The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Anonymous Hacker managing Operation Syria ( OpSyria ) have released 1 GB of emails dump from  Syrian Ministry of Foreign Affairs. Files are in files are in Arabic language. Documents includes scanned copies of Syrian ministers passports, details about an arms transport from Ukraine, report which shows that 200 tons of Syrian bank notes have been shipped from Russia. " Within the stash you will find details about cargo flights from Russia, each containing 30 tons of fresh Syrian Cash " Hackers said. " Furthermore you will find lulzy documents such as scanned passports from Syrian ministers (PDF) and details about arms transportation from Ukraine ". Emails are available here and Full Archive is available to download also.

A group of Internet hackers appeared in an Ankara court on Monday on charges of terrorism, the first time alleged cyber criminals have been put on trial in Turkey. Those arrested in suspicion of the attacks are mostly students who deny having the technical skills required to carry out such a hack. RedHack has denied the allegations, saying 10 people currently being tried have no ties with the group and that the allegations of terrorism are simply part of the government's policy against all of its opponents in the country. The defendants, who deny the charges, risk prison sentences ranging from eight to 24 years if convicted. Redhack claims to be affiliated with the international hackers' group Anonymous group, and has carried out several online attacks against state and private domains since 1997. Shortly after the arrests, RedHack declared that the individuals taken into custody had no association with the group. After releasing the statement, the collective brought down seve...

Hacker group Anonymous claims he took down North-side Independent School District's website (www.NISD.net) on Saturday to protest the district's use of tracking badges. On Sunday, Nov. 25, the same hacktivist released a statement via Pastebin giving the school district "1-3 days" to meet with parents and explain the student tracking program in detail. If the district fails to comply with the request, hacktivist promise to "simply shut down" the school district website once again. The hacker group also sent a Twitter message to the NISD account on Thursday, teasingly notifying them that their site was down. " They're tracking students! They have rights too. I want a statement about this, nobody agrees with that, even the parents! " Anonymous said. NISD said it wanted to expand the Student Locator Project to 112 Texas schools and around 100,000 students to curb truancy, apparently a major problem at the school district in question. It was reported th...

An Egyptian hacker " TheHell " is selling an exploit in $700 that allows individuals to hijack a Yahoo! email account. The method is shown off in a video that was posted on YouTube. A cross-site scripting (XSS) flaw on Yahoo! Mail creates a means to steal cookies and hijack accounts. In order to work, the victim must click on a malcious link. Upon doing so, the user's cookies will be stolen and he or she will be redirected back to the Yahoo! email home page. " I'm selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers ," "TheHell" explained. " And you don't need to bypass IE or Chrome xss filter as it do that itself because it's stored xss ." Yahoo! has been notified and is looking for the security hole, which it says can be fixed in a few hours once discovered. They says this XSS flaw falls into the category of a stored vulnerability, which inserts malicious code into a file, database, or back-end system. The mali...

TripAdvisor Inc., a hotel-review website, recently became a victim of the bug, said Trend Micro Inc., an Internet security solutions provider. Many of TripAdvisor's users received spam mail with booking confirmations for hotels they had checked out on the website , 1.89% of Indian Internet Users have already been affected. The email purporting to be in the name of one of the Hotels has a similar theme to its English counterpart as it contains confirmation and details on an alleged booking reservation.  TripAdvisor, which is among India's top five travel brands as per digital market research firm ComScore Inc., globally has 60 million unique monthly visitors and 2.4 million unique users per month in India. Gamarue is a family of malware that may be distributed by exploit kits, spammed emails or other malware, and has been observed stealing information from an affected user. Trend Micro reported that one of their manager received the spam at his personal e-mail address ...

Domain name registrar and website hosting provider Go Daddy is responding to a DNS attack targeting a "small number" of its hosted websites that one security firm said is enabling cyber criminals to spread ransomware.  The DNS (Domain Name System) is what transfers host-names into IP addresses, meaning computers can talk to each other and users can access them online. Godaddy said, " We suspect that the affected customers have been phished or their home machines have been affected by Cool Exploit as we have confirmed that this is not a vulnerability in the My Account or DNS management systems. " The Cool Exploit Kit targets a variety of vulnerabilities, including Java errors, and has been seen spreading via drive-by attack websites. The ransomware served depends on the country of origin. In the UK, it is malware posing as a legitimate message from the Met's Police e-Crime Unit (PCeU). It locks the computer, on the grounds that the computer ...

Symantec recently identified a database-corrupting piece of malware targeting systems mostly in Iran, but despite early speculation that it could be related to the likes of Stuxnet and Flame, it appears to be targeting small businesses rather than the country's infrastructure. Malware Dubbed W32.Narilam , is predominantly active in the Middle East, and it has also been detected in the USA and UK. The worm looks for particular words in Microsoft SQL databases and overwrites them. The worm specifically targets SQL databases with three distinct names, alim, maliran, and shahd. Once the targeted databases are found, Narilam looks for specific objects and tables and either deletes the tables or replaces items with random values. On Monday an alert was published on tarrahsystem.com warning of the W32.Narilam threat to its customers. The bulk of the infections thus far have been found in the Middle East, particularly Iran and Afghanistan. Kaspersky Lab took issue ...

Official website of President of Sri Lanka (president.gov.lk)  breached by hacker going by name " Broken-Security ", using Blind Sql Injection vulnerability. Vulnerability also posted by hacker on a pastebin note with database dump including table and column names. Dump include the Username and Encrypted password of admin also as shown in screenshot. Hacker didn't mention any reason of hacking. 

Several weeks ago we reviewed Incapsula , a Cloud-based Security service which can significantly enhance the security of your website, while also boosting its performance. Following this review we've received many responses from our readers who wanted to learn more about Incapsula protection services. Specifically, we were asked to explain more about Incapsula Enterprise plan features. To answer these questions, today we are going to take a look at Incapsula DDoS Protection services. Distributed Denial of Service attacks If your business has a web presence, chances are that you've already heard about Distributed Denial of Service attacks. In case you didn't, a Distributed Denial of Service (DDoS) attack is a DoS attack that is usually carried out by a "botnet", a network of computers acting in concert to overwhelm the server by depleting all available resources. Recently we all witnessed a large DDos attacks on U.S. banks by Muslim hacker group , an attack which crippled th...

The news is sensational, according the French magazine L'Express the offices of France's former president Sarkozy were victim of a cyber attack, but what is even more remarkable is that for the offensive was used the famous malware Flame. On the origin of the malware still persist a mystery, many security experts attribute it to joint work of Israel and US development team. Let's remind that according the analysis on Flame source code conducted by Kaspersky the malware is linked to Stuxnet, a version of the famous virus shared a module with the spy toolkit. Frame is considered one of the most complex spy tool produced by a state sponsored project and its use in the attacks against French government suggests the existence of a cyber espionage campaign to collect sensible information. An official declaration coming from spokesmen of the Elysee Palace and reported by the magazine states: "Hackers have not only managed to get to the heart of French political power,...

Internet hacktivist group Anonymous has declared cyberwar on Israel, posting personal data of five thousand Israeli officials online. " It has come to our attention that the Israeli government has ignored repeated warnings about the abuse of human rights, shutting down the internet in Israel and mistreating its own citizens and those of its neighboring countries ," the hackers wrote in a statement. The document contains names, email addresses and ID numbers apparently belonging to Israeli officials. The group also said " Israeli Gov. this is/will turn into a cyberwar. " Earlier, the group hacked over 700 hundred Israeli websites, including the Bank of Jerusalem, the Israeli Defence Ministry, the IDF blog, the President's official website and many others. The Israel's finance minister has acknowledged the recent wave of attacks, saying the government is now waging a war on a "second front."

Protesting against attacks taking place on Gaza, Anonymous hackers attempts to hack most of the Israel websites in the past few days. " government and private websites are under siege from hackers, who have mounted 44 million cyberattacks in less than a week" , the government said. Today Pakistani   Hackers also deface Israeli Bing , MSN, Skype, Live and other big sites and In counter-attack  Israeli Hackers Leak Credit Card  Data from Palestine ISP website. Finance Minister Yuval Steinitz said just one hacking attempt was successful on a site he did not want to name, but it was up and running after 10 minutes of downtime. Israel said that it generally experiences a few hundred hacking attempts per day. The attacks are reportedly coming from around the world. Defence force sites have been the hardest hit, while the president's site has been hit 10-million times, the foreign ministry seven-million times and the prime minister three-million times. ...