The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Official Twitter account of Rock band ' Garbage ' has been compromised and hacker is posting Spam tweets and links using adf.ly, which is a url shortener service that pays on clicks. Hacked twitter account hack around 55,563 Followers. Hacker can post malicious links also, but in this case we can see that purpose is not to infect other, instead hacker want to make some money by spreading links. Even he has mention this in a tweet, “ All you people saying I'm dumb. I've made over 19 dollars by spamming ad.fly links. I hack twitters and spam them great money ,” How hacker got access to twitter account is not yet clear, may be phishing, social engineering or can be a  password guess, but once readers should learn the importance of strong password. Yesterday we have posted another Exclusive report that, how 15000 wordpress blogs hacked and hacker is making money from referral system by posting spam articles on each...

Hacker group Anonymous may have tracked down the sex-obsessed cyberbully who drove a 15-year-old girl to kill herself last week. Today Anonymous posted a video on YouTube naming a 32-year-old man from British Columbia, as the person responsible for the October 10th suicide of 15-year-old Amanda Todd. Anonymous has started #OpRIP to hunt down those who bullied Todd. " This is the pedophile that social engineered Amanda Todd into supplying him nude pictures ," Anonymous said in a Pastebin post before identifying a 30-year-old man living in New Westminster, B.C. Todd committed suicide after years of online abuse by a man who blackmailed her, posted her topless photo online and sent it to her peers. In Todd's video, on handwritten note cards, she detailed the story of a man she said threatened to send photos of her breasts to friends and relatives unless she put on a sexual show for him. She apparently refused and he later made good on that promise, polic...

Kosova Hacker's Security group today release very sensitive server info of " The National Weather Service ", which was gathered due to a " Local file inclusion " Vulnerability in weather.gov . By definition, Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected. Hackers publish complete data in a pastebin file uploaded today, but the hack was performed two day back and in meantime, server administrator fix the vulnerability. We just talk with the hacking crew to know the reason of hack and data exposure, one of them explain that they are against US policies, who are targeting muslim countries. " They hack our nuclear plants using STUXNET and FLAME like malwares , they are bombing us 24*7, we can't sit silent - hack to payback them " ...

Wordpress Security Team is sending out warning messages to thousands of wordpress users that their account has been compromised recently. Warning message include " We recently detected suspicious activity on your WordPress.com account. To protect your identity and keep your site safe, we’ve reset your password. " Message continue " To reset your password and get access to your account and blog, please visit WordPress.com. Click on “Forgot password?” in the Login toolbar to get started. It is very important that your password be unique because using the same password across different web applications increases the risk of your account being hacked. " Note: Wordpress officially has not announce yet any security breach news on their website, but these warning mails are silently received by compromised account holders. Method of hack is still not confirmed. But hacking 15000 blogs from wordpress server and posting same article on all sites most ...

Italian security Researchers Luigi Auriemma and Donato Ferrante from ' ReVuln ' reported the flaw in Steam Browser Protocol. Stream the popular online distribution platform with 54 million users. The flaw allow the attacker to write arbitrary text to file and direct victims to external payloads and even the computer can take over. The popular gaming platform uses the steam:// URL protocol in order to run, install and uninstall games, backup files, connect to servers and reach various sections dedicated to customers. It is possible to Safari, Maxthon and Firefox and other browsers based on the Mozilla engine, this quietly Steam URLs to invoke. In report they said that browsers including Firefox and software clients including RealPlayer would execute the external URL handler without warnings and were “a perfect vector to perform silent Steam browser protocol calls”. The researchers demonstrated how users on the massive Source game engine, which hosts games...