The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Al Jazeera  news network hacked by Syrian Hackers Arabic-language news network Al Jazeera 's website was hacked last week by a Syrian hacktivist group in support of the government's actions in the country. Aljazeera is broadcaster owned by the state of Qatar through the Qatar Media Corporation and headquartered in Doha, Qatar. Initially launched as an Arabic news and current affairs satellite TV channel, Al Jazeera has since expanded into a network with several outlets, including the Internet and specialty TV channels in multiple languages. Al Jazeera is accessible in several world regions. Hackers from cyria " ThePro " again hit aljazeera network They claim to hack the one of the network and post list ofemail and passwrds of aljazeera.  The Syrian Electronic Army is a collection of young Syrians, angry about the way the media and other sources are portraying the fighting in their country. They call it a " massive distortion of facts". Al Jazeera hosts a live blog c...

Microsoft Store India got hacked in India ! Today, Hackers from group EvilShadow  successfully hack and deface the website of  Microsoft Store India ( https://www.microsoftstore.co.in ) . But Hacker upload his deface page at location  https://www.microsoftstore.co.in/evil.html . Hacker revealed that user passwords were saved in plain text as shown below:

" NASA Own3d Again " - NASA Database Leaked by r00tw0rm Hackers from Team  r00tw0rm again hit NASA . According to Latest tweet by Hackers,  They claim to hack the one of the Sudomain of Nasa (Link is not exposed by hackers and claimed to be reported for Fix). Hackers claim to hack GB's of database and they  Leaked sample of database include Users names, emails and Passwords , Contact as shown: Same Hackers Yesterday Hack and Expose the Database of United States Census Bureau and Vulnerable link was also Exposed.

United States Census Bureau Hacked and Vulnerability Exposed A Group of Hackers from  r00tw0rm found SQL injection Vulnerability on  United States Census Bureau and Hackers successfully exploit the Database and Leak it online today. The United States Census Bureau is the government agency that is responsible for the United States Census. It also gathers other national demographic and economic data. As part of the United States Department of Commerce, the Census Bureau serves as a leading source of data about America's people and economy. The Pastebin Note include the complete Database Structure as shown: There is no reason mentioned for this attack yet by Hacker, But Hacker suggest United States Census Bureau to fix their loopholes as soon as possible. The Note include the Greets to other Hacking Groups like Inj3ct0r , TeaMp0isoN and Anonymous, seems that its a collective hack for #Antisec.

38 Bangladesh Government sites Defaced by Indian Hackers Indians hacking Group " Indishell " took down 38 Bangladeshi government websites on Saturday, including ministry of  the ministries are communications, youth and sports, primary and mass education , Trading Corporation of Bangladesh. The Deface page include the name of hackers - Love the Risk, Amal Landhe, Lnx Root, Silent Killer . In the hacked pages, between two eyes resembling Indian flags, the hackers wrote, "We have an EYE on you. Indishell is non other that Indian Cyber Army Hacking group, who already deface most of the Pakistani Govt sites in Past.  Most of the Hacker Sites either Restored or Hosting Suspended by Providers, or Under maintenance. The Complete list of Hacked Sites and Mirrors of All hacks are listed below. Hacked Sites: https://www.www.moef.gov.bd/ https://www.mincom.gov.bd/ https://www.cga.gov.bd/ https://www.bdlaws.minlaw.gov.bd/ https://www.mopme.gov.bd/ https://www....

#FuckFBIFriday by Anonymous, cia.gov Tango Down ! Anonymous has struck again at Central Intelligence Agency, The site went down about 3:10 p.m. apparently under a massive distributed denial of service (DDOS) attack. No specific reason for the attack was announced, nor were any specific groups or individuals within Anonymous named as the attackers. Anonymous took credit for crashing the websites of the US Department of Homeland Security, which was quickly revived, and the FBI. CIA's site is still down even two hours after the attack. One of the twitter accounts affiliated with Anonymous issued a statement on the reasons of the attack: " We do it for the lulz, " referring to the popular online abbreviation " for laughs ." Two weeks ago, the online group also released the audio of a conference call between the US Federal Bureau of Investigation and Britain's Scotland Yard counterpart targeting members of the largely untraceable group. It was done as part of th...

BFT- Browser forensic tool Released by DarkCoderSc From the Developer of Famous DarkComet RAT Tool, DarkCoderSc Yesterday Release Another Interesting tool called BFT- Browser forensic tool. Browser forensic tool, is a software that will search in all kind of browser history (even archived) in a few seconds.It will retrieve URLS and Title with the chosen keywords of all matching search.You can use default example profiles or create yours, with thematic search. You can Download it from here :  BFT Download Video Demonstration: 

Iran Shutdown Google ,Yahoo & other Major sites using Https Protocol We Received latest reports from Iran ,Governments has blocked access to the major sites plus websites using certain Https protocol like Gmail, Google ,Yahoo. On the eve of the anniversary of the revolution that overthrew the country's monarchy and replaced it with an Islamic republic. At the same time nobody can even use banking websites in Iran because all of them using "Https" to encode the sensetive data . As well as Yahoo, Gmail, Google and all sites that rely on the search giant's API such as WolframAlpha. Sites such as BMI.ir , BPI.ir and Parsian-Bank.com are also apparently banned. There is Online Service  https://www.blockediniran.com  , where you can check that Is there any site blocked in Iran or Not ? We check the " google.com " as shown,but it showing that site is Working. This Condition until Esfand, next month in Persian calender after the 33rd anniversary of the Islamic Revolu...

Listen to your instincts when it comes to the web Lee Ives from Security-FAQs talk about Internet Security in January Edition of The Hacker News Magazine . When you are on the web the best thing that you can do is to go with your instincts. In real life, when we walk around, we usually go with our gut to make sure that we stay out of danger. If something does not seem right we usually "sense" it for lack of a better term. This is not something that is new. This is how we survived in the wilderness all of those many years ago. We made sure that we stayed safe by following our instincts and doing the right thing. All of these years later and that same advice still holds up to be true. But like we said in the previous paragraph, you have to worry about following your instincts when you are on the web as well. There are many different kinds of pitfalls that you can encounter when you are on the web. It doesn't matter whether it is meeting the wrong type of person or it is downloading...

THC-HYDRA 7.2 - Fast and Flexible network login Bruteforce Tool Updated One of the most famous network logon cracker – THC-HYDRA 7.2 get latest Update . Hydra is a parallized login cracker which supports numerous protocols to attack. New modulesare easy to add, beside that, it is flexible and very fast.Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, andis made available under GPLv3 with a special OpenSSL license expansion. Hydra is best for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus. Changelog v7.2 Speed-up http modules auth mechanism detection Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting) The -f switch was not working for postgres, afp, socks5, firebird and ncp, thanks to Richard Whitcroft for reporting! Fixed NTLM auth in http-proxy/http-proxy-url module Fixed ...

63 Vulnerabilities on United Nation Website Exposed Online ! Latest Notification in The Hacker News Vault by a Hacker named " Xenu (Casi) " from r00tw0rm Team that There are  63 Blind SQL injection Vulnerabilities exist on United Nation's Website (www.un.org). Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application rather then getting a useful error message they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data by asking a series of True and False questions through sql statements. Information purported to be stolen from the organization was posted on the site Pastebin on Thursday morning.  Martin Nesirky , a spokesperson for the Secretary General of the United Nations, confirmed the breach." A case of unauthorized access to the UN website is still being investigated ,...

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems NullSecurity Team Releases " Trixd00r v0.0.1 " an advanced and invisible TCP/IP based userlandbackdoor for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP.  The client is used to send magic packets to trigger the server and get a shell. You can  Download and Use trixd00r-0.0.1.tar.gz  from NullSecurity Website. Video Demonstration : 

Hacker Hits the Embassy of Indonesia in Hungary Hacker from Team thec7crew today claim to Hack the Official Website  Embassy of Indonesia in Hungary. Hacker Hack the Database of Site also Expose various Server Parameters on Pastebin . As Database name mentioned " indone01_web " - There are 30 tables and Hacker also Extract and Expose the Admin's Emails and Passwords in Note. Reason of Hacking is Unknown, But this Hack will really effect the Security of officials at Embassy.

Android.Bmaster Exploits root access to connect to Botnet A new piece of Android malware named Android.Bmaster , first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog . This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread.  RootSmart is designed to escape detection by being named " com.google.android.smart, " which the same name as a settings app included by default with Android operating systems. Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated." The malware posts some user and phone-specific data to t...

Hackers Claims to compromise Intel 's Sensitive Data A security researcher under the name of " WeedGrower ", or " X-pOSed " has been on a roll since the start of 2012. He has ambushed huge sites such as AOL, NASA, Hotmail, Myspace, Xbox, USBank, Yahoo, and VISA, he has also leaked sensitive data on most of those websites. Hackers today Claiming that he compromise Intel's Sensitive Data like User Base & Credit Cards. He found a way to expose sensitive data via the subscriber section on Intel.com and he also has access to the INTEL.com database which reveals Credit Card Numbers, Social Security Numbers, Emails, Passwords, and more. "WeedGrower", or "X-pOSed" has threatened that he's going to be leaking this soon if he doesn't get a response from Intel.com carriers. Hacker said ," I've got to give some applause to all these pseudo-security technicians out there. I cut Intel a break, I have access to a database and a...

Apple Supplier Foxconn 's Servers Hacked, Exposing Vendor Usernames and Passwords Apple supplier Foxconn has reportedly been hacked, exposing the usernames and passwords of the company's clients and employees. Hacker group SwaggSec just released a dump of Foxconn internal information, including a mail server login/password dump and logins to various online procurement sites and Intranets. " We encourage media, security experts, and other interested individuals to explore our leaks. Foxconn did have an appropriate firewall, but fortunately to our intent, we were able to bypass it almost flawlessly. Of course with funding ourselves we did have our limitations. But with several hacking techniques employed, and a couple of days in time, we were able to dump most of everything of significance. " Hacker said. The group made a 6.04MB file available earlier this evening first on Demonoid, and then on The Pirate Bay   which purported to contain login and password information for F...

" Cyber China ", from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from  Security Affairs  -  Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China's hacking is on world internet security. Read and decide for yourself : When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threat to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are ...

Arab Countries websites urged to Increase Security Against Israeli Hackers Recent hacking attacks online have gotten the attention of the world's media outlets in a big way. What has been reported as beginning as a youth led hacker attack against an Israeli website quickly escalated when six Israeli hackers decided to strike back. The initial attack was against a sports themed web site based in Israel and exposed the credit card and personal information of a number of nationals in that country.  The response, exposed the credit card and personal details of more than 50,000 people in Arab countries such as Saudi Arabia. While this current episode is rather tame in comparison to the Stuxnet virus which hit Iran in June of 2010, which ended up destroying several centrifuges inside an Iranian nuclear facility. Experts say that the web application security of Arab web sites must be increased if they are to be prepared for the potential cyber warfare that Israeli hackers could one day...

Cryptographers : Satellite phones vulnerable to eavesdropping Researchers at a German university claim to have cracked the algorithm that secures satellite phone transmissions. They have broken the encryption of the two main standards used to protect calls from satellite phones, giving them the ability to intercept conversations that are meant to be private. The attacks on the GMR-1 and GMR-2 standards are thought to be the first such work against the satellite phone ciphers. After reverse engineering phones that use the GMR-1 and GMR-2 standards, the team discovered serious cryptographic weaknesses that allow attackers using a modest PC running open-source software to recover protected communications in less than an hour. The Ministry of Defence has said a satellite phone crack of the A5-GMR-1 and A5-GMR-2 encryption algorithms crack by researchers will not affect UK military use of satellite phones. " All military users of mobile satellite communication systems are ...

Anonymous Hack Syrian President's Emails with Password " 12345 " Hundreds of emails from Syrian President Bashar Assad's office were leaked on Monday after an attack by the hacker group Anonymous. The target was the mail server of the Syrian Ministry of Presidential Affairs and about 78 inboxes of Assad's aides and advisers were hacked and the password that some used was "12345", according to Israeli newspaper Haaretz. Click here to read the leaked documents,  part one Click here to read the leaked documents,  part two The interview took place amid Syria's increasingly harsh crackdown against civilian protesters. Assad's TV interview with Walters was memorable for his repeated denials that Syrian citizens were being killed. " We don't kill our people ... no government in the world kills its people, unless it's led by a crazy person ," Assad told Walters. [ Source ]