The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Panasonic China website hacked and Redirected Latest notification by DarkDevilz Crew to THN  , They hack  Panasonic's China websites and Redirect users to a Black color Deface Page as shown. " 3spi0n " named Hacker from team take responsibility to perform this Hack. Hacker compromise the URL :  https://pro2.panasonic.cn/autodoor/ , and add Refresh Meta tag in source code to redirect the page to a new location i.e.  https://www.kutanhosting.com/r3.html  . Mirror of Hack is also available, in case Site fixed before you see this , here : Mirror 1 & Mirror 2

CBS Broadcasting Hacked by Anonymous Hackers for #OpMegaUpload Anonymous Hackers are claiming to Hack the official website of CBS Broadcasting (CBS), major US commercial broadcasting television network, which started as a radio network. Hacker hack the server , entire web directory has been deleted and There is only a Single blank file named " foundry.html " as shown. Even Brazil also Under Anonymous Attack, Today Tangara da Serra city site also defaced by them. Get update about all Anonymous Hacks Here . Stay Tuned to Get More Updates on This Hack !

Brazil Under Anonymous Attack - Tangara da Serra city site defaced ! Anonymous Hackers attacked websites of Brazil's federal district and Tangara da Serra city on Sunday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com. The attacks this week, which they call " #opmegaupload " shut down the websites of the FBI and US Justice Department for several hours to protest the closure of Megaupload.com. Hackers succeed in shutting down the website of popular Brazilian singer Paula Fernandes . They posted the image of a grim-faced joker with a message saying, " If Megaupload is down, you are down too ." It was signed " GhostofThreads ". Anonymous use DDoS attacks tools like so-called Low Orbit Ion Cannon  which is a piece of software that volunteer hacktivists download to their PCs and choose to run, whereby it then starts blasting the target website with traffic. Stats says that , in last 7 days LOIC downlo...

For Protest Against #SOPA 68 Website hacked By Dinelson Dinelson deface 68 Websites for Protest Against SOPA and PIPA. List of all Hacked site is posted here . A protest to a Congressional bill called SOPA caused quite a stir on Wednesday as thousands of websites protested SOPA with blacked-out pages. Megaupload, a hugely popular website for sharing files, was a major SOPA target, because it allegedly disobeys copyright laws and legislation. After the SOPA protest, the Department of Justice issued a release stating that federal officials had taken the site down. Following this announcement, a hacking collective called Anonymous launched several attacks on government and entertainment industry websites, including those for the Justice Department, the Federal Bureau of Investigation and Universal Music. 2 days back SOPA and PIPA were dropped by Congress . Both the House and the Senate on Friday backed away from a pair of controversial anti-piracy bills, tossing...

Third Security breach at Core Security Technologies Possible Security Breach in Website of Core Security Technologies by sncope Hacker. This is 3rd time when sncope hack and Leak the Passwords of Core Security Technologies. The details of Pentest done by  sncope is available on Pastebin . It include the Login details with hashed passwords and IP address of Users as shown below. Last Time Core Security was Hacked in September 2011 by sncope. That time Hacker defaced the Homepage of Site. Update : According to Core Security Technologies Hacker breached an old Server which is not in use from last 8 Years and there is no sensitive or confidential Information stored on it.  Core Security 's Response about above Attack " There is nothing of importance posted here. Core's active servers, websites or networks were not compromised nor did the information recently posted contain information residing on those systems. In fact, the information is from a third-party serve...

Saudi Arabia's King Saud University Database Hacked The Official Website of  King Saud University (KSU) Got hacked by some unknown Hacker.is a public university located in Riyadh, Saudi Arabia. Database of 812 Users hacked from  https://printpress.ksu.edu.sa/  and dumped on Internet by Hacker on a file sharing site  including Mail address list, mobile phones and passwords. Passwords are not encrypted in any hashes. Most of the Students using same Email ID and Password for Facebook and Other Sites. Its not clear weather its Part of Cyberwar b/w of Israel and Saudi Arabia.

DreamHost Hacked - Change Your Passwords Now ! All Dreamhost customers should read this post immediately and change all related passwords (including WordPress ones). Dreamhost said " Last night we detected some unauthorized activity within one of our databases. " They say there's " no evidence that customer passwords were taken ", but they''re pushing out password changes to everyone just to be safe. In addition, you should change any of your other passwords just to be safe that is, if they're at all similar to your DreamHost password.  To edit your password in the panel, please log into the web panel and go to Manage Users . Click edit next to the FTP/shell user on the right and you can change your password there.  This is the second time within week, when hackers targeted to these big websites, Dreamhost don't give any clue of the hack.

Book Review : Defense against the Black Arts How Hackers Do What They Do and How to Protect against It Ben Rothke  write a review of a   new book on hacking " Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It ". Authors are Jesse Varsalone, Matthew Mcfadden, Michael Schearer and Sean Morrissey. " If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information ne...

Woohooo! After #SopaBlackout , Congress Postpones Action on #SOPA, #PIPA A big hurrah to you!!!!! We've won for now SOPA and PIPA were dropped by Congress today. The votes we've been scrambling to mobilize against have been cancelled. When the entire Internet gets angry, Congress takes notice. Both the House and the Senate on Friday backed away from a pair of controversial anti-piracy bills, tossing them into limbo and throwing doubt on their future viability. Google Inc. said today it collected more than 7 million signatures from the U.S. for its online petition to Congress during an Internet protest against anti- piracy legislation backed by Hollywood. Visitors to Google, the world's most popular search engine, were greeted yesterday by a black box covering the company's familiar icon, and a message that read " Tell Congress: Please don't censor the Web! " The message linked to a page outlining Google's opposition and an option to join a petition urging Congress to reject the l...

Julian Assange interview on Spy Files " Give me liberty or give me death " is a statement made famous by Patrick Henry but could easily have been stated by the new patriot of justice, Julian Assange. Julian Assange is a journalist and activist best known as the founder and public face of WikiLeaks, the Internet based publisher making headlines around the world by releasing secret or suppressed information revealing government and corporate misconduct.Assange and WikiLeaks have, in the words of 60 Minutes " Rattled the worlds of journalism, diplomacy, and national security. " In December 2011, WikiLeaks released the documents from a database containing hundreds of documents from contractors in what WikiLeaks calls the "mass surveillance industry." or " Spy Files ". 1.) According to Spy Files released by WikiLeaks, intelligence agencies, military forces and police authorities "silently... and secretly intercepted calls and had taken over computers without the help ...

Tit for Tat - Anonymous Hackers Brings Down FBI website for   #OpMegaupload Megaupload.com , one of the world's most popular sources of online piracy, has been shut down by a federal indictment issued Thursday, which seized and charged seven people connected with it with running an international enterprise based on internet piracy. Online piracy by the two companies - Megaupload Ltd and Vestor Ltd - generated more than $ 175 million in criminal proceeds and caused more than half a billion dollars in harm to copyright owners Hacking group Anonymous said Thursday it knocked out the websites of the FBI, U.S. Department of Justice, and several entertainment industry sites as retribution for anti-piracy efforts by both the government and the entertainment industry. Anonymous said it was " the largest attack ever ," with 5,635 participants involved in bringing down the sites. The two government sites were up and running again after several hours. Megaupload stood as...

#SOPA - The Hacker News say " NO WAY " Get mad and take action as you read how your internet privacy and freedoms are about to be taken away in our editor Patti Galle 's article on SOPA…….coming to your personal rights soon. The Stop Online Piracy Act (SOPA), or H.R. 3261, is a bill that was introduced on October 26, 2011 in the United States House of Representatives, by right-wing Texas Republican, Representative Lamar Smith and twelve initial co-sponsors. The Stop Online Piracy Act dramatically broadens the capacity of United States law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods. Proponents of bill H.R. 3261 state SOPA protects the intellectual property market and related industry, jobs and revenue, and is essential to reinforce and strengthen enforcement of copyright laws particularly against foreign websites. Opponents of the bill forcefully deem that the bill infringes on First Amendment rights, is e...

Giveaway: Win a Backtrack or iPhone book After the huge success of our earlier giveaway we have again teamed up with Packt Publishing and we are organizing a giveaway where Three lucky winners stand a chance to win a copy of their choice between two great selling books i.e iPhone Applications Tune-Up or BackTrack 4: Assuring Security by Penetration Testing.  Keep reading to find out how you can be one of the Lucky Winner.  The contest will close on 05/FEB/2012. Overview of the first book: iPhone Applications Tune-Up Tune up every aspect of your iOS application for greater levels of stability and performance. Read more about this book and download free Sample Chapter here Overview of the second book: BackTrack 4: Assuring Security by Penetration Testing • Learn the black-art of penetration testing with in-depth coverage of BackTrack Linux distribution. Read more about this book and download free Sample Chapter here How to Enter? 1) Tweet this article – you ca...

Multiple Cross Site Scripting ( #XSS ) Vulnerabilities in Forbes Ucha Gobejishvili ( longrifle0x ) , A Georgian Security Researcher Discover two Cross Site Scripting ( XSS ) Vulnerabilities on the Official website of Forbes , an American publishing and media company. Cross-Site Scripting occurs when an attacker can send a malicious script to a different user by relaying the script from an otherwise trusted or innocuous server. These flaws are extensive on the Web and allow an attacker to place malicious code that can execute attacks against other users in the security context of the web servers of the trusted host. 1.) First Vulnerable Link : Click Here 2.) Second Vulnerable Link : Click Here Cross-Site Scripting typically involves executing commands in a user's browser to display unintended content, or with the intent of stealing the user's login credentials or other personal information. This information can then be used by the attacker to access web sites and ser...

WOL-E : Wake on LAN - Explorer WOL-E is a suite of tools for the Wake on LAN feature of network attached computers, this is now enabled by default on many Apple computers. These tools include: Bruteforcing the MAC address to wake up clients Sniffing WOL attempts on the network and saving them to disk Sniffing WOL passwords on the network and saving them to disk Waking up single clients (post sniffing attack) Scanning for Apple devices on the network for WOL enabling Sending bulk WOL requests to all detected Apple clients. Download

SOPA in US and Censorship in India : A cocktail to destroy Internet Freedom ! As US senators mull over the SOPA(Stopping Online Piracy Act) and PIPA(Protecting Intellectual Property Act) bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook, Mozilla, Godaddy, etc are speaking in one unanimous voice against SOPA and Internet Censorship. The draconian provisions of SOPA/PIPA are bound to create the deathbed of internet freedom and free speech, and if a careful reading of the proposed legislation is done, one realizes that it is likely to have the same impact on India. In the disguise of protecting copyrights and stopping piracy its completely clear that the US government is trying to assert its control over the free flow of information on internet which is some time uncomfortable to them. Giving power to Attorney General to direct search engines like Google to filter particular search results, or asking an ISP to manipulat...

Microsoft Windows 8 with Resilient File System (ReFS) Microsoft is switching to the Resilient File System for Windows 8, but only the server edition will support the new and more robust file system. While Windows 8 client machines will continue to use the NTFS filesystem. ReFS is meant to maintain compatibility with the most frequently-used features of NTFS, including Bitlocker encryption compatibility, Access Control Lists (ACLs) to control permissions, change notifications, symbolic links, and others, while shedding legacy features and picking up new ones to make it more useful and versatile on today's drives. Also, in its current state ReFS cannot be used for removable media, or for any partition used to boot Windows – it is purely a file system solution for data storage right now. Windows 8 clients will be able to access and read ReFS partitions from launch though. According to a blog post from the Windows engineering team, the key goals of ReFS are: 'a high degree' of c...

Book Review: BackTrack 4: Assuring Security by Penetration Testing This review is for the BackTrack 4: Assuring Security by Penetration Testing book published by Packtpub written by Wes Boudville. The authors tackle a persistent danger to many websites and networks that hang off the Internet, where often the complexity of the operating systems and applications and the interactions between these can open doors to attackers. So the basic idea of penetration testing is to preemptively probe ('attack') your system. Find the weaknesses first, before others do so. In part, the text offers a good overview of the field, separate from the usages of BackTrack. So you get a summary of several common security testing methodologies. Including the Open Source Security Testing Methodology Manual. If you have a background in science experiments, you'll see clear parallels in how this OSSTMM approach investigates an unknown system. As far as BackTrack is concerned, its capabilities are...

Cyber War : Another 7000 Israel credit cards Exposed on Internet This week has began under worse auspices worse for Israel, which, despite its attention to the cyber threats posed by cyber-space, has been victim of a series of attacks that have checkmated the government of Jerusalem. Kosova Hacker's Security Group of Hackers today claim to release another Another 7000 Israel credit cards on Internet. Last week  xOmar from  "group-xp"  threatened the Israeli people by exposing millions of credit cards. After that Israel said that it will respond to cyber-attacks in the same way it responds to violent terrorist acts, by striking back with force against hackers who threaten the Jewish state.  The Dump of these 7000 Cards are posted on Tinypaste  by Kisova Hackers. Th3 Dir3ctorY, ThEtA.Nu, & X|CRIPO, three hackers from  Kosova Hacker's Security  Group posted all the credentials including full name of the card holder, CCV...

INNA - Romanian singer 's Site Defaced by DARKDevilz Crew After Hack of Official Website ( www.innaofficial.com and www.inna.ro ) of INNA by DARKDevilz Crew Hackers., Million of her Fans Redirected to another defaced page at  https://meb.zgokalp.k12.tr/tok.html  as shown above. Below we upload a screenshot of Source code of URL :  https://www.innaofficial.com/videos/  . Here you can see the Refresh-Metatag that redirecting webpage to another site that contains a message posted by Hacker. Mirror of Hack is also available here : Mirror 1 & Mirror 2 . [ Source ]