The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Coca-Cola Norway Hacked by Greek Hacking Scene (GHS) An Impressive cyberattack was executed by a ​​Greek hacker against the official website of the multinational company Coca-Cola in Norway with defacement in internal links of the website. In a demonstration of power, the Greek hacker with the pseudonym «Napsterakos», identified weakness in the company's website-giant Coca-Cola, and defaced on purpose to post his own messages. As SecNews was informed by an anonymous reader giving us details about the incident, the attack was made as the first attack of the operation «Greek Hacking Scene vs Corruption», The hacker «Napsterakos», in a message posted on Pastebin states that "when the future is based on lies, then everyone is corrupt ..." and that "~ We were everywhere we see and hear everything in a future based on lies anyone is corrupted, all must pay, and will do so in one way or another. The words acquire value only through their actions. ~ ' See [ here...

Facebook privacy flaw exposes Mark Zuckerberg private photos A flaw in Facebook has granted prying users access to supposedly private photographs, including those of the website's chief executive, Mark Zuckerberg. In total 14 pictures of Mr Zuckerberg were posted to image site Imgur under the headline: " It's time to fix those security flaws Facebook ".The bug in the website's photo reporting tool - which Facebook says was only temporary and has now been fixed - meant that users could access others' pictures even if they were private. The flaw was first reported on the forums of BodyBuilding.com, presumably because the users of that website like taking photos of themselves and putting them online. The bug exploits the way the offensive photograph reporting tool works. Facebook has been heavily criticised in the last few years for matters of privacy and so there are people who will leap on this story as yet another example of how the company simply doesn't take its u...

DNS cache poisoning attack on Google, Gmail, YouTube, Yahoo, Apple Hacker with nickname AlpHaNiX deface Google, Gmail, Youtube, Yahoo, Apple etc domains of Democratic Republic of Congo. Hacker use strategy so-called DNS cache poisoning. DNS cache poisoning is a security or data integrity compromise in the Domain Name System (DNS). The compromise occurs when data is introduced into a DNS name server's cache database that did not originate from authoritative DNS sources. It may be a deliberate attempt of a maliciously crafted attack on a name server. Hacked websites are : https://apple.cd/ https://yahoo.cd/ https://gmail.cd/ https://google.cd/ https://youtube.cd/ https://linux.cd/ https://samsung.cd/ https://hotmail.cd/ https://microsoft.cd/ [ Source ]

MySQL.com Once again Compromised using Sql Flaw A hacker with name " D35M0ND142 " claim to hack MySql.com website using Sql Injection Flaws. In September,  Mysql.com was hacked and it was serving BlackHole exploit malware on the site. In a pastebin dump Hacker Exposes various Admin user credentials and Database info. The Compromised Usernames and Passwords are from  Blog site  of MySql. MySql website is pretty embarrassed for not securing its own database's properly, Even hacker share that " Robin Schumacher is MySQL's Director of Product Management andhas over 20 years of database experience in DB2, MySQL, Oracle, SQLServer and other database engines. Before joining MySQL, Robin wasVice President of Product Management at Embarcadero Technologies. " Besides the hack on MySQL.com, D35M0ND142 also managed to breach the systems of the Urbino University in Italy and the Universal Language & Computer Institute in Nepal and Stream Database.

Android Bloatware , Another Serious Android Privacy Issue Researchers have found that some Android smartphones are more vulnerable to attacks than others, thanks to add-on software and skins that get installed by handset makers before they ship their smartphones to subscribers. It's not just Carrier IQ that Android users need to be worried about. A team of researchers from North Carolina State University discovered the security vulnerability on eight different smartphones from Google, HTC, Motorola and Samsung. Black hat hacker can exploit these vulnerabilities to record phone calls (see proof of concept video below), wipe out your phone, call or text premium rate numbers, and read your private messages and emails, all without your permission, of course. According to the paper published by the team. " Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploi...

Protecting Your BlackBerry Smartphone with Security Wipe The BlackBerry device is a wonderful thing. We load our BlackBerries with various softwares and applications to increase our productivity and customize them with interesting themes and ringtones. We watch movies and play games and track day to day activities. All of these things require passwords and usually involve storing data on our devices that is sensitive in nature. So what if you want to wipe your BlackBerry clean? There are a number of reasons why you might want to wipe out your Blackberry. Perhaps you have switched jobs and need to submit your BlackBerry into your new IT department so they can set it up for their network. You wouldn't want them to have access to your previous employers data would you? Perhaps you have purchased a new model of BlackBerry and would like to gift your previous model to a friend or sell it on ebay. The same rule applies, you do not want them to see what you were using your Blackberry...

Another United Nations Web Site Hacked, Barack Obama info Leaked ! Hackers of Team Sector 404 have breached the Spanish Web site for the United Nations Refugee Agency ACNUR . Group claims to be working with Anonymous. Hackers was able to breach site with SQL Injection vulnerability . They leaked Barack Obama's email address, username, password (not in clear text), personal phone number and a login ID as shown. Other individuals whose information was leaked are Dirk Wildt from Die Netzmacher and Schaffstein from a non-profit organization called TYPO3 .Info of Other United Nation members also leaked from database. The team of hackers include  PHANTOM, RAWR, IO93, V, ZD4P50N, SPECTRUS, ANONGUS, FIBO,HACKW32, ADREX,NEKA, JJ, & ESCUADRON SPY PEOPLE Y HACKERSMX219 involve in this Hack as  Sector 404.

Cain & Abel v4.9.43 Released Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. Change Log : Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression. Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter. Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks. Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables. Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3. MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files. Fixed a bug (crash) in Certificate Collector wit...

Biggest Independent Russian Election site Hacked on election day Popular Russian media websites, the major LiveJournal social network and the website of the country's biggest independent election watchdog, were inaccessible in hacking attacks for several hours on Sunday in what their employees said was an attempt to jam information on parliamentary elections. " The attack on the website on election day is apparently tied to an attempt to publish information about violations ," chief editor of the independent-minded Ekho Moskvy radio Aleksei Venediktov wrote in his Twitter blog. Websites of Forbes Russia, Bolshoi Gorod and New Times magazines, Slon.ru news portal, Golos election watchdog and its Kartanarusheniy.ru website that was supposed to map vote fraud were down throughout most of Sunday.These media organizations and the watchdog have pledged to report voting violations from all over Russia live.Independent and opposition media, as well as the LiveJournal social network that ha...

XSS Vulnerability On Twitter Found by 15 Years Old Expert A 15 years old XSS Expert " Belmin Vehabovic(~!White!~) " discovered XSS Vulnerability On Twitter and report us. The Vulnerable link is here . Even He also Discovered XSS Vulnerability in Facebook also as tweeted by him Yesterday  &Facebook is offering him $700 as Bounty.

Invitation for DEF-CON Chennai January Meet 2012 (DC602028) We like to invite all of you for our 4th meet which is going to held on 29th January 2012. DEF-CON Chennai is a registered group of DEF-CON, our group id is DC602028. [ Tickets for the Meet] For General Public : 700 INR For Students: 600 INR To book the tickets mail to dc602028@gmail.com [ Time of the Meet ] On 29th January 2012 From 2 PM to 7 PM Do make sure that your at the venue by 1:45 PM [ Venue of the Meet ] The Venue is going to be at Le Waterina Hotel, a 4 Star Resort. Le Waterina – The Boutique Hotel No 35 Kaveri Nagar (near Bella Ciao) Waterland Drive,Thiruvanmiyur Kottivakkam Beach.Chennai 600041. Refer: https://www.defcontn.com/DC602028/invitation-for-the-january-meet-2012/

THN December Magazine Released ! Who We are at The Hacker News ?  It is hard to re-cap the past year and all the excitement and hard work we have experienced launching an online magazine.  The subject, Hacking, is even more exciting as the technology world awakens to the security issues facing all internet users from government, large corporations and personal users. We have tried very hard to keep the readers informed and up to date regarding security threats and security breaks world wide.  Our daily news aims to give business and personal PC users an understanding of what is happening in computer security developments and what criminal activity is breaching security systems. Mostly, we understand the importance of disseminating information and keeping the internet free of restrictions.  We believe that information and opinion are the foundation of a healthy society and we strive constantly to address the political and social issues facing our new world of ele...

Voodoo Carrier IQ detector application released for Android An Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location; it secretly records your keystrokes, and there's nothing you can do about it. A new Android app to identify whether your smartphone has any Carrier IQ tracking/monitoring software installed on it has been released, the Voodoo Carrier IQ detector , giving users a simple way to put their minds to rest on privacy. The handiwork of Android app developer supercurio, the tool is only a few hours old and only partially finished, with the consequent warning that the results can't be entirely relied on yet. supercurio has offered up the source code under an open-source license for those who want to help refine the tool, so we're guessing the rough edges and reliability will be polished off in short order. Download Application Download Source Code

McAfee drafted Five Steps to Avoiding bad apps on Pc & Mobile Malicious applications are one of the most serious threats to smartphone users today. Not only can a dangerous app infect your phone and steal your personal information, it can even spy on you. Read our five easy tips for avoiding bad apps, and keep your device and information safe. An Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location; it secretly records your keystrokes, and there's nothing you can do about it. In this digital age, privacy is more important than ever. Just because you " don't have anything to hide ," does not mean that you shouldn't value your privacy or fight for it when companies do things like this, especially with something as personal as your cell phone. McAfee has come up with five " Common sense " practices that you might not have thought about before, but they actually do make sense fo...

The Spy Files: Wikileaks expose Mobile Phone, Email Hacking capability Wikileaks has released  ( https://spyfiles.org/ ) dozens of new documents highlighting the state of the once covert, but now lucrative private sector global surveillance industry. According to Assange, over 150 private sector organisations in 25 countries have the ability to not only track mobile devices, but also intercept messages and listen to calls also. Site founder Julian Assange has held a press conference, revealing the secrets of the industry.­ The whistleblowing site has published some 287 documents from its huge database, collected from 160 international intelligence contractors. The database includes internal documents of such companies like Gamma corporation in the UK, Ipoque of Germany, Amesys and Vupen in France, VASTech in South Africa, ZTE Corp in China, Phoenexia in the Czech Republic, SS8 and Blue Coat in the US, among others. From the press release: " The Wikileaks Spy Files reveal the de...

Your Android Phone is Spying On You, Use custom ROM To Protect your Privacy In this digital age, privacy is more important than ever. Just because you "don't have anything to hide," does not mean that you shouldn't value your privacy or fight for it when companies do things like this, especially with something as personal as your cell phone. An Android developer recently discovered a clandestine application called Carrier IQ built into most smartphones that doesn't just track your location; it secretly records your keystrokes, and there's nothing you can do about it. Is it time to put on a tinfoil hat? That depends on how you feel about privacy. In the nearly 20-minute video clip, Eckhart shows how software developed by mobile-device tracker Carrier IQ logs each keystroke and then sends them off to locations unknown. In addition, when Eckhart tried placing a call, Carrier IQ's software recorded each number before the call was even made. What is Carrier IQ, exactly? ...

Nullcon GOA 2012 - International Security Conference The open security community is a registered non-profit society and by far the largest security community in India with more than 2000 members comprising of information security professionals, ethical hackers and law enforcement professionals that focuses on Infosec research and assisting Govt. and private organizations with cyber security issues. null has 7 chapters through out India - Pune, Bangalore, Mumbai, Hyderabad, Delhi, Chennai and Bhopal, interacting with around 5000-6000 people by various activities like monthly meets, security camps, workshops, talks at various events & organizations and executing security projects. Our portal https://null.co.in provides free information on security research, responsible vulnerability disclosure, open source security software project, white papers, presentations, monthly chapter meets. We see that currently there is a disconnect between t...

Security Research : Be friend to anyone on Facebook in 24 hours " People have simply ignored the threat posed by adding a profile without checking if this profile is true. New Technologies have loopholes, but it is up to the users to be aware of this type of flaw. Social networks can be fantastic, but people make mistakes. Privacy is a matter of social responsibility. There is no solution. We must make good use of the social network and we are alone in this task ", said Nelson Novaes , a Brazilian (independent) Security and Behavior Research. The two experiments (Proof of Concept – Research Study) were presented at the Conference Silver Bullet . Both were used with the sole purpose of POC to demonstrate the fragility and privacy issues in the use of social networks. The technique is unusual and totally contrary to the terms of use of Facebook, but shows exactly how users can be manipulated. To prove his theory, the researcher in the field of online security and behavior Ne...

Millions of printers open to devastating hack attack Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure? It's not only possible, but likely, say researchers at Columbia University, who claim they've discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies. The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett-Packard about it last week. HP said Monday that it is still reviewing details of the vulnerability, and is unable to confirm or deny many of the researchers' claims, but generally disp...

New Facebook Worm installing Zeus Bot in your Computer Recently We Expose about 25 Facebook phishing websites and also write about biggest Facebook phishing in French  which steal more then 5000 usernames and passwords. Today another new attack on Facebook users with Zeus Bot comes in action. The researchers of Danish security firm CSIS , has spotted a worm spreading within the Facebook platform. A new worm has popped up on Facebook, using apparently stolen user credentials to log in to victims' accounts and then send out malicious links to their friends. The worm also downloads and installs a variety of malware on users' machines, including a variant of the Zeus bot. If followed, the link takes the potential victim to a page where he or she are offered what appears to be a screensaver for download. Unfortunately, it is not a JPG file, but an executable (b.exe). Once run, it drops a cocktail of malicious files onto the system, including ZeuS, a popular Tro...