The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Parliament Of Botswana hacked by V0iD V0iD hacker again strike with Parliament Of Botswana  https://www.parliament.gov.bw/  . Hacker Releases the database table   information and Admin users login details at  https://pastebin.com/Ts21HhEz  .

Jawahar Knowledge Center website Hacked & Databse leaked by PCA Pakistan Cyber Army (PCA) admin Shak hack the website of Jawahar Knowledge Center ( https://www.ieg.gov.in/ ) . They Release the Database backup, which is available for Download at   https://www.multiupload.com/IFLRXDT53W  .  The database includes the password, surname, name, designation, address, phone, useremail, collegecode,dateofreg, gender, districtid, hallticketno, question, answer, alternate mail of Members.

EC-Council Academy Hacked by GaySec (Malaysian hackers) EC-Council Academy ( https://eccouncilacademy.org )   Hacked by GaySec (Malaysian hackers). EC-Council Academy is a separate distinct company with no corporate connection between itself and EC-Council or EC-Council University. Some months before same site was got hacked by some other hacker. Read here ... Some Hack Proofs : [-] Enter Target: -> www.eccouncilacademy.org [-] Enter Path: -> / [-] Port: -> 80 [+] Connecting to www.eccouncilacademy.org... [+] Connected to eccouncilacademy.org [+] Searching for token... [+] W000t!! got it! "AMXhybB3FSBDBYJZU" [+] Convert the token to the RCE Payload [+] Execute the shell... [+] Trying... [+] Got it!!! -> Reverse Shell Started $ id; uname -a; pwd uid=7647041(ecco1665) gid=100450(inetuser) groups=100450(inetuser) context=user_u:system_r:unconfined_t:s0 Linux sg2nlhg017.shr.prod.sin2.secureserver.net 2.6.18-194.32.1.el5PAE #1 SMP Wed Jan 5 1...

Songs.pk hacked by Indishell Against Mumbai blasts Patriotic Indian Hackers " Indishell " / Indian Cyber Army finally Strike to the Biggest Pirated Music Download Website of Bollywood Albums run by Pakistan crew. The hack is perform against the  Mumbai blasts - Wednesday 13 July 2011. Pakistan issues a condemnation after three attacks blamed on terrorists strike Mumbai, targeting the city's Opera House district, its Zaveri bazaar and the central Dadar area. Indian hackers Hack the Songs.pk and add there deface page with a message at  https://songs.pk/usersonline/usersonline.php  . Message By Indishell " Pray for all the innocent victims of Mumbai attack ..This is a small answer from All Indians.. Remember we are Together..You can just kill innocent people .. Women & Childrens..But There is no Future for you.. We are coming with huge speed..Corruption will be under control.. Every Indian will have Money n Power..Then there will be no one to Save you...

Yellowstone County website hacked - Tax Payers Information at Risk Yellowstone County has taken its website offline after the state's technology department discovered the site had been hacked. The website will be brought back online in stages when it is safe to do so, a process that is expected to go into next week, county officials said. It's possible that taxpayers who paid property taxes by electronic bank transfer may have had their account number exposed to the hacker. This does not include taxpayers who made payments by paper check or debit/credit cards. The county system has been taken off line at this time. KTVQ-TV reports that county officials are working with forensic security examiners to determine what, if any, information was taken. The county apologizes for any inconvenience caused by this criminal act of the hacker.

Armitage 07.12.11 - Updated Version Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don't use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you. This is the official change log : Fixed a race condition causing some file browser actions to fail on Windows hosts at times. Files downloaded through file browser are now archived in: [host]Downloads Hail Mary output nows goes to [log dir]allhailmary.log Added Crack Passwords button to Credentials tab. This opens the launcher for John the Ripper: auxiliary/analyze/jtr_crack_fast Added Post Modules item to Meterpreter N -> Explore and Shell N menus. This menu item will show applicable post-exploitation modules in the module browser. Loot browser now...

Pentagon Admits to biggest ever data breach According to Report, Department of Defense and Pentagon is disclosing news of the one of the largest data loss events to date . From investigation, officials to believe the intrusion was orchestrated by a foreign government. The theft of around 24,000 sensitive Pentagon documents occurred in March 2011. From the Associated Press: The Pentagon is revealing that it suffered one of its largest-ever losses of sensitive defense data this spring to a cyber attack that it blames on an unspecified foreign government. The loss is an example of why the Pentagon has developed new cyber security rules that emphasize deeper defenses, more collaboration with private industry and new steps to stop thefts by malicious insiders.  William Lynn, the deputy secretary of defense, said in a speech outlining the new strategy that 24,000 files were stolen from a defense industry computer network in a single intrusion in March. He offered no details....

UK Vodafone Phone Hacking method exposed The Hacker's Choice announced a security problem with Vodafone's Mobile Phone Network today. An attacker can listen to any UK Vodafone customer's phone call. An attacker can exploit a vulnerability in 3G/UMTS/WCDMA - the latest and most secure mobile phone standard in use today. Vodafone released its femto cell to the general public. This means anyone can run his own UMTS network in his house. The box connects back via your DSL connection into their mobile network. This is an initial project to gather information about the technology and verify the security. This project started in 2009 together with hackers from the french underground. Read Complete Details Here

PuTTY v.0.61  New Version   released  After 4 years After four Years, Putty's New version finally Released today.Here are the PuTTY files themselves: PuTTY (the Telnet and SSH client itself) PSCP (an SCP client, i.e. command-line secure file copy) PSFTP (an SFTP client, i.e. general file transfer sessions much like FTP) PuTTYtel (a Telnet-only client) Plink (a command-line interface to the PuTTY back ends) Pageant (an SSH authentication agent for PuTTY, PSCP, PSFTP, and Plink) PuTTYgen (an RSA and DSA key generation utility). These features are new in beta 0.61 Kerberos/GSSAPI authentication in SSH-2. Local X11 authorisation support on Windows. (Unix already had it, of course.) Support for non-fixed-width fonts on Windows. GTK 2 support on Unix. Specifying the logical host name independently of the physical network address to connect to. Crypto and flow control optimisations. Support for the zlib@openssh.com SSH-2 compression method. Support for new Wind...

RootRepeal – Rootkit Detector v1.3.5 Download Now RootRepeal is a new rootkit detector currently in public beta.  It is designed with the following goals in mind: Easy to use – a user with little to no computer experience should be able to use it. Powerful – it should be able to detect all publicly available rootkits. Stable – it should work on as many different system configurations as possible, and, in the event of an incompatibility, not crash the host computer. Safe – it will not use any rootkit-like techniques (hooking, etc.) to protect itself. Currently, RootRepeal includes the following features: Driver Scan – scans the system for kernel-mode drivers.  Displays all drivers currently loaded, and shows if a driver has been hidden, and whether the driver's file is visible on-disk. Files Scan – scans any fixed drive on the system for hidden, locked or falsified* files. Processes Scan – scans the system for processes.  Displays all processes currently r...

Toshiba Database hacked and User accounts leaked by V0iD Today V0iD hacker leak the database of  National Assembly of Pakistan database  and now he also Hack the website of  Toshiba  .  The Database names, Admin user table data with user-passwords and Normal users logins leaked at  https://pastebin.com/mFwijETu  . And also He leak Service Places of Toshiba. These are a small list of Toshiba resellers accounts with their passwords at  https://pastebin.com/ay4981Tp  . The Databases List Provide by hacker : Master Tempdb Model Msdb Concierge_desk QuickFix Cds Crb CompChart TACPSERVICE TamsIntranet2008 BlogEngine TIMSS

National Assembly of Pakistan database hacked by V0iD Another new hacker "V0iD" come in action ! He hack the website and database of National Assembly of Pakistan at  https://www.na.gov.pk  . The hacked database info is leaked at  https://pastebin.com/bAgnnG9F  . Hacker leaks the username / passwords of 7 admin accounts and phone numbers of 13 accounts.

Project Tarmeggedon by Anonymous Hackers Operation Green Rights Anonymous hackers Starts Project Tarmeggedon , Presents by Operation Green Rights. Hackers calling everyone to Protest. Press Release By Anonymous Hackers : Free-thinking citizens of the world: Anonymous' Operation Green Rights calls your attention to an urgent situation in North America perpetuated by the boundless greed of the usual suspects: Exxon Mobil, ConocoPhillips, Canadian Oil Sands Ltd., Imperial Oil, the Royal Bank of Scotland, and many others. This week, activists are gathering along U.S. Highway 12 in Montana to protest the transformation of a serene wilderness into an industrial shipping route, bringing "megaloads" of refinery equipment to the Alberta Tar Sands in Canada (see Tar Sands FAQ Sheet below). Anonymous now joins the struggle against "Big Oil" in the heartland of the US. We stand in solidarity with any citizen willing to protest corporate abuse. Anonymous will not s...

Microsoft Vulnerability in Bluetooth Stack Could Allow Remote Code Execution The single Critical vulnerability in today's batch of security updates addresses an issue in the Bluetooth stack. Your workstations' risk to this vulnerability varies, depending on a number of factors. I'd like to use this blog post to outline those risk factors. This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability. This security update is rated Critical for all supported editions of Windows Vista and Windows 7. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the...

421 FTP hacked and logins leaked by PiraX hackers PiraX hacking Crew (  https://pirax.net/  ) today Leak the Username / Passwords of 421 FTP's via Pastebin link .  Message By Hackers " The LulzBoat may be sunken but PiraX keeps 'a goin'! Have fun! * ".

International Organization For Migration database  hacked by Inj3ct0r Team for GREEN LIBYA  Inj3ct0r Team Hackers hack the database of International Organization For Migration database ( https://www.iom.int/ ) . Statement by Hacker " Sorry about the usernames and passwords not giving because we take no responsibility of defacing their database and official website.. But we want to deliver them the message that they're still publishing lies and trying to give a bad image about what's going in libya. Rooted and exposed for the pride of GREEN LIBYA and Supporting the green libyan nation ." Data leaked By Hackers Database : MySQL (MM MySQL JDBC) Database driver : com.mysql.jdbc.Driver Database URL : jdbc:mysql://localhost/jahia?useUnicode=true&characterEncoding=UTF-8 2) Database : Orcale 9.x - 10.x Database driver : oracle.jdbc.driver.OracleDriver Database URL : jdbc:oracle:thin:@localhost:1521:jahia 3) Database : ...

Exploitsearch.net - Exploit & Vulnerability Search Engine This is a online search for currently utilizing data from NVD, OSVDB, SecurityFocus, Exploit-DB, Metasploit, Nessus, OpenVAS, and PacketStorm.Well search engine does the work but this is a specific search engine for better results. There not much to write about just visit the site and all your queries will be answered. VISIT :  https://www.exploitsearch.net/

WPSCAN - WordPress Security & vulnerability Scanner WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach. Details Username enumeration (from author querystring and location header) Weak password cracking (multithreaded) Version enumeration (from generator meta tag) Vulnerability enumeration (based on version) Plugin enumeration (2220 most popular by default) Plugin vulnerability enumeration (based on version) (todo) Plugin enumeration list generation Other misc WordPress checks (theme name, dir listing, ...) DOWNLOAD HERE DEMO

265 Brazilian websites hacked by tota-x IR4DEX CREW 2011 member " tota-x " deface 265 Brazilian websites . The List of hacked sites is available here .

GMER - Automating Rootkit Analyzer Released GMER  is an application that detects and removes rootkits . It scans for: hidden processes hidden threads hidden modules hidden services hidden files hidden disk sectors (MBR) hidden Alternate Data Streams hidden registry keys drivers hooking SSDT drivers hooking IDT drivers hooking IRP calls inline hooks You can download GMER  here .