The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

NMAP Script to Check Presence of ms12-020 RDP vulnerability Yesterday   Sam Bowne was working on a NMAP script, which will be able to  Check Presence of ms12-020 RDP vulnerability on a machine via scan only. But unfortunately, it was less in success rate, Later  @ea_foundation joins  Sam Bowne  to develop a working Nmap script. Microsoft bulletin ms12-020 patches two vulnerabilities. CVE-2012-0152 which addresses a DoS vulnerability inside Terminal Server,and CVE-2012-0002 which fixes a vulnerability in Remote Desktop Protocol.Both are part of Remote Desktop Services. The hackers worked quickly on this particular vulnerability and we've already seen attempts to exploit the flaw which exists in a part of Windows called the Remote Desktop Protocol. Script works by checking for a CVE-2012-0152 vulnerability.Patched and unpatched system differ in the  results from whichwe can conclude if the service is vulnerable or not. Download Nmap Scri...

Corruption & Persistent Vulnerability in Skype 5.8 and 5.5 Ucha Gobejishvili ( longrifle0x ) Benjamin Kunz Mejri (Rem0ve)&Alexander Fuchs (f0x23) , security Experts from The Vulnerability-Lab Team discovered a remote pointer corruption with persistent weakness on Skypes v5.8.0.156 Windows 7 & MacOS v5.5.2340. The security risk of the remote denial of service vulnerability via pointer corruption is estimated as high(-). Skype is a software application that allows users to make voice and video calls and chats over the Internet. Calls to other users within theSkype service are free, while calls to both traditional landline telephones and mobile phones can be made for a fee using a debit-baseduser account system. According to Expert, Vulnerability was reported to Vendor on 2012-02-24,  and Vendor Fix/Patch by Check on 2012-03-20. Affected versions are Skype - Windows, MacOs & Linux v5.8.0.156, 5.5.0.2340, 2.2 Beta. The exploitation met...

Office based Trojan threat for Mac OS X by Chinese hackers Security company ESET watches the newly found Trojan for OS X establish connections and receive commands to steal information. Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs (Non-Governmental Organizations).  The attack consisted of luring the victim into visiting a malicious website, which then would drop a malicious payload on the target's computer using Java vulnerability CVE-2011-3544 and execute it.  During installation on a Windows system, the payload deployed was a variant of Gh0st RAT (Remote Access Trojan). On the Mac though, a new payload, dubbed OSX/Lamadai.A, was used. ESET observed that once the Trojan installs it will establish a connection to a hard-coded remote C&C server located in China, and will wait in "busy" loop where it attempts to maintain its connection with the server. The server can then be used to issue co...

Kelihos Botnet with 110,000 PCs take down finally Botnets are particularly insidious, using thousands of virus-infected computers which their owners are unaware are being used for sending out spam, launching denial-of-service attacks and stealing data.But taking down a botnet poses challenges. The main problem is that legitimate security companies can't use the same type of weapons as criminals. A group of malware experts from security companies Kaspersky Lab, CrowdStrike, Dell SecureWorks and the Honeynet Project, have worked together to disable the second version of the Kelihos botnet, which is significantly bigger than the one shut down by Microsoft and its partners. Kelihos is used to send spam, carry out DDoS attacks, and steal online currency such as bitcoin wallets. It operates as a so-called "peer-to-peer" bot network, which are more difficult to take down than those with a centralized command and control servers (C&C), according to Tillmann Werner, a senior ...

Dominican Republic Police arrested 6 Anonymous hackers Dominican Republic Police has arrested six hackers , Milton Corniell David Jimenez (Zerohack), Juan Rafael Leonardo Acosta (Nmap), Cristian de la Rosa Jose de los Santos (Mot), Robert Reynoso Delgado (Frank-Ostia) linked to Anonymous and accused by the authorities of attacking websites of state and private companies. Public Prosecutor German Vasquez alleges the six hacked into government websites, including ones for the president and the education ministry. He says the suspects range in age between 17 and 23. The members of combat cyber crime unit made the arrest in an joint operating in the country early Sunday in the capital Santiago. Defense lawyer Carlos Guerrero denies the accusations and says the government has no evidence. The defendants are accused of cyber terrorism, which the prosecution defined as a new form of threats and vulnerabilities in the Internet. denunciations of the "hacks" to institutions DG Int...