The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Windows Kernel Zero Day Vulnerability Found in Duqu Installer Duqu malware attack exploited a zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan. The vulnerability has since been reported to Microsoft and Microsoft is working on a fix for the kernel vulnerability right now. Researchers at the Laboratory of Cryptography and System Security (CrySyS) in Hungary confirmed the existence of the zero-day vulnerability and exploit in a brief note posted to its web site. Our lab, the Laboratory of Cryptography and System Security (CrySyS) pursued the analysis of the Duqu malware and as a result of our investigation, we identified a dropper file with an MS 0-day kernel exploit inside. We immediately provided competent organizations with the necessary information such that they can take appropriate steps for the protection of the users. The installer file is a Microsoft Word document (.doc) that exploits...

Virtual Machine for Android Reverse Engineering (A.R.E) Released The Honeynet Project release of the Android Reverse Engineering (A.R.E.) Virtual Machine. Do you need to analyze a piece of Android malware, but dont have all your analysis tools at hand? The Android Reverse Engineering (A.R.E.) Virtual Machine, put together by Anthony Desnos from our French chapter, is here to help. A.R.E. combines the latest Android malware analysis tools in a readily accessible toolbox. Tools currently found on A.R.E. are: Androguard Android sdk/ndk APKInspector Apktool Axmlprinter Ded Dex2jar DroidBox Jad Smali/Baksmali Download A.R.E

The Hacker News (THN) 1st Anniversary Celebration It has been a wonderful "HACK" filled year as we disseminated security and hacking information around the world. We are grateful for our loyal readership and welcome new readers and contributors. Let's face it. Hacking isn't going away and growing security concerns are an issue we all need to stay on top of. Being informed about the latest and newest in security measures and the work of hackers to break into these means is a global issue with tremendous consequences. Hacking and security violations affect us all. Not only big corporations which store your information but the health and welfare of your personal PC's. The Hacker news has tracked the events of the last year and we are amazed and the talent and finesse of techy people who can break into the most complicated and sophisticated systems. You can depend on us for breaking news in the area of computer security. Keep reading and keep checking our daily web news. In c...

Python supply chain attacks are surging in 2025. Join our webinar to learn how to secure your code, dependencies, and runtime with modern tools and strategies.

Facebook " Trusted friends " Security Feature Easily  Exploitable Last week Facebook announced that in one day 600,000 accounts possibly get hacked. Another possible solution for Facebook to combat security issues is to find 3 to 5 " Trusted friends ". Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked. In Facebook's case, the keys are codes, and the user can choose from three to five " Trusted friends " who are then provided with a code. If you ever get locked out of your account (and you can't access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again. Yet This method is used by hackers to hack most of the Facebook account using little bit of Social Engineering from last 5-6 Months according to me. Let us know, how this works... How its Exploitable: This Exploit is 90% Successful on...

Volatility 2.0 - Advanced Memory Forensics [With Video Demonstration] The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. The Volatility Framework demonstrates our committment to and belief in the importance of open source digital investigation tools . Volatile Systems is committed to the belief that the technical procedures used to extract digital evidence should be open to peer analysis and review. We also believe this is in the best i...

Duqu Trojan found in Indian Server Last week we update you about Duqu when Symantec said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malware believed to have wreaked havoc on Iran's nuclear program. Two workers at a web-hosting company called Web Werks told Reuters that officials from India's Department of Information Technology last week took several hard drives and other components from a server that security firm Symantec Corp told them was communicating with computers infected with Duqu. The equipment seized from Web Werks, a privately held company in Mumbai with about 200 employees, might hold valuable data to help investigators determine who built Duqu and how it can be used. But putting the pieces together is a long and difficult process, experts said. " This one is challenging ," said Marty Edwards, director of the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response...

Torsocks 1.2 Released - Socks friendly ssh and irssi with Tor Torsocks is an application for Linux, BSD and Mac OSX that allows you to use network applications such as ssh and irssi with Tor. Torsocks allows you to use most socks-friendly applications in a safe way with Tor. It ensures that DNS requests are handled safely and explicitly rejects UDP traffic from the application you're using. Enhancements unique to torsocks Torifying reverse dns requests through gethostbyaddr() Blocking of UDP traffic from sendto() and its variants. Use of Tor-friendly defaults if no configuration file available. The addition of all RFC defined private address ranges to the default configuration How to Use TorScocks , Read Here Torsocks allows you to use most socks-friendly applications in a safe way with Tor. Once you have installed torsocks, just launch it like so: usewithtor [application] So, for example you can use ssh to a some.ssh.com by doing: usewithtor ssh username@some.ssh.com or...

Anonymous hackers threatening a Mexican drug cartel Anonymous Mexico is going head-to-head with one of the most dangerous criminal organizations in the world, the Mexican cartel Los Zetas. With this Anonymous Proofs that they are not just a common Internet users as cowards behind a keyboard. Not only has the Anonymous threatened to reveal names, but it has also started making good to its threats. Mexican Anonymous hackers is warning a Mexican drug cartel to release one of its members, kidnapped from a street protest, or it will publish the identities and addresses of the syndicate's associates, from corrupt police to taxi drivers, as well as reveal the syndicates' businesses. The website of a Mexican politician suspected of connections to the cartel and The page is still defaced as we write; here is what it looks like (" es Zeta " meaning " is Zeta "): " You made a huge mistake by taking one of us. Release him, " says a masked man in a video posted online on ...

How Facebook Ticker  exposing your information and behavior without your knowledge Nelson Novaes Neto , a Brazilian (independent) Security and Behavior Research have  analyze  a privacy issue in Facebook  Ticker  that allows any person chasing you without your knowledge or consent . He explain that this is not a code vulnerability, but here the whole issue is related to users privacy. Nelson said on his blog " This tool - monitor others began to run when it introduced a new feature called Ticker. This new feature (Ticker) does not respect the privacy settings and it now Comments (updates), add friends, likes and can be seen by others (friend *) anyone without your permission. * You really know a friend tell me if it is real or fake profile - cloned? " Nelson Give Proof of Concept with a very creative real life scenario. Check out a live demonstration, where a "novel" explains how the issue of privacy (you can use any browser to play it). Descri...

Most advanced and dangerous malware for Apple products - Why you should be concerned ! Indian security researcher from MalCon has created an advanced and dangerous malware for Apple products which can not only compromize your privacy but also steal important data and let hackers control your device by simple text messages. If you are using any Apple product such as iPhone, iPad or iPod, then you shuuld be concerned. Indian security researcher from MalCon , Atul Alex has created an advanced malware for the Apple products which can not only intercept calls of users, steal data, but also provide a reverse VNC to see remotely all the actions of the victim. The malware can be deployed remotely over the web and is supposed to work on the latest iOS 5. Atul Alex, Technical director of MalCon said " Apple products are extremely secure by design. The malware works on jailbroken devices - something which over 90% of users have. If your device is not jailbroken, you have nothing to w...

TeaMp0isoN releases list of vulnerable police web sites TeaMp0isoN group of hackers published a list of vulnerable law enforcement authorities websites that can be hacked using MSAccess SQL injection attacks. Member from TeaMp0isoN with codename " _f0rsaken " create a pastebin note with following message for Police and People of World : I do not like the Police. You beat on innocent and peaceful protestors for no reason other than that you want to protect your friends at the banks and yourselves to make money. It's all about money and the Police aiming to keep their job. Why did I decide on not releasing the databases? I want you to see for yourself how vulnerable these people really are and for you all to get an understanding on why I didn't release. In this release I present you vulnerable websites that are open to MSAccess SQL injection. Below are official city websites that also the Police of that said area uses for their updates. Of course with all the mone...

Tor 0.2.2.34 Released with fixes of anonymity vulnerability Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker can de-anonymize Tor users. Everybody should upgrade. Clients should upgrade so they are no longer recognizable by the TLS certs they present. Relays should upgrade so they no longer allow a remote attacker to probe them to test whether unpatched clients are currently connected to them.This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays. Some bridge enumeration attacks still remain. Download Here

Malware for xbox Kinect created by 15 years old  Indian researchers Indian researchers from MalCon have created a malware that utlizes Microsoft Kinect to secretly capture pictures and upload to a picasa account. A 15year old Indian security researcher ' Shantanu Gawde ' from MalCon Research has created a malware that utilizes the Microsoft xbox kinect controller. Kinect for Xbox 360, or simply Kinect, is a motion sensing input device by Microsoft for the Xbox 360 video game console. With over 10 million devices sold till date, the kinect holds the Guiness book for world record for the fastest selling consumer electronics device - and is exactly the reason why the malware is a concern. In recent months, there have been a number of innovative kinect hacks that make use of the kinect using both Open source drivers and the Kinect SDK. The malware, code-named 'gawde' after its creators name, works on Windows 7 to secretly capture pictures of the victim / surroundin...

Facebook EXE attachment Vulnerability can Compromise with Users Security Nathan Power from SecurityPentest has discovered new Facebook Vulnerability, that can easily attach EXE files in messages,cause possible User Credentials to be Compromised . When using the Facebook 'Messages' tab, there is a feature to attach a file. Using this feature normally, the site won't allow a user to attach an executable file. A bug was discovered to subvert this security mechanisms. Note, you do NOT have to be friends with the user to send them a message with an attachment. But Nathan Power Find the way to upload EXE . When uploading a file attachment to Facebook we captured the web browsers POST request being sent to the web server. Inside this POST request reads the line: Content-Disposition: form-data; name="attachment"; filename="cmd.exe" It was discovered the variable 'filename' was being parsed to determine if the file type is allowed or not. To s...

FOCA 3.0 - Network Infrastructure Mapping Tool Free Release This new version has new fresh look and feel, and it is full of new features that you will love to discover. If you want to learn more about FOCA, and Get FOCA 3 PRO, then you can book for a seat in the next online training about FOCA. It is going to be delivered on 4th of November in English and on 8th of November in Spanish. Both of them delivered by our FOCA father Chema Alonso. In FOCA 3 PRO you will discover features focused in discovering vulnerabilities in web sites, which are completely new. If you booked for an online seminar about FOCA PRO in 2011 then you can get a seat with 50% OFF.Also, we would like to remember you that we created MetaShield Protector as a solution to filter metadata in published documents through Windows Server 2008 / 2008 R2, IIS 7.0 / 7.5 and SharePoint 2007, Windows SharePoint Services and SharePoint 2010. More info . After six months we got FOCA 3 FREE available for direct download ....

US satellites was victim by Chinese Hackers Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission. According to Bloomberg , the Chinese military is suspected of executing the digital intrusions which targeted satellites used for earth climate and terrain observation. Indeed, a Landsat-7 earth observation satellite system experienced 12 or more minutes of interference in October 2007 and July 2008, while hackers tapped into a Terra AM-1 earth observation satellite twice, for two minutes in June 2008 and nine minutes in October that year. Interestingly enough, the report doesn't actually accuse the Chinese government of sponsoring or executing the four attacks. 

 However, it clearly states that the breaches are "consistent" with Beijing's military doctrine which advocates disabling an enemy's space systems, and ...

Anonymous DDOS Oakland police site after violence Cyber activists associated with Anonymous have targeted the Oakland Police Department (OPD) and other law enforcement agencies that participated in a controversial crackdown against OccupyOakland protestors. A DDOS (distributed denial-of-service) attack against the department's website www.oaklandpolice.com is underway, and the website currently is unreachable. AnonyOps tweet " I'm amazed and proud of #occupyOakland protesters who stood defiant, peaceful in the face of lethal force by Oakland PD. " Police fired a number of tear gas canisters, concussion grenades, rubber bullets and non-lethal rounds at demonstrators on Tuesday night, drawing widespread condemnation for the use of heavy-handed tactics against unarmed civilians. The attack was first announced via Anonymous' AnonOps Twitter feed. " @Anon_Central : Admin/User/Password Dump of oaklandnet.com Problem Oakland authorities? F--- you! >> p...

How to Beat Evil Governments When Your Internet Turned Off ? Bruce Sutherland explain at DefCon 19 Conference that " How To Get Your Message Out When Your Government Turns Off The Internet " . Bruce Sutherland  is a network systems architect and software developer with Domex Computer Services Inc, based in Melbourne Beach, FL. How would you communicate with the world if your government turned off the Internet? Sound far-fetched? It isn't. It already happened in Egypt and Lybia and the US Congress is working on laws that would allow it to do the same. In this talk we'll explore how to get short messages out of the country via Email and Twitter in the event of a national Internet outage. Remember, data wants to be free. Bruce has worked in the industry for over 20 years and has recently been working on building and hardening web-based applications. He has been an amateur radio operator since 2003 and enjoys making contacts worldwide via amateur radio satellite ...

India's leading telecom Company  BSNL hacked by Pakistani Hacker A Pakistani hacker "KhantastiC haX0r" today hack into the official website of India's leading telecom Company Bharat Sanchar Nigam Limited (BSNL) . This is not 1st time when BSNL become victim of any cyber attack. Pakistani Hackers hit Indian Corporate and National Government Websites, Servers time by time Just for FUN or so called Cyber War b/w these two countries. This year 2011, Attack/ defacement are less than the records of previous years. Most of the hacking groups from India now become White hat hackers and working for Cyber Security Awareness and Development. We wish same for all Pakistani hackers to start working for Security and Development. Anyway, The Hacker domain is  https://bsnl.co.in/tender1/  .

The Hacker News (THN) wishes its readers a very Happy Diwali To Readers,                     On this auspicious occasion of Diwali, all of us here at THN would like to wish you a very Happy Diwali and a wonderful year ahead ! We hope the lights of the season andthe festivities bring you and your family tons of joy and good luck. A festival full of sweet childhood memories,sky full of fireworks, mouth full of sweets, house full of diyas and heart full of joy. The word Diwali means " Rows of lighted lamps " , Known as the Festival of Lights, Diwali holds significance to the Hindu, Sikh and Jain religions and is a public holiday in India.We should pledge that we will make an all-out endeavour to make Diwali 2011 a pollution-free festival. The Hacker News has evolved to work closely with and within the cyber security communities in an effort to make the internet more secure. THN is dedicated to making your learning a valu...