The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Aldi Bot - Buy a Botnet just in 10 Euros Researchers of German security firm G Data have discovered that a bot builder dubbed " Aldi Bot " is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do with the discount supermarket chain and it is not clear why its author chose to name the bot after Aldi – it is thought it may relate to the bot's discount pricing. Company says " We've encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called "Aldi Bot" first appeared in late August and has been sold for the initial price of €10! Parts of the bot's code oddly look like ZeuS code… " The Aldi Bot can read (saved) passwords from the Firefox web browser, Pidgin IM client and JDownloader download tool, and send them to a command and control server which is included in the €10 price tag. The Aldi Bot can als...

Bank of Melbourne Twitter Account Hacked Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing links to its followers. In a tweet , the bank said that: ATTN: Unauthorised DMs sent bw 4-5pm today, do not click link. No customer/personal data compromised. Apologies for the inconvenience. A recently relaunched subsidiary of Westpac, the Australian bank engages heavily with its customers through its @BankofMelb Twitter account. However, the security of the account proved not to be up to scratch when hackers managed to gain access and used the account to send direct messages containing phishing links.The hacking of corporate Twitter accounts is nothing new, neither are phoney messages claiming to come from a bank. What makes this case rather unique - and worrying - is that the account itself is genuine, thus significantly adding to the credibility of the links. Dancho Danchev believes that this is not the act of an am...

John the Ripper 1.7.8-jumbo-7 Released Change Log : * Support for encrypted pkzip archives has been added, testing millions of candidate passwords per second. (JimF) (This is in addition to WinZip/AES archives, support for which was added in prior -jumbo updates.) * Support for Mac OS X 10.7 Lion salted SHA-512 hashes has been added (enabled when building against OpenSSL 0.9.8+ only), with optional OpenMP parallelization. (Solar) * Optional OpenMP parallelization has been added for salted SHA-1 hashes used by Mac OS X 10.4 to 10.6. (Solar) * PoC support for DES-based 10-character tripcodes has been added (does not use the bitslice DES implementation yet, hence is slow). (Solar) * The DIGEST-MD5 authentication cracker has been revised to be usable without requiring source code customizations. (magnum) * Highly experimental support for dynamically loaded plugins (adding new formats) has been added (currently only enabled on Linux). (Davi...

Nmap 5.61 TEST1 Released This Nmap 5.61TEST1 is an informal test release with all of the latest features from the SVN. Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes a...

Radware's Attack Mitigation System Delivers the First Fully Integrated Solution to Fight Cyber Attacks in Real Time The solution blocks the new breed of sophisticated attacks that target Multiple layers of the IT infrastructure .  Today's point security tools for IT infrastructures are not enough to protect against the new wave of sophisticated cyber attacks. That's why  Radware  (NASDAQ: RDWR), a leading provider of  application delivery  and  application security  solutions for virtual and cloud data centers, today announced Radware Attack Mitigation System (AMS), the industry's first fully integrated IT security strategy and portfolio that protects the application infrastructure in real time against network and application downtime, application vulnerability exploitation, malware spread, information theft, Web service attacks and Web defacement. Additional Resources   ·            ...

iPhone  Skype  XSS Vulnerability Lets Hackers Steal Phonebook [Video] A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says AppSec Consulting security researcher Phil Purviance. The problem is made more exploitable by the way Skype uses the embeddable WebKit browser; Skype developers have set the URI scheme for the embedded browser to "file://". This error allows an attacker to access the file system and read any file that the app would be allowed to read by the iOS application sandbox. One file that every iOS application has access to is the user's SQLlite AddressBook database. In a demonstration of the bugs, Phil Purviance, AppSec Consulting security researcher, showed how it was possible to extract the iPhone address book using the vulnerabilities. Skype is aware of the issue and is working on a fix. "We are working hard to fix this reported i...

Chris Hoff, HacKid.org Leads UNITED Security Summit Award Winners Awards Recognize Outstanding Contributions to Propel the Information Security Industry Forward to Meet Future Challenges San Francisco, CA at the UNITED Security Summit – September 20, 2011 –  The first annual  UNITED Security Summit  included an awards ceremony at the official event party, held at Vessel, San Francisco last night. The UNITED Security Summit Awards focus on recognizing the contributions of individuals and organizations that are propelling the information security industry forward, building the level of preparedness in the face of the changing threat landscape.  Winners at the ceremony were recognized specifically for innovation, collaboration, investment in the future or in the industry in general, and leadership. "As a co-sponsor of the UNITED Security Summit awards and participant in the judging process, it's exciting to see how innovative and collaborative companies in the secu...

The Europe Championships of the Global CyberLympics has just concluded! It is now time to crown new CHAMPIONS for the Middle East & India Regional ! About the Global CyberLympics: The Global CyberLympics ( www.cyberlympics.org ) is the world's first international team ethical hacking championships, and will be held from September onwards across six continents. It is endorsed by the U.N.'s cybersecurity executing arm – IMPACT - and the EC-Council is sponsoring over $400,000 worth of prizes. Regional championships will be held in various locations across different continents, and co-hosted with reputable IT/information security conferences and tradeshows, as follows: North America (Eastern) | Hacker Halted USA – Miami, USA North America (Western) | TakeDownCon – Las Vegas, USA South America | H2HC – Sao Paolo, Brazil Europe | Hacktivity – Budapest, Hungary Middle East & India | GITEX – Dubai, UAE Asia Pacific | Hacker Halted APAC – Kuala Lumpur, Malaysia Afric...

FOX Sports website database hacked and leaked by Shad0w One of the Biggest Fox Sports website with world rank 678 and millions of Readers/Day got hacked. Hacker named " Shad0w " release SQL injection Vulnerability on one of the sub domain of Fox Sports and exploit it to extract the database. Leaked database info posted on pastebin by hacker. Vulnerable link is also given in pastebin. Hacker also post the admin password hashes.

Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen , Senior Manager at Hacktics Advanced Security Center (HASC) published a paper about Session Puzzling , a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons, most of the responses I got was that the attack was too complicated to comprehend all it once. Temporal Session Race Conditions (TSRC) is yet another a new application level vulnerability (presented in September 15, 2011, in local OWASP chapter meeting) that extends the capabilities of session puzzling, enables the exploitation of race conditions without latency and provides a new purpose for application denial of service attack. The attack generally extends the lifespan of temporary session variables (session calculations and assignments with a lifespan of milliseconds) by increasing the latency of the following lines of code through the use of specific layer targeted denial of servic...

#DEFCON Chennai September 2011 meet - Another Success !  DEF-CON Chennai (DC602028) Meet held on On 11th September 2011 From 2:30 PM to 7PM was a Great Success.  List of Speakers 1) Abhinab 2) Viknesh 3) Ravi Kumar 4) Aditya Gupta 5) Rahul Tyagi 6) Sophan 7) Suman Some Awesome moments of Meet DefCon message to all Groups " DC Groups are up and running all around the world! Defcon would like to thank the founders of the groups for all of their hard work and input. We invite you to attend a DC group meeting in your area and if your city isn't listed, START ONE! Got ideas? Share them! ". View Complete Album here

The City Of Rennes (France) Hacked against Anti-Islamic government of France TeaMp0isoN hackers take responsibly to hack official website of The City Of Rennes (France) via a tweet . Hacker publish the reason of hack on the defacement page " This defacement is a digital protest against the banning of "Islamic" prayer in public and the banning of the burqa in France, everyone should have a right to practice their religion, you allow Christian preachers to stand in the public and preach to the public but u don't allow Muslims to pray in public? You allow women to walk around half-naked but you don't allow Muslim women to cover their body? Shame on you france, Muslims are people too... ". Mirror of hack also submitted to Zone-H directory.

BIOS based Virus discovered by Chinese Security Firm A Chinese AV company 360 discovered a new Trojan, the " BMW Virus " (also called Mebromi), that can actually infect a computers BIOS: " BMW 360 Security Center virus is the latest catch of a high-risk virus, the virus that infected a chain BIOS (motherboard chip program), MBR (master boot drive) and Windows system files, reinstall the system, regardless of the victim computer, format the hard disk, or replace the hard disk can not completely remove the virus. " It uses the CBROM command-line tool to hook its extension into the BIOS. The next time the system boots, the BIOS extension adds additional code to the hard drive's master boot record (MBR) in order to infect the winlogon.exe / winnt.exe processes on Windows XP and 2003 / Windows 2000 before Windows boots. The next time Windows launches, the malicious code downloads a rootkit to prevent the drive's MBR from being cleaned by a virus scanner. But even if the drive is ...