The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Firefox Version 5 release with fix of 5 remote code vulnerabilities Mozilla Delivers New Version of Firefox – First Web Browser to Support Do Not Track on Multiple Platforms Mozilla delivered two things today: Firefox 5 for personal computers and Android phones, and the promise to complete the new browser just a few months after its predecessor. The V5 critical fixes are: *  MFSA 2011-26  Multiple WebGL crashes *  MFSA 2011-22  Integer overflow and arbitrary code execution in Array.reduceRight() *  MFSA 2011-21  Memory corruption due to multipart/x-mixed-replace images *  MFSA 2011-20  Use-after-free vulnerability when viewing XUL document with script disabled *  MFSA 2011-19  Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) Download Firefox 5

LulzSec exposed details of alleged snitches In a Pastebin post, LulzSec explained that the two hackers allegedly tried to “snitch on [them]“, and so LulzSec took revenge. LulzSec boasted to the FBI “& other law enforcement clowns”, saying: “we just did your job for you with great ease”. The first alleged hacker, was named as Marshal Webb, who they claim was “involved in the hacking of the game “[Deus] Ex” and was/is involved in countless other cybercrimes.” Read complete Pastebin :  http://pastebin.com/MBEsm5XQ Hi FBI & other law enforcement clowns, LulzSec here with some juicy gossip. This is Marshal Webb, also known as "[redacted]" in the "#pure-elite" IRC logs you no doubt have enjoyed. He was involved in the hacking of the game "Dues Ex" and was/is involved in countless other cybercrimes. Also, he tried to snitch on us. Therefore we just did your job for you with great ease. This moron is trying to flee the country in order to ...

UK police arrest Suspected LulzSec 19 years old Mastermind British police say they have made a significant arrest in their investigation into hacking attacks on international business and intelligence agencies. Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The 19-year-old is currently in custody at a central London police station. This arrest comes just before the first major “ Operation Anti-Security ” information leak was about to take place. Police would not say whether the man is believed to be linked to either the Anonymous or Lulz Security. According to Mikko H. Hypponen , F-Secure CRO " The arrested person in Essex could be Ryan Cleary aka ViraL. Not sure of his relation to LulzSec. " Yes ! This can be Ryan, who hack Anonymous IRC networks - irc.anonops.net & irc.anonops.ru before & Also he was exposed by Anonymous . Name: Mr Ryan Cleary Alias: viraL...

LulzSec steal millions of records from the UK 2011 Census According to a Pastebin Link posted by LulzSec , they claimed to steal millions of records from the UK 2011 Census, with a public release coming soon. However, the group did post the a tweet  : Our next step is to categorize and format leaked items we acquire and release them in #AntiSec “payloads” on our website and The Pirate Bay. The release in full via  http://pastebin.com/K1nerhk0 Greetings Internets, We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census We’re keeping them under lock and key though… so don’t worry about your privacy (…until we finish re-formatting them for release) Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure! Ahoy! Bwahahaha… >:] Cap’n Pierre “Lulz” Dubois Leaked Data : LINKS: http://t...

Metasploit Framework 3.7.2 Released - Download  Metasploit Framework 3.7.2 includes 698 exploit modules, 358 auxiliary modules, and 54 post modules, 11 new exploits, 1 new auxiliary module, and 15 new post modules.This release addresses several issues with updating the framework, adds 11 exploit / auxiliary modules and brings a plethora of new features. Modules included are listed below. Notable modules include the Cisco Anyconnect ActiveX bug (which works against recent versions of the Cisco AnyConnect Windows Client), and the SCADA modules by sinn3r and MC. The multi-platform post-exploitation work continues with new modules for Linux and Solaris included in this release thanks to Carlos Perez. A number of password-stealing post modules are also included, courtesy of David Maloney. The updates to the signed_java_applet module are documented on the Metasploit Blog. Additionally, the cachedump module has been improved and merged thanks to great work by Mubix. New features ...

UK Serious Organised Crime agency website down after LulzSec Ddos attack The UK Serious Organised Crime agency has taken its website offline after ddos attack by hacking group Lulz Security. Soca said it had taken its website offline to limit the impact attack on clients hosted by its service provider. Soca.gov.uk had been unavailable from 1 day. Lulz Security has said it was behind the denial of service attack which had taken the website offline. LulzSec tweeted: " Tango down - in the name of #AntiSec ".

Blizzard's Mobile Server Database Exposed by Warv0x (AKA Kaihoe) Warv0x (AKA Kaihoe) Hacker today expose the Database structure of one of the biggest Company " Blizzard Mobile ". The exposed data can be seen on a pastebin link .  DATABASES EXPOSED LIST : [*] admin [*] egw [*] glpi [*] information_schema [*] lost+found [*] mboost_forum [*] multivea [*] mysql [*] openads [*] phpcollab [*] phpmyadmin [*] pixcatcher Blizzard's Mobile is Ringtone,Logo,Game, Java,Video,Theme,Mobile,Wallpaper,Screensaver etc. etc. Download Site with  Alexa  World Rank 3800.

BrainNET ISP/TV Provider hacked by ProDom Security ProDom Security Hackers Hacks into Brain.net.pk an ISP/TV Provider . Hacker dump data on free file hosting sites : URL: http://www.multiupload.com/0KWDE7ZJBB .  There are 3 file in archive : README = Readme File cracked.txt = Login's Cracked so far. shadow.raw.txt = Shadow file from there server.

LulzSec & Anonymous initiates ' Operation Anti-Security ' together LulzSec has issued a declaration virtual war on any government or governmental agency, the top priority of which they say "is to steal and leak any classified government information, including email spools and documentation. Announcement by Lulzsec via Pastebin post : Salutations Lulz Lizards, As we're aware, the government and whitehat security terrorists across the world continue to dominate and control our Internet ocean. Sitting pretty on cargo bays full of corrupt booty, they think it's acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011. Welcome to Operation Anti-Security (#AntiSec) - we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word "AntiSec" o...

Sony Pictures France hacked by idahc_hacker Idahc the Lebanese hacker did a duet with his French friend Auth3ntiq on Sony Pictures France ( http://www.sonypictures.fr/ ) . In a pastebin post declared again that they are not black hat hackers. Possibly in a ruch but this time they didn’t state that they are gray hat hackers. Using another SQLi, the data breach included the /etc/passwd file dump. According to Hacker, There are 177172 found in database, some of them are posted in pastebin.

Multiple SQL Injection Vulnerabilities on CNN website Exposed Yes ! CNN is also not Secure site, There are Multiple SQL Injection Vulnerabilities on CNN News site exposed by Hacker named " Sec Indi ". CNN.com is among the world's leaders in online news and information delivery. Staffed 24 hours, seven days a week by a dedicated staff in CNN's world headquarters in Atlanta, Georgia, and in bureaus worldwide, CNN.com relies heavily on CNN's global team of almost 4,000 news professionals. CNN.com features the latest multimedia technologies, from live video streaming to audio packages to searchable archives of news features and background information. The site is updated continuously throughout the day. SQL Injection Vulnerable Links : 1.)  http://cgi.money.cnn.com/tools/collegecost/collegecost.jsp?college_id='7966 2.)  http://cgi.money.cnn.com/tools/fortune/compare_2009.jsp?id=11439' Screenshots Submitted By Hacker : SQL Injection Vulnerabili...

Air India unit - Centaur Hotels website insecure - Passports, ID's, credit cards data at Risk Website of Centaur Hotel at IGI airport New Delhi -   http://centaurhotels.com/ used to upload customer data like  passport, pan card, credit card and other forms of personal identification of their guests staying at New Delhi IGI airport property, Data in an hidden indexed directory on the website as shown above. The Centaur Hotels is a unit of the Hotel Corporation of India, which is a wholly owned subsidiary of India's national carrier Air India which in turn is 100% owned by the Government of India. This Security failure is disclosed by Bangalore Aviation. Capt. Samarth Singh claimed the website was under the control of another company for the last year and was handed over him only one week ago. He said " The website has been under the direct control and jurisdiction of S. Naidu Pvt. Ltd. for the last one year. During this period Hybrid Content site credit has ...