The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

#AntiSec hackers deface Panda Security site to protest LulzSec arrests Hackers aligned with Anonymous took credit on Wednesday for an attack on Panda Security's website shortly after charges were announced against five of the hacking collective's alleged members. Over 25 websites related to Panda Security have been hacked tonight by Antisec. Emails and md5 passwords have leaked to public. Panda was accused by anonymous for helping the FBI to lurk anonymous members. The attacks are believed to be in retaliation for the recent arrests made by the FBI. Yesterday biggest story of Hacking world exposed that, The world's most notorious computer hacker turned against his comrades because he did not want to go to prison and leave behind his two children. Monsegur, who has been described as the ringleader of LulzSec, and an 'influential member' of Anonymous, pleaded guilty to a dozen hacking-related charges last summer - crimes which carry a maximum sentence of 124 y...

Anonymous Sabu was working for FBI to Trace down other  LulzSec hackers Police on two continents swooped on top members of computer hacking group LulzSec early today, and acting largely on evidence gathered by the organisation's leader "Sabu" who sources say has been secretly working for the government for months arrested three and charged two more with conspiracy. FoxNews reports that the arrests were part of a multinational sting across the United Kingdom, Ireland and the United States. LulzSec leader Hector Xavier Monsegur, who operated online under the alias "Sabu," provided the Federal Bureau of Investigation with information leading to the arrests. "This is devastating to the organization," said an FBI official involved with the investigation. " We're chopping off the head of LulzSec. " LulzSec, which became part of the larger hacker collective " Anonymous Operations " last year, has launched a number of high profile cyberattacks since last summer.  The ...

Rogue Antivirus advertised on 200000 hacked Web pages The Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign, a new mass injection attack has infected over 200,000 Web pages, amounting to close to 30,000 unique Web hosts. The attack uses SQL injection techniques to insert a rogue script element. Users who land on one of the compromised pages get redirected through several domains and finally land on a scareware site. These sites mimic antivirus scans and tell visitors their computers are infected with malware in an attempt to convince them to download fake security programs. The programs display even more false warnings and ask users to pay for a license in order to clean their machines.  The page looks like a Windows Explorer window with a "Windows Security Alert" dialogue box in it. The fake antivirus then prompts visitors to download and run their "antivirus tool" to remove the supposedly found Trojans. The executab...

Hackers disclose secret Ankara police files password '123456' Hackers from the "RedHack" group who brought down the Ankara Police Department's website and acquired secret information last week said one of the passwords of the secret police files was "123456." A member of the hacking group named " Radikal " saying that " RedHack was founded after deliberating on how to utilize our skills for the oppressed peoples ." " The question is, how serious can a police force be if they save secret files with a password like '123456'? " The group member said the reason for targeting the Ankara Police Department was that it was the center of applications such as "E-State" and "E-Police," and the fact that it was "much more special and better protected" than other police department websites. RedHack had downloaded police files that contained tips from "informant" citizens that told of suspicious activitie...

DarkComet RAT Remover  Released The civil war in Syria rages not only on the ground but also on internet. The opposition has made increasing use of platforms such as Facebook to organize and spread their message. In response the regime have tried to disrupt these activities by defacing websites and spamming Facebook pages. The regime is using the DarkComet RAT (called Backdoor:Win32/Fynloski.A by Microsoft) to spy on their own people.The creator of the DarkComet RAT was disgusted by that behaviour and now has retaliated with a specially created tool to detect and remove his own DarkComet RAT to help the oppressed Syrian people, DarkComet RAT Remover. DarkComet RAT Remover will detect any kind of instance of darkcomet running in memory even if an hacker try to obfuscate the loader to be undetected by common Antivirus softwares, also it detects registry threats and keyloggers logs. Features: [+] Detect DarkComet Even if crypted. [+] Detect DarkComet Even if visualized. [+] De...

#Security Alert : Facebook Two-Factor Authentication fail ! Last year Facebook has launched a security feature called Login Approvals or two-factor authentication. This is a follow-up security update regarding Facebook Login from Facebook. They have already integrated Facebook login email alerts to get notification emails or SMS messages whenever a suspicious person uses your Facebook account from a different location. Christopher Lowson , on his blog explains the Facebook Two-Factor Authentication, which is really another biggest fail of Facebook Security. But that feature is not enough to ensure your account's security and that is why Facebook has launched "Login Approvals". This feature is very similar with Google 2-step verification which associates a mobile device with your Facebook account and authenticates the login by sending a verification code at your mobile phone device. According to this feature, When user will logging into your Facebook accou...

THOR : Another P2P Botnet in development with extra stealth features The research community is now focusing on the integration of peer-to-peer (P2P) concepts as incremental improvements to distributed malicious software networks (now generically referred to as botnets). Because "botnets" can be used for illicit financial gain,they have become quite popular in recent Internet attacks. A " botnet " is a network of computers that are compromised and controlled by an attacker. Each computer is infected witha malicious program called a "bot", which actively communicates with other bots in the botnet or with several "botcontrollers" to receive commands from the botnet owner. Attackers maintain complete control of their botnets, andcan conduct Distributed Denial-of-Service (DDoS) attacks,email spamming, keylogging, abusing online advertisements, spreading new malware, etc. However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines app...

Twitter, As secondary publisher  could be sued  for an illegal tweet If a Twitter user posts an illegal tweet, they could get sued, but Twitter could be sued itself as a secondary publisher according to  Zack Whittaker . Legal analysis site Out-Law published a very interesting, theoretical piece, which describes how Twitter could fall foul of the law through no apparent fault of its own but by giving its users free reign over what they say. A case of mistaken identity in Australia illustrates the point. Someone wrote a hateful blog about writer and television personality Marieke Hardy. She wrote a blog post accusing Joshua Meggitt of being its author and used her Twitter account to draw attention to her post.Hardy was wrong to finger Meggitt as the author of the original material and she reportedly paid Au$15,000 (£10,000) to settle the case. Will Twitter still be held liable for the libel? One more thing, Those who retweeted are not being pursued....

Anonymous : A Declaration of the Independence of CyberSpace Anonymous declare a Note on Independence of Cyber Space : Governments of the Industrial World, you weary giants of flesh and steel, we come from the Internet, the new home of Mind. On behalf of the future, we ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather. We have no elected government, nor are we likely to have one; therefore we address you with no greater authority than that with which liberty it always speaks. We declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us, nor do you possess any methods of enforcement we have true reason to fear. You are toothless wolves among rams, reminiscing of days when you ruled the hunt, seeking a return of your bygone power. Governments derive their just powers from the consent of the governed. You have neither solicited nor ...

Hackers steal Michael Jackson 's entire back catalog from Sony Entertainment giant Sony has confirmed that hackers accessed its systems and compromised Michael Jackson's entire back catalogue, including many unreleased songs. Michael Jackson's entire back catalogue has been stolen by Internet hackers. Sony music suffered its second major security breach in a year, with thieves targeting songs and unreleased material by the superstar singer. It's alleged they downloaded more than 50,000 music files worth $253 million in the biggest ever cyberattack on a music company.The news comes just a year after Sony paid $395 million for the seven-year rights to the songs following Jacko's death. The buy-up came with a stash of unreleased tracks including duets Jacko did with the late Queen singer FreddieMercury and Black Eyed Peas star will.i.am, 36. Sony had been planning to release them on up to 10 albums, which would have netted a fortune. It is thought that the hack occ...

The Mole v0.3  Released : Automatic SQL Injection Exploitation Tool Nasel has just released the new version of The Mole, an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. This release has introduced new features compared with the previous one, among these you can find that The Mole is now able to exploit injections thourgh cookie parameters. A new promising feature is that now you can exploit injections that return binary data, to achieve this the mole uses uses HEAD requests and analyzes the headers received (the size of the binary to download usually differs when the query was successful or not) and does not need to download the full binary data. In this release there has been a major change in the The Mole's architecture, and now allows to easily insert filters in order to bypass IPS/IDS rules or mod...

FOCA PRO 3.1  and MetaShield Protector Released Forensic FOCA New latest version of FOCA announced today, in this case a Forensic FOCA. This tool is specially created for forensic analyst, allowing them to crawl metadata from files and to create a powerful time-line of metadata. This information lets you to reconstruct what happen in a machine just analyzing what documents were created between two dates, or what files where created by one user in a period of time, or what users where working in one single machine at one single day. The tool allows to export all the data, even with the hash of the files, to XML reports, that can be easily integrated in any other reporting system. License of Forensic FOCA is only 20 € per year, and you can buy it on line or test the trial version. More info at: https://www.informatica64.com/ForensicFOCA/ New FOCA PRO with Plugins FOCA got new version of FOCA PRO with plugin support. Right now FOCA PRO comes with a set of plugins to analyze .SVN...

GitHub hacked with Ruby on Rails public key vulnerability Github, the service that many professional programmers use to store their work and collaborate on coding, was hacked over the weekend. A young Russian developer Egor Homakov exploited a gaping vulnerability in GitHub that allowed him (or anyone else with basic hacker know-how) to gain administrator access to projects such as Ruby on Rails, Linux, and millions of others. When Github saw what happened, they suspended Homakov's account, which created a firestorm of protest. A blog post entitled, Github, You Have Let Us All Down . Github has succumbed to a public key vulnerability in Ruby on Rails allowing a user administrator access to the popular Rails Git. Homakov's actions were relatively simple - he merely uploaded his public key to the repository so Git thought he was an approved administrator of that project. This would not only entitle Homakov to commit files but he could effectively wipe the entire project and its ...

Twitter releases data to Law Enforcements   for criminal inquiry Twitter handed over subscriber information yesterday for one Twitter account indirectly tied to the Occupy Boston protest, ending a court battle fought behind closed doors as Boston law enforcement investigated hacking attacks on the Police Department and a police union. as reported by Boston . According to Twitter spokesman Matt Graves, the company provided the subscriber information for @pOisAnON, an account that is associated with the name of Guido Fawkes. "We provided information on a single user,'' Graves said in a telephone interview yesterday. Twitter ignored the Suffolk D.A.'s request for secrecy, and forwarded the subpoena to @pOiSAnOn in accordance to Twitter's Guidelines for Law Enforcement . A spokesman for the Suffolk County D.A. told The Boston Herald it was satisfied with the information received this week." We are not interested in the information of a large number of people who have used t...

GCC 4.6.3 Released with 70 bug-fixes The GNU Compiler Collection version 4.6.3 has been released. Jakub Jelinek of Red Hat announced the release this morning of GCC 4.6.3. Over GCC 4.6.2 there's over 70 bug-fixes and other work. However, all of the exciting work meanwhile is going into what will become GCC 4.7. The GNU Compiler Collection (GCC) is a compiler system produced by the GNU Project supporting various programming languages. GCC is a key component of the GNU toolchain. As well as being the official compiler of the unfinished GNU operating system, GCC has been adopted as the standard compiler by most other modern Unix-like computer operating systems, including Linux, the BSD family and Mac OS X. GCC 4.7 will offer some performance improvements, new CPU support, language enhancements, mature Intel Sandy/Ivy Bridge support, and initial Intel Haswell support. GCC 4.7 should be officially released in March or April. Read More here

BackTrack 5 R2 Released, New Kernel, New Tools Hacker are your Ready ? Backtrack 5 R2 finally released with bug fixes, upgrades, and the addition of 42 new tools. With the best custom-built 3.2.6 kernel, the best wireless support available at maximum speed. This release have included Metasploit 4.2.0 Community Edition, version 3.0 of the Social Engineer Toolkit, BeEF 0.4.3.2, and many other tool upgrades. Backtrack also added the following new tools to R2: arduino bluelog bt-audit dirb dnschef dpscan easy-creds extundelete findmyhash golismero goofile hashcat-gui hash-identifier hexorbase horst hotpatch joomscan killerbee libhijack magictree nipper-ng patator pipal pyrit reaver rebind rec-studio redfang se-toolkit sqlsus sslyze sucrack thc-ssl-dos tlssled uniscan vega watobo wcex wol-e xspy Along with this, Backtrack added Wiki about Building a Pyrit Cluster, Creating a John the Ripper Cluster, Enabling PAE in BT5 R2 and ...

#THN Monthly ( February ) News Archive,If you miss Something ! # Censorship - Global Concern, THN Magazine March Edition :  https://goo.gl/bktRz # Forget terrorists attacks here are 2012's Most Vulnerable Cities At Risk for Cyber Crime (Idiots) : https://goo.gl/4VYGf # Slum Dog India demands Real time monitoring on Indian Gmail & Yahoo Emails. Do they really have nothing better to do?   https://goo.gl/iYO5H # Iran will probably drop nuclear development cause they think they need to Develop their own security Software, No more foreign Solution, they might suggest banning the Burka too! : https://goo.gl/QVheH # Three Greek Anonymous hackers arrested for defacing Government Sites. They couldn't make the street protest! : https://goo.gl/EyMux # Facebook Hacking - Student jailed for eight months. They ought to jail Facebook for having such a stupid site : https://goo.gl/PwkHt # FAQ : DNSChanger Trojan, Impact and Solutions :   https://goo.gl/IE2Qh # How Hackers ...

Siemens and Canon 's Databases exploited by Team INTRA Recently a hacker known as " JoinSe7en " from Team INTRA claims to have hacked into subdomains of Canon and Siemens. Apparently, the hacker has found and exploited a Blind SQL Injection vulnerability in Canon's website and a Error based SQL Injection in Siemens. He published a full disclosure on both of the databases on pastebin: Siemens : https://pastebin.com/HBL966wh Canon : https://pastebin.com/fbL0s9aS These pastebin notes include the vulnerable links of respective sites and extracted database info with usernames and passwords of Siemens Users & Canon forum, sites user credentials.

Censorship - Global Concern : THN Magazine March Edition It is March Madness at The Hacker News as we release the latest edition of our magazine which gives internet security a thorough look and and a fascinating read. Pierluigi Paganini gives a great interview on the woes of internet security and Mourad Ben Lakhousa provides you with a comprehensive guide on what tools are available to keep your web activity private. Check out Lee Ives opinion piece on the plethora of DDOS attacks and stand firm with our Editor, Patti Galle as we tell the world we won't stand for internet piracy. Laugh with us as we take a hilarious look at recent internet security news and we promise you won't be disappointed in all the articles touching on matters important to us all. Enjoy! RAR Format  |  PDF Format

Sandcat Browser 2.0 Released,  Penetration Testing Oriented Browser Sandcat Browser version 2.0 includes several user interface and experience improvements, an improved extension system, RudraScript support and new extensions. What is Sandcat Browser? The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Sandcat web application security scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support. This first Sandcat Browser release includes the following pen-test oriented features: Live HTTP Headers Request Editor extension Fuzzer extension with multiple modes and support for filters JavaScript Executor extension -- allows you to load and r...