The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A data-stealing Trojan affecting Android devices has emerged in China. The Geinimi Trojan sends location co-ordinates, unique device identifiers, and a list of installed apps on the infected device to a remote server. Additionally, it can independently download applications and prompts the user to install them, mobile security company Lookout said on Wednesday. "Geinimi’s author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities," Lookout said in a blog post on Wednesday. "In addition to using an off-the-shelf bytecode obfuscator, significant chunks of command-and-control data are encrypted. While the techniques were easily identified and failed to thwart analysis, they did substantially increase the level of effort required to analyse the malware." When an application containing the Trojan is launched on an Android device, the Trojan will run in the backgro...

Sony PlayStation 3 hacked, PS3 jailbreak Fail0verflow method. Sony PlayStation 3 has successfully been hacked by a team of hackers named fail0verflow thanks to its poor public key cryptography. The hacker group demonstrated their hacking tricks at the Chaos Communication Conference 27C3 in 45 minutes. Hackers stated that they could crack PS3 through its feeble cryptographic implementation. The hacker team discovered several of Sony’s security downfalls with its PS3 after their deep research on the system. They said that it was so easy to get into PS3’s innards, if intruded through its weak public key cryptography. They worked with an aim to restore PS3’s Linux capability. Sony has removed Linux capability of original PS3 and PS3 Slim. In their presentation, at the Chaos Communication Conference, the PS3 hacker team elaborately explained how they managed to hack the gaming device from Sony. They said they have been working through the device’s several security levels that conta...

ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, ddosim starts the conversation with the listening application (e.g. HTTP server). ddosim is written in C++ and runs on Linux. Its current functionalities include: HTTP DDoS with valid requests HTTP DDoS with invalid requests (similar to a DC++ attack) SMTP DDoS TCP connection flood on random port In order to simulate such an attack in a lab environment we need to setup a network like this: Download :   ddosim-0.2.tar.gz More Info : 1)   DDOSIM at Sourceforge

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.  Another tool for penetration testers collection that could be considered as a competition for  Pentoo . It supports the following list penetration testing methodologies: Information Gathering Network Mapping Vulnerability Assessment Privilege Escalation Maintaining Access Intrusion Detection and Prevention Digital Forensics Web Application Analysis Reverse Engineering Wireless Analysis Security Distributions Malicious Code Analysis AntiSpyware & AntiVirus Tools Password Recovery & Managers To be precise, it contains the following tools: Information Gathering : DNS DnsEnum Dnsmap Dnsrecon DnsTracer Dns-Walk Fierce FindDomains HostMap Lynis Email Harvesting theHarvester Routing 0trace Itrace Lanmap2 Nat Probe Netenum Netmask NMBscan Protos T...

Chinese design website database hacked by Team Jmc H4x0rs Webpage  http://www.333cn.com/ Members List: Database View: Admin Panel: Webpage http://www.333cn.com/