The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Lahore University,Shail Vac Engineers,Strengthening Democracy - SQLi Vulnerable found by Lionaneesh Lahore University of Management Sciences(LUMS) : Site : http://econ.lums.edu.pk Vulnerable URL : http://econ.lums.edu.pk/people_detail.php?id=%Inject_Here%6 Shail Vac Engineers website Site : http://www.vacuumsystem.co.in/ Target : http://www.vacuumsystem.co.in/product.php?prod_id=%Inject_Here%13 Strengthening Democracy through Parliamentary Development (sdpd) Site : http://www.sdpd.org.pk Vulnerable URL : http://www.sdpd.org.pk/news_detail.php?ID=’82 Found by : Lionaneesh

326 Websites Hacked by   Hacked sites list :  http://pastebin.com/Q1er7vKh

OpenStack ' floating Linux kernel ' rides VMware hypervisor ! OpenStack – the open source "infrastructure cloud" project founded by Rackspace and NASA – has released a third version of its platform, offering support for all major hypervisors. With the new release, codenamed "Cactus", developers have added support for VMware's vSphere hypervisor – without help from VMware. The vSphere code was built mostly by Citrix, which had previously coded support for the Xen and XenServer hypervisors. "We're so committed to OpenStack and its hypervisor-agnostic approach that we felt it was important, since VMware wasn't going to contribute vSphere support, that we should do it ourselves," Gordon Mangione, vice president of business development for Citrix's datacenter and cloud division, tells  The Register According to Mangione, VMware has "always been invited" to contribute to the project. But this has yet to happen. The virtuali...

Emergency Adobe Flash Player patch coming today ! Less than a week after warning that hackers were embedding malicious Flash Player files (.swf) into Microsoft Word documents to launch targeted malware attacks, Adobe plans to release an emergency Flash Player patch today to fix the underlying problem. The patch will fix a “critical” vulnerability in Flash Player 10.2.153.1 and earlier versions for Windows, Mac OS X Linux and Solaris. According to this Secunia advisory, the flaw allows a hacker to completely hijack a vulnerable Windows computer: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an error when parsing ActionScript that adds a custom function to the prototype of a predefined class. This results in incorrect interpretation of an object (i.e. object type confusion) when calling the custom function, which causes an invalid pointer to be dereferenced. ...

We blogged about the Epsilon data breach to give our customers a heads-up on the situation. Recently, our ThreatSeeker® Network discovered a Web attack that takes advantage of the unfortunate news. As with anything our ThreatSeeker Network discovers, Websense customers are protected by ACE, our Advanced Classification Engine. The attack is hosted on a Web page that has a very professional look and feel, and uses convincing social engineering techniques to lure victims. The attack page is basically a cut-and-paste copy of the HTML code from the original Epsilon press release. This provides the professional appearance of the Epsilon site to lure victims. The big difference is that the attack page provides a malicious binary download. Screenshot of the attack page source code: The attack page tries to get visitors to download the malicious binary by convincing them that there was an update to the press release dated April 8th. The "update" states that Epsilon's inv...