The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen , Senior Manager at Hacktics Advanced Security Center (HASC) published a paper about Session Puzzling , a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons, most of the responses I got was that the attack was too complicated to comprehend all it once. Temporal Session Race Conditions (TSRC) is yet another a new application level vulnerability (presented in September 15, 2011, in local OWASP chapter meeting) that extends the capabilities of session puzzling, enables the exploitation of race conditions without latency and provides a new purpose for application denial of service attack. The attack generally extends the lifespan of temporary session variables (session calculations and assignments with a lifespan of milliseconds) by increasing the latency of the following lines of code through the use of specific layer targeted denial of servic...

#DEFCON Chennai September 2011 meet - Another Success !  DEF-CON Chennai (DC602028) Meet held on On 11th September 2011 From 2:30 PM to 7PM was a Great Success.  List of Speakers 1) Abhinab 2) Viknesh 3) Ravi Kumar 4) Aditya Gupta 5) Rahul Tyagi 6) Sophan 7) Suman Some Awesome moments of Meet DefCon message to all Groups " DC Groups are up and running all around the world! Defcon would like to thank the founders of the groups for all of their hard work and input. We invite you to attend a DC group meeting in your area and if your city isn't listed, START ONE! Got ideas? Share them! ". View Complete Album here

The City Of Rennes (France) Hacked against Anti-Islamic government of France TeaMp0isoN hackers take responsibly to hack official website of The City Of Rennes (France) via a tweet . Hacker publish the reason of hack on the defacement page " This defacement is a digital protest against the banning of "Islamic" prayer in public and the banning of the burqa in France, everyone should have a right to practice their religion, you allow Christian preachers to stand in the public and preach to the public but u don't allow Muslims to pray in public? You allow women to walk around half-naked but you don't allow Muslim women to cover their body? Shame on you france, Muslims are people too... ". Mirror of hack also submitted to Zone-H directory.

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

BIOS based Virus discovered by Chinese Security Firm A Chinese AV company 360 discovered a new Trojan, the " BMW Virus " (also called Mebromi), that can actually infect a computers BIOS: " BMW 360 Security Center virus is the latest catch of a high-risk virus, the virus that infected a chain BIOS (motherboard chip program), MBR (master boot drive) and Windows system files, reinstall the system, regardless of the victim computer, format the hard disk, or replace the hard disk can not completely remove the virus. " It uses the CBROM command-line tool to hook its extension into the BIOS. The next time the system boots, the BIOS extension adds additional code to the hard drive's master boot record (MBR) in order to infect the winlogon.exe / winnt.exe processes on Windows XP and 2003 / Windows 2000 before Windows boots. The next time Windows launches, the malicious code downloads a rootkit to prevent the drive's MBR from being cleaned by a virus scanner. But even if the drive is ...

Automated Skype calls spreading fake anti-virus warning Automated Skype calls spreading fake anti-virus warning, where an automated message (what I like to call a "Digital Dorothy") warns you in a semi-robotic voice that your computer's security is not up-to-date. "Attention: this is an automated computer system alert. Your computer protection service is not active. To activate computer protection, and repair your computer, go to [LINK]," says the robotic voice during a prerecorded message. The offered link takes the most gullible and curious ones to a page that shows the typical "Computer protection inactive. Scanning… Viruses found!" message that is meant to convince them to fork over a decent amount of money - in this case, $19.95 - in order to get the offered protection.Not content with the money, they also ask for their personal information. If you weren't aware of fake anti-virus (also known as scareware) scams like this you might well...

NeXpose 5.0 vulnerability management solution Released by Rapid7 Nexpose proactively supports the entire vulnerability management lifecycle, including discovery, detection, verification, risk classification, impact analysis, reporting and mitigation. This gives organizations immediate insight into the security posture of their IT environment by conducting over 65,000 vulnerability checks for more than 16,000 vulnerabilities. The solution leverages one of the largest vulnerabilities databases to identify vulnerabilities across networks, operating systems, databases, Web applications and virtual assets. Risk is classified based on real exploit intelligence combined with industry standard metrics such as CVSS, as well as temporal and weighted risk scoring. Nexpose provides a detailed, sequenced remediation roadmap with time estimates for each task. Nexpose is used to help organizations improve their overall risk posture and security readiness as well as to comply with mandatory regulati...

Military Contractor Mitsubishi hacked Mitsubishi Heavy Industries Ltd said on Monday that its computers had been hacked into, with one newspaper saying the target was Japan's biggest defence contractor's factories for submarines, missiles and nuclear power plant components. " There is no possibility of any leakage of defense-related information at this point, " a spokesman for the Japanese conglomerate said. According to the Japanese newspaper, information was stolen from the company's computers in the attack. Mitsubishi Heavy has confirmed the attack, but said it is still investigating whether there were any information leaks.The company said about 80 virus-infected computers were found at the company's headquarters in Tokyo as well as manufacturing and R&D sites including Kobe Shipyard & Machinery Works, Nagasaki Shipyard & Machinery Works and Nagoya Guidance & Propulsion System Works. Kobe Shipyard currently builds submarines and makes compone...

NetworkMiner 1.1 -  Network Forensic Analysis Tool (NFAT) Released  NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.NetworkMiner collects data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main user interface view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames). Consider a scenario where you're analyzing a suspicious website, wishing to understand the way that it might try attacking its visitors. One way to approach this challenge is to browse the website using a Windows ...

Intelligence and National Security Alliance (INSA) hacked On Wednesday, 48 hours after releasing a policy paper on cybersecurity, the top trade association for intelligence contractors got a first-hand lesson on the subject: they discovered that their website was hacked. Cryptome, a site affiliated with the hacker collective Anonymous, published the membership emails and phone numbers and in some cases home addresses for the members of the Intelligence and National Security Alliance (INSA). By clicking on a link titled, "INSA Nest of Official and Corporate Spies," anyone can find contact information for senior officials at the NSA, FBI, and CIA, as well as top national security contracting firms like Booz Allen Hamilton. The apparent cyberattack on the Intelligence and National Security Alliance, or INSA, is the latest example of the ability of hackers to penetrate the computer systems of government agencies and private companies — including those that pride themselves on their ...

Comodohacker is 21 year old patriotic Iranian Hacker The New York Times got in touch with Comodohacker, who says he's a 21-year-old Iranian student, and asked him about the motives behind his sweeping breach of Gmail this summer. By sniping security certificates from a Dutch company — essentially the digital ID cards that tell your computer a website's legit — Comodohacker was able to crack 300,000 Iranian Gmail accounts, prompting Google to warn the entire country. " My country should have control over Google, Skype, Yahoo, etc., " he said by e-mail. " I'm breaking all encryption algorithms and giving power to my country to control all of them. "" I'm totally independent, " he said " I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I'm not responsible. " Hundreds of companies and government authorities around the world, including in the United States and China, have the power to issue the...

United States Navy Military domain is vulnerable to hackers United States Navy Military website is full of vulnerabilities. Sec Indi Security Team Hacker upload a custom message on the server as shown below : Url is hidden for Security Reasons. Hacker claim to inform the website admins already, but government did not fix it yet so he releasing this in public.

Vulnerability Discovered in SpyEye Botnet , Exploit Available for Download Blind SQL injection Vulnerability Discovered in SpyEye Botnet by S4(uR4 ( r00tw0rm.com ) Exploit : Vulnn type : Blind SQL injection vuln script : frm_cards_edit.php Affected version : ALL May use any botnet from : https://spyeyetracker.abuse.ch/monitor.php What is SpyEye ? W32/SpyEye Aliases :  This is a list of aliases for the variant of SpyEye discovered in early February 2011 that has been actively targeting Norwegian banking websites: Trojan-Spy.Win32.SpyEyes.evg (Kaspersky) PWS-Spyeye.m (McAfee) Trojan:Win32/EyeStye.H (Microsoft) A variant of Win32/Spy.SpyEye.CA (NOD32) W32/Malware.QOOC (Norman) Trojan.Zbot (Symantec) Mal_Xed-24 (Trend Micro) Brief overview SpyEye is a trojan with backdoor capabilities that attempts to steal sensitive information related to online banking and credit card transactions from an infected machine. SpyEye is sold via its author in an easy to configure ...

0-Day SCADA Exploits Publicly Exposed by Italian researchers An Italian researcher has uncovered at least a dozen security flaws in software used in utilities and other critical infrastructure systems, prompting security advisories from the U.S. government. Security researcher Luigi Auriemma disclosed the attacks against six SCADA (Supervisory Control and Data Acquisition) systems including US giant Rockwell Automation.The step-by-step exploits allowed attackers to execute full remote compromises and denial of service attacks.Some of the affected SCADA systems were used in power, water and waste distribution and agriculture.Such zero-day information disclosure was generally frowned upon in the information security industry because it exposed customers to attack while published vulnerabilities remained unpatched.Attacks against SCADA systems were particularly controversial because exploits could affect a host of machinery from lift control mechanisms to power plants. The advisor...

SSHtrix - Fastest Multithreaded SSHv1 and SSH1v2 login cracker sshtrix is a very fast multithreaded SSH login cracker. It supports SSHv1 and SSHv2.sshtrix was designed to automate rapid bruteforce attacks against SSH authentification screens. Unlike other public tools, the aim is to keep it simple, stable, fast and modular. With its clean code design, it is easy to extend the code to a framework or to fork it against protocols of your choice. In fact, sshtrix is a fork of my own generic login cracker framework. Download SSHtrix here

Droidsheep : Android Application for Session Hijacking  Droidsheep is free alternate of faceniff which is available on download droidsheep website for free. Its one click hijacking tool which supports Amazon.de facebook.com flickr.com twitter.com linkdein.com yahoo.com live.com google.de (only the non-encrypted services like "maps") What do you need to run DroidSheep.? You need an android-powered device, running at least version 2.1 of Android You need Root-Access on your phone (link) You need DroidShep (You can get it in the "GET IT" section) Download Droidsheep

Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the " Year of the Hack " or " #Fail 2011 ". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far. Hackers are coming up with tools as well as finding new methods to hacking faster then companies can increase their security. Even, Every year is the year of the hacking as long as there are hackers out there ready to execute their malicious programs and attain their goals like gathering important information to the victim's computer, stealing important identities, credit card information, etc. This year 2011 could be another generation of hacking. Since every year there are always forward advancements of the tools and programs that could use by the hackers. The most important is to avoid them if you are a computer user. RSA Hack (3/17/2011) : Motive - Unknown attacker, alth...

Operation OpIndependencia : Anonymous Hit Mexican Government Official websites The websites of several Mexican government ministries, including Defense and Public Security, went offline on Thursday, and a hacker group claimed responsibility. Yesterday's date was significant because it was the symbolic beginning of Mexico's independence from Spain. According to Anonymous, blocking Mexican government sites is part of the operation OpIndependencia, but its essence is not disclosed and could not explain their actions." We are anonymous, we are legion, we don't forgive, we don't forget. Wait for us, " said a statement on a blog linked to a Twitter account for Anonymous Hispano. Meanwhile, X-Ploit's three members say they are tracking senators' Web surfing habits, including visits to porn sites, in addition to initiating hacks against Mexico's Health Ministry, National Water Commission and National Statistics Institute sites." We're only looking to show that we don...

The Sec Indi Security Team has found Multiple major flaws on Clickindia.com - One of the biggest Classifieds network. There is a highly possible chance to damage ClickIndia system or to steal the Database. Hackers Exploit it via SQL Injection Vulnerability.

Linux.com down again due to Security Breach Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are again down for maintenance due to a security breach that was discovered on September 8, 2011. Investigators yet can't elaborate the source of attack. Regarding coming back online , Linux.com says " Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way. " The added " We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and wil...

SpyEye Trojan stole $3.2 million from US victims, Android users will be next target ! A Russian cybergang headed by a mysterious ringleader called 'Soldier' were able to steal $3.2 million (£2 million) from US citizens earlier this year using the SpyEye-Zeus data-stealing Trojan, security company Trend Micro has reported and Trusteer reports that an Android variant of Spitmo (SpyEye for mobile) has been discovered. The methodology sounds familiar for those familiar with ZeuS Mitmo and SpyEye Spitmo: infected computers inject a message into targeted netbanks prompting their customers to install software on their phones. Once Spitmo is installed, the SpyEye attacker is able to monitor incoming SMS and to steal MTAN authentication messages. " His botnet was able to compromise approximately 25,394 systems between April 19, 2011 and June 29, 2011. And while nearly all of the victims were located in the US, there were a handful of victims spread across another 90 countries ,"...