The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Last April 7th the Anonymous collective hit the Israeli networks with a huge as historic offensive, for the first time an independent group of hackers declared war to a Governments to protest against its policy. Many web sites of the country were hit by DDoS attacks, the data on the event reported by Israel government are totally different from the information published by Anonymous that produced a report for #OpIsrael in which total damage are estimated of $3-plus billion. According security experts at TrendMicro the collective adopted various botnet coordinating large scale attacks, analyzing traffic directed to one of the targeted website, the researchers discovered that meanwhile usually more of 90% of the traffic is originated in Israel, during the attack almost the entire traffic was originated outside the country and internal connections have fallen to 9% as shown in the following chart: What is surprising is that TrendMicro discovered that many IP addre...

Nir Goldshlager , Founder/CEO at Break Security known for finding serious flaws in Facebook once again on The Hacker News for  sharing his new finding i.e Stored Cross-site Scripting (XSS) in Facebook Chat, Check In and Facebook Messenger. Stored Cross-site Scripting ( XSS ) is the most dangerous type of Cross Site Scripting. Web applications where the injected code is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc 1.) Stored XSS In Facebook Chat: This vulnerability can be used to conduct a number of browser-based attacks including, Hijacking another user's browser, Capturing sensitive information viewed by application users, Malicious code is executed by the user's browser etc. When a user starts a new message within Facebook that has a link inside, a preview GUI shows up for that post. The GUI is used for presenting the link post using a parameter i.e  attachment[params][title]...

The Pirate Bay co-founder  Gottfrid Svartholm Warg (Anakata)  charged with hacking the IBM mainframe of Logica, a Swedish IT firm that provided tax services to the Swedish government, and the IBM mainframe of the Swedish Nordea bank. Svartholm has been charged with several hacking related offenses including serious fraud , attempted aggravated fraud, and aiding attempted aggravated fraud. Three other defendants received similar charges. He was arrested in Cambodia in September 2012 and deported to Sweden where he was arrested for his alleged involvement in the Logica hack. 28-year-old computer specialist Svartholm and other founders of The Pirate Bay were found guilty by the Swedish government in 2009 for facilitating the illegal downloading of copyrighted materials. He has served a one-year prison sentence in Sweden since September 2012, and will likely remain in prison while facing these new charges. Swedish prosecutor Henrik Olin said in a statement, " ...

In recent few months White hat Hacker ,' Nir Goldshlager ' reported many critical bugs in Facebook OAuth  mechanism, that allowed an attacker to hijack any Facebook account without user's interaction.  Another hacker, ' Amine Cherrai ' reported a new Facebook OAuth flaw, whose exploitation is actually very similar to Nir Goldshlager 's findings but with a new un-patched way. Before reading further, I would like to suggest you to read following post to understand the basic exploitation mechanism: Facebook OAuth flaw allows gaining full control over any Facebook account Facebook hacking accounts using another OAuth vulnerability URL Redirection flaw in Facebook apps push OAuth vulnerability again in action Now, if you are aware about the vulnerability used against Facebook OAuth in  redirect_uri parameter in  the URL, there is another way that  Amine Cherrai found, to bypass the patch applied by F...

If you've ever been tempted to download a 'hack' for your favorite game to accelerate your progress, or to download a pirated copy of the latest title through a torrent or file-sharing site, watch out ! Anti-virus company AVG has today warns that over 90% of hacked or cracked games downloaded via torrent or file-sharing sites are infected with malware or malicious code. It claimed that a lot of these hacks didn't just contain malware, but were simply malware programs in disguise. " Even if we assume that just 0.1% of the gamer playing the top five titles go looking for a hack - a highly conservative estimate - that means 330,000 people are potentially at risk of falling victim to game hack malware, " said AVG. The prevalence of cracked games, key generators, patches, cheats and more indicates that this is a highly organised, crime based, initiative. " This could lead to the loss of any legitimate, paid-for gaming assets, as well as sensitive p...