The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

EC-Council is launching " CyberLympics " - Olympic games for Cyber Security Global CyberLympics is conceptualized and organized by EC-Council. The goal of the CyberLympics is to raise awareness towards increased education and ethics in information security. The mission of the Global CyberLympics is Unifying Global Cyber Defense through the Games. EC-Council's Global CyberLympics , the world's first ethical hacking championship will be held this September across six continents. The Global CyberLympics is endorsed by the U.N.'s cybersecurity executing arm. The mission behind the games is to foster better cooperation and communication on cybersecurity issues among countries. Global CyberLympics is a series of ethical hacking games comprised of both offensive and defensive security challenges that will take place starting from September across six continents. Teams will vie for regional championships, followed by a global hacking championship round to determine the world's b...

TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked ! TeaMp0isoN Hackers crew today Reveal on twitter that the discussion forum on NASA website at  https://worldwind35.arc.nasa.gov/forum/ is Vulnerable to SQL injection. The discussion Forum script is Powered by Vbulletin. According to hacker, He use Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability Exploit for hacking the Database of Forum . Hacker also expose the Login details of Admin of website on Pastie .

Mikko Hypponen : Fight cybercrime, but keep the net free Mikko Hypponen is an expert on cybercrime and chief research officer at F-Secure Corporation in Helsinki, Finland. TED is a nonprofit organization dedicated to "Ideas worth spreading," which it distributes on its website . In the real world, you only have to worry about the criminals who live in your city. But in the online world, you have to worry about criminals who could be on the other side of the planet. Online crime is always international because the Internet has no borders. Today computer viruses and other malicious software are no longer written by hobbyist hackers seeking fame and glory among their peers, but by professional criminals who are making millions with their attacks. These criminals want access to your computer, your Paypal passwords and your credit card numbers. Criminal online gangs recruit people with high level computing skills but no job opportunities in the real-world economy. There is...

#DefCon 19 : Android Network Toolkit for Penetration Testing and Hacking Have an Android and wanna start pwning people, networks and machines like penetration testers do? Defcon 2011 is in full hacking swing, and Itzhak Avraham -- "Zuk" for short -- and his company Zimperium have unveiled the Android Network Toolkit for easy hacking on the go. Need to find vulnerabilities on devices using nearby networks? The app, dubbed "Anti" for short, allows you to simply push a button to do things like search a WiFi network for potential targets, or even take control of a PC trojan-style. The firm says the tool's purpose is for people to find aged exploits and patch them so that "hacking" their network and taking control of devices connected to it isn't as easy as putting together a 10 piece puzzle. It will allow users to do more than just "find" these exploits, though – you can actually act on them as if you had every intent to cause malintent.Commands like " man-in-the-m...

Call for DEFCON Chennai (DC602028) 2011 meet on 14th August Welcome to DC602028 aka DEF-CON Chennai  DEFCON Chennai (DC602028) inviting all the like minded heads for the August 2011 meet In Chennai. Get Ready for Next Generation DefCon Meet.. -Where it 's taking place? Dazzle restaurant, Neelankarai Chennai. -At what time? From 4PM to 6PM. -Who will be the speaker ? There is no speaker, really. We dont have any speakers. It's going to be a Hacker meet, so we want each and everyone among us to share their little adventure. In other words "All are Speakers". -What are we going to talk about? Literally about everything on the "Hack Field". PS: We will be discussing about Exploits and Narcissism. - Will I get a Free foods, Drinks and hukka? Sorry due to recession, we are in recession. We advice you to have 300rs to 500rs ;-) - How can I contact DEF-CON Chennai? You can contact us at defchennai@gmail.com .  Please leave your name and ph...

Oracle, other companies hacked by Social Engineering attack in #DefCon 19 A weekend contest from 4th August to 7th August , at the world's largest hacking convention in Las Vegas showed one reason why big corporations seem to be such easy prey for cyber criminals : their workers are poorly trained in security. Reuters post the news about Hacking of Oracle and some more big Companies just by using Social Engineering in DefCon 19. Hackers taking part in the competition on Friday and Saturday found it ridiculously easy in some cases to trick employees at some of the largest U.S. companies to reveal information that can be used in planning cyber attacks against them. A contestant pretended to work for a company's IT department and persuaded an employee to give him information on the configuration of her PC, data that could help a hacker decide what type of malware would work best in an attack. " For me it was a scary call because she was so willing to comply ," said...

Youth Peer Education Network Of Syria Defaced by Cocain TeaM Hacker from Cocain Underground Team today deface the website of   Youth Peer Education Network Of Syria . The Youth Peer Education Network (YPEER), is a groundbreaking and comprehensive youth-to-youth initiative pioneered by UNFPA.Y-PEER Network is already in 48 countries Including (SYRIA) and still counting. Mirror of Hack is available  here . Yesterday Official site of NDRRMC was hacked by Cocain TeaM  . and just few hours before  Syrian Ministry of Defense is hacked by Anonymous Hackers.

Sulekha.com Got hacked by Mr52 An Indian Hacker " Mr52 " Hack and deface the webpage of  Sulekha.com - A leading shopping store of India. Hacker said " Sulekha.com Got hacked because they take money but never give any support ".  Defaced Page and Mirror of Hack is Available. Some days before  Songs.pk was also hacked by Mr52 Against Mumbai blasts. Update : One more Link hacked on Sulekha.com By Mr52 .

Syrian Ministry of Defense hacked by Anonymous Hackers The official website of  Syrian Ministry of Defense has been hacked by Anonymous Hackers and defaced. The Anonymous Logo and a note can be seen on homepage. The Original words of Note is : To the Syrian people: The world stands with you against the brutal regime of Bashar Al-Assad. Know that time and history are on your side - tyrants use violence because they have nothing else, and the more violent they are, the more fragile they become. We salute your determination to be non-violent in the face of the regime's brutality, and admire your willingness to pursue justice, not mere revenge. All tyrants will fall, and thanks to your bravery Bashar Al-Assad is next. To the Syrian military: You are responsible for protecting the Syrian people, and anyone who orders you to kill women, children, and the elderly deserves to be tried for treason. No outside enemy could do as much damage to Syria as Bashar Al-Assad has done. Defend yo...

Moshi Moshi : VoIP bot written in Python Moshi Moshi is a VoIP Bot written in Python that uses SIP as VoIP Protocol, Text-to-speech engines for Output, and DTMF Tones for Input. It is part of a talk (" Sounds Like Botnet ") given at DEF CON 19 and BSidesLV 2011 on VoIP Botnets by Itzik Kotler and Iftach (Ian) Amit. Download Moshi Moshi Extras: - Python 2.7+ - SIP SIMPLE Client - catdoc - Text-to-speech engine such as , Mac OS X 'say' and etc. More Instructions and Details can be found here .

10 year old girl hacker CyFi reveal her first zero-day in Game at #DefCon 19 Another awesome day at DefCon 19 . Today a 10 year old Girl hacker - pseudonym CyFi revealed her zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of vulnerability. The 10-year-old girl from California first discovered the flaw around January 2011 because she " started to get bored " with the pace of farm-style games. About CyFi : She is cofounder of DEFCON Kids. CyFi is a ten-year-old hacker, artist and athlete living in California. She has spoken publicly numerous times, usually at art galleries as a member of "The American Show," an underground art collective based in San Francisco. CyFi's first gallery showing was when she was four. Last year she performed at the SF MOMA Museum in San Francisco. DEFCON Kids will be her first public vulnerability disclosure. CyFi's has had her identity stolen twice. She really likes coffee, but h...

Official site of NDRRMC hacked by Cocain TeaM The official website of the National Disaster Risk Reduction and Management Council (NDRRMC) was hacked and defaced on Sunday morning By Cocain TeaM . Visitors of the website were greeted with a black page with what appeared to be a map of the Persian Gulf and a message that read " P E R S I A N G U L F 4 E V E R. " According to NDRRMC Executive Director Benito Ramos, this is the third time that their website was hacked in the middle of disseminating information to local governments.

LulzSec's Leader Sabu can be at DefCon Security conference LulzSec's Leader Sabu can be at DefCon Security conference in Las Vegas these days. According to a Article on PCMag , Author note some Tweet chat Between "Sabu" and "th3j35t3r". The LulzSec leader Sabu claimed to have been available in DefCon via a tweet . " #DEFCON Come find me in the middle of the vendor room, directly opposite No Starch Press. Mention ANTISEC and get a free sticker. #fuckfeds ". On this  thejester (th3j35t3r) , claimed to be at DefCon as well and challenged Sabu to meet with him in public. Sabu Replied via tweeting : " @th3j35t3r Again, you're still trying to set me up with #feds. How about you MAN UP and meet me privately. I'm not going to jail for you. ". It's unconfirmed as yet whether Sabu was truly in attendance at DefCon. In one tweet , Sabu does refer to " two feds that came to the booth, " presumably the No Starch Press bo...

Lulzsec  Brazil  Leaks the Federal Police 8 GB of Data Lulzsec Hackers from Brazil Today leaks the huge 8Gb of Documents data of Federal Police on their website . The Data includes the various Documents and photographs related to Federal Office. This is another mass leak after ,  10GB data of law enforcement agencies leaked by #AntiSec Hackers yesterday.

Pakistani Matrimonial Website ' PakRishta ' defaced by Cyb3r R3b3li@nZ Pakistani Matrimonial Website ' PakRishta.com ' defaced by Hacker name " Cyb3r R3b3li@nZ " . Hacker said " This site is just hacked to inform the admin to remove the file uploading vulnerabilities in the profile picture uploading. This vulnerability allow the attacker to upload any malicious file on the server. " Mirror of hack :  https://zone-h.org/mirror/id/14581926 Submitted By: F@si Wolf

Italian Police website  SAPPE   defaced by #Antisec Hackers Anonymous Hackers deface the website of Italian Police ,  SAPPE - Independent Police Trade Union Prison  for Operation Antisec. Hackers dedicate there Hacks to Operation #FreeTopiary also. Hack is possibly Perform by  @LulzSecITALY  &  @anonitaly  . Hacker Leave a Pastebin Url on deface page , which contains a message by hackers. Complete message is :

10GB data of law enforcement agencies leaked by #AntiSec AntiSec , Lulzsec and Anonymous Hackers once again leak a huge data of 10GB at  https://vv7pabmmyr2vnflf.tor2web.org/  , hacked from 70 law enforcement agencies. The leak contain hundreds of compromising email spools, personal information about officers, police training videos, and the contents of insecure anonymous tip systems. Also Over 300 mail accounts from 56 law enforcement domains. Missouri Sheriff account dump (mosheriffs.com)7000+ usernames, passwords, home addresses, phones and SSNs. Online Police Training Academy filesPDFs, videos, HTML . Plesk plaintext server passwords (ftp/ssh, email, cpanel, protected dirs).files. "Report a Crime" snitch list compilation (60+ entries).  Stolen Credit Card information from mosheriffs.com online store also leaked on Pastebin . The Data is leaked on twitter via account @ioerror . Update : Video from Newsy . Multisource political news, world news, and en...

Pentagon launches " Cyber Fast Track " program to fund hacker innovation Peiter Zatko, a hacker known as Mudge who is now at the Defense Advanced Research Projects Agency, said he joined the Pentagon's research arm to try and build bridges between the government's cybersecurity needs and hackers working on innovative projects. DARPA has launched the "Cyber Fast Track" program, intended to cut red tape for hackers to apply for funding for projects that would help the Defense Department secure computer networks. The Defense Advanced Research Projects Agency (DARPA) is an agency of the United States Department of Defense responsible for the development of new technology for use by the military. DARPA has been responsible for funding the development of many technologies which have had a major effect on the world, including computer networking, as well as NLS, which was both the first hypertext system, and an important precursor to the contemporary ubiquitou...

SIG Sauer - Security Intelligence Group Hacked by LulzaMac Nothing is Secure on Internet Now.  SIGARMS Academy website Hacked by hacker " LulzaMac ". SIGARMS Academy is committed to providing safe, responsible and accurate firearms training and courses which are nationally and internationally recognized for law enforcement, military, and the private security industry.  Hacker Expose the Usernames, Password and Email of Users and Admin via Pastebin link as shown below. Hacker Promise to leak huge database from  https://www.freeappaday.com/  soon.

Forbes.com Vulnerable to XSS injection One of the Leading News Company Forbes is Vulnerable. Hacker with name " B1uB3rry " expose that Forbes.com is vulnerable to possible SQL injection but confirmed to be vulnerable to Cross Site Script Injection (XSS) & HTML Injection. According to hacker " One can easily deface the website as other vulnerabilities exist. "  Live Example of XSS injection on Forbes  . Hacker is Admin of  B1uB3rry Security Team (San Antonio, TX). Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables attackers to inject client-side script into web pages viewed by other users. UPDATE: Another XSS on Subdomain of Forbes . This Vulnerability also exposed by a hacker on Twitter .