The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

AnDOSid the DOS tool for Android A new product released by SCOTT HERBERT  for Android mobile phones,Its  AnDOSid  - the DOS tool for Android Phones. The rise of groups like Anonymous and LuzSec, as well as constant India / Pakistan cyberwar has raised the issue of cyber-security high(er) in the minds of web owners. Pentesting tools exist to simulate such attacks and help website security people defend against them, however for the most part they currently only exist for desktop computers. Mobile phones have, over the last few years, grown from simple devices that send and receive calls to mobile computing platforms which can be purchased for less than $100 a device. AnDOSid fills that gap, allowing security professionals to simulate a DOS attack (An http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.  AnDOSid is actively being developed and I welcome feedback from the security community as to how you would ...

XCode SQLi/LFI/XSS and Webshell Scanning tool XCode Exploit – Vulnurable & webshell Scanner help you to gather the dorks Link from Google. then you may check the results if its Vulnurable to exploit with SQL injection commands, LFI,and XSS. And You may hunt the webshells those uploaded. Download Here [ Source ]

Iranian Man-in-the-Middle Attack Against Google certificate Recently discovered attempts of an SSL man-in-the-middle attack against Google users - spotted by a number of Iranian Internet users - have revealed that Dutch Certificate Authority DigiNotar has issued an SSL certificate for all *.google.com domains. What’s worse than discovering that someone has launched a man-in-the-middle attack against Iranian Google users, silently intercepting everything from email to search results and possibly putting Iranian activists in danger? Discovering that this attack has been active for two months. " This is a wildcard for any of the Google domains ," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday. " [Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials ," said Andrew Storms, director of security operations at nCircle Security. As the problems with the ...

South Korean domain registrar Gabia hacked,100000 domains and 350000 users data exposed ! Gabia a South Korean domain registrar was hacked on Saturday, affecting the online connection with 100,000 registered domains, according to a report Monday by the Korea Herald. This hack exposing over 100,000 domains and 350,000 users data. The information included names, user IDS, passwords and registration numbers.The website of HSBC Korea was also hacked, paralysing it for over an hour leaving customers unable to access their online banking. There have been 6,000 hacking incidents reported to the state-run Korea Internet Security Agency this year, according to the report. The hacker, known as ‘ TG ’ defaced pages with their Twitter account and picture. It is thought in some cases, data may have been stolen and widespread disruption to services caused. South Korea has suffered many hacks as of late with many concerned at the security of one of the world’s most Internet-connected c...

XSS Vulnerability in MSN.com XSS Vulnerability (Cross Site Scripting) in MSN discovered by TeamDX  . Vulnerable Link  is also shown in image.  Last week One of the Security Researcher "Juan Sacco (runlvl)" - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine.