The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked ! TeaMp0isoN Hackers crew today Reveal on twitter that the discussion forum on NASA website at  https://worldwind35.arc.nasa.gov/forum/ is Vulnerable to SQL injection. The discussion Forum script is Powered by Vbulletin. According to hacker, He use Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability Exploit for hacking the Database of Forum . Hacker also expose the Login details of Admin of website on Pastie .

Mikko Hypponen : Fight cybercrime, but keep the net free Mikko Hypponen is an expert on cybercrime and chief research officer at F-Secure Corporation in Helsinki, Finland. TED is a nonprofit organization dedicated to "Ideas worth spreading," which it distributes on its website . In the real world, you only have to worry about the criminals who live in your city. But in the online world, you have to worry about criminals who could be on the other side of the planet. Online crime is always international because the Internet has no borders. Today computer viruses and other malicious software are no longer written by hobbyist hackers seeking fame and glory among their peers, but by professional criminals who are making millions with their attacks. These criminals want access to your computer, your Paypal passwords and your credit card numbers. Criminal online gangs recruit people with high level computing skills but no job opportunities in the real-world economy. There is...

#DefCon 19 : Android Network Toolkit for Penetration Testing and Hacking Have an Android and wanna start pwning people, networks and machines like penetration testers do? Defcon 2011 is in full hacking swing, and Itzhak Avraham -- "Zuk" for short -- and his company Zimperium have unveiled the Android Network Toolkit for easy hacking on the go. Need to find vulnerabilities on devices using nearby networks? The app, dubbed "Anti" for short, allows you to simply push a button to do things like search a WiFi network for potential targets, or even take control of a PC trojan-style. The firm says the tool’s purpose is for people to find aged exploits and patch them so that “hacking” their network and taking control of devices connected to it isn’t as easy as putting together a 10 piece puzzle. It will allow users to do more than just “find” these exploits, though – you can actually act on them as if you had every intent to cause malintent.Commands like “ man-in-the-m...

Call for DEFCON Chennai (DC602028) 2011 meet on 14th August Welcome to DC602028 aka DEF-CON Chennai  DEFCON Chennai (DC602028) inviting all the like minded heads for the August 2011 meet In Chennai. Get Ready for Next Generation DefCon Meet.. -Where it 's taking place? Dazzle restaurant, Neelankarai Chennai. -At what time? From 4PM to 6PM. -Who will be the speaker ? There is no speaker, really. We dont have any speakers. It's going to be a Hacker meet, so we want each and everyone among us to share their little adventure. In other words "All are Speakers". -What are we going to talk about? Literally about everything on the "Hack Field". PS: We will be discussing about Exploits and Narcissism. - Will I get a Free foods, Drinks and hukka? Sorry due to recession, we are in recession. We advice you to have 300rs to 500rs ;-) - How can I contact DEF-CON Chennai? You can contact us at defchennai@gmail.com .  Please leave your name and ph...

Oracle, other companies hacked by Social Engineering attack in #DefCon 19 A weekend contest from 4th August to 7th August , at the world's largest hacking convention in Las Vegas showed one reason why big corporations seem to be such easy prey for cyber criminals : their workers are poorly trained in security. Reuters post the news about Hacking of Oracle and some more big Companies just by using Social Engineering in DefCon 19. Hackers taking part in the competition on Friday and Saturday found it ridiculously easy in some cases to trick employees at some of the largest U.S. companies to reveal information that can be used in planning cyber attacks against them. A contestant pretended to work for a company's IT department and persuaded an employee to give him information on the configuration of her PC, data that could help a hacker decide what type of malware would work best in an attack. " For me it was a scary call because she was so willing to comply ," said...