The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Mystery of Duqu Programming Language Solved An appeal for help from the programming community has allowed antivirus analysts to classify the unknown language used to develop key components of the Duqu Trojan. The sections responsible for downloading and executing additional modules in the Duqu Trojan, referred to by some as Stuxnet 2.0, were written in standard C++. Kaspersky Lab experts now say with a high degree of certainty that the Duqu framework was written using a custom object-oriented extension to C, generally called "OO C" and compiled with Microsoft Visual Studio Compiler 2008 (MSVC 2008) with special options for optimizing code size and inline expansion. Kaspersky's Igor Soumenkov wrote, " No matter which of these two variants is true, the implications are impressive. The Payload DLL contains 95 Kbytes of event-driven code written with OO C, a language that has no automatic memory management or safe pointers ,". Kaspersky's analysis now concludes: The Duqu Fra...

Yet Another Google Chrome Sandbox Critical Exploit by Turkish security experts Turkish security experts from Arf Iskenderun Technologies, finds the new vulnerability open in Google Chrome 17.0.963.78 , same risk working on new update 17.0.963.79 and bypass Chrome SandBox. Last week,  Vupen Security reports that it has officially "pwned" Google Chrome's sandbox. Vupen hacked Chrome 17.0.963.66 update. But, Turkish security experts claim that they hacked Chrome Sandbox after Vupen and This vulnerability is critical for Chrome.  A sandbox is security mechanism used to run an application in a restricted environment. If an attacker is able to exploit the browser in a way that lets him run arbitrary code on the machine, the sandbox would help prevent this code from causing damage to the system. The sandbox would also help prevent this exploit from modifying and even reading your files or any information on the system. Maiden says th...

Cyber Criminals Selling Millions of U.S military email addresses Web based underground market service currently selling Millions of harvested U.S government and U.S military harvested emails addresses to potential spammers, and find out just how easy it is to purchase that kind of data within the cyber crime ecosystem. Cyber criminals are getting more sophisticated in their scams and phishing schemes, which are designed to steal personal data and financial information. Spammers and virus creators are motivated by money and backed by organized crime on a global scale. They are also launching massive attacks on anti-spam organizations in an attempt to bring them down. In respect to targeted malware attacks, the service is currently offering 2.462.935 U.S government email addresses, and another 2.178.000 U.S military email addresses. A Screenshot of the inventory of harvested emails currently offered for sale: Spammers buy lists from brokers that continuously harvest email ...

Roman Andreev wins Facebook Hacker Cup 2012 25 of the world's best hackers gathered for Facebook's 2nd annual Hacker Cup event being held at its offices in Menlo Park. Roman Andreev from Russia completed one problem correctly in 1 hr 4 min and won Facebook's Hacker Cup to get his name placed on an awesome and really heavy cement trophy along with a check for $5000. The registration for the event opened in January and started off with three online rounds of problem solving. Out of 6,000 (8,000 submissions total) qualifying submissions, the group has been shrunken down to just 25 and flown to Facebook for the finals.The top coders, all male from around the world, are a mix of students, independent coders, and professionals. Facebook paid their way to California, including a stipend for obtaining a Visa, since only one of the participants is from the United States. The rest of the finalists are from Russia, Germany, Ukraine, Poland, China, South Korea, Taiwan, and Japan. The par...

iPad 3 jailbroken on Launch Day by 3 ways The new Apple iPad (third iPad, iPad 3) has already been jailbroken in at least three different ways. On the same day that Apple started shipping the new iPad out to consumers, there were reports that at least one hacker had already jailbroken the latest tablet. The first to claim was @Musclenerd, a member of the iPhone Dev Team,  tweeted a couple of images showing that he had already jailbroken the device. This must be a great relief for Apple fans who want to have their Apple devices, but don't want Cupertino based tech giant to keep it restricted as it wants. Within the 24 hours of the iOS 5.1 update, teammate @pod2g revealed an untethered jailbreak for the iPad 2 and iPhone 4S. With the new iPad running iOS 5.1 and an A5X processor. His hack was followed by the announcement of a successful untethered jailbreak by teammate, @i0n1c, who released a video as evidence to his accomplishment: Finally, a Tweet by @chpwn ...