The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Another Halloween hack, National Telecommunications Commission (NTC) was hacked Thursday noon, showed a pop-up message saying " Sh4d0wFiend_h4x0r and Wizkidl33t were here! " and would later redirect to another page (ntc.gov.ph/halloween) displaying the hacker's message - " hello and welcome: presented by Wizkidl33t and Sh4d0wFiend_h4x0r " Futher one click, a new page loads with the message " Welcome to the world of Halloween, in a moment you will see a couple of scary and entertainment media, this is not about a government issues this is for Halloween special click proceed to go to the next page ." The hacker group has claimed responsibility for the hacking of several government websites protesting the passage of the Cybercrime Prevention Act in the Philippines.

Algerian hackers going by name ' SanFour25 ' yesterday deface 7 Indian government  websites including Indian Defence Research and Development Organisation (DRDO), West Bengal police and the Prime Minister's Office (PMO) websites. According to TheHindu , The most sensitive website that came under attack was the one operated by the Recruitment and Assessment Centre (RAC) of the DRDO ( www.rac.gov.in/experts/Dz.php ). The website was down for over 9 hours, which actually deals with the recruitment of scientists to the several laboratories of the DRDO. List of Hacked domains: https://rciregistration.nic.in/rehabcouncil/Dz.txt policewb.gov.in/wbp/counter.txt www.rac.gov.in/experts/Dz.php www.diu.gov.in/departments/Dz.php gpra.nic.in/writereaddata/Dz.php birapdbt.nic.in/video/Dz.php iii.gov.in/tmp/Dz.php Mirrors of hacked sites are available on Zone-H at  SanFour25 archive. It is possible that  the hackers could have attacked the ...

Cisco Prime DCNM is a management tools for your Storage and Ethernet Networks, provides a robust framework and comprehensive feature set that meets the routing, switching, and storage administration needs of present and future virtualized data centers. According to an  advisory released, Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. The vulnerability exists because JBoss Application Server Remote Method Invocation (RMI) services, specifically the jboss.system:service=MainDeployer functionality, are exposed to unauthorized users. All Cisco Prime Data Center Network Manager releases prior to release 6.1(1), for both the Microsoft Windows and Linux platforms, are affected by this vulnerability. Successful exploitation of the vulnerability may allow an unauthentic...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Researchers found Apache Server-Status Enabled on some popular site like php.net , cisco, nba.com, Cloudflare, Metacafe, Ford, yellow.com, and others. For backgorund, there is  a Module mod_status in   Apache server which allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. Basically,  mod_status provides information on your apache server activity and performance. The main security risk of using this module is only Information disclosure which includes infomation such as Server uptime, Individual request-response statistics and CPU usage of the working processes, Current HTTP requests, client IP addresses, requested paths, processed virtual hosts. , that could give a potential attacker information about how to attack the web server. Few popular brands showing their status online, discovered by  Daniel Cid from...

Intego discovered a Multiplatform Java  Malware called " Jacksbot " , which is infecting Windows, Linux and Mac systems. The Jacksbot is described as a 'backdoor Trojan Java "on infected computers and collects system information, make screenshots, delete files, steal passwords and perform click fraud and DDoS attacks. Researchers said,Although it can run on any platform that supports JRE, It appears likely that this trojan is intended to be dropped by another component that has not yet been identified. " There is a possibility that this malware presents itself as a Minecraft modification to unsuspecting users as it contains the special command 'MC for stealing Minecraft passwords from the compromised system ," Johanne Demetria explain in post . " However, the malware's focus is mainly on Windows. The malware writers behind JACKSBOT may just be testing the waters for a successful multiplatform malware; however for now they appear to be unwilling to invest th...

Japanese police arrested five mobile applications developers for creating and embedding a virus into smartphone applications. According to The Metropolitan Police Department, Intial reports said that about 90,000 smartphones  users were infected with a virus lurking in applications they downloaded, But later they found that developers stole more than 10 million pieces of personal information from users mobile. These guys runs an IT-related company, they created a video applications for Android smartphones containing a virus that extracts personal information stored on the phone. The man released the apps on Google Inc.'s official store for free in late March and was downloaded 270,000 times. The free apps were marketed to customers by affixing the phrase " The Movie " to existing popular game titles. When the apps are downloaded and activated, they can automatically transmit personal data. The stolen information found on the server has not been used by the malware ...

FBI have arrested 14 people over the theft of $1 million from Citibank using cash advance kiosks at casinos located in Southern California and Nevada. Authorities say the suspects would open accounts at Citibank, then go to casinos in California and Nevada and withdraw the money from cash-advance kiosks as many times as they could in a 60-second span. Someone had figured out that a glitch prevented Citibank from recording the extra withdrawals. FBI agents assisted by the Glendale Police Department and the Los Angeles Police Department arrested 13 of the defendants in the Los Angeles area Wednesday and Thursday. The suspects used the money to gamble and were given comped hotel rooms because of the amount they were spending, according to the FBI. Withdrawals were kept under $10,000 to avoid federal transaction reporting requirements, the FBI release read. FBI Special Agent in Charge Daphne Hearn commented, " While advancements in technology have created a world of...

An obscure group identifying itself as the Izz ad-din al-Qassam Cyber Fighters claimed responsibility for the first wave of attacks as retaliation for the amateurish Innocence of Muslims film that mocked the Islamic prophet Mohammed and sparked protests throughout the Middle East.  Who's really responsible for a recent series of cyberattacks on American banks? A few days back US Defense Secretary Leon Panetta said Iran is responsible for cyberattacks launched against Saudi Aramco and RasGas and US banks. While Panetta did not directly link Iran to the Persian Gulf attacks, he later noted that Iran has " undertaken a concerted effort to use cyberspace to its advantage. " Today, Iran's defense minister said, The United States is the source of cyber terrorism. " and intends to pave the way for increasing its activities in relation to cyber terrorism through diverting attention and leveling accusation, " Defense Minister Ahmad Vahidi. The Iranian defens...

In march 2011 CERT-Georgia has Discovered Cyber Espionage Attack Incident on country of Georgia.  Advanced Malicious Software was Collecting Sensitive, Confidential Information about Georgian and American Security Documents and then uploading it to some of Command and Control Servers. After a challenging investigating by CERT-Georgia researchers they found that this attack was linked Russian Official Security Agencies, Moreover investigators was able to turn on the webcam of mastermind behind the malware and they caught him on camera. Hacker hack some Georgian news sites and inject " Georbot Botnet " behind that, after visiting that page most of the readers get infected and malware take control of their systems. Malware was able to send any file from the local hard drive to the remote server, Steal certificates, Record audio using the microphone and web cams,  Scan the local network to identify other hosts on the same network. Malware was...

Last month we reported a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is: " lol is this your new profile pic? " Same spam now targeting most of the Indian skype users, Indian CERT (Computer Emergency Response Team) issue a warning about this ongoing spam attack via advisory. A number of Indians use 'Skype' to communicate with their friends, relatives and other contacts within and outside the country. " A malicious spam campaign is on the rise targeting Skype users by sending instant message which appears to come from friends in the Skype contact list ," the advisory reads. Security researchers from Avast had intercepted this Darkbot malware campaign, and they estimate that this affecting millions of Skype users. " The worm is reported as stealing user credentials, engaging in click fr...

Windows 8 launched in 37 languages and 140 worldwide markets, as the tech giant unveiled the new version of its computer operating system. The OS is now available in over 30 certified devices, and a broad selection of local apps are already available in the onboard Windows Store. It is also available for download onto PCs and other devices running previous iterations of Microsoft's Windows OS. Microsoft is currently running a special promotion upto 31st of January 2013, under which you can upgrade to Windows 8 Pro Edition for a very small amount. If you have purchased / are going to purchase a Personal Computer which is pre-loaded with genuine version of Windows 7 (any edition), then you are eligible to get Windows 8 Upgrade (Pro Edition) for $14.99 (US Dollar) or £14.99 (British Pounds) or €14,99 (Euros) or INR 699 (Indian Rupees). But because of a flaw in website providing promo code, now anyone is able to get the promo code, using which user can updrade his windows with...

78% of vulnerabilities are found in third-party programs. Security teams cannot monitor all of them manually or determine which ones are critical to their organization. Secunia, the leading provider of IT security solutions that enables businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the new version of Secunia's Vulnerability Intelligence Manager, the VIM 4.0. The Secunia VIM 4.0 is the latest evolutionary step in the technology Secunia has developed to help organizations handle vulnerabilities and protect business critical information and assets against potential attacks. Because it covers more than 40,000 software systems and applications, the VIM 4.0 solution provides the most comprehensive intelligence about software vulnerabilities available to organizations, ensuring that all security threats can be dealt with before the IT infrastructure is compromised by cybercriminals . "  We're v...

Recently we reported about that  Symantec provide overview and analysis of the year in global threat activity via its Internet Security Threat Report (ISTR) , with a exclusive details that 400 million new variants of malware were created in 2011, which is an average of 33 million new variants of malware a month, or an average of one million new variants a day. In order to develop malware that evades detection by the security companies malware writers come up with some clever, yet quite simple techniques. If malware stops itself when it detects that it is running in a virtual environment, it may trick an automated threat analysis system into thinking that it is a clean program. So malware may not only fool automated threat analysis systems, but also a corporate system administrator who is searching for computers compromised by malware. Malware authors have recently attempted to use other approaches to fool automated threat analysis systems as well. Latest example of su...

Matthew Higgins, now 20 and a university student, hacked into his school computer system to obtain a girl's details and then boasted on a hackers' forum. Matthew is son of a police inspector. Caernarfon Crown Court heard it was the case of a clever young man caught red-handed. The defendant says there is a conspiracy to fabricate evidence against him. Matthew first hacked the girl's file and then did a fake mail. In mail he claimed to be a constituent suggesting there was an insecure internet system at the school. " Mr Higgins denies securing unauthorised access to computer data at Eirias High School in March last year and attempting to do so again two months later ." BBC said. The prosecution accused Mr Higgins of having "played a game of bluff and smoke screens" and trying to portray himself as a victim. The trial is continuing.

FBI's Cyber Division has a new and sharper focus on cyber-intrusion ," You are one click from compromising your network " FBI said. Giving priority to the labeling of suspects follows claims by the Pentagon that the military now has the capability to single out and retaliate against hackers. FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers digital signatures from mountains of malicious code. " A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define the attribution piece of a cyber attack to help determine an appropriate response ", said Richard McFeely , executive assistant director of the Bureau's Criminal, Cyber, Response, and Services Branch. Investigators can send findings to the FBI Cyber Division's Cyber Watch command, a 24-hour station at headquarters, where sp...

16.0.2 Firefox is now available for anyone who wants to try before anyone else. Mozilla address one serious vulnerability. According to the information security of Mozilla, they has fixed a number of issues related to the Location object in order to enhance overall security. The Location object is supported by all major browsers and contains information about the URL being requested. Security researcher Mariusz Mlynski reported that the true value of window.location could be shadowed by user content through the use of the valueOf method, which can be combined with some plugins to perform a cross-site scripting (XSS) attack on users. Another issue centers on the CheckURL function, which if exploited could be used during an XSS attack or to execute malicious code. On Oct. 9, Mozilla released Firefox 16, but quickly pulled it back after a serious vulnerability was discovered. It was quickly addressed, but not before exploit code was made available. Generally Firefox of...

Image Credit : Sophos Microsoft committed itself a Trustworthy Computing program, each new version of Windows has introduced new security features and significantly improved its security posture, whereas phisher took advantage of this new exclusive release. Sophos noticed a mail pretending to come from " Microsoft Windows 8 Team ", and offering a free version of Windows 8 to victim and if you click the link ..on next page a page hosted on Slovakian web server will ask you to enter your username, password, email address and server domain name. Global phishing attacks increased by 12 percent during the first half of this year compared with the second half of 2011, to 93,462 from 83,083.  Phishing attacks are most common and taking advange of hot cakes is also not new. We recommend readers to delete such mails and Do not click on such link which offer's free stuff like Windows or softwares. Attacks decreased, however, compared with the first half of 2011...

Collective hacking group Anonymous  leaks username-passwords  and classified documents from Greek Finance Ministry server. Just a few days before the Greek Parliament is scheduled to vote on a $17.45 billion spending cut and tax hike plan. Attack was carried out under anonymous operation named - #opGreece . The leaked documents include various classified data from e-mails that were exchanged between the Greek Ministry and envoys from international lenders negotiating more austerity measures and bailouts, to thousands of passwords of Greek individuals and evaluations of banks. " The cyber-attack was described as one of the most serious against Greek government networks " secnews.gr said in report .  The attackers claim that they wanted to expose the date on the state of Greek economy so that all Greeks know the truth and thus just days before the 13.5-billion-euro austerity package goes to Parliament for voting. " Citizens of Greece you are paying Ba...

Japanese police had arrested three people, accused them of making death threats via email and discussion forums. However, later Researchers at Symantec have determined that a piece of malware was making death and bomb threats online on behalf of its victims infected. Symantec  confirmed that the malware " Backdoor.Rabasheeta " is capable of controlling a compromised computer from a remote location and the creator has the capability to command the malware to make the threats like bomb and murders. The most curious thing about this particular dropper is that it comes with a graphical user interface (GUI). The dropper for Backdoor.Rabasheeta drops a main module and a configuration file. The dropper creates a registry entry so that the main module is executed whenever the compromised computer starts. This dropper also modifies CreationTime, LastWriteTime, and LastAccessTime of the main module with random values to help keep it hidden. Then the dropper will execute the...

Hacking Group Anonymous has threatened to target Zynga, according to a post on the group's official news channel and a since-deleted YouTube video (but it was removed because it was considered a "violation of YouTube's policy on depiction of harmful activities") which suggests that the social game company is planning further layoffs which threaten to bring about " the end of the US game market as we know it ". Zynga announced plans to lay off 150 employees last week and shut down a number of its offices, as it looks to make savings of between $15 and $20 million. The operation, dubbed maZYNGA, will consist of the shutting down of Facebook - the platform on which Zynga games are hosted - and the distribution of previously obtained Zynga game codes for free. " During the last few days anonymous has been targeting Zynga for the outrageous treatment of their employees and their actions against many developers. We have come to believe that this actions of Zynga will res...