The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The latest Web app attacks and countermeasures from world-renowned practitioners. Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource. Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation Understand how attackers defeat commonly used Web authe...

Facebook  bypass of the cache servers , Check who visits your profile ! Summary Let me explain a security flaw in Facebook in relation to their cache servers, which form a layer between the Internet and internal multimedia content (photos and videos uploaded). This ruling, allows access to raw browser requests of our friends, allowing private information of these people ( web-bug ), or use as a bridge to take advantage of other external vulnerability ( CSRF ). Facebook and intermediate layer Many times you have seen this "use this application and find out who visits your profile, right?, Well, this will always be a  fake,  because Facebook is designed in a way that makes it impossible. If you look, when you go up a photo like the profile, it is resized, compressed, and stored on Facebook's own server. Actually, there are hundreds of servers, which form what is called a CDN . An example of profile photo: https://profile...

3 Brazilian Government sites hacked by " kinG oF coNTroL " KSA Hacker Hacked sites : https://campinagrande.pb.gov.br/ https://guarai.to.gov.br/ https://camaradeitapuranga.go.gov.br/ News Source : Kai Farmer

Hackers took down the website of a Tennessee nonprofit that was collecting donations for Japan and replaced the home page with profanity. Japan-America Society of Tennessee executive director Leigh Weiland said hackers broke into the site sometime Wednesday night. The group's web-hosting company was able to get the site back up Thursday morning. Before that, anyone trying to go to the group's home page encountered a mostly blank screen with an offensive phrase at the top. Weiland said her group, which promotes goodwill for and understanding of Japan, has established a relief fund for Japanese victims of Friday's earthquake and tsunami. The site has been getting a lot of traffic from people who want to donate money.

Jessica Alba, Scarlett Johansson, Christina Aguilera Reportedly Hit; Some Had Nude Photos FBI agents are reportedly closing in on a ring of hackers thought to be responsible for stealing nude photos and videos from at least 50 female celebrities. According to TMZ.com, the ring broke into the accounts of stars' cell phones and other computerized devices to obtain the compromising photos and videos. Among the celebrities reportedly hacked: Jessica Alba, Selena Gomez, Demi Lovato, Christina Aguilera, Vanessa Hudgens, Scarlett Johansson, Ali Larter, and Miley Cyrus. TMZ reported that Hudgens met with FBI agents on Thursday to discuss the hacking of her Gmail account. The FBI declined ABCNews.com's requests for comment; representatives for Hudgens did not immediately respond. One report suggested that Alexa Nikolas, an actress on the now-canceled Nickelodeon TV series "Zoey 101," is responsible for leaking one of the personal photos, a shot of her kissing Hudgens. ...