#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity

Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity

Sep 08, 2011
Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity Researchers " Elie Bursztein " from Stanford University in California have managed to bypass the encryption on a PC's hard drive to find out what websites a user has visited and whether they have any data stored in the cloud. " Commercial forensic software concentrates on extracting files from a disc, but that's not super-helpful in understanding online activity ," says Elie Bursztein, whose team developed the software. " We've built a tool that can reconstruct where the user has been online, and what identity they used. " The open-source software, Offline Windows Analysis and Data Extraction (OWADE), was launched at the Black Hat 2011 security conference and works with PCs running on the Windows operating system. OWADE is in alpha version and is only available by checking out the code directly as we update it very frequently. Note th...
Court grants bail to Anonymous and LulzSec suspects

Court grants bail to Anonymous and LulzSec suspects

Sep 08, 2011
Court grants bail to Anonymous and LulzSec suspects Four alleged UK hackers suspected of being linked to attacks by hacking groups Anonymous and Lulz Security (LulzSec) have been released on bail after a hearing at Westminster magistrates court on the condition that they did not use specific online nicknames on the internet or IRC. 20-year-old Christopher Jan Weatherhead, from Northampton, cannot use the internet nickname ' Nerdo ', Ashley Rhodes, 26, from London, is banned from calling himself ' NikonElite ' online. Two other men, aged 24 and 20, have been released on bail following their arrest last week as part of the Metropolitan police investigation into Anonymous and LulzSec. They are due to return to a London police station in November.The two men were arrested separately in South Yorkshire and Wiltshire . They are charged with conspiring to commit offences under the Computer Misuse Act 1990.
Cyberwar between Israel and Turkish Hacker

Cyberwar between Israel and Turkish Hacker

Sep 06, 2011
Cyberwar between Israel  and Turkish  Hacker Turkish hacker " TurkGuvenligi " hijacked some 350 Israeli websites on Sunday evening, launching a Domain Name System (DNS) attack on at least seven high-profile websites including The Telegraph, Acer, National Geographic, UPS and Vodafone as well. Visitors to some of the sites were diverted to a page declaring it was " World Hackers Day. " Hackers calling themselves the " TurkGuvenligi group " calimd the cyber-attack. "TurkGuvenligi translates as " Turkish security. " " The hack represents a 10%-15% spike compared to the average number of daily hacks of Israeli websites ," Shai Blitzblau, head of Maglan-Computer Warfare and Network Intelligence Labs, explained. Israel's military and security establishment has invested significantly in cyber-warfare programs in recent years and is considered one of the most advanced cyber-warfare forces in the world, both in attack and defense modes.T...
cyber security

New Webinar: Identity Attacks Have Changed — Have Your IR Playbooks?

websitePush SecurityThreat Detection / Identity Security
With modern identity sprawl, the blast radius of a breach is bigger than ever. Are you prepared? Sign up now.
Securing Agentic AI: How to Protect the Invisible Identity Access

Securing Agentic AI: How to Protect the Invisible Identity Access

Jul 15, 2025Automation / Risk Management
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...
Malcon 2011 - Call for Papers

Malcon 2011 - Call for Papers

Sep 06, 2011
Malcon 2011 - Call for Papers Malcon is the worlds first platform bringing together Malware and Information Security Researchers from across the globe to share key research insights into building and containment of the next generation malwares . Call for Papers: Malcon 2011 are looking for new techniques, tool releases,unique research and about anything that's breath-taking, related to Malwares. The papers and research work could be under any of the broad categories mentioned below : Hacking Tools: Phishing Kits, code that aids any malware or malicious activity is welcome. Malwares: Rootkit, Trojan, Botnet, Bootkit, Virus, Keylogger, Virtual Machine based Malware, Mobile OS Based Malware (Android, Symbian, IPhone etc.) Malware creation tools: Toolkits to create any kind of malware Web based malwares: Web-Shells, Browser Runtime Malwares (Javascript, Flash) Malware Infection and propagation methodologies: Emerging Infection techniques, Intelligent target enumeration te...
Ghana Red cross website defaced By Ahmdosa Hacker

Ghana Red cross website defaced By Ahmdosa Hacker

Sep 06, 2011
Ghana Red cross website defaced By Ahmdosa Hacker Tunisian Hacker Ahmdosa hack the official website of Ghana Redcross and deface it.Mirror of hack also submitted to Zone-H .
100's of United Kingdom and USA websites hacked by Dinelson

100's of United Kingdom and USA websites hacked by Dinelson

Sep 06, 2011
100's of United Kingdom and USA websites hacked by Dinelson Not only the Anonymous , Lulzsec or ComodoHacker are Active, Here on The Hacker News you will find   about every Hacker , from all over world who are daily Breaching Security of various Servers, Networks and sites one by one.  Today  Dinelson hacker deface 113 United Kingdom and USA websites and put a very impressive background Audio message on sites.
Registry Decoder - Digital Forensics Tool

Registry Decoder - Digital Forensics Tool

Sep 06, 2011
Registry Decoder - Digital Forensics Tool Digital forensics deals with the analysis of artifacts on all types of digital devices. One of the most prevalent analysis techniques performed is that of the registry hives contained in Microsoft Windows operating systems. Registry Decoder was developed with the purpose of providing a single tool for the acquisition, analysis, and reporting of registry contents. Download Here
20 Famous websites vulnerable to Cross Site Scripting (XSS) Attack

20 Famous websites vulnerable to Cross Site Scripting (XSS) Attack

Sep 06, 2011
20 Famous websites vulnerable to Cross Site Scripting (XSS) Attack Most of the biggest and Famous sites are found to be Vulnerable to XSS attack . Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Recently, vulnerabilities of this kind have been exploited to craft powerful phishing attacks and browser exploits. Cross-site scripting was originally referred to as CSS, although this usage has been largely discontinued. Hacker with code name " Invectus " list some such famous sites with XSS vulnerability as listed below : 1.) https://video.state.gov/en/search/img-srchttp-i55tinypiccom-witu7dpng-height650-width1000/Ij48aW1nIHNyYz0iaHR0cD...
Games.com XSS Vulnerability by Cyber4rt

Games.com XSS Vulnerability by Cyber4rt

Sep 06, 2011
Games.com XSS Vulnerability by Cyber4rt One of the Biggest site for Hasbro Games, Video Games & Online Games - Games.com having XSS Vulnerability as shown in screenshot and Discovered by " Acizninja DeadcOde " at  Cyber4rt .
ComodoHacker responsible for DigiNotar Attack

ComodoHacker responsible for DigiNotar Attack

Sep 06, 2011
ComodoHacker  responsible for DigiNotar Attack The hacker warns the Internet community that he has access to 4 other high-profile CAs, among them being GlobalSign, a certification authority from the U.S. He threatens that he will use his power over the companies to issue false certificates, which will later become the weapon of his revenge against countries who deserve it.In his own words, he said " I won't talk so many detail for now, just I wanted to let the world know that ANYTHING you do will have consequences, ANYTHING your country did in past, you have to pay for it... ". Complete Message here . An Iranian hacker posting a message on a Pastebin account boasting of his exploits and claiming to have access to more CAs. As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n . Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the ...
DDOs Tracer - 1.0 Released by MaxPainCode

DDOs Tracer - 1.0 Released by MaxPainCode

Sep 05, 2011
DDOs Tracer - 1.0 Released by MaxPainCode At most any time of the day, there's a distributed denial-of-service (DDOS) attack underway somewhere on the Internet. Yes, it's still true, despite reports that some ISPs have experienced fewer DDOS attacks overall during the last six months. It's a matter of quality, not quantity: " When DDOSes do occur, they are done with much greater purpose than they used to be ," says Rodney Joffe, senior vice president and senior technologist for Neustar, a directory services and clearinghouse provider for Internet industry. " They are usually to obscure what's [really] happening in the background ." So if you want to be safe and trace someone like a pro here is the tool that is being used by tracing the ms per second and then if the site goes down or just get lot of traffic it will report the time that the attacker started his web attack, that is really good as you can report the attack and give to police more inf...
Uronimo - Mobile platform website Hacked by Team Inj3ct0r

Uronimo - Mobile platform website Hacked by Team Inj3ct0r

Sep 05, 2011
Uronimo - Mobile platform website Hacked by Team Inj3ct0r Uronimo - Mobile platform Hacked by  Team Inj3ct0r today. They leak the database of site on Pastebin , including Username, Hash Password, emails and Phone Numbers of 1000 users.
Department of Homeland Security warns Anonymous Hackers

Department of Homeland Security warns Anonymous Hackers

Sep 05, 2011
Department of Homeland Security warns Anonymous Hackers The Department of Homeland Security is beginning to take Anonymous and other non-professional cyber-attackers more seriously as it issues a warning about potential attacks. The 2 September security bulletin from the DHS National Cyber-Security and Communications Integration Centre warned financial services companies to be on the lookout for attackers operating under the Anonymous umbrella to "solicit ideologically dissatisfied, sympathetic employees" to the cause. The unclassified DHS communique is addressed broadly to those in charge of cybersecurity and critical infrastructure protection and also warns about new tools that Anonymous has said it plans to use in launching future attacks. One of the attack tools highlighted in the alert is dubbed #RefRef, which is said to be capable of using a server's resources and processing power to conduct a denial of service attack against itself. " Anonymous has stated publi...
Expert Insights Articles Videos
Cybersecurity Resources