The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A total of 35,000 websites on the Chinese mainland were attacked by hackers in 2010, including 4,635 government websites, according to the Internet security report released by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) on March 9. The report shows that the IP addresses of 5 million domestic host computers were infected with a trojan horse or corpse virus. According to the report, government websites are vulnerable to hacker attacks and websites of financial institutions have become the main targets of hackers. According to the monitoring by the CNCERT/CC, 35,000 websites on Chinese mainland were victims of hackers in 2010, a decrease of 22 percent from 2009. Of them, however, 4,635 were government websites, an increase of 68 percent from a year earlier. Around 60 percent of ministerial-level websites have potential security risks to various degrees. "Hackers use two main means to attack government websites. One means i...

CHINESE blogger and activist Michael Anti wants to know why he is less worthy of a Facebook account than company founder Mark Zuckerberg's dog. Anti, a popular online commentator whose legal name is Zhao Jing, said his Facebook account had been suddenly cancelled in January. Company officials told him by e-mail that Facebook had a strict policy against pseudonyms and that he must use the name issued on his government ID. Anti said his professional identity as Michael Anti has been established for more than a decade, with published articles and essays. Anti, a former journalist who has won fellowships at both Cambridge University and Harvard University, said he set up his Facebook account in 2007. By locking him out of his account, Facebook had cut him off from a network of more than 1,000 academic and professional contacts who knew him as Anti, he said. "I'm really, really angry. I can't function using my Chinese name. Today, I found out that Zuckerberg's...

BlackBerry OS fell during the second day of the Pwn2Own hacking competition as a result of a drive-by download attack that chained together several exploits. The trio that managed to hack RIM's mobile operating system, Vincenzo Iozzo, Willem Pinckaers and Ralf Philipp Weinmann, exploited two vulnerabilities in the open-source WebKit layout engine in order to do it. The attack was launched from a specially crafted web page that stole information like contacts and images from the device and also wrote a file to the storage system. The hackers chained together an exploit for an information disclosure bug and one for an integer overflow vulnerability, but what's most impressive is that they did it without any documentation. They didn't have access to any debugging tool, like the ones available for other systems, that could have helped them determine how the attack code interacts with the system. Instead, they had to rely on exploiting a separate bug to read the device...

Microsoft Windows Picture and Fax Viewer Library  Vulnerability ! I. BACKGROUND The Windows Picture and Fax Viewer "shimgvw.dll" library is used by Windows Explorer to generate thumbnail previews for media files. II. DESCRIPTION Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host. III. ANALYSIS Exploitation could allow attackers to execute arbitrary code on the targeted host under the privileges of the current logged-on user. Successful exploitation would require the attacker to e...

It's pretty bold and a cunning coup; criminals have installed a trojan in the Android Market Security Tool that Google is distributing to delete the contaminated apps that recently popped up on the Android Market. As users have been told to expect to see the application running on their phones clearing up the damage the Droiddream trojan did, there's a good chance they won't be suspicious of it. According to reports though, at present, the trojan-infested version of the tool is only in circulation on an "un-regulated third-party Chinese marketplace" and appears to only affect users of a particular Chinese mobile network. According to an initial analysis by Symantec, the trojan contacts a control server and is able to send text messages if commanded to do so. According to F-Secure, BGServ (as the contaminant is called) also sends user data to the server after being installed. Apps from sources other than the Android Market cannot, however, be installed unintent...