download 3.1.2 or update automatically from the Dashboard → Updates menu in your site's admin area. So do what they say and upgrade it asap! Download link: https://...

Mageia 1 Beta 2 released [ Testing Edition ] Three weeks after the first beta arrived, the Mageia development team has announced the release of the second beta for version 1.0 of its Mandriva Linux fork. According to the project roadmap, Mageia 1 Beta 2 will be followed by a release candidate on 17 May – the first stable release is expected to arrive on 1 June. Based on the 2.6.38.4 Linux kernel, Mageia 1 Beta 2 features the latest KDE 4.6.2 desktop environment. Other changes over the previous beta include a variety of package updates, including version 12.0.742.0 of the Chromium web browser, Firefox 4.0 and LibreOffice 3.3.2. The developers also note that they froze the software package versions last week, meaning that "no new, big, upstream code changes will be accepted in Mageia until our final release in June". Moving forward, the developers will focus on fixing bugs and "refining and polishing the user experience". As with all development releases, use in...

253 website defaced by imm0rt4l ( Indian hacking crew ) Imm0rt4l5 defaced 253 site , they are Indian hacking crew , with member names : Cybers4mur41 , C0br4 , T41p4n , rur0u1_bl4d3 The main defaces are :  https://www.pakistanrealestate.net/index.php and  edp.com.pk/update.php Message By them " We are warning to team ZHC not to deface Indian site , or else next defacement will be only off porkis !!!! " List of other websites are :  https://pastebin.com/r57UmqZ0

100's Beijing Government networks are vulnerable to Cyber-attack ! China is known as an aggressor in cyberspace, but hundreds of Beijing's own government networks are vulnerable to cyber-attack, says one security expert whose hobby is finding back doors into Chinese computer systems. Among the systems that hackers have penetrated is a database containing personal details - including email addresses, cellphone and passport numbers, and even psychological test results - of 11,000 people, including thousands of Americans. The database, maintained by the state agency that recruits foreign specialists to work in China, was breached by hackers last year, according to U.S. security researcher Dillon Beresford. But many of the Americans in the database did not know their details were there and had been accessed by hackers. Source