The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Sony Reply to Congress : We Still Don't Know Who Hacked Us ! Updates from the latest answers submitted by PlayStation executive Kaz Hirai , responding to the House Energy and Commerce Committee's subcommittee on Commerce, Manufacturing, and Trade . Hirai and this subcommittee last discussed PSN through letter writing in early May, not long after the attack took place, PSN went down, accounts were exposed and Congress started questioning. The letter is addressed for yesterday, May 26. " I would like to take this opportunity to express my sincere gratitude to the committee for its appreciation of the gravity of the situation that Sony faced and, accordingly, allowing Sony to defer an appearance before the Committee ," said Hirai. " Sony was unable to appear before the Committee due to exigent circumstancesSony was under attack and it was critically important that our key personnel remain available and ready to address critical issues as our network and game serv...

Cringley’s credit card was recently hacked. And if his card can be hacked, anyone’s can. Like many cardholders, Cringley received a notification from his credit card company’s fraud department, informing him that his card data was being used overseas, on an online dating website. A scammer used Cringley’s credit card number to create a fake profile, posing as a woman named Katya to lure desperate, unsuspecting men into dating scams. Cringley determined that the IP address associated with the fraud was anonymized, going through numerous channels to disguise its origin. A Russia-based email address may mean Russian criminals are involved in the hack. Cringley’s card was used to purchase Badoo credits, which are used to unlock certain features of the dating website, such as chatting with another user or requesting photos. The scammer used Cringley’s card to buy Badoo credits in numerous countries, making her profile internationally accessible. Cringley surmises that his card data ...

XSS Vulnerability found on Sony PlayStation Store Website XSS Vulnerability found on Sony PlayStation Store Website at  https://store.playstation.com/ ,This  Vulnerability is posted by someone on a Forum site. The XSS is working on Firefox Browser, Not applicable for Crome Browser. Here in Screenshot you can see that, The backlink Code behind " Back " button has been modified using XSS attack.  Proof of Concept : 1.) Open Url in Firefox : Click Here 2.) Now Click on the Back Button shown at middle of the page. You will be Redirected to Google.com . This XSS Vulnerability can be misused By hackers for Phishing or any Cyber Crime Activity. We have Notice that, almost 70% Sony's websites are Vulnerable with various Flaws. Sony Should Fix it as soon as possible, Before any next hack attack. Thanks.

R00TW0RM Linux Auto rooter for 2010 kernel Coded by CrosS Roots linux server Automatically if the Kernel version is still vulnerable to exploit. Previously a 2009 Auto rooter was Released and now 2010 is being released. for more updated like 2011 and other Exploits and Methods stay in touch with http://r00tw0rm.com/forum | R00TW0RM - Private Community Download :  http://r00tw0rm.com/CrosS- 2010.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2010.txt Also see :  R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS

Anonymous Takes Down U.S. Chamber Of Commerce  for PROTECT IP Act  Anonymous collective launches DDoS attack against the business lobbying group over it’s support for the legislation to fight online infringement that many fear will great expand the govt’s ability to filter the Internet. Anonymous began targeting the US Chamber of Commerce for its support of the controversial “ Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 .” The US Chamber of Commerce has been outspoken about its support for the “ PROTECT IP Act. ” It believes the legislation is necessary to “ cut of rogue sites ” and protect US jobs. Anonymous managed to take the site –  uschamber.com  – down.

While Tokyo-based Sony Corp. battles massive data security breaches, Japanese carmaker Honda is confronting its own online challenge — the theft of personal information from 283,000 Honda and Acura customers in Canada. Jerry Chenkin, executive vice-president and chief compliance officer at Honda Canada Inc., confirmed Thursday that names, addresses and vehicle identification numbers were taken from the company's e-commerce websites myHonda and myAcura, with suspicious activity on the site first detected in late February. In a letter to affected vehicle owners dated May 13 and obtained by the Star, Honda Canada said it was alerted by unusual volume on the sites, including “some unauthorized attempts to access account information.” The letter said financial information was not compromised. Honda, which does not sell customer data to third parties, is investigating the incident, which has been reported to police. Perpetrators have not been identified and no group has claimed res...

Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network th...

ICC Twenty20 World Cup 2012 website Hacked ! Hacked site link :  http://twenty20worldcup2012.co.in/

Israeli Server with 96 websites Hacked by J|nX J|nX hack into a Israeli Server that having 96 websites with Israeli domains. List of hacked sites are :  http://pastebin.com/if48FWtN

Origami is a framework for PDF documents manipulation written in pure Ruby. It can be used to analyze or create malicious PDF documents. Being written in Ruby, the core engine of Origami is totally scriptable and can be used for automated tasks on large sets of documents. A GTK graphical interface is also available for manually browsing through the inner objects of a PDF document. The philosophy behind Origami is the following: Support for both reading and writing to PDF documents. Origami is able to create documents from scratch, read existing documents and modify them. Each new feature added must be compatible with reading and writing. Handling a large subset of the PDF specification. Origami focuses on features from the PDF specification which can be used to obfuscate documents or provide offensive capabilities. Being flexible and extensible. Origami can be used in many ways, even if you are new to the Ruby language. Origami supports many advanced features of the PDF spec...

R00TW0RM Linux Auto rooter for 2009 kernel Coded by CrosS Linux Server with Kernel 2009 are still vulnerable to exploit . This Exploit is Auto Rooting Exploit, with one Exploit you are able to Get root access to any Linux machine. Its a local root exploit so for that, you have to upload it on same machine before usage. See below for Download link and Usage help : Download Link: http://r00tw0rm.com/CrosS-2009.txt Usage : Just upload/fetch/wget and give sommand => perl CrosS-2009.txt Submitted By : /UnKnown/

NIIT Technologies GIS subsidiary ’s server hacked by Tigers of Indian Cyber (TIC) A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the ‘Tigers of Indian Cyber’ (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS’ server was compromised — not the servers at NIIT Technologies. The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. “The executed query enumerates expected information from the database tables,” says Omair. Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detec...