The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Lebanese Yellow Pages database Compromised Lebanese Yellow Pages website (https://www.yellowpages.com.lb/) database compromised by Hacking Group known as Mad HackerZ Team. Hackers manage to hack database of site and leaked it on internet.  Leaked database include the usernames, Password hashes and Email Id's of Admin and Few accounts as shown. All this data posted on a pastebin note :  https://pastebin.com/dvBzWCF6 Most probability hackers uses Sql Injection Exploit to get the database . According to Softpedia report, They also gained unauthorized access to other domains which they defaced to host their protest messages. The defaced sites include the ones of a political figure called Rafic Al Hariri, an online store named Dunes, Frontpage-lb, a computer company, and the site of a football team.

Iran Cyber Army in Action, Azerbaijani TV Down ! As we reported Yesterday that Azerbaijan Arrests a Iranian terror group and in response Iranian Hackers hits many Azerbaijan Sites like, Azerbaijan airlines (https://azerbaijanairlines.org/) and National Olympic Committee Of Azerbaijan (https://noc-aze.org) . Today Iran Cyber Army also come into Action for supporting Iran and deface the Azerbaijan State Television & Radio Company, AzTV websites also. A message in English from the hackers popped up in place of the AzTV website when it was opened." Life is Game"Game OVER..!!! ", the message read and was signed " the Iranian Cyber Army ".The website has already been restored. The attacks came a month after anti-Israeli hackers broke into the sites of several ministries and the governing party, leaving messages calling the Azerbaijani authorities "servants of the Jews". Relations between the two countries are tense at present.Iran has accused Baku of helping...

Variant of Zeusbot/Spyeye Botnet uses p2p network model Cybercriminals are using a modified version of the Zeusbot/Spyeye, which is using a peer-to-peer (P2P) network architecture, rather than a simple bot to command-and-control (C&C) server system, making the botnet much harder to take down, Symantec warned. ZeuS is very popular in the cybercriminal world because it's capable of stealing a wide variety of information, documents and login credentials from infected systems. For many years it was the weapon of choice for most fraudsters targeting online banking systems.The Trojan's source code was published on Internet underground forums last year, paving the way for many third-party modifications and improvements. Previously, P2P was used to communicate between bots any change in the C&C server's URL. Other techniques have also been used, such as programmatically determining the URLs to be used on particular dates in the event that a bot loses contact completely...

Azerbaijan Arrests  Iranian terror group , Iranian Hackers hit Azerbaijan Sites The National Security Ministry of Azerbaijan said Tuesday that it had disrupted a suspected terrorist group working for Iran's secret services. The people were gathering intelligence and had acquired a large number of weapons and explosives, the ministry said. The group, led by a Sepah officer called Hamid and Hezbollah operative Hadji Abbas, was planning to stage attacks against the Israeli embassy and a Jewish cultural center in the Azeri capital Baku. To response this,Iranian Hacking Group "Cocain TeaM" attack on the websites of Azerbaijan airlines (https://azerbaijanairlines.org/) and National Olympic Committee Of Azerbaijan (https://noc-aze.org) and manage to collect lot of info and sent that to Iranian Governments to show their patriotic responsibility towards country. Cocain TeaM deface the websites also. Mirror of Hacks: 1.)   https://zone-h.com/mirror/id/17070956 2.) ...

Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares Jean-Pierre aka DarkCoderSc and Fred De Vries Develop and Release the second version of Another great security tool named " Mirage Anti-Bot 2.0 ". Zeus and SpyEye were the two main families of botnet software. These types of malware are spread mainly through drive-by downloads and phishing schemes. They are so-called Trojan horses which are designed to steal credentials from various online services like social networks (such as Facebook, Hi5, Yahoo, Netlog), online banking accounts (phising), ftp-accounts, email-accounts and other. They are part of botnets that are estimated to include millions of compromized computers. Because your antivirus program is not always giving you enough protection against these types of malware, so Experts at https://unremote.org/  create this program for you, that can be used as an extra layer of security. Mirage Anti-Bot will be downloading and installing one or more blockli...

2012 Most Vulnerable Cities At Risk Of Cyber Crime Norton's study showed the city was one of the ten worst for hacking. Each city was ranked by the prevalence of PCs and smartphones in addition to social media use with risk factors like unsecured Wi-Fi hotspots and malware attempts. Manchester was found to be the riskiest city and Vancouver is the third most vulnerable city in Canada for cyber-crime. The Top 10 Riskiest Online Cities in the U.S. are: #1 – Washington, D.C. #2 – Seattle #3 – San Francisco #4 – Atlanta #5 – Boston #6 – Denver #7 – Minneapolis #8 – Sacramento, Calif. #9 – Raleigh, N.C. #10 – Austin, Texas The Top 10 Riskiest Online Cities in Canada are: #1 - Burlington, ON #2 - Port Coquitlam, BC #3 - Vancouver, BC #4 - Langley, BC #5 - Calgary, AB # 6 - Fredericton, NB #7 - Toronto, ON #8 - New Westminster, BC #9 - Edmonton, AB #10 - Victoria, BC Cyber crime expert Simon Ellson said there are a numer of steps people can take to stay sa...

Syrian Malware and Darkcomet RAT : They    can't blame    the Developers Two days before we reported about The Syrian Malware - programs used to target the Syrian opposition.  According to Report, They steal the identities of opposition activists, then impersonate them in online chats, then they gain the trust of other users, pass out Trojan horse viruses and encourage people to open them. Telecomix agents Reverse-engineered that malware and Found that  Darkcomet RAT (Remote Administration Tool) version was 3.3 was Injected in SFX (SelF-eXtracting) archives as 1122333.exe injects this binary program into the Windows process "svchost.exe". Telecomix blame  Jean-Pierre aka  DarkCoderSc (Developer of Darkcomet) for creating this tool by saying " Jean-Pierre, please, next time you thing about writing some "espionnage software" think about life at stakes here and do something useful instead with your talent. " In Response  Je...

Dropper Malware comes with DLL Hijacking Feature Trojans, Viruses, Worms have become the scare of the year, and with good reason. Many of the recent files are malicious in nature, causing the infected user at the very worst, to lose everything on their computer. There are few specially coded malware, which are not only developed to ensure that they cause maximum damage and steal all the sensitive information they can find on the infected devices. According to Bitdefender experts, In a blog post they mention about such a malware called "Dropper" or Trojan.Dropper.UAJ. But the brand new in terms of approach that dropper hijacks a library file called comres.dll, altering it to ensure that each time it's being used, the malware steps into play. The smartness of this malware can be judge from here that, it makes a copy of the genuine comres.dll file, patches it and then saves it in the Windows directory folder, where the operating system normally looks for a DLL to load when...

MegaUpload founder Kim Dotcom released on bail Kim Dotcom, the millionaire founder of the file-sharing website Megaupload, was released on bail Wednesday after a judge said he didn't appear to have enough money to flee. Authorities in the U.S. allege founder Kim Dotcom facilitated millions of illegal downloads through his company and he is subject to online piracy charges. Last month, U.S. authorities shut down Megaupload's websites and announced indictments against Dotcom and six other people connected to the site, accusing them of operating an " international organized criminal enterprise responsible for massive worldwide online piracy of copyrighted works. " They say Megaupload generated more than $175 million in illegal profits through advertising revenue and the sale of premium memberships. He had been in custody since his arrest on January 20 after he was initially denied bail. He said: ' I am relieved to go home to see my family, my three little kids ...

McAfee Q4 Threats Report, Mobile malware on the rise The number of new malware releases slowed during the final three months of 2011, but was higher than expected for the year. Computer and mobile security firm McAfee has warned " no organisation,platform or device " is immune from malware attacks as it released its Q4 2011 Threats Report. Mobile malware hit more than 400 unique samples in Q4, up from over 100 in the third quarter, and less than 50 samples in the first quarter of last year. McAfee also found that PC malware counts declined during Q4, and were lower than in Q4 of 2010. Even so, the total number of unique malware samples is more than 75 million as of Q4, the report says. " On a global basis, we are conducting more of our personal and business transactions through mobile devices, and this is creating new security risks and challenges in how we safeguard our commercial and personal data ," said Vincent Weafer, senior vice-president of McAfee Labs. McAfee Labs reco...

Los Angeles Police Canine Association hit by Hackers The official website of the Los Angeles County Police Canine Association (https://www.lacpca.com) was hacked by CabinCr3w group of Hackers. Hackers leak lots of data from the site on a Pastebin Note  titled as " PedoCop & Police Emails ". This data include officers names, addresses, and phone numbers of hundreds of officers and their membership rosters which were taken upon login. Hacker also upload two Archives which have the complete Google Emails data of two officers. Hackers also Mention that " we will not be including the photos from the email in this release but we will be making contact with the appropriate organizations protecting children from exploitation online ."

Apache 2.4 Comes Out, Major update after 6 years The Apache Software Foundation officially released the Apache 2.4 today as the first major update to this leading open-source web-server in more than a half-decade. Apache 2.4 is slated to deliver superior performance to its 2.2 predecessor and better compete with the growingly-popular NGINX web-server. It is the first major release of Apache in six years, coincides with the software's 17th anniversary. Besides much faster performance, among the many enhancements to the Apache 2.4 HTTP Server is better a-synchronous support in its core, run-time loadable MPMs, reduced memory usage compared to Apache 2.2.x, several new modules, enhancements to existing modules, and much more. " This release delivers a host of evolutionary enhancements throughout the server that our users, administrators, and developers will welcome ," Apache server vice president Eric Covener wrote in a statement. " We've added many new modules...

Hackers to release 0-days in comics Hackers frequently disclose vulnerabilities in various products, but taking it to a whole new level, now hackers and malware coders are planning to release actual 0-days through their own comic books. The Malware conference, Malcon announced it on their groups yesterday. In the making from last three months, the comic is planned for release with objective of simplifying and helping coders understand the art behind malcoding for offensive defense and security. It is learned that there will be two formats for the comic - a web and a printed version. The printed version will be specifically for the Indian Government officials, Intelligence agencies and Law enforcement groups, who are regular attendees at the conference. This is also seen as a remarkable and significant point in the history and evolution of hackers and also points at things to come in wake of real threats with respect to cyber warfare capabilities of India in future. On condition of ...