The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

OpenDNSSEC 1.2.1 latest version Released ! Version 1.2.1 of OpenDNSSEC has now been released. ldns 1.6.9 is required for bugfixes. dnsruby-1.52 required for bugfixes. Bugfixes: Auditor: 'make check' now works when srcdir != builddir. Auditor: Include the 'make check' files in the tarball. Enforcer: Fix the migration script for SQLite. Enforcer: Increase size of keypairs(id) field in MySQL to allow more than 32767 keys; see MIGRATION for details. Enforcer: Minor change to NOT_READY_KEY error message. libhsm: Increase the maximum number of attached HSM:s from 10 to 100. ods-ksmutil: Send trivial MySQL messages to stdout when exporting zonelist etc. Otherwise the resulting XML needs to be edited by hand. ods-control: Fix for Bourne shell. Signer Engine: Prevent race condition when setting up the workers and the command handler. Signer Engine: Check if the signature exists before recycling it. Signer Engine: Quit when there are errors in the configuration. Sign...

Update : The PHP Group has confirmed the compromise of their server ! : The Hacker News ~ https://www.thehackernews.com/2011/03/php-group-has-confirmed-compromise-of.html Php.net was compromised and php source backdoored ! The picture show that some php.net site was compromised,and hacker backdoored php source.

Just now Top security firm RSA Security revealed by extremely sophisticated hack, Read complete Story here - https://www.thehackernews.com/2011/03/top-security-firm-rsa-security-revealed.html Now, RSA Release Open Letter to RSA Customers , as given below : Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. We took a variety of aggressive measures against the threat to protect our business and our customers, including further hardening of our IT infrastructure. We also immediately began an extensive investigation of the attack and are working closely with the appropriate authorities. Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extra...

Roboo uses advanced non-interactive HTTP challenge/response mechanisms to detect and subsequently mitigate HTTP robots, by verifying the existence of HTTP, HTML, DOM, Javascript and Flash stacks at the client side. Such deep level of verification weeds out the larger percentage of HTTP robots which do not use real browsers or implement full browser stacks, resulting in the mitigation of various web threats: HTTP Denial of Service tools - e.g. Low Orbit Ion Cannon Vulnerability Scanning - e.g. Acunetix Web Vulnerability Scanner, Metasploit Pro, Nessus Web exploits Automatic comment posters/comment spam as a replacement of conventional CAPTCHA methods Spiders, Crawlers and other robotic evil You can find the first public version  here

S ecurity E vent : Hack In Paris (16-17 June, 2011) Hack  In  Paris   is an international and corporate security event that will take place in Disneyland  Paris ® from June  16th to 17th of  2011 . Please refer to the homepage to get up-to-date information about the event. Topics The following list contains major topics the conference will cover. Please consider submitting even if the subject of your research is not listed here. Advances in reverse engineering Vulnerability research and exploitation Penetration testing and security assessment Malware analysis and new trends in malicous codes Forensics, IT crime & law enforcement Privacy issues: LOPPSI, HADOPI, … Low-level hacking (console security & mobile devices) Risk management and ISO 27001 Dates January 20: CFP announced March 30: Submission deadline April 15: Notification sent to authors April 17: Program announcement June   16-17 :  Hack  In  Paris June ...