#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cyber Attacks on gas pipeline linked to China

Cyber Attacks on gas pipeline linked to China

May 12, 2012
Cyber Attacks on gas pipeline linked to China The spear-phishing attacks laying siege to networks in the natural gas pipeline industry apparently are being carried out by the same group that hacked RSA security last year. The attacks, which have been occurring since late this past March, have targeted several of the country's natural gas pipeline companies. According to U.S. officials, it's unclear if a foreign power is trying to map the gas systems or if hackers are attempting to harm the pipelines. A previous attack on the oil and gas sector seemed to originate in China. DHS supplied the pipeline industry and its security experts with digital signatures, or "indicators of compromise" (IOCs). Those indicators included computer file names, computer IP addresses, domain names, and other key information associated with the cyberspies, which companies could use to check their networks for signs they've been infiltrated. DHS officials and a spokesman have acknowled...
The Hackers Conference 2012 Call For Papers #THC2012

The Hackers Conference 2012 Call For Papers #THC2012

May 12, 2012
We are extremely delighted to announce the Call for Papers for The Hackers Conference 2012   It is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most topical issues of the IT world. Conference will be held in New Delhi, India and aims to get together industry, government, academia and underground hackers to share knowledge and leading-edge ideas about information security and everything related to it. The following list contains major topics the conference will cover. Please consider submitting even if the subject of your research is not listed here. Topics Cloud Security Wireless hacking GSM/VoIP Security Smartphone / Mobile Security Exploit development techniques Advance in reverse engineering National Security & Cyber Warfare New Vulnerabilities and Exploits/0-days Antivirus/Firewall/UTM Evasion Techniques New Web ...
Pentagon boosts contractor cybersecurity program

Pentagon boosts contractor cybersecurity program

May 12, 2012
Pentagon boosts contractor cybersecurity program The US Defense Department invited all of its eligible contractors on Friday to join a previously restricted information-sharing pact aimed at guarding sensitive Pentagon program data stored on private computer networks. The Pentagon predicts that as many as 1,000 defense contractors may join a voluntary effort to share classified information on cyber threats under an expansion of a first-ever initiative to protect computer networks. The effort, known as the Defense Industrial Base (" DIB ") program, is a voluntary information-sharing program in which the Department of Defense shares "unclassified indicators and related, classified contextual information" about cyber-attacks and threats with defense contractors. In exchange, defense contractors report known intrusions and can receive forensics analysis and damage assessments from the government after those attacks. In an optional part of the program, the DIB Enhan...
cyber security

New Webinar: Identity Attacks Have Changed — Have Your IR Playbooks?

websitePush SecurityThreat Detection / Identity Security
With modern identity sprawl, the blast radius of a breach is bigger than ever. Are you prepared? Sign up now.
Securing Agentic AI: How to Protect the Invisible Identity Access

Securing Agentic AI: How to Protect the Invisible Identity Access

Jul 15, 2025Automation / Risk Management
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...
17 year old Teenager arrested over TeamPoison hacking attacks

17 year old Teenager arrested over TeamPoison hacking attacks

May 12, 2012
17 year old Teenager arrested over TeamPoison hacking attacks A teenage boy has been arrested on suspicion of being a member of "TeamPoison", a computer hacking group that has claimed responsibility for 1,400 offences including an attack on the phone system of Scotland Yard's counter-terrorism unit last month. These include attacks on the United Nations, the UK Anti-Terrorist Hotline, MI6 and RIM, as well as politicians including Nicolas Sarkozy and Tony Blair. The boy, who police suspect used the hacker nickname 'MLT' and was a spokesman for TeamPoison, was interviewed at a local police station on offences under the Computer Misuse Act on Wednesday. The arrest is part of an ongoing investigation by the Police Central e-Crime Unit (PCeU) division of the Metropolitan Police into various hacking gangs who have made headlines in the last year or so. TeamPoison's highest-profile attack was mounted against Scotland Yard's counter-terror hotline last month, has als...
Orion Browser Dumper v1.0 released

Orion Browser Dumper v1.0 released

May 12, 2012
Orion Browser Dumper v1.0 released Jean-Pierre LESUEUR (DarkCoderSc) releases another Browser Forensic tool for Community called " Orion Browser Dumper v1.0 ".  This software is an advanced local browser history extractor (dumper), in less than few seconds (like for Browser Forensic Tool) it will extract the whole history content of most famous web browser, Actually Internet Explorer, Mozilla FireFox, Google Chrome, COMODO Dragon, Rockmelt and Opera. You can download the tool from Official Website of DarkCommet . Video Demonstration: Last week he also release " Browser Forensic Tool v2.0 " - Its is also an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually Internet Explorer, Google Chrome, Mozilla FireFox, RockMelt, Comodo Dragon and Opera.
Security Alert: Wi-Fi Hotels used to Spread Malware

Security Alert: Wi-Fi Hotels used to Spread Malware

May 11, 2012
Security Alert : Wi-Fi Hotels used to Spread Malware According to a report from the Internet Crime Complaint Center (IC3) – a partnership between the FBI and the National White Collar Crime Center (NW3C) - Hackers are targeting foreigners' laptops using hotel Wi-Fi, the Internet Crime Complaint Centre and FBI have warned. The malware is spread through hotel Wi-Fi networks, posing as an update for a popular software product. The number of laptops getting infected with malicious software while using hotel Internet connections is on the rise. " Analysis from the FBI and other government agencies demonstrates that malicious actors are targeting travellers abroad through pop-up windows while establishing an internet connection in their hotel rooms ," the IC3 said. The officials didn't explain what the malware actually did, but the FBI warned that anyone travelling overseas, and particularly on governmental or private-sector business, should take extra care when abroad and plan ...
North Las Vegas Police Department hacked by ZHC

North Las Vegas Police Department hacked by ZHC

May 11, 2012
North Las Vegas Police Department hacked by ZHC The official website of North Las Vegas Police Department (NLVPD) -  https://www.joinnlvpd.com/  defaced today by ZHC BlackOne HaXor - ZCompany Hacking Crew - [ZHC] and above shown black deface page with message displayed on Homepage.  Page indicates the cause of Hack  " Stop Nato Attacks on Pakistan! " ZHC is a Pakistani Hacking group defaced thousands of websites before against India and also this is second time that Las Vegas Police Department  website got hacked. Mirror of hack can be seen here .
Human Rights organisation website Serves Gh0st RAT Trojan

Human Rights organisation website Serves Gh0st RAT Trojan

May 11, 2012
Human Rights organisation website Serves Gh0st RAT Trojan According to the company's Security Labs blog , Amnesty International's United Kingdom website was compromised and hosting the potent Gh0st RAT Trojan earlier this week. Malicious Java code was planted on the site in a bid to push the Gh0st RAT Trojan onto vulnerable Windows machines. If successful, the attack plants malware onto machines that is capable of extracting the user's files, email, passwords and other sensitive personal information. The vulnerability for the infection stemmed from a popular Java exploit, CVE-2012-050. Hackers exploited that hole and used it to inject the Amnesty International site's script with malicious code. The Java hole was the same used by Flashback, the much buzzed-about Mac OS X Trojan in recent months. The exploit code used in this attack appears to have been copied from Metasploit, an open source penetration testing framework popular among security professionals, Giuliani said. The i...
Anonymous: We Are Not Terrorists but Fearless Freedom Fighters

Anonymous: We Are Not Terrorists but Fearless Freedom Fighters

May 11, 2012
Anonymous: We Are Not Terrorists but Fearless Freedom Fighters Black Ops 2 trailer that was released recently, portrays the Anonymous organization as the enemy of the United States, which has pissed them off greatly. Anonymous has responded to Activision's marketing campaign for Call of Duty: Black Ops 2 , which paints the hacktivist group as terrorists. The video was uploaded by YouTube user ALEXIUS ANON, an account which was created only last week. It's thus important to underline that official Anonymous channels of communication have not confirmed they will be targeting Activision. That being said, they are certainly aware of what the company did. " This act will show you how serious our collective us and that we will protect any human who calls himself Anonymous, " says the video's narrator, who wears a Guy Fawkes mask. Also, Activision CEO Eric Hirshberg has been doxed , and are threatening to cause a lot of damage to the company's infrastructure. This is what th...
Windows 8 operating system will ban Firefox and Chrome

Windows 8 operating system will ban Firefox and Chrome

May 11, 2012
Windows 8 operating system will ban Firefox and Chrome A new version of the Windows 8 operating system could shut out browsers such as Firefox and Chrome, according to Mozilla. Microsoft has been saying all along that x86 apps wouldn't run on Windows on ARM and it explicitly said there would be no third-party code on Windows RT when it announced the details of the platform back in February. That's no plugins for IE on the Windows RT desktop as well as no desktop Firefox and Chrome. According to Mozilla, the makers of Firefox, Microsoft is planning to allow only one fully-functioning browser on Windows RT: Microsoft's own Internet Explorer. Writing on the Mozilla blog, Harvey Anderson, general counsel for the company, lashed out at Microsoft for the slight, and called the alleged move " an unwelcome return to the digital dark ages where users and developers didn't have browser choices. " Why is Mozilla focused on Microsoft? Anderson's answer: Microsoft is ...
Bogus Report: 55,000 Twitter accounts compromised

Bogus Report: 55,000 Twitter accounts compromised

May 11, 2012
Bogus Report : 55,000 Twitter accounts compromised Thousands of Twitter passwords were exposed this week and the site was looking into matter. According to a message posted on Twitter's Japanese blog , None of the recently leaked Twitter logins and passwords came from within the company. Twitter has assured its users that their personal details are secure after a post by document sharing site Pastebin reportedly contained 55,000 accounts' login details. " We have confirmed that no one's information has been leaked from Twitter, " the blog said, after apologizing to users for their concerns. Twitter added that it has also taken measures to defend itself in case any of the unexamined data is actually correct. It also warned users to avoid "fishing" Web sites, which try to con login information out of unwary surfers, and to use strong passwords that are unique for separate sites. So far, it is yet to be established who can be held responsible for the ...
The Hulk Gets Hacked, Need Help from The Avengers

The Hulk Gets Hacked, Need Help from The Avengers

May 08, 2012
The Hulk Gets Hacked, Need Help from The Avengers The actor who plays Bruce Banner in smash hit The Avengers had his account taken over and even changed his username from @MRuff221 to @Mark_Ruffalo and proceeded to add some peculiar posts. Sunday the scene-stealing-actor's Twitter was hacked by a horny nerd. His/her first tweet:  " The women of hollywood sure have some great boobs. Here are the top 15! " Marvel's The Avengers took $207.4M at the North American box office over the weekend, higher than the $200,329,000 estimated Sunday morning. The film crossed the $600 million mark globally in just 12 days. Its worldwide cumulative count is now $654.8 million. Another tweet by Hacker ,  " Your account hacked because passwords set very stupid LOL =)) ". Ruffalo is now using @Mark_Ruffalo and told one follower that Twitter will verify the account on Monday. "They have lumped both accounts together. It's one account both names. It has a poe...
'The Hackers Conference 2012' to be held in New Delhi

'The Hackers Conference 2012' to be held in New Delhi

May 08, 2012
' The Hackers Conference 2012 ' to be held in New Delhi The Biggest Hacking Mania has arrived. The Hackers Conference 2012 will be held in New Delhi on July 29. THC 2012 is expected to be the first open gathering of Blackhat hackers in India who will debate latest security issues with the top itelligence echolons in India. The Registrations and Call for papers for the conference are now open. The organizers have deicded to keep the number of seats to limited to ensure quality of the conference. The conference will be held at the India Habitat Center on July 29th. The Hackers Conference will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from government Intelligence agencies will also speak on National Security Issues emerging from Scada Hacking. The conference has sent special invites to Blackhat hackers to come and...
Social game Zynga's YoVille gets hacked

Social game Zynga's YoVille gets hacked

May 08, 2012
Social game Zynga's YoVille gets hacked Matt Spencer has been an active player of "YoVille" since the Zynga-owned virtual world launched in 2008, but hasn't played the game in about three weeks. He  post a complaint on the gaming company's forum that i n late January, Spencer's " YoVille " account was compromised and he lost much of his collection of virtual items, including millions of virtual coins and a pair of sunglasses that have become a collectors' item. Hackers infiltrate the social game affecting gameplay and stealing users' virtual goods, but private and sensitive data isn't compromised. Zynga is aware of the security problem and is addressing it, said Cadir Lee, the company's chief technology officer. The company first started to get reports about it "a few weeks ago," he said. The company investigated the issue and found that it was due to some "compromised administrative and moderation tools," he ...
Android Malware and Corporate Networks Security

Android Malware and Corporate Networks Security

May 08, 2012
Android Malware and Corporate Networks Security A new Android Trojan dubbed " NotCompatible " is being spread through compromised Web sites. This may directly affect Android tablets and smartphones, along with being a potential risk hazard to corporate networks and their security. Kevin Mahaffrey is co-founder and CTO of a San Francisco based firm called Lookout Security. The main focus of the company is Android and during their investigations it was found there was a new malware out there. Called " NotCompatible " the Android malware is, according to Mahaffrey, a risk to corporate networks. According to their report, a hacked Web site would contain a hidden iFrame at the bottom of the page. When the Android browser loads the page, it will attempt to load the file in the hidden iFrame. Upon loading the file, the browser would transfer control to the app loader, which would display an application installation screen, with the header com.Security.Update. An unsuspecting us...
ISPA to launch cyber security code of practice in SA

ISPA to launch cyber security code of practice in SA

May 08, 2012
ISPA to launch cyber security code of practice in SA South Africa's Internet Service Providers' Association (ISPA) has teamed with Australia's Internet Industry Association to develop a new voluntary industry code of practice to improve cybersecurity for end users. Known as the ' icode ', and developed in conjunction with Australia's Internet Industry Association, the code will provide a consistent approach for South African ISPs to help inform, educate and protect their customers in relation to cyber security. " The increasing threat of zombied computers - computers which have been essentially hijacked and are under the control of criminals or other third parties - presents a real risk to users. Identity theft, fraud, and increases in spam are all possible consequences of compromised computers. " By following the code, ISPs will contribute to reducing the number of compromised computers in South Africa and enhance the overall security of the South African and internation...
RedKit Exploit Kit : New web malware exploitation pack

RedKit Exploit Kit : New web malware exploitation pack

May 05, 2012
RedKit Exploit Kit : New web malware exploitation pack Trustwave researchers have spotted a new exploit kit called " RedKit Exploit Kit " that  being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits. In actual, The new kit has no official name, so the researchers dubbed it ' Redkit ' due to the red bordering used in the application's panel. " Logging to the admin panel presents you with options which are typically used by other exploit kits. The panel allows you to check the statistics for incoming traffic, upload a payload executable and even scan this payload with no less than 37 different AV's ," Trustwave reports . To deliver the malware, RedKit exploits two popular bugs: 1.)  The Adobe Acrobat and Reader LibTIFF vulnerability ( CVE-2010-0188 ). 2.)  The Java AtomicReferenceArray vulnerability ( CVE-2012-0507 ), lately used by the criminals behind the massive Fl...
Anonymous Hackers Targeting Russian government websites for Putin Inauguration

Anonymous Hackers Targeting Russian government websites for Putin Inauguration

May 05, 2012
Anonymous Hackers Targeting Russian government websites for Putin Inauguration Anonymous hackers to launch cyber attacks on the websites of the Russian state agencies to support the opposition. In a YouTube video , Hackers said that the Russian government website will be subjected to DDOS attack on May 6, and on May 7 the same will happen with the prime minister's site. " Join us! All it takes is a few simple actions to bring this rotten and corrupt system to its logical end. " The hackers then posted instructions for everyone who would like to participate in attacks. Putin convincingly won a six-year presidential term in March despite a wave of protests following a December parliamentary poll the opposition said was tarnished by large-scale voting fraud in support of his party. It said it would launch attacks on the Russian government website Government.ru at 1200 GMT on May 6 and on the prime minister's website Premier.gov.ru on May 7 at 0900 GMT. Anonymous...
Hacktivism - The Hacker News Magazine - May 2012 Issue

Hacktivism - The Hacker News Magazine - May 2012 Issue

May 05, 2012
Welcome cyber space readers and internet junkies from around the world. May brings us into an in-depth look at our favorite topic: Hacktivism Our fearless leader, Mohit Kumar , founder of The Hacker News opens the discussion with a look at the meaning of Hackitivism and what it means for society today. Our regular writers, security specialist Pierluigi Paganini , and Mourad Ben Lakhousa bring us their perspective on this most interesting and thought provoking topic. As editor, I truly enjoyed Keith H. DeBus 's article on cyber war. I found myself wrapped up in excitement and worry as he takes us into the what's and where's of cyber war. Also, Dominque C Brack does an excellent job discussing the topic. Your executive editor, Patti Galle, brings you to question just what anonymous needs to look like in the future and don't miss our fun pokes at current news. Thanks for your faithful readership and thanks to those who contribute in so many, many ways! Mohit Kumar, Editor-i...
Browser Forensic Tool v2.0 - Advanced browser history search engine

Browser Forensic Tool v2.0 - Advanced browser history search engine

May 05, 2012
Browser Forensic Tool v2.0 - Advanced browser history search engine Browser Forensic Tool v2.0  , Developed by DarkCoderSc (Jean-Pierre LESUEUR) ,is an advanced local browser history search engine, in less than few seconds it will extract the chosen keywords of most famous web browser, actually Internet Explorer, Google Chrome, Mozilla FireFox, RockMelt, Comodo Dragon and Opera. BFT will attempt to find the keyword(s) in the history title and search, if the keyword is present or suspected to be, it will be display in the result list with his URL and Title. The software also give you the possibility to edit the default keywords and of course add / modify your own keywords, to separate keywords subject you can create your own keywords categories and only scan for some keywords in the chosen category . The program is fully asynchronous so it won't affect your work during the scan time nor it will block the customization of keywords and keylist and can be canceled at anytim...
Expert Insights Articles Videos
Cybersecurity Resources