The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Duqu Analysis and Detection Tool by NSS Labs NSS Labs has built a new, free tool that detects known and newly created Duqu drivers that have infiltrated systems, thus allowing security experts to further analyze the " functionality, capabilities and ultimate purpose of DuQu. ". The Tool is available free. Duqu is notorious worm that exploit Windows Zero-day Vulnerability. Microsoft released temporary fix yesterday for this vulnerability . According to the test, NSS tool Success rate is 100%, zero false positivies. Developers said it is using advanced pattern recognition techniques, it is also capable of detecting new drivers as they are discovered.Two new drivers were discovered after the tool was completed, and both were detected by the NSS tool with no updates required. It seems that Duqu contains similar code and utilizes similar techniques to Stuxnet. More precisely, it seems to make use of digital certificates that appear as legitimate, but it's far too early to descri...

CapitalOne Bank taken down by Anonymous hackers Anonymous Hackers claim to taken down the official website of CapitalOne Bank . Currently Site is showing message on Homepage that " Site under maintenance ". In a pastebin release Anonymous Hacker wrote " ya know.. every guy Fawkes day companies go hire the best white hat hackers to protect them against attackers like us lol.. so dont beat your self's up if nothen was defaced or taken down by ddos.. we still doxed a bunch of people lol! congratulate your self's! Anonymous dident fail we succeeded and we will never fail.. " Hacker also claim to do DDOS attack on CapitalOne website for taken it down. There is another statement by same hacker " Many ddos attacks were taken place today and we all hoped to see at least fox going down ". Its not clear that that either the site is really under  maintenance  after attack by Anonymous Hackers or its any regular  maintenance for backup only. Hackers al...

Mobile Security and Lack thereof Nidhi Rastogi ,A Security Consultant with Logic Technology Inc, New York share her Views about the Mobile Security and Lack thereof . The Article is taken from our September Month Magazine Edition  .Here we go.. Mobile technology, particularly smartphones, has come of age and is increasingly replacing PCs for internet surfing, emails, gaming and social networking. As per a recent survey by Neilson Media Research, smartphones now comprise over 38% of the U.S. Cellphone Market and will become the majority by end of the year. To meet this growing demand, cellphone companies are fast churning out new models with killer features, latest and greatest in technology. With this growth it has also come to attention that security of these devices cannot be left behind. Every day a new data breach is making headlines suggesting hackers have gone into overdrive. However, what is of particular interest is that a bulk of them is being attributed to cellph...

We had an Interesting Article by " Paul F Renda " in our The Hacker News Magazine 's November Edition. We would Like to share this article with our website readers also. You can Download November Issue Here . This is a theoretical prima to bring out a discussion about whether an Internet doomsday worm can be created that is so intractable that it cannot be eradicated. This worm could also have the ability to carry multiple weaponized payloads. Can a doomsday worm shut down the Internet? I don't think anyone could shut down the Internet but I believe a worm can definitely create access problems. An intractable type of malware agent is not an abstract concept or science fiction. A doomsday like virus has been plaguing the U.S.Drone fleet. They keep trying to disinfect their hard drives but it keeps coming back. The Pentagon has been plagued by the worm agent.btz; they are still trying to remove it after 3 years. Some analyst think agent.btz was created by China....

Persistent XSS Vulnerability in White House Website Alexander Fuchs , A German Security Researcher Discover Persistent XSS Vulnerability in Official website of White House . He said " The petition system is vulnerable. Every Petition i start or join will execute my code. I could join all petitions and my code will be executed on all users who visit the petition system. " The XSS Demo is here: https://wwws.whitehouse.gov/petitions/!/petition/security/WxgwM7DS Advisory: https://vulnerability-lab.com/get_content.php?id=308