The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Next Microsoft Patch Tuesday include BEAST SSL fix Microsoft's first batch of patches for 2012 will include fixes for security vulnerabilities in the Windows operating system and Microsoft Developer Tools and Software. The patches will be released next Tuesday (Jan 10, 2012) at approximately 1:00 PM EST. The solitary critical bulletin in the batch fixes a remote code execution issue in Media Player. The remaining six important bulletins due next Tuesday handle the BEAST SSL issue and various information disclosure bugs, escalation of privilege issues and an update to Microsoft's SEHOP (Structured Exception Handler Overwrite Protection) technology to enhance the defence-in-depth capability that it can offers to legacy applications.  The BEAST/SSL patch was supposed to have been included in December's Patch Tuesday release but had been pulled at the last minute due to some testing problems involving a third-party vendor, according to Microsoft. Henry noted that despite all ...

Ramgen-Janelle Scandal video posted on deface page of Philippines  Premiere Bank A defaced linked of the website of the Premiere Bank Philippines which contains a video of Ramgen-Janelle Sex Video Scandal is the talk of the town and widely spread in the IRC and Facebook today. The defacer who uploaded the video claims to be kenjie miranda of h4ckz0n3.The defacer who uploaded the video claims to be kenjie miranda of h4ckz0n3 . Regarding with the case of this video which violates the ANTI- VOYEURISM LAW OF 2009, Senator Revilla Jr. already asked the National Bureau of Investigation to investigate the spread of Ramgen-Janelle intimate video. The video is already viral in torrent sites and forums sites. [ Source ]

Ping.fm vulnerable to Clickjacking (Video Demonstration)  Two Indian Hackers Aditya Gupta(@adi1391) and Subho Halder (@sunnyrockzzs) have discovered Clickjacking vulnerability in one of the famous website " Ping.FM ". Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. This is based on a technique known as clickjacking ( or UI Redressing ) where an attacker could perform actions on the behalf of user by tricking the user to click on a button or perform some other action. This vulnerability was earlier seen in Twitter where it allows the status to be loaded through the GET method, and an attacker could frame the twitter webpage and trick the user to click on the tweet button, with the user thinking that its a part of the attacker's webpage. This can be disabled by setting the X-FRAME-ORIGIN method to SAME ORIG...

Hackers leak the Source Code for Symantec Product A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse of the source code for the internet security software. But Symantec spokesman Cris Paden said "no source code was disclosed" in the post, which was a 12-year-old document describing how the software worked, but not the code. Paden said Symantec continues to investigate the hackers' claim that they have source code. But now Symantec, the makers of Norton AntiVirus, has confirmed that a hacking group has gained access to some of the security product's source code. " Symantec can confirm that a segment of its source code has been accessed. Symantec's own network was not breached, but rather that of a third party entity.We are still gathering information on the details and are not in a position to provide specifics on the third party involved.Presently, we have no indication that the code disclosure...

FreeDOS 1.1 released after being in development for several years FreeDOS 1.1 has been released after being in development for several years. FreeDOS is an opensource operating system aiming to provide the same (or better) functionality as Microsoft'sold MS-DOS. Right now the main use is running old games and software, but you might encounter it on somefreshly sold computers, motherboard setup CDs, BIOS flashing diskettes, embedded hardware and other uses. Bernd Blaauw has been hard at work, updating FreeDOS distribution to include the latest packages. Bernd writes: " In its current form this new distribution is best suited as a CD-ROM disk to install FreeDOS from onto harddisk. Sources are included. It might be considered as replacement for the current 'base-only' 1.0 distributions as created by Blair and Jeremy, however it's less functional as it's missing the Live Environment part (\FDOS directory on CD). " New Version include the FreeDOS 2040 ke...