The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

" Cernaianu Manole Razvan " akka TinKode , the Romanian behind attacks against NASA, Oracle, the Pentagon, and U.S. Army, was sentenced this week to a two-year suspended sentence, according to local media reports and was ordered to pay damages totalling more than US$120,000. He was arrested in January for his part in a number of attacks. According to Cernianu's case file summary on the Romanian Ministry of Justice Web portal, he was sentenced on September 26 and received six prison sentences of one or two years for separate computer-related offenses. The offenses included: gaining unauthorized access to a protected computer system; transferring data from a computer system without authorization; affecting the normal operation of a computer system by deleting, modifying or sending electronic data; creating, selling or distributing a devices or a computer program designed to be used in computer crimes; creating, selling or distributing a password or access cod...

A Universal Cross-site scripting vulnerability in Opera browser was disclosed today on a Russian forum rdot.org . The flaw has the ability to be triggered by exploiting flaws inside browsers, instead of leveraging the vulnerabilities against insecure web sites. " Vulnerable versions Opera for Windows, Mac and Linux to 2.12 inclusive (the latest version as of today). On versions prior to 9.50 check is not performed. advise after referring to the following opera when redirecting to a site on data: URL via HTTP -header Location property document.domain has a value in the last redirecting site " The vulnerability actually use the Data URI Scheme in combination with another flaw called “ Open Redirection ” which happens when an attacker can use the webpage to redirect the user to any URI of his choice. Even one don't have “Open Redirection” flaw in his site, still this XSS can be triggered using various short url services like bit.ly and tinyurl.com....

Rovio's latest game, Bad Piggies, is now available via Google Play and the App Store, and as a PC and Mac download, but it has not yet made its way to the Chrome Web Store. These pigs can indeed fly - "Bad Piggies," the spinoff to the monster hit game "Angry Birds," set a new record by soaring to the top of the charts just three hours after release. Scammers have quickly taken advantage of this, introducing bogus versions of Bad Piggies into the Chrome Web Store that exist primarily to serve up in-browser advertisements thanks to a few plug-in permissions.  Barracuda Networks’ lab today discovered a knock-off of the new and wildly popular “Bad Piggies” game which includes a phishing plug-in that may have injected an aggressive adware program into more than 82,000 Chrome browsers. The lack of a free online version for Bad Piggies left space for others to capitalize on the instant success of the game. Just days after the game launched, Jason Ding, a research sc...

A Dallas man linked to the worldwide hacking group Anonymous is accused of threatening to ruin an FBI agent's life in online postings. Barrett Lancaster Brown , 31, of Dallas, was indicted on one count of making an Internet threat, one count of conspiring to make restricted personal information of an employee of the United States publicly available, and one count of retaliation against a federal law enforcement officer. Serious charges, but not totally unexpected. Authorities raided Brown’s apartment and arrested him last month while he was chatting online with Anonymous folks, but authorities wouldn't say why he was being detained until Thursday, when the U.S. attorney's office announced a three-count indictment against him. Brown's attorney, Jay Leiderman, has said he believes some of the charges stem from a YouTube video in which Brown rails against law enforcement. The indictment lists several tweets in which Brown talks about having a " plan ...

At Black Hat security conference this year Cody Brocious demonstrated that How a simple Dry erase marker allows him to open an Onity hotel room door lock with an Arduino, which is totally James Bond. This is just kind of scary on multiple levels, the least being that dry erase markers are one of the most ordinary, non-suspicious objects we can think of. Watch the video below and be afraid – be very afraid. It has been refined to such a state where there are no dangling bits that come out of the marker, with a tip that looks totally normal sans any wires. All you need to do is touch the tip of the market to the door port, and you would have gained entry without mentioning a secret password. The story didn’t stop there with Onity, the electronic door specialist in question, stepping in to introduce several measures to secure the doors. Brocious created a proof-of-concept device to show to security experts and press, but it was a bit crude. In order to build and ...