The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Unknown Exploit Kit  (Crimeware) leaked, Available for Download ! Another New Exploit kit is now in Black Market called Unknown Exploit Kit or Mushroom Exploit Kit  . After The Public Release of Source code of ZeuS Botnet Version : 2.0.8.9 , THN also provide  Crimepack 3.1.3 Exploit kit &   26 more Underground Hacking Exploit Kits  for Download and Research. Now  1st Public Release of Spanish version of   Unknown Exploit Kit is here... This kit offers the following exploits: MDAC, SpreadSheet, SnapShot, Aurora, CSSClip, IEPeers, PDF LibTiff, PDF GetIcon, PDF CollectEmail, JAVA, Shockwave, and AOL. Screenshots : Download Links : https://www.multiupload.com/6U6T4MB7SD Note : The Public Release of these kits are only for Educational and Research Purpose Only. May this help Antivirus and Security Companies to Analyse and develop advance Security wares. Thanks.

Underground Security Forums : Poisonhack.info & Team-xpc.com Hacked by 0p3nH4x ! 0p3nH4x Team of Hackers , Hack two big Underground Security websites :  Poisonhack.info & Team-xpc.com , who call them self as " Security Expert ".  0p3nH4x  hack them and provide all Hack details at  https://pastebin.com/peDbvkXz . Submitted By : 0p3nH4x

Indian Congress Party & Ebay Nepal Websites are vulnerable to Hackers ! MaDnI member of Pak Cyber Army found Serious Sql injection vulnerabilities in two famous sites, first is Ebay Nepal sites https://ebay.com.np/ and 2nd is of Indian Congress Party : https://www.congress.org.in  , The Detail of vulnerable links are shown below : 1.)  Ebay Nepal : Target : https://ebay.com.np/index.php?task=cms&id=3 Database : ebaycom_ebay 2.) Indian Congress Party Target : https://www.congress.org.in/new/renunciation-details.php?id=2 Attack Type : SQL Union Injection User :  aiccorg_usr@localhost Database : aiccorg_db

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

CodeMasters - Gaming Community Compromised, Back-End Users Data Leaked ! CodeMasters - Gaming Community has been hacked by " Kon " . He leak the back-end users login Information as shown below : Technical Details : Encryption: DES(Unix) Method: POST SQLi URL: Not providing Number of member accounts: 2524846 Database version: 4.1.22-max-log

Anonymous leaks PSN SSH Logs , Sony is responsible for Data Theft ? 1.) On the Sony servers running the highly outdated Open SSH version 4.4. 2.) Current version is 5.7. For those of Sony for encrypted version are used for more than five years several known security holes. 3.) Sony server running in part to the long-outdated software Apache 2.2.10. 4.) Current version is 2.2.17. The version used by Sony is vulnerable to damaging Internet attacks, such as overload attacks (DDOS). Outdated server software may have caused outage Allowing PSN hackers to enter PlayStation Network stealing more than 100 million user data sets from PSN and SOE. Since the allegation itself isn't exactly new, correct, there are new proofs that this rumor is. Report even claims that Sony lies when it comes to the statement of outdated servers. Computer Bild got an excerpt showing log files that proof that Sony was, as of the hacking attack, using very outdated server software, sea...

Indian Premier League | IPLT20 Website Defaced by Tyson_08 and Inferno ! Indian Premier League | IPLT20 Website Has been hacked, and some defaced by Tyson_08 and Inferno Hackers. They wrote a short message on deface page that, They have too many times inform about SQLi Vulnerability in T20 website at  https://www.iplt20.com/ , But none of Authority/Admin take it Seriously. They Put copy of Coding of Index Page at  https://pastebin.com/xn7Fe853  and Mirror of hack is available at  https://www.legend-h.org/mirror/166530/iplt20.com  . 

OpenDNSSEC 1.3.0rc2 new Version released ! Version 1.3.0rc2 of OpenDNSSEC  Match the names of the signer pidfile and enforcer pidfile. Include check for resign < resalt in ods-kaspcheck. Bugfixes: Bugfix #231: Fix MySQL version check. ods-ksmutil: Update now sends a HUP to the enforcerd. Signer Engine: Fix assertion failure if zone was just added. Signer Engine: Don't hsm_close() on setup error. Signer Engine: Fix race condition bug when doing a single run. Signer Engine: In case of failure, also mark zone processed (single run). Signer Engine: Don't leak backup file descriptor. signconf.rnc now allows NSEC3 Iterations of 0 Download the tarball from:  opendnssec-1.3.0rc2.tar.gz

Facebook Prepares to Launch Bug Bounty Program ! Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly. Mr. Joe Sullivan, Facebook's chief security officer, told us today at the Hack in the Box Amsterdam 2011 security conference that the company is currently testing such a system and hopes to launch it soon. Vulnerability reward programs are not new. In fact, they've been around since the Netscape era. In 2004 Mozilla introduced a bug bounty system for vulnerabilities discovered in Firefox, then last year Google did the same for Chromium, the open source project behind Google Chrome. However, it was Google that began rewarding vulnerabilities found in its web services first, a move that was mirrored by Mozilla a month later. Facebook has a pretty good relationship with security researchers already and many of them are reporting vulnerabilities to the ...

RKAnalyzer - kernel level rootkit analyzer ! RKAnalyzer is a kernel level rootkit analyzer and defender using Hardware Virtualization Techniques, based on the BitVisor Project(A VMM developed by Tsukuba University and open-sourced under BSD License). It tries to monitor kernel level rootkits' actions and log them. What differs RKAnalyzer with tranditional detection softwares(i.e. Rootkit Revealer, IceSword) is that RKAnalyzer actively intercepts rootkit actions, rather than reacting to rootkit after already infected. Also, RKAnalyzer support analysis mode, which differs from defend mode by presenting a much more transparent environment, in which rootkit would consider itself running without being monitored. How to Use :  https://code.google.com/p/rkanalyzer/wiki/HowToUse Download :  https://rkanalyzer.googlecode.com/svn/

Red Hat Enterprise Linux 6.1 is now available at https://www.redhat.com/rhel/ . Enhancements provide improvements in system reliability, scalability and performance, coupled with support for upcoming system hardware. This release also delivers patches and security updates, while maintaining application compatibility and OEM/ISV certifications. In addition to performance improvements, Red Hat Enterprise Linux 6.1 also provides numerous technology updates, including: Additional configuration options for advanced storage configurations with improvements in FCoE, Datacenter Bridging and iSCSI offload, which allow networked storage to deliver the quality of service commonly associated with directly connected storage Enhancements in virtualization, file systems, scheduler, resource management and high availability New technologies that enable smoother enterprise deployments and tighter integration with heterogeneous systems A technology preview of Red Hat Enterprise Identity (IPA) se...

Role of Hacking in Stealing and Selling Credit Cards ! People use the Internet in their everyday lives. With technology advancing as fast as it is, most modern day homes have gone online, turning to the Internet to save time with busy days, performing simple tasks like online banking, purchasing items on eBay or Amazon or getting deals on Buy.com , even taking college classes online. Internet Banking , Credit Cards are become the mode of Payments. Its 2011, Hacker have Eye on your Bank Balance, Credit Card details and Logins. These online Criminals get you Credit Card details and sell them to other customers. Credit card numbers can be purchased for a dollar or less if you buy in bulk And so-called full profiles, including a Social Security number and mother's maiden name, are available for just $80. ATM pin numbers and platinum cards cost extra. Computer hackers have been found stealing and selling other people's credit card information in masses. Hacking happens just...

Linux kernel 2.6.39 released - Update Now ! After just 65 days of development, Linus Torvalds has  released  version 2.6.39 of the Linux kernel. The new release includes support for  ipset  which simplified firewall configuration and deployment by allowing updatable and quickly searchable external tables to be used by the network filtering. Interrupt handling can now be handled almost entirely by kernel threads, the ext4 file system and block layers are now able to scale better and show better performance and the kernel now includes a network backend for Xen virtualisation. As always, the new kernel brings hundreds of new or enhanced drivers. For example, support for AMD's current "Cayman" family of high end graphics cards and GPUs arrived with a simple DRM/KMS driver. Also new in this release are drivers for the function keys of Samsung notebooks and the Realtek RTL8192CU and RTL8188CU Wi-Fi chips. Whats News in  Linux kernel 2.6.39 The latest Linux kernel...

Government Directorate Pakistan hacked by lionaneesh Some of Hacked Users by lionaneesh :  https://pastebin.com/e3htceHt Hacked site : https://www.e-government.gov.pk/