The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Chinese Trojans Gh0stRAT used to attack pro-Tibet organisations AlienVault has discovered a range of spear phishing attacks taking place against a number of Tibetan organizations apparently from Chinese attackers. The security firm believes that the attacks are originating from the same Chinese group that launched the Nitro attacks last year and and signal a serious escalation into cyberwar from the 'cold war' that has existed between the two countries since the occupation by the Chinese army in 1950. The new attack uses a malicious Word attachment sent by email to organisations including the Central Tibet Administration and International Campaign for Tibet using English-language subject lines promoting a Tibetan religious festival. The attacks were given the name Nitro, and they leveraged Phishing and a PDF exploit to target a vulnerability in Windows (CVE-2010-3333). The malicious payload being delivered in this latest attack is a variant of Gh0stRAT , which exploits a...

' The Consortium ' Just Called the Movement a ' SLUT ' I'm disappointed. At the pinnacle of one of the greatest and most innovative political movements the world has ever seen, you have the new hackers group named "Consortium" bringing the movement to a new low and quite frankly, an embarrassment. When the world is finally revolting against tyranny, corruption and a disgraceful abuse of human rights, the group Consortium chooses to hack into a porn site and stole Users identity and credit card numbers of men and women, mostly who are serving in the military. ( List of Military Emails , Used in Porn Site to sign up is available in our last related article) May I ask Consortium to what end does this serve? There have been depictions of a sexual nature as old as civilization, such as, the Venus figurines and sexual rock art since prehistoric times. Using the excuse that the site was poorly secured, is no excuse at all for demeaning and demoralizing people using the...

Role of free Hosting in Cyber Crime Zscaler experts notice that free hosting and DNS providers abused for hosting Phishing Pages, Spamming, Botnets or Malwares. Many free hosted sites considered as spam. They list " x90x.net " Free hosting Provider which used to host many Facebook Phishing sites. Like Other Blacklisted serviecs ( co.cc, pastehtml.com ) this free hosting can also be blacklisted by Google or Browsers soon.  Few Phishing Pages hosted on x90.net: faceb000k.x90x.net jebemtakra-pisdfa-asdasdsds-ddfs.x90x.net mesnaindustrija-goranovic-m-e-s-n-a.x90x.net dft3.x90x.net/fbcd.html d3xt0pcr3w.x90x.net When you're on a shared server it's important to find out if anyone else on your server has been blacklisted for spamming. Why? Because on a shared server you're IP address and their IP address will be the same, and it does not matter if your domain name is different, you'll still be blacklisted along with every other person on that server. Not Eve...

Yes! Its true,  Anonymous Hackers released their own Operating System with name " Anonymous-OS" , is Live is an ubuntu-based distribution and created under Ubuntu 11.10 and uses Mate desktop. You can create the LiveUSB with  Unetbootin . Also Read: Top Best Password Managers . Also Read: Deep Web Search Engines . Pre-installed apps on Anonymous-OS: - ParolaPass Password Generator - Find Host IP - Anonymous HOIC - Ddosim - Pyloris - Slowloris - TorsHammer - Sqlmap - Havij - Sql Poison - Admin Finder - John the Ripper - Hash Identifier - Tor - XChat IRC - Pidgin - Vidalia - Polipo - JonDo - i2p - Wireshark - Zenmap …and more Download Anonymous-OS 0.1 Warning : It is not developed by any Genuine Source, can be backdoored OS by any Law enforcement Company or Hacker. Use at your own Risk. Update: Another Live OS for  anonymity available called " Tails ". Which is a live CD or live USB that aims at preserving yo...

Microsoft adds Enhanced Memory Protections in IE10 Internet Explorer 10, the next version of the popular browser from Microsoft will incorporate new protections in terms of memory management. French security firm VUPEN has managed to hack Microsoft's Internet Explorer 9 on a fully patched Windows 7 SP1 machine. Internet Explorer 10 introduces significant improvements in memory protections to help make vulnerabilities harder to exploit, helping to keep users safe on the sometimes-hostile Web. These improvements will increase the difficulty and development cost of exploits, making life harder for the bad guys. As VUPEN founder Chaouki Bekrar claims, the memory corruption bug they used to do that is one of many they found, but he also admitted that the new IE 10 will be much harder to break into as Microsoft has added new protection mechanisms. Internet Explorer 10 will include two major new features: HEASLR (High Entropy Address Space Layout Randomization): functionality ad...

Potential Security Risk of Geotagging for the Military Did you know that when you upload photos to the Internet they can tell more about you, then you would want to disclose to a random stranger watching it? Where you live, where you spend time with your kids, when you are at home, and when you are not. How is that? Modern smartphones and cameras can add additional information to digital photos they create - date and time, camera model, and lot's of other information, including GPS coordinates of place where photo has been made. And when you upload such photo to your favorite social network it might either display this info explicitly, or just leave it intact and any user who's watching it can find you on a map. A article posted by  Cheryl Rodewig on United States Army website with title " Geotagging poses security risks ". They explain , The question was posed by Brittany Brown, social media manager of the Online and Social Media Division at the Office of the Ch...

Microsoft Security Bulletin with Remote Desktop Flaws Microsoft has released 6 updates in this month's patch Tuesday, including a patch for a critical hole which the software maker warns could be hit within the next 30 days. Microsoft is warning that there's a remote, pre-authentication, network-accessible code execution vulnerability in its implementation of the RDP protocol. A remote code execution vulnerability exists in the way that the Remote Desktop Protocol accesses an object in memory that has been improperly initialized or has been deleted. An attacker who successfully exploited this vulnerability could run abitrary code on the target system. An attacker could then install programs; view,change, or delete data; or create new accounts with full user rights, Read More . The vulnerability, which affects all versions of Windows, was privately reported to Microsoft's via the ZDI vulnerability broker service and the company said it was not yet aware of any attacks in the wild....

BBC Persian TV hacked by  Iranian government According to BBC News, today Iran hacked BBC Persian TV ( https://www.bbc.co.uk/persian/ ) . This is not the first time the Iranian government has tampered with the BBC's Persian service, Zdnet Report. The Reason behind this attack is part of a broader attempt by the government to disrupt the BBC's Persian service. This  attack follows various tactics by the Iranian government, such as harassment, arrests, and threats against the relatives of BBC Persia correspondents who still live in Iran, in an effort to force the journalists to quit the Persian news service. In Addition to this, The BBC's London office was inundated with automatic phone calls and the company's satellite feeds into Iran were also jammed, while this only affected owners of illegal satellite dishes, these are of course the only ones that can receive the BBC signal in Iran. The BBC has previously accused Iran of attempting to j...

Tunisian Islamist Website Hacked by Anonymous The Facebook page of Hizb Ettahrir, an Islamist political party that is legally unrecognized in Tunisia, was hacked last night by a Tunisian group claiming affiliation with the international cyber activist collective Anonymous. " We are fighting you... your emails, your bank accounts and transactions will be probed, your hard discs will be copied ," said a man wearing the Guy Fawkes mask that has become a trade mark of Anonymous members. The YouTube video embedded above, in French, was posted a few days ago warning of the attack. The video warned their e-mails, bank accounts, and hard drives will be probed. Furthermore, it said if the Tunisian government won't stop them, Anonymous will. The video warned, " We are fighting you… your emails, your bank accounts and transactions will be probed, your hard discs will be copied. If the Tunisian government won't stop your activities in the weeks to come, Anonymous will . "   The a...

10 Lessons learnt from Kim Dotcom Article Cross Post from InternetServices. Kim Dotcom, a hacker that was able to take his knowledge and create a site called Megaupload, was recently arrested due to alleged copyright infringement allegations. Even though he was the top dog in the company, he did not commit these crimes alone, and many other key players were also arrested in the wake of these crimes. Unfortunately, while this guy is obviously intelligent, he should have been using those brains for good instead of evil. However it wasn't all bad, and some good did come from it. Check out 10 things the Internet learned from Kim Dotcom. Cyberlocker technology: This has also been referred to as a 'cloud storage infrastructure'. Basically this technology allowed you to store files that were too large to e-mail for free on the Internet. For instance, you could upload a big long wedding video and your family could go there to download it at no charge. If they wanted to watch it or downlo...

ServerPro Web Hosting Defaced by Team L0g!cs Web hosting provider ServerPro has been compromised and completely defaced by hacking group named " Team L0g!cs ". ServerPro boasts to have over 200,000 clients over a 10 year stand. Shown Defacement page that showcases information about the hack and the group behind the attack, along with some nice ambient music. The attackers were even nice enough to leave behind a contact email in case you have any questions. While writing this Post , Google showing " Warning,  found malware on the site " on the homepage, as shown below: If we Proceed by ignoring the warning, Visitors can see Deface Page still on the page.

FBI charge Anonymous for stealing CC worth $700000 in  Stratfor attack The FBI has revealed that there were $700,000 worth of fraudulent credit card charges after hacktivist group Anonymous stole nearly 200 gigabytes of data, including credit card numbers, from security firm Stratfor. Anonymous hacked Stratfor back in December and fed the resulting emails to Wikileaks for publication. Anonymous stole a large amount of user names and passwords, in addition to some 60,000 credit card records, after exploiting vulnerabilities to reach Stratfor's servers. At the time, Anonymous said it would use the credit cards to make charitable donations money that would obviously never see the hands of the needy. FBI's Milan Patel said that the $700,000 figure " does not reflect any of the charges that may have been incurred on cards associated with the Stratfor Hack for which records have not yet been reviewed ." In addition to the credit card numbers and other personally identifiab...

Vatican Radio hacked by Anonymous Hackers The hacktivist group Anonymous has taken down the Vatican's website for a second time. The attack is part of the organization's recent declaration of war against religion. The personal data of journalists at Vatican radio was leaked online and the Vatican's website hacked for the second time in several days both attacks believed to be the work of the amorphous Internet activist group Anonymous. Unlike the first hack , which appeared to be a typical Distributed Denial of Service (DDoS) attack, this one is more than just taking down the website. Vatican officials declined to discuss the breach while the attack was still under way. " We regret having to announce that your systems are less secure than what you would like to believe, because, while the hype was directed toward the darkening of vatican.va, we took the liberty to implement a small incursion into your systems, " the statement reads. Anonymous justified its attack by...