The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Immunity Debugger v1.82 latest version download ! " Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. " This is the change log: Better handling of breakpoints. Fix thread suspend issues while handling breakpoints. Reintroduced the python shell. Updated Python to 2.7.1 Fixed python tracebacks to work again. Download the Immunity Debugger v1.82

A Microsoft lawsuit, unsealed earlier today, is responsible for causing government raids last Wednesday that lead to the downfall of the world's biggest spam network, Rustock. Microsoft's Digital Crimes Unit used information gained in its 2010 takedown of the Waledac botnet to work with the U.S. Marshals Service in locating and obtaining evidence from five hosting companies in seven U.S. cities. "DCU researchers watched a single Rustock-infected computer send 7,500 spam emails in just 45 minutes – a rate of 240,000 spam mails per day," said Richard Boscovich, Senior Attorney at the Microsoft Digital Crimes Unit, in a blog post. With approximately one million computers worldwide infected by Rustock, the botnet was able to send 240 billion spam messages in a single day. Symantec revealed in August last year that botnets were responsible for 95% of the Internet's spam, and that 41% of botnet spam came from the Rustock botnet. This means the dismantling of the Rustock ...

The Federal Bureau of Investigation (FBI) is reportedly investigating a hacker ring that is targeting phones and computers of celebrities and stealing nude photos and other personal items. The probe stems from nude photos of Vanessa Hudgens that were recently leaked online, reports the New York Daily News.  According to TMZ.com, the federal investigators met Hudgens Wednesday to discuss her latest nude photo scandal and believe she might be the latest victim of a notorious hacker crew that has targeted scores of celebrities, including Scarlett Johansson, Ali Larter, Busy Philipps and Miley Cyrus. A source told the website that one ringleader had fingerprints on every job and the primary motivation appeared to be the thrill and challenge - not money. The new round of Hudgens' photos surfaced on the Internet Monday after similar full-frontal nudes appeared online in 2007 and 2009. Hudgens, 22, is seen kissing 'Zoey 101' actress Alexa Nikolas in one of the new photos. ...

Top security firm RSA Security revealed on Thursday that it's been the victim of an "extremely sophisticated" hack. The company said in a note posted on its website that the intruders succeeded in stealing information related to the company's SecurID two-factor authentication products. SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds. "While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers," RSA wrote on its blog, "this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen thei...

The PHP developers have  released  PHP 5.3.6, a maintenance update to the PHP interpreter. Among over 60 bug fixes are a number of fixes for security related problems. A format string vulnerability in the phar extension of PHP 5.3.5,  CVE-2011-1153 , may allow attackers to view memory, cause a denial of service or execute arbitrary code. There was also an integer overflow in the shmop_read() function which allowed for denial-of-service ( CVE-2011-1092 ). Other flaws included crashes with crafted tags in exif metadata and ziparchive with empty archives. Security has also been enhanced in the protocol parsing done by the fastcgi process manager (FPM SAPI). Some of the flaws reportedly affect all versions of PHP 5.3.x and earlier. The release also sees SQLite3 upgraded to version 3.7.4 and PCRE updated to version 8.11. The ability to connect to HTTPS sites through a proxy was also added as was options for debugging backtrace functions. A full list of changes is available in...