The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Escuela Universitaria Diseno - Spain hacked by Fr0664/FCA , 26740 emails/passwords Dumped ! 26740 emails/passwords Preview : https://pastebin.com/AQGxDJgD Full : https://rapidshare.com/files/460080122/esne.edu.7z

Trinity Campus college 's website hacked by RdH0X Trinity Campus college's website hacked and the vulnerabilities reported to the admins and system administrators of the institute. College authority is involving me in their team so as to take adequate steps to secure the website. HACKED SITE :  https://www.trinitycampus.in/uploads/RdH0X_tnt.htm

The PSN hackers logs fresh from EFNET IRC Server ! Logs of PS Hackers :  https://173.255.232.215/logs/efnet/ps3dev/2011-02-16 Alternate Link For Logs :  https://pastebin.com/yXP7TDJ3 All Logs from EFNET IRC Server : https://173.255.232.215/logs/efnet/ps3dev/ IRC server Stats :  https://173.255.232.215/logs/efnet/ps3dev/stats

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

Anonymous Vs Sony : Word By Word Q/A b/w Reporters and Sony during Conference ! Q. The accuracy of approximately 10 million credit flow A. There is no firm evidence of leakage. Cannot say wether a leak or not. There is no report so far. Q. prospect of resuming services. A. We want to restart the service country/region base. Basically approx within a week schedule. (a week from today?.. previously we heard about same "a week matter..) Q. How was it the effect to the business so far? A. Cannot tell it yet, many things to handle one at the time. Q. What was the condition when you firstly sense the trouble? A. Hacking with the high skill technique was undergoing, was confirmed. But we still dont know data was stolen / taken Q. Why did you announce privacy data was stolen then? A. The possibility existed, what/when/how was it still under investigation. account numbers is between 7700000 to 7800000 accounts plus there are double accounts. Q. What was your...

About a third of the FBI agents working on cyber investigations lack the networking and counterintelligence expertise to investigate national security intrusions, the Justice Department's inspector general concluded in a new report. The report said the FBI's practice of rotating agents among different offices to promote a variety of work experiences hinders the ability to investigate national security cyber intrusions. The inspector general's audit, based on interviews of 36 agents in 10 offices, emphasized the need for a strong cyber security work force in federal government "is more urgent than ever," said Sen. Susan Collins, the top Republican on the Senate Homeland Security and Governmental Affairs Committee. The FBI has a comprehensive instructional plan in place that includes 12 core courses an agent must take along with on-the-job training. According to the inspector general's report, many agents said training was helpful but that they did not have the time to take the req...

Mallika sherawat 's Official Website, SSM College hacked by Hackethis29 Hacked Sites : https://www.mallikasherawatwow.com/ https://www.ssmce.ac.in/

Hydra v6.3 Released with oracle & snmp-enum modules ! A very fast network logon cracker which support many different services. Have a look at the feature sets and services coverage page - including a speed comparison against ncrack and medusa! Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast. Version 6.x was tested to compile cleanly on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX. CHANGELOG for 6.3 * Added patch by Petar(dot)Kaley(at)gmail.com which adds nice icons to cygwin hydra files * Added patch by Gauillaume Rousse which fixes a warning display * New Oracle module (for databases via OCI, for TNS Listener passwd, for SID enumeration) * New SMTP user enum module (using VRFY, EXPN or RCPT command) * Memory leak fix for -x bruteforcing option ...

Department of Homeland Security Out to Get PSN Hackers ! The external intrusion into the PlayStation Network has led to undoubtedly the worst fiasco in the PlayStation universe since the ApocalyPS3 of 2010. If the readers are like us, then we're all not only sick of the PSN being down but are also sick of all the news surrounding it with little to no positive light at the end of the tunnel. Finally, there finally appears to be some progress in the making thanks to the unveiling of some assuring details. Despite the word that SCEA is working around the clock with third-party security organizations to bring the network back up for our online gaming pleasure, users were not told what team was conducting the investigations, how large the said company was, and to what extent their resources were spanning out to. However, in a surprising turn of events, the United States Department of Homeland Security revealed that the federal division is lending their hand in assessing the damages o...

Law enforcement organization hit by hackers ! Computer hackers have stolen names, addresses, Social Security numbers and credit card information of about 2,000 retired public safety officers belonging to the Peace Officers Research Association of California, according to a email sent to them on Thursday night. PORAC informed its members that its data server was breached earlier this month. The hackers stole application files of retired associate members going back to 2008, including dates of birth, addresses and phone numbers and email addresses. "Based on our investigation, it appears that the breach was limited to (retiree) applications and we have no reason to believe that other PORAC members were affected," PORAC President Ron Cottingham said in the email. Cottingham told The Bee this morning that the association was following up with a letters that will be mailed out today. The organization started receiving reports last week that members' credit cards were ...

imm0rt4l5 Hackers Hit 3 Pakistani websites ! Defaced Site : 1.)  mcl.com.pk Muslim Constructors (Pvt.) Ltd., popularly known as MCL URL : https://www.mcl.com.pk mirror : https://www.turk-h.org/defacement/view/383420/mcl.com.pk/ 2.) novait.com.pk the Internet service provider. URL : https://novait.com.pk/index.php?page_id=2 Proof : https://i55.tinypic.com/1jrgid.png 3.) gmsons.com.pk URL :https://www.gmsons.com.pk/productsDesc.php?id=3 Proof : https://i51.tinypic.com/2hibe3k.jpg

Pangolin 3.2.3 - Automatic SQL injection penetration testing tool New Release ! Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or users specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more. Test many types of databases Your web applications using Access,DB2,Informix,Microsoft SQL Server 2000,Microsoft SQL Server 2005,Microsoft SQL Server 2008,MySQL,Oracle,PostgreSQL,Sqlite3,Sybase? Pangolin supports all of them. Features: Au...

151 websites Got hacked By Albania hacker Force [AHF CREW] Hacked Site List :  https://pastebin.com/jhmxB1zt