The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

4 big business sites database backup leaked by Serious BLack  ! One of the Indian hacker "Serious BLack " found the SQL database backup on the 4 big business sites. These SQL dumps are hosted by Site admins on FTP that has been leaked. Sites are:  https://www.assembla.com/   =>  https://pastebin.com/YpdfGsQN https://www.nganhoa.co.cc/hoa.sql https://www.seoguru.co.uk/seogurl.sql https://www.33photo.com/backup.sql

WebSurgery v0.5 - Web app testing tool Released WebSurgery is a suite of tools for security testing of web applications. Itwas designed for security auditors to help them with the web applicationplanning and exploitation. Currently, it uses an efficient, fast and stableWeb Crawler, File/Dir Bruteforcer and Fuzzer for advanced exploitation ofknown and unusual vulnerabilities such as SQL Injections, Cross sitescripting (XSS), brute-force for login forms, identification offirewall-filtered rules etc. Download Setup Download Portable Documentation

Pepper (Dating site) hacked by Anonymous #Antisec One of the Biggest Online dating website Pepper  https://www.pepper.nl/  hacked by Anonymous Hackers for Operation Antisec. Huge Data breached, 52000 users/passwords of users leaked by Anonymous on twitter on  https://privatepaste.com/af59e5a969

TriNity (Indian Girl Hacker) Strikes again to server with 690 websites Indian hacker girl, TriNity Strikes After along time. This time she  hack a windows server with 690+ Sites at 66.113.131.74 . Site attacked : https://www.coin.info/ https://catapult.coop/ Mirror of some sites on the same server : https://mirror.sec-t.net/defacements/?id=49702 https://mirror.sec-t.net/defacements/?id=49698 Complete List of Site : https://pastebin.com/4sF7ZQAB

UP Rajarshi Tandon Open University Allahabad Website Hacked Website of UP Rajarshi Tandon Open University Allahabad Hacked last night. Link  https://www.uprtou.ac.in/ Hacker wrote message on the site " SECURE YOUR WEBSITE.. OR ELSE GET HACKED BY SOMEONE...The Education system in India sucks.. Till when we would be learning all the bullshit physics, chem, history and commerce.. We need some real knowledge.. Baccha, kabil bano.. kamyaabi jhak marke peeche aayegi.. lol. .sorry admin.. just resotre your site..Don't worry.. nothing has been deleted... " Legend H mirror : https://legend-h.org/mirror/187224/uprtou.ac.in

Nmap 5.59 BETA1 - 40 new NSE scripts & improved IPv6 Official Change Log: o [NSE] Added 40 scripts, bringing the total to 217!  You can learn  more about any of them at https://nmap.org/nsedoc/. Here are the new  ones (authors listed in brackets):  + afp-ls: Lists files and their attributes from Apple Filing    Protocol (AFP) volumes. [Patrik Karlsson]  + backorifice-brute: Performs brute force password auditing against    the BackOrifice remote administration (trojan) service. [Gorjan    Petrovski]  + backorifice-info: Connects to a BackOrifice service and gathers    information about the host and the BackOrifice service    itself. [Gorjan Petrovski]  + broadcast-avahi-dos: Attempts to discover hosts in the local    network using the DNS Service Discovery protocol, then tests    whether each host is vulnerable to the Avahi NULL UDP packet    denial...

Official Website of Amy Winehouse - Songer/Songwriter Defaced Amy Jade Winehouse official website  https://www.amywinehouse.com/   defaced by Anonymous hackers for Antisec . Amy Jade Winehouse  (born 14 September 1983) is an English singer-songwriter, known for her powerful contralto vocals and her eclectic mix of various musical genres including R&B, soul, and jazz. She has received publicity over her substance abuse and mental health issues. Related hack => Meggit - US Military and Law Enforcement equipment supplier hacked for #Antisec - Read here

Meggit Database Hacked - US Military and Law Enforcement equipment supplier for #Antisec Database of www.meggitttrainingsystems.com a US Military and Law Enforcement equipment supplier has been hacked and exposed by Anonymous ( The Bash Crew ) .  Hackers said " People of the USA your government puts there trust and your money into these people and we got into there database useing a google dork and a simple sql injection.Any ways we hope this will cause many lulz atleast in spamming heads of the corp's and government that choose such a poorly secured site. " vUNL link :  https://www.meggitttrainingsystems.com/main.php?id=119 Hackers Release database on Pastebin :  https://pastebin.com/0r4A9DVR

Mesa Arizona Fraternal Order of Police website hacked, Data exposed ! Anonymous Hackers deface Mesa Arizona Fraternal Order of Police website -  https://mesafop.com/  . This hack is done for Operation Antisec. The Post a message and All data of  Arizona Police on the deface page. Alternate you can see written part on :  https://pastebin.com/RakyZgJE  . Hackers claim to deface following domains : azfop.com, azfop78.com, azfop5.com, tucsonfop.com, mesafop.com,azfop32.com, azfop50.com, azfop44.com, azfop62.com, azfop58.com Hackers expose Credit Card details and Email/Passwords of lots of officers Not only this, They also expose the usernames and passwords for 1200 FOP members in deface page.

SQL Injection Vulnerability in Google Lab Database System Very Big & Critical Vulnerability detected in Google Lab System. Vendor is already reported by hackers, But they don't take positive step in this case, so finally hackers exposed  the vulnerability in public by  Bangladesh Cyber Army Admin - Shadman Tanjim on their Forum . Google Lab Website has SQL Injection Vulnerability and Dangerous thing is this Vulnerability is Exploitable. Hackers are able to get Tables, columns and data from Database. Google Lab Database has his own customize DB system. But Interesting things is their database system is Similar as Ms Access database. In this case Ms Access SQL Injection System is Also Work on Google Lab Database system. Statement By Hacker : I already contact with Google Corporation but they don't give positive response, I think this is their big fault,  and will suffer for that. But if they give Positive response t...

MasterCard downed by ISP, not Anonymous hackers Two days before Anonymous declare that MasterCard again down by Ddos attack in support of Wikileaks & Anonymous via twitter . It was shortly after MasterCard went down that someone on Twitter, known as ibomhacktivist, promoted " MasterCard.com DOWN!!! ", adding the site was down for messing with WikiLeaks and Anonymous. But in actual, MasterCard.com was offline, and shortly after the outage was noticed by the public, someone on Twitter claimed credit. In a statement, MasterCard blamed the outage on an ISP issue, without discounting that they were attacked upstream. " MasterCard's corporate, public-facing Website experienced intermittent service disruption, due to a telecommunications/Internet Service Provider outage that impacted multiple users. It is important to note that no cardholder data has been impacted and that cardholders can continue to use their cards securely. We are continuing to monitor the situation c...

Indonesian and Australian police launched Cyber Crime Investigation Center Indonesian and Australian police officially launched a joint project called the Cyber Crime Investigation Center. The center was officiated by Indonesian National Police chief Gen. Timur Pradopo and Australian Federal Police chief Comr. Tony Negus at the National Police Headquarters in Jakarta on Thursday. Timur said the center had been planned since six months ago. " Today, we launch the center, which will be equipped with tools needed to carry out cyber crime investigation ," Timur said, adding that its communication technology equipment was being provided by the Australian government." Of course, this [center] will improve our capacity to detect and [investigate cyber] crimes, particularly transnational crimes ," he said. Negus said the center would allow the Indonesian National Police to deal with technology and IT-related crimes. He added that the Australian police force was looki...

OpenSSH 3.5p1 Remote Root Exploit for FreeBSD OpenSSH 3.5p1 Remote Root Exploit for FreeBSD has been shared by kcope on twitter . The Released note is as given below : OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Discovered and Exploited By Kingcope Year 2011 -- The last two days I have been investigating a vulnerability in OpenSSH affecting at least FreeBSD 4.9 and 4.11. These FreeBSD versions run OpenSSH 3.5p1 in the default install. The sshd banner for 4.11-RELEASE is "SSH-1.99-OpenSSH_3.5p1 FreeBSD-20060930". A working Remote Exploit which spawns a root shell remotely and previous to authentication was developed. The bug can be triggered both through ssh version 1 and ssh version 2 using a modified ssh client. During the investigation of the vulnerability it was found that the bug resides in the source code file "auth2-pam-freebsd.c". https://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/Attic/auth2-pam-freebsd.c This file does not exist in Fre...