The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Hacking has always been inherently a young person’s game. The first usage of the word “hacker” was to describe pranksters meddling with the phones at MIT. Many hackers have cited boredom, a desire for change, or the thrill of going somewhere one is not supposed to go as their motivation for hacking, all of which could apply to scores of common activities on college campuses. While today’s hacking scene is dominated by large hacking groups like Anonymous and Masters of Deception, many of the greatest hacks ever have been pulled off by college, high school, and even middle school kids who rose to infamy armed only with a computer and the willingness to cross the bounds of legality. 1.) Sven Jaschan: In the words of one tech expert , “His name will always be associated with some of the biggest viruses in the history of the Internet.” The viruses: the Sasser and NetSky worms that infected millions of computers and have caused millions of dollars of damage since their release in 2004. The...

Al-Jazeera says hackers have targeted the Qatar-based TV satellite channel for the second time in a week, sending out false news reports on its mobile sms service. Al Jazeera confirm the hack in a tweet ," We'd like to inform our subscribers that Aljazeera sms sevice is being compromised by pirates and they've sent fake news news with no basis " “ The story claiming that the Prime Minister (Sheikh Hamad bin Jassem) has been the target of an assassination attempt in the royal palace is completely false and was a result of hacking of the service ,” the channel said in breaking news. A pro-Damascus group known as the Syrian Electronic Army quickly claimed responsibility for the Sunday hack on Twitter.  Social networks, including Twitter, quoted Al-Jazeera’s mobile service on Sunday as saying that Sheikh Hamad was targeted in an attack on the palace in Doha and that the wife of the emir, Sheikha Moza bint Nasser, was lightly wounded. Hackers posted a pro-Syrian stateme...

Last month, those assholes in the California State Assembly passed a resolution urging state educational institutions to more aggressively crack down on criticism of the State of Israel on campuses, which the resolution defines as “anti-Semitism.” The anti-democratic resolution is the latest step in the broader campaign to stifle and suppress dissent on California’s increasingly volatile campuses. Get this, it passed without public discussion. The vote on the resolution came when most students were between semesters and away from their campuses. The resolution uses the classic trick employed by defenders of Israel’s Zionist regime: lumping together any criticism of the Israeli state’s policies or of the US government’s support for them with racist attacks on Jews. The bulk of the resolution is dedicated to defining criticism of the state of Israel as “anti-Semitism.”  It lists the following as examples of “anti-Semitism”: • “language or behavior [that] demonizes and delegit...

Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection . Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. Gauss primarily infects 32-bit versions of Windows, though a separate spy module for USB drives can collect information from 64-bit systems. Infections are mainly split between Windows 7 and Windows XP, although some of the Gauss modules don't work against Windows 7 Service Pack 1. Mac and Linux machines appear to be safe. Multiple modules of Gauss serve the purpose of collecting information from browsers, which include the history of visited websites and passwords. Detailed data on the infected machine is also sent to the attackers, including specifics of network interfaces, the computer’s drives and BIOS information. The Gauss module is also capable of stealing data from the clients of several Leb...

Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS. The new attack has been given the name CRIME by the researchers.The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable. Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using her credentials. HTTPS should prevent this type of session hijacking because it encrypts session cookies while in transit or when stored in the browser. But the new atta...