The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Hackers posts fake celebrity stories on Sony site From last three months Sony becomes favorite victim to hackers. This time A hacker post fake celebrity stories on Sony Music's Ireland site . These Fake Stories was : 1.) Scientists have proved that the X Factor TV show is for the stupid. 2.) Two members of the Irish pop band "The Script" were found dead in their backstage dressing room. 3.) Rebecca Black (the teenage singer who became an internet meme after her phenomenally bad "Friday" video became a YouTube hit) has married R Kelly in Disneyland As of 7:10 a.m. Wednesday (Manila time), visitors to Sony Music Ireland were redirected to Sony Music Ireland's Facebook page .

Lulzsec Releases Final Message to the friends around the globe Anonymous Tweet  Video message as " Lulzsec Last Message ". In 10minutes the Video get 200 Likes and 7000 Views. Every message of Anonymous/ Lulzsec is spreading like Fire. The Video Message is here : Lulzsec Message is : Friends around the globe, We are Lulz Security, and this is our final release, as today marks something meaningful to us. 50 days ago, we set sail with our humble ship on an uneasy and brutal ocean: the Internet. The hate machine, the love machine, the machine powered by many machines. We are all part of it, helping it grow, and helping it grow on us. For the past 50 days we've been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others - vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love....

Anonymous leaks Nimbuzz data for collusion with pro-censorship governments Anonymous Hackers leaks Nimbuzz data via the twitter account  of AnonymousIRC which included a link to their latest leak from Nimbuzz  https://pastebin.com/TvSxycCf . About thirty minutes later, that twitter account posted a link for download named " antibuzz " along with an invitation for everyone to join Anonymous IRC . Nimbuzz is a Dutch company that provides services similar to Skype, Including text and video communication.The pastebin release claims that Nimbuzz is " capable and self-admittingly willing to co-operate with governments to help censor the public's use of the very services they offer. " Anonymous Says " People should not be afraid of their governments. Governments should be afraidof their people. ".

PayPal UK Twitter account hijacked by angry customer Second high-profile hack of the week against Twitter accounts, Yesterday  FOX News Twitter Account was Hacked by 5CR1PT K1DD3S & then sent false tweets saying that U.S. President Barack Obama had been shot dead. Today an  angry customer of Paypal hijack the Twitter account of PayPal UK. In PayPal's Hacking case, the attackers sent out messages promoting paypalsucks.com , a site devoted to what it says is " exposing the nightmare of doing business 'the PayPal way' ". Another tweet sent from the hacked account read, " PayPal can freeze your funds for no reason, do not use PayPal!! " The account's photo and description was changed before being taken down by Twitter. The Tweets were removed within a few hours of the hijacking. " Sorry, the profile you are trying to view has been suspended ," Twitter said on its page for the PayPalUK feed. A spokesman for PayPal UK said that the company is...

Video Demonstration : Vsftpd backdoor discovered by Mathias Kresin 2.3.4 of vsftpd's downloadable source code was compromised and a backdoor added to the code. Evans, the author of vsftpd . This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was present in the vsftpd-2.3.4.tar.gz archive sometime before July 3rd 2011. The bad tarball included a backdoor in the code which would respond to a user logging in with a user name ":)" by listening on port 6200 for a connection and launching a shell when someone connects. Read more here Affected versions : vsftpd-2.3.4 from 2011-06-30 Metasploit demo : use exploit/unix/ftp/vsftpd_234_backdoor set RHOST localhost set PAYLOAD cmd/unix/interact exploit id uname -a Video Demonstration :

NATO Server Hacked by 1337day Inj3ct0r and Backup Leaked ! Team Inj3ct0r ( 1337day ) claim to hack Apache Tomcat Version 5.5.9 of NATO .  The North Atlantic Treaty Organization or NATO also called the (North) Atlantic Alliance, is an inter governmental military alliance based on the North Atlantic Treaty. They Leak a Backup of Random 2,646 files from Server as Proof of Hack . The archive uploaded by hackers is available at  https://www.mediafire.com/?s2chp1v2jqsf52z  . We talk to Team Inj3ct0r about this hack They said : 1.) The Reason of Hacking is "Nuclear weapons. its development and financing" 2.) They hack Tomcat 5.5 Server using 1337day privat exploit (0day) . 3.) They get the root privilege to the Server. 4.) They are able to Deface the website of NATO also, but they will not do this. They have just take the backup of server and trying to distribute that on Internet. This archive contains various configurations XML/Batch/...

RedHack deface 1000 sites for Turkey #AntiSec RedHack Hackers Group deface more than 1000 websites today. The complete list of hacked sites are here  . The hack is done in support of Anonymous and Operation Antisec. The hackers also release a press Release as below with Reason of this hack.  Press Release By Redhack : Our people from all nationalities and Revolutionary, Democrat, Patriotic and Opposition Comrades, Since 1997 our objective is, to be the "common voice" of revolutionaries in digital arena and have carried out our actions according to this strategy. On the anniversary of Sivas Massacre which took place on 2nd July 1993 and resulted in death of thirty-five intellectuals, singer, authors and poets; we have hacked hundreds of websites belongs to Adnan Oktar also known as Harun Yahya bigot and collaborating fascist websites in order to announce that we have not forgotten this massacre and will not let it be forgotten.  We have also taken opportunity to ...

FOX News Twitter Account Hacked by 5CR1PT K1DD3S Fox News Politics Twitter account @foxnewspolitics  hacked last night.  The account's icon had been changed from the Fox News Politics logo and featured the following new description: " H4CK3D BY TH3 5CR1PT K1DD3S. " Hacker's Personal account was  @TheScriptKiddie on twitter, but After hack, Twitter has suspended his account. Then hacker made another announcement via  Fox News Politics Twitter account  that " twitter has suspended TheScriptKiddie please follow @ScriptKiddi3 for future releases. we have confirmed Fox News is aware of the attack. " THN talk with " The Script Kiddies " Group. They Reply : " We are a new group called The Script Kiddies. As i have stated in past interviews we do have connections to anonymous, however this does not represent them in anyway. personally I have been part of many hacks leading back to HBgary and #operationPyaback with anonymous . we will not ...

Microsoft.com.br (Brasil) hacked by TG hacker Microsoft Brasil https://microsoft.com.br/ Got defaced by Hacker named " TG ". Hacker redirect  server address microsoft.com.br  to the page of Microsoft Brazil. Instead of being sent to the developer page of Windows, the Internet user that accesses the address is faced with a message published by hackers as  " Ms Brazil 0wn3d by TG " .  The forwarding service is hosted on an external server.

Oracle website vulnerable to SQL injection vulnerability Oracle database website itself vulnerable to SQL injection attack. The website having a loophole by which any attacker can easily hack into it. The vulnerability is found and submitted by Hacker " m@m@ ". Oracle provides the world's most complete, open, and integrated business software and hardware systems to more than 370,000 customers including 100 of the Fortune 100 that represent a variety of sizes and industries in more than 145 countries around the globe. The combination of Oracle and Sun means that customers can benefit from fully integrated systems the entire stack, from applications to disk that are faster, more reliable, and lower cost. But the website now itself compromised with SQL injection attack. I am providing the link and a screen sort show that you can easily sort out the vulnerability.  Here is the link:  https://labs.oracle.com/dmp/patents.php?uid=mherlihy'%20and%201=0%20union%20sele...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker) After Sony hacks, Idahc(lebanese hacker) is back to strike Apple.com . He found two vulnerability on  https://consultants.apple.com/  as listed below. Iframe Injection : Click here Blind SQL INjection: C lick Here Examples of the injections: Example One Example two Two days before Another sub-domain of Apple's database was hacked with SQL injection by Anonymous : Read Here Hacker Expose the Database ,extracted using Blind Sql injection on a pastebin link .  According to Hacker " I am Idahc(lebanese hacker) I found a Blind SQLI and Iframe Injection on AppleI am not one of Anonymous or Lulzsecand I am against The ANTISEC OPERATIONBUt this is a poc with not confidential informationI didn't dump users,emails,passwords........ ".

Stuxnet Source Code Released Online - Download Now Stuxnet is a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems,and the first to include a programmable logic controller (PLC) rootkit. Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls. Source Code Download Another Video Presentation on Stuxnet by Hungry Beast .

Apple database hacked with SQL injection by Anonymous Anonymous hackers announce on twitter that Apple can be there next target. They expose one SQL vulnerability on Apple domain with One table "Users" data. Vulnerable Link :   https://abs.apple.com:8080/ssurvey/survey?id= Exposure Link :   https://pastebin.com/tkmZDG9m These all hacks now consider under Operation Antisec by Anonymous and Lulzsec Members.