The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Sony.com2.us database Exploited by Lionaneesh Lionaneesh extract database of sony.com2 and publish on :  https://pastebin.com/mZKtrT10  .

Lady Gaga 's Twitter Account Hacked ! Oh snap! Lady Gaga's Twitter account was hacked on Wednesday and as a result, the Mother Monster has threatened to involve the authorities in the matter. Don't fuck with Gaga's digital rights. And come to think of it…to hack the Twitter account of the world's most famous womam is probably dumb, since you're more likely to get caught and to be made an example of. A hacker gained access to Gaga's account and began posting a number of spam messages, all written in Spanish. Gaga's deleted the tweets and posted the following warning: "Whoever is hacking my Twitter must answer to 10 million monsters and Twitter police." Do not mess with Gaga or her Monsters. Do you follow Lady Gaga on Twitter?

Famous Israeli company websites Hacked by OldChildz (Turkish Hackers) Hacked Sites and Mirrors : https://be10.co.il https://www.zero-h.com/mirror/id/66321 https://gagotreafim.com (An Israeli Construction Company) https://www.zero-h.com/mirror/id/66320 https://kasafot.com (A manufacturing company in the Israeli case) https://www.zero-h.com/mirror/id/66319 https://nadlan-plus.com (Nadlan-Plus Jerusalem Real Estate Israel is a leading firm, offering luxury properties) https://www.zero-h.com/mirror/id/66318 https://sick-sensors.co.il (SICK is a technology and market leader in Factory Automation and Logistics, as well as the Process Automation.) https://www.zero-h.com/mirror/id/66317 https://meholelim.org https://www.zero-h.com/mirror/id/66315 https://lama-wordpress.com https://www.zero-h.com/mirror/id/66313 https://backpackingisrael.com (Travel Forums and Tips) https://www.zero-h.com/mirror/id/66311

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. As well as the standard Linux networking tools like ping, wget, curl, telnet and ssh, the Live Hacking DVD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities. The Live Hacking DVD is designed for ethical computer hacking, meaning that it contains the tools and utilities you need to test and hack your own network but using the tools and techniques that mor...

Ubuntu 11.04 Released ! For those of you watching Ubuntu's website recently, you may have noticed a new version of the popular and easy to use variant of Linux has been surfaced - Natty Narwal. It can be downloaded from the previously linked site free of charge. Among the various new features, the Unity interface is set as the default UI, and includes the launcher (an OS X like dock), the dash (a popup menu with user defined shortcuts), and workspaces (a virtual desktop manager). According to the Ubuntu website, the OS can boot in as little as 7 seconds (following POST). Driving all of this eye candy is Gnome 2.32.1 (according to Ubuntu Vibes). If your current equipment is not capable of Unity, the classic desktop experience will kick in as to keep you moving along with minimal lag. Those of you wanting to experiment with Gnome 3, it cannot be installed via the Ubuntu repositories, and there have been reports of system instabilities post installation, though there is a workaroun...

Buddie.me (Social Networking) Hacked by Fr0664/FCA , 15809 Users emails/passwords exposed ! A social Networking Site, Buddie.me hacked By some hacker, and about 15809 emails/passwords they have exposed on internet at : https://pastebin.com/4C91WVLN

Ncrack 0.4 Alpha - New Version download ! Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts. Ncrack's features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap's and many more. This is the change log for the current release: Added the VNC module to Ncrack's arsenal. Thanks to rhh of rycon.hu for implementing the module and discussing about it for further improvement. Wrote...

Google's Chrome web browser is now at version 11, and its release is marked by a record payout for security fixes as well as a speech translation feature. A total of 27 security vulnerabilities are fixed in the latest stable release for Windows, Mac, Linux and Chrome Frame. Individual rewards were from $500 up to $3,000 for a particularly nasty looking bug that allowed a possible URL bar spoof leading to navigation errors and interrupted page loads. Among the researchers Google gave thanks to was Braden Thomas of Apple Product Security. This is most likely because Chrome's underlying open source browser engine Webkit is the same one that runs Safari. Chrome users will now also be able to play around with speech translation, thanks to a new speech input through HTML feature. Using the Google Translate application, you can speak after clicking a microphone at the bottom right of the input box. You'll be able to read and listen to the translated result. This isn't ne...

Election commission & Society of aircraft engineers of pakistan Hacked By Imm0rt4l5 Hacked Url : https://www.ecp.gov.pk/viewpressreleasenotific.aspx?id=1374&typeid=2 Mirror : https://i51.tinypic.com/1zgt9vc.jpg Hacked Url : https://saep.org.pk/documents/immortal.php Mirror : https://turk-h.org/defacement/view/383370/saep.org.pk/documents/

Nikon Image Authentication System Compromised ! ElcomSoft Co. Ltd. researched Nikon's Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major flaw. The flaw allows anyone producing forged pictures that will successfully pass validation with Nikon's Image Authentication Software. The weakness lies in the manner the secure image signing key is being handled in Nikon digital cameras. The existence of the weakness allowed ElcomSoft to actually extract the original signing key from a Nikon camera. This, in turn, made it possible to produce manipulated images signed with a fully valid authentication signature. Complete Story :   https://blog.crackpassword.com/2011/04/nikon-image-authentication-system-compromised/

John the Ripper 1.7.7 new version Released ! "John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes." This is the change log for JtR version 1.7.7: Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils). A "dummy" "format" is now supported (plaintext passwords encoded in hexadecimal and prefixed with "$dummy$") – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself. Apache "$apr1$" MD5-based password hashes are now ...

Microsoft Windows Malicious Software Removal Tool - Download ! The Microsoft Windows Malicious Software Removal Tool checks Windows Vista, WIndows 7, Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. To download the x64 version of Malicious Software Removal Tool, click here . This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on...