The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

THC-HYDRA 7.2 - Fast and Flexible network login Bruteforce Tool Updated One of the most famous network logon cracker – THC-HYDRA 7.2 get latest Update . Hydra is a parallized login cracker which supports numerous protocols to attack. New modulesare easy to add, beside that, it is flexible and very fast.Hydra was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, andis made available under GPLv3 with a special OpenSSL license expansion. Hydra is best for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus. Changelog v7.2 Speed-up http modules auth mechanism detection Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting) The -f switch was not working for postgres, afp, socks5, firebird and ncp, thanks to Richard Whitcroft for reporting! Fixed NTLM auth in http-proxy/http-proxy-url module Fixed ...

63 Vulnerabilities on United Nation Website Exposed Online ! Latest Notification in The Hacker News Vault by a Hacker named " Xenu (Casi) " from r00tw0rm Team that There are  63 Blind SQL injection Vulnerabilities exist on United Nation's Website (www.un.org). Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application rather then getting a useful error message they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data by asking a series of True and False questions through sql statements. Information purported to be stolen from the organization was posted on the site Pastebin on Thursday morning.  Martin Nesirky , a spokesperson for the Secretary General of the United Nations, confirmed the breach." A case of unauthorized access to the UN website is still being investigated ,...

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems NullSecurity Team Releases " Trixd00r v0.0.1 " an advanced and invisible TCP/IP based userlandbackdoor for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magic packet arrives, it will bind a shell over TCP or UDP on the given port or connecting back to the client again over TCP or UDP.  The client is used to send magic packets to trigger the server and get a shell. You can  Download and Use trixd00r-0.0.1.tar.gz  from NullSecurity Website. Video Demonstration : 

Hacker Hits the Embassy of Indonesia in Hungary Hacker from Team thec7crew today claim to Hack the Official Website  Embassy of Indonesia in Hungary. Hacker Hack the Database of Site also Expose various Server Parameters on Pastebin . As Database name mentioned " indone01_web " - There are 30 tables and Hacker also Extract and Expose the Admin's Emails and Passwords in Note. Reason of Hacking is Unknown, But this Hack will really effect the Security of officials at Embassy.

Android.Bmaster Exploits root access to connect to Botnet A new piece of Android malware named Android.Bmaster , first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog . This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread.  RootSmart is designed to escape detection by being named " com.google.android.smart, " which the same name as a settings app included by default with Android operating systems. Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated." The malware posts some user and phone-specific data to t...