The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Philippine Supreme Court on Tuesday suspended implementation of Republic Act 10175 or the Cybercrime Prevention Act for 120 days, while it decides whether certain provisions violate civil liberties. The law, signed last month, aims to combat Internet crimes such as hacking, identity theft, spamming, cybersex and online child pornography. Human Rights Watch, a human rights monitoring group, hailed reports of the TRO, and called on the tribunal to strike down what it called a “seriously flawed law.” Many Facebook and Twitter users, and the portals of several media organisations in the Philippines, have replaced their profile pictures with black screens to protest against the law. Hackers also defaced several government websites in protest. Journalists and citizen groups are protesting because the law also doubles the normal penalty for libel committed online and blocks access to websites deemed to violate the law. They fear such provisions will be used by politic...

Hacker going by name " VenomSec " hacked the website of one of the biggest Islamic magazine IslamToday  ( http://magazine.islamtoday.net/ ) is an online magazine which is operated from Riyadh, the capital of Saudi Arabia and He leaked the database of the site also on a note in Pastebin . At the time of writing this article, the website was online and working without any interruption. One of the Hacker  Blog mention that : However, the reason for attacking the magazine site was not mentioned anywhere but from the message left by the same hacker on his previous attackwas to ” protest against the on going war in the country and the Middle East, they are against the war and the anti-Islamic movie that has has resulted in spreading hate against the west ”.  In Past  VenomSec hack few more Islamic sites including the website of Afghan Islamic Press and the official website of Lahore High Court of Pakistan. 

Hacker known as " Pinkie Pie " produced the first Chrome vulnerability at the Hack In the Box conference on Wednesday, just ahead of the deadline for the competition this afternoon. The exploit, if later confirmed by Google’s US headquarters, will have earned the teenage hacker known as Pinkie Pie the top US$60,000 cash reward. In March, Pinkie Pie and Sergey Glazunov both won $60,000 for their exploits at the first Pwnium competition. Google established the Pwnium competition as an alternative to the Pwn2own contest in order to add the requirement that participants provide details of their exploit. Google will give away up to a total of US$2 million during the event. $60,000 - “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself. $40,000 - “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows ...

Capital One Financial Corp. said it’s the latest target in a new round of coordinated cyber attacks aimed at disrupting the websites of major U.S. banks, and SunTrust Banks Inc. and Regions Financial Corp. said they expect to be next. The so-called “Izz ad-Din al-Qassam Cyber Fighters” posted a specific timetable for its attack program on PasteBin.com, a website commonly used by hackers to brag about exploits. Izz ad-Din al-Qassam also threatened to pursue more cyber attacks next week and has long said it will not stop until the video is removed from the Internet. American banks will reportedly face a massive cyberattack in coming weeks. A Russian-speaking hacker is organizing a massive trojan attack based around fraudulent wire transfers--and American banks appear to be at the center of the raid. In the past, such attacks have sometimes caused websites to slow to a crawl or become inaccessible for some users; however, the impact cannot be gauged in advance. The sam...

Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system. There are no known exploits at this time, Details of the issue were disclosed on Sunday. Cloudstack is one of the largest open source cloud infrastructure management systems together with OpenStack and Eucalyptus. Mitigation against the vulnerability is possible by logging into the Cloudstack MySQL database, disabling the system user and setting a random password. " The CloudStack PPMC was notified of a configuration vulnerability that exists in development versions of the Apache Incubated CloudStack project. This vulnerability allows a malicious user to execut...