The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Video Conferencing Systems Vulnerable To Hackers According to a story published earlier this week by the New York Times , A security expert at Rapid 7 found that common videoconferencing equipment could give hackers access to company conference rooms and boardrooms. An investigation led by chief security officer HD Moore with Rapid 7 began when he wrote a program to scan the Internet for videoconferencing systems. HD Moore and Mike Tuchen of Rapid7 discovered that they could remotely infiltrate conference rooms in some of the top venture capital and law firms across the country, as well as pharmaceutical and oil companies and even the boardroom of Goldman Sachs all by simply calling in to unsecured videoconferencing systems that they found by doing a scan of the internet. Moore's scan covered about 3 percent of the addressable internet and found 250,000 systems using the H.323 protocol, a specification for audio and video calls. Moore said he found more than 5,000 organization...

Cross Site Scripting (XSS) Vulnerability in Google Ucha Gobejishvili Hacker with codename " longrifle0x " discovered another Cross Site Scripting (XSS) Vulnerability in Google's Website. He already reported about the Vulnerability to Google Security Experts. Proof of Concept: Open https://www.google.com/a/cpanel/premier/new3?hl=en  and Click Find Domain . Put xss code: <IFRAME SRC="javascript:alert('XSS');"></IFRAME> Another XSS Vulnerabilities Discovered by longrifle0x  https://xssed.com/archive/author=longrifle0x/special=1/

Hcon's Security Testing Framework (Hcon STF) v0.4 [Fire base] Hcon respects & salutes to all of the freedom fighters of India, without whom we can never be able get our freedom.A tribute to all of the freedom fighters of all the countries we present HconSTF version 0.4 codename ' Freedom '.Hope this year brings freedom for everyone on the internet form different governments & companies which are making the internet users their slaves.For this purpose HconSTF 0.4 has integrated many functions for anonymity and OSINT. Some Highlight Features : Categorized and comprehensive toolset Contains hundreds of  tools and features and script for different tasks like SQLi,XSS,Dorks,OSINT to name a few HconSTF webUI with online tools (same as the Aqua base version of HconSTF) Each and every option is configured for penetration testing and Vulnerability assessments Specially configured and enhanced for gaining easy & solid anonymity Works for web app testing assessments...

Fake CNBC 's Website for Internet Fraud The beauty of the Internet is that you can make a truckload of money out here. Yes, you really could quit your full time job if you work hard.The bad news is most people either don't want to work at it, or they buy into some scam that causes them to waste money they could have used to invest in a real, legitimate venture. Today I got a mail from some random Email ID and with Subject  Wow ! thehackernews.com : My family sees the money I'm bringing in every week and they're simply proud of me. https://tinyurl.com/7lmetym I just Click the link provided in Email body and Here we notice a website with subdomain www.cnbc.com-exclusive.us , which having same mirror look like original CNBC website. In first sight the site seems to be legit because of Domain resemblance. Actually, the top level domain of this fraud site is  com-exclusive.us and Admin create another subdomain in it with name cnbc . Now complete URL look similar to...

Saudi Presidency of Meteorology & Environment Protection Hacked A hacker with name Yourikan (you-r!-k@n) Deface the Website of Saudi's " Presidency of Meteorology & Environment Protection ".  Yourikan perform this Hack to give message to Saudi Hacker  0xOmar , Who leaks the thousands of Israeli credit cards few weeks back. [ Source ]

Tor Vulnerable to Remote arbitrary code Execution According to latest post of Gentoo Linux Security Advisory, There are multiple vulnerabilities have been found in TOR , the most severe ofwhich may allow a remote attacker to execute arbitrary code. TOR is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Using this Vulnerability remote attacker could possibly execute arbitrary code or cause a Denial of Service. Furthermore, a remote relay the user is directly connected to may be able to disclose anonymous information about that user or enumerate bridges in the user's connection. Advisory explain that , Affected Vulnerable packages are < 0.2.2.35 . M ultiple vulnerabilities have been discovered in Tor are listed below: * When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing connections ( CVE-2011-2768) . * When configured as a bridge, Tor relays ca...

This Post reviews the newly released ANTI3 version. We've received a platinum account of ANTI3, before its official release, and this is our review: Recently White-Hat Hacker, Itzhak "Zuk" Avraham , the founder of zImperium unveiled its new app in Blackhat / Defcon19, introducing a new concept where both home users and local IT can have the same tools to, at the push of a button, check for their security faults. The new zImperium product, named Android Network Toolkit (or in short - ANTI), allows professional penetration testers, ethical hackers, IT and home users to scan for security issues in their network. In a few simple clicks ANTI covers the most advanced attack vectors in order to check for vulnerabilities, even those that up until now could only be performed by top-notch penetration testers. This means that while you might think that you're safe because you have a firewall on, with ANTI you can check and prove it (or add it to your penetration testing repor...

Phishing Google Users with the Help of Google ! How Hackers are phishing Gmail/Google users successfully ?  Christy Philip Mathew, an Information Security Instructor from India shared a perfect trick with us. He just exploit human psychology. Lets see how: He Created a phishing Page of Google and Uploaded to :  https://www.keepbacktrack.net84.net/  . Now How to make this URL legit for Victims ? Simple, Using Google translation Tool. Google translation has got a vulnerability that if an attacker plan out translating a fake gmail login page he would get a perfectly crafted link that can be used for malicious purposes or Phishing. Above Shown Image the example of this Trick. New Phishing  URL is Here  after using Translation tool. This is Art of psychological manipulation using Google to Hack Google Users.

Panasonic China website hacked and Redirected Latest notification by DarkDevilz Crew to THN  , They hack  Panasonic's China websites and Redirect users to a Black color Deface Page as shown. " 3spi0n " named Hacker from team take responsibility to perform this Hack. Hacker compromise the URL :  https://pro2.panasonic.cn/autodoor/ , and add Refresh Meta tag in source code to redirect the page to a new location i.e.  https://www.kutanhosting.com/r3.html  . Mirror of Hack is also available, in case Site fixed before you see this , here : Mirror 1 & Mirror 2

CBS Broadcasting Hacked by Anonymous Hackers for #OpMegaUpload Anonymous Hackers are claiming to Hack the official website of CBS Broadcasting (CBS), major US commercial broadcasting television network, which started as a radio network. Hacker hack the server , entire web directory has been deleted and There is only a Single blank file named " foundry.html " as shown. Even Brazil also Under Anonymous Attack, Today Tangara da Serra city site also defaced by them. Get update about all Anonymous Hacks Here . Stay Tuned to Get More Updates on This Hack !

Brazil Under Anonymous Attack - Tangara da Serra city site defaced ! Anonymous Hackers attacked websites of Brazil's federal district and Tangara da Serra city on Sunday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com. The attacks this week, which they call " #opmegaupload " shut down the websites of the FBI and US Justice Department for several hours to protest the closure of Megaupload.com. Hackers succeed in shutting down the website of popular Brazilian singer Paula Fernandes . They posted the image of a grim-faced joker with a message saying, " If Megaupload is down, you are down too ." It was signed " GhostofThreads ". Anonymous use DDoS attacks tools like so-called Low Orbit Ion Cannon  which is a piece of software that volunteer hacktivists download to their PCs and choose to run, whereby it then starts blasting the target website with traffic. Stats says that , in last 7 days LOIC downlo...

For Protest Against #SOPA 68 Website hacked By Dinelson Dinelson deface 68 Websites for Protest Against SOPA and PIPA. List of all Hacked site is posted here . A protest to a Congressional bill called SOPA caused quite a stir on Wednesday as thousands of websites protested SOPA with blacked-out pages. Megaupload, a hugely popular website for sharing files, was a major SOPA target, because it allegedly disobeys copyright laws and legislation. After the SOPA protest, the Department of Justice issued a release stating that federal officials had taken the site down. Following this announcement, a hacking collective called Anonymous launched several attacks on government and entertainment industry websites, including those for the Justice Department, the Federal Bureau of Investigation and Universal Music. 2 days back SOPA and PIPA were dropped by Congress . Both the House and the Senate on Friday backed away from a pair of controversial anti-piracy bills, tossing...