The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

" Please don't mind, its 5th of November " slogan for today ! Anonymous Hackers hacked into " Telecom Italy " (www.telecomitalia.it) and dump Social Security Number, Social Insurance Number, 30000 credentials and lots of vulnerabilities exposed. In a blog post hackers said," Telecom Italy boasts 3000 XSS error and vulnerabilities that allow third parties to access the "htaccess" and other sensitive data. Anonymous will not publish sensitive information of individual users. This one can define a simple notice to show that you do not have appropriate security measures. In fact it is very simple appropriated credentials and social security numbers ." 3000 Cross site scripting ? wow its a huge number ! Hackers upload some paste regrading the hack as given below: 1.) Social Security Number and Social Insurance Number : Link 1 2.)  Some Credentials (sample only) : Link 2 In credentials disclosure we notice an interesti...

The Israeli military has set plans to boost its cyber warfare capabilities with a better Cyber Army by expand its Unit 8200. " It has become clear that the demand for soldiers in this field is growing, which is why we're searching for solutions not only in Israel but abroad as well ," a top officer in the Manpower Directorate. Unit 8200, Israel's equivalent to the NSA, is undergoing a massive expansion. The U.S. Army ad slogan may be: " The Army needs a few good men ." But IDF Unit 8200′s slogan is: " The IDF needs a few good hackers ." Actually not a few, more like hundreds if not thousands. The disclosure comes amid recent reports that the Israeli army is working to enhance its cyber-warfare abilities. Military intelligence chief Maj.-Gen. Aviv Kochavi is slated to invest 2 billion shekels (525 million U.S. dollars) to that end in the coming years. " The military officials are tasked to track "young computer geniuses" and persuade them to immigrate to Israel for...

5th November 2012 was the most exciting day in Cyberspace, yesterday we have report about few major hacks and leaks including Hacking of ImageShack Server , thousands of researchers database leak from Symantec portal, then  NBC Sports Rotoworld forums and NBC Mobile site was defaced by pyknic hacker and a claim that user names and passwords for the site had been compromised, Anonymous leaks the VMware ESX Server Kernel source code online , numerous Australian sites, and the Organization for Security and Cooperation in Europe. The Guy Fawkes Day start with the hack of  28,000 Paypal Accounts. AnonymousPress tweeted , " Paypal hacked by Anonymous as part of our November 5th protest privatepaste.com/e8d3b2b2b1 #5Nov " (File Removed now) Private Paste documents contained 27,935 entries from Paypal database table " mc_customers " including emails, names, passwords (encrypted) and corresponding telephone numbers. However acc...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Hackers hack into ImageShack server and expose all the files online, moreover Antivirus Company Symantec's portal also hacked by them and complete database of all 1000's of researchers dumped in a pastebin File. One of the hacker behind this hack avilable on twitter at  @ Doxbin . Hacker expose content of few most important files of the server, like /etc/passwd ,  /etc/shadow , Content list of ImageShack Web directory (/home/image/www) and many more. Hacker claimed to use some zero day vulnerability in order to get into the server. Whereas in  Symantec case, hackers leak complete database from online portal. Database information includes Phone numbers, email, domain, password, Name, Username etc. According to Hackers write up that exploit unknown zero-day bug of ZPanel used by Symantec to get into server. In same operation, hackers target  CrytoCC website (https://kerpia.cryt...

Mobile version of Official NBC website (m.nbc.com) and NBC Sports Rotoworld forums (forums.rotoworld.com) are currently defaced with a message reading " hacked by pyknic ." and " Remember, Remember The Fifth of November, The Gunpowder Treason and Plot. I know of no reason why the gunpowder treason should ever be forgot. " Hacker also claim that "user info" and "passwords" had been exposed, but yet there is no note about the dumped database location. We will update the article, once after receiving more information about the hack. Stay Tuned.

Cross Site Scripting (XSS) is currently the most common vulnerability in the world. This is vulnerability of some host which allows anyone to inject code/scripts into the page. The injected scripts could be html tags, javascript script, vbscript scripts. A Hacker with virtual name ' Human mind cracker ' expose similar v ulnerabilities in some big and Important sites, like  Israel airline, Myspace, MTV website, Sweden government, Bangladesh bank, Nasa subdomain, Brown University, Afghanistan government website and Rome government website. In a pastebin note , hacker disclose the vulnerabilities and exact working links. These Cross Site Scripting existence is because of the lack of filtering engines to user inputs at websites, forms and web servers. Most of the time readers thinks that XSS is a very minor bug and having very less impact. But if implemented in a better way, that can ...

India is set to take steps to protect its cyber infrastructure and designate agencies for carrying out offensive cyber attacks on other countries. Indian Government announce the appointment of   first coordinator for The National cyber security agency. Mr. Gulshan Rai , who presently heads the Indian Computer Emergency Response Team (CERT-IN), will be the first coordinator. The move comes at a time when proof shows countries launching cyber attacks not only for intelligence gathering and many nations describing the attacks as an act of war. " The plan is in final stages with certain legal issues being clarified. Among the issues are some objections to the legal powers of the proposed National Critical Information Infrastructure Protection Centre (NCIPC), a command-and-control centre for monitoring the critical infrastructure. NCIPC is to be managed by the technical intelligence agency NTRO (National Technical Research Organisation), and...

Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads,  " WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK #Anonymous #AntiSec ". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reason behind this wild leak by anonymous is that, Vmware continue producing on same level again and again which is not a good practice for better Security. " Bullshitting people and selling crap. But it's time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn't used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it's true destiny. " Hacker said. A 1.89 MB uploaded on torrent and titled "VMware ESX Server Kernel LEAKED". I have download the archive and file inside archive as shown above. Dump seems to be produced by revers...

A federal judge ordered the FBI to disclose more information about its " Going Dark "  surveillance program, an initiative to extend its ability to wiretap virtually all forms of electronic communications. Why shocking ? because a federal judge just ruled that police can place surveillance cameras on private property without a search warrant and another federal judge quickly overturned a previous decision blocking the indefinite detention provisions of the National Defense Authorization Act (NDAA) for Fiscal Year 2012. The EFF ( Electronic Frontier Foundation)   has filed filed two freedom of information requests, in response to which they received damned little. Judge Richard Seeborg says the feds need to go back and try again. FBI's wiretapping system is robust and advanced, so request sought documents concerning limitations that hamper the DOJ's ability to conduct surveillance on communication networks including encrypted services like BlackBerry, social-n...

Team GhostShell hackers group who was responsible for the recent leak of some millions of records from top universities around the world once again strike back. As the part of " Project Blackstar " Hacking group GhostShell Declares War On Russia and leaks 2.5 millions of accounts belong to  governmental, educational, academical, political, law enforcement, telecom, research institutes, medical facilities, large corporations in such fields as energy, petroleum, banks, dealerships and many more. This set of hacks is spread out across 301 links, many of which simply contain raw dump files uploaded to GitHub and mirrored on paste sites like Slexy.org and PasteSite.com. The files include IP addresses, names, logins, email addresses, passwords, phone numbers, and even addresses. " The average citizen is forced to live an isolated life from the rest of the world imposed by it's politicians and leaders. A way of thinking outdated for well over 100 years now, "...

The growing popularity of microblogging sites like Twitter has sparked a corresponding rise in social networking scams. If you receive an email or direct message (DM) on Twitter with text " Hello, You have been selected to be the Twitter user for the month! We've got a reward for you text this word ITweet to the following number 6 8 3 9 8 " , don't bother replying the mail. Mary C. Long actually notice this scam and write a quick warming on his blog .  Those who send messages to the number provided by the scammers are actually handing over their phone numbers to the crooks. They can use the information for smishing attacks and all sorts of other malicious plots , Eduard Kovacs from Softpedia explains . Here a small list of most common Twitter-Facebook Scam messages , If any of this phishing scheme sounds familiar, ignore the message. i got mine yesterday you even see them taping u him what on earth you're doing on this mov...

A few week ago, we have seen a major example of Cyberbullying , where a 15-year-old girl ' Amanda Todd '  to kill herself. The Internet can be a dangerous place for the young, exposing them to e-threats such as malware, phishing schemes, pornography or material promoting the use of drugs and violence, among others. In order to keep your kids safe, you'll need to know about the different types of online dangers that are out there. Researchers from  TrendMicro found a malware that steals images from your hard drives of an affected system and able to upload them to a remote FTP server . Malware specifically look for all .JPG, .JPEG, and .DMP files in the storage. Once your system will connect to internet, malware will upload first 20,000 files to the FTP server. " Information theft routines have been mostly limited to information that are in text form, thus this malware poses a whole new different risk for users. " The internet is a very useful too...

On a quick tip from a The Hacker News reader - Travis, we came to know about that some antivirus giving warning when readers try to visit  Bloomberg's Businessweek website ( businessweek.com ) that the site is infected with malware and trying to drop a malware on visitor's system. Website having very high alexa rank, that means it server updates to millions of daily visitors. Most obvious that Bloomberg's site was hacked and then hacker was able to inject the script to infect visitors of site. After exploring the site, I found that some " Under Maintenance " pages like (  hxxp://bx.businessweek.com/photos/spham708_medium.jpg  ) of  Businessweek website having injected iframe that trying to open a remote page uploaded on a italian website as shown below: Injected URL :  hxxp://www.lamiabiocasa.it/class/cls-memcache.php ( Do not open this page ). We have another news from other sources that, recently around h...