The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Zero-day Smartphone Vulnerability exposes location and User Data Smartphones are increasingly becoming the preferred device for both personal and professional computing, which has also attracted hackers to increase their focus on creating malware and other security vulnerabilities for these devices. A former McAfee researcher " Dmitri Alperovitch " has used a previously unknown hole in smartphone browsers to plant China-based malware that can record calls, pinpoint locations and access user texts and emails. He conducted the experiment on a phone running Android operating system, although he saysApple Inc.'s iPhones are equally vulnerable. Android is particularly vulnerable because it has become the main operating system for mobile devices. Today most smartphones are android-based therefore there is a huge dividend for hackers to write Android-targeted malware compared to other operating systems. Alperovitch, who has consulted with the U.S. intelligence community, is...

Another #FuckFBIFriday , Anonymous hack FBI partner Infragard As Anonymous has promised that it will attack government, corporate and law enforcement web sites every Friday, So Anonymous has attacked the FBI affiliate Infragard for the second time, this time taking over and defacing the web site of its Dayton, Ohio chapter. Hackers give message " Greetings Pirates! Another #FuckFBIFriday is here and once again we emerge from the hacker underground to wreak havoc upon the 1%'s institutions of repression " . InfraGard is a private non-profit organization serving as a public-private partnership between the U.S. businesses and the FBI. However, Anonymous has its own definition - " the sinister alliance between law enforcement, corporations, and white hat wannabees, " the group wrote in a note it posted onto the homepage of InfraGard Dayton, Ohio. Mirror link of hack is here .

Spain Police under Anonymous attacks after another Arrests in Spain Anonymous attacks Official Site of the National Police ( https://policia.es/ ) after the arrests of suspected Anonymous hacktivists . The Spanish branch of the group has reported that six hacktivists have been arrested in Spain over the past few days. The police did not confirm the identity of the suspects, but claimed the force's technological investigation brigade is conducting a large operation. Anonymous Tweet : " @AnonOps 6 #Anonymous were caught by the police in spain. They're talking about a big anti-hack operation" We know. Expect uspolicia.es DOWN | #Anonymous #Spain " . Last week, Following the arrest of three young Anonymous hackers in Greece, the collective carried out a second assault on the ministry of justice's website, defacing its homepage. Last June Anonymous launched #OpPolicia, a successful DDoS attack against the Spanish National Police website. The attack was a direc...

Metasploit Framework 4.2.0 : IPv6, VMware, and Tons of Modules! Since last release in October, Metasploit added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads.  Metasploit 4.2 now ships with thirteen brand new payloads, all added to support opening command sessions and shells on IPv6 networks. In addition, Metasploit's existing arsenal of payloads has been updated to support IPv6 as well. With this release comes a pile of new modules targeting VMware vSphere/ESX SOAP interface, as well as a pair of new brute force modules to audit password strength for both vmauthd and Virtual Web Services. Metasploit 4.2 now ships with fourteen new resource scripts, nearly all of which were provided by open source community contributors. These scripts demonstrate the power of Metasploit's extensible architecture, allowing programmatic Metasploit module usage through the powerful Ruby scripting language. Download Metasploit Framework 4.2....

PacketFence 3.2.0 released The PacketFence development team has published version 3.2.0 of its open source network access control (NAC) system. PacketFence allows organisations to increase control over their network by enforcing authentication and registration for newly connected devices. It also enables abnormal network activity detection and the isolation of troublesome devices. New features in 3.2.0 OpenVAS Vulnerability Assessment integration for client-side policy compliance Bandwidth violations based on RADIUS accounting information Billing engine integration for allowing the use of a payment gateway to gain network access. PacketFence 3.2.0  fix Reflected Cross-site scripting (XSS) in Web Admin printing system. Further information about the update, including a full list of changes, can be found in the official release announcement and in the change log . PacketFence 3.2.0 Download