The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook Security Update , Protection from Untrustworthy Websites With Web Of Trust (WOT) Web of Trust (WOT), the worlds leading crowd-sourced website reputation rating service, and Facebook, the Internets leading social platform, begin collaboration today to give Facebooks over 500 million users reliable protection against dubious web links. When a Facebook user clicks a link that leads to a page with a poor reputation rating given by the WOT community, Facebook shows a warning message. WOTs global community has reported five million sites for phishing, untrustworthy content, fraudulent services or various scams. Facebooks ability to protect its users from malicious links is significantly improved with the use of WOT reputation ratings. Whenever a Facebook user navigates to an untrustworthy site a warning will appear allowing the person to avoid the link, learn more about the rating or continue forward. Web users have rated more than 31 million websites with the free WOT add-on. WO...

The White House proposed Thursday reforming the Federal Information Security Management Act by formalizing the Department of Homeland Security role in managing cybersecurity for the federal government's civilian computers and networks. What the Obama administration does not propose is the establishment of an Office of Cyberspace with a Senate confirmed director in the White House, as proposed in a number of bills before Congress. In addition, the proposal would give DHS more flexibility in hiring cybersecurity professionals and permit the government and business to temporarily exchange experts, so that both can learn from each others' expertise. The comprehensive proposal, outlined in a White House blog, also calls for a federal data breach notification law and criminal penalties for cybercrimes. Besides establishing a new framework aimed at protecting individuals' privacy and civil liberties, the White House proposal also would codify practices that allows DHS to hel...

A widespread hack spread across Facebook early Thursday morning and shows no signs of abating as of yet. It comes in the form of a script that posts heavily profanity-laden wall posts continuously, instructing you that the only way to remove the posts is to click a ‘Remove This App’ link. Unfortunately the link is a hoax and allows the malicious script to access your Facebook account. Your account will then continue to spread the script in the form of similarly formatted wall posts on your friends accounts. The message uses the phrase ‘Vote for Nicole Santos’, leading some to believe that it is a high school prank related to Prom season. Here is a link  ( http://pastebin.com/u5abvXQi ) to the raw code of the script causing the problems on Facebook. If any of you commenters have any suggestions as to how this might have been injected in the first place please do let us know. Unsurprisingly many are trying to trace the source back to the ‘Nicole Santos’ that may have originat...

The source code of the ZeuS Botnet is now available for  Download . Derek Jones  (the author this article) imagine there are a few organizations who would like to talk to the author(s) of this code. All developers have coding habits, that is they usually have a particular way of writing each coding construct. Different developers have different sets of habits and sometimes individual developers have a way of writing some language construct that is rarely used by other developers. Are developer habits sufficiently unique that they can be used to identify individuals from their code? I don’t have enough data to answer that question. Reading through the C++ source of ZeuS I spotted a few unusual usage patterns (I don’t know enough about common usage patterns in PHP to say much about this source) which readers might like to look for in code they encounter, perhaps putting name to the author of this code. The source is written in C++ (32.5 KLOC of client source) and...

The Anonymous : Need of  21st century ! Anonymous is the political movement of change for the 21st century. Anonymous can and certainly will accomplish what many other political and peace movements of the past could not. How will they achieve this? Through peaceful protest. When corruption, destruction and mayhem strikes from governments or corporations it is the goal of anonymous to awaken that entity and the public that a change must occur. Given that, many will use the name Anonymous to perform acts of a criminal and malicious nature. By doing this it gives the real " Anonymous " a bad name. In fact, governments and corporations will try to retaliate against the false anon by restricting internet freedom and user capabilities. We must understand that the Anonymous who strives for political change and world peace must be free to work without the mistrust and misdeeds of others who tarnish their good work. As price pritchet once said, " change always c...

New Facebook worm propagating : VERIFY MY ACCOUNT , Video Explanation of Code In the past hour a new application has begun spreading on Facebook which has found an exploit in the existing sharing system. Whatever you do, don’t click the link described below. The system is pretty straight forward. It suggests that you click “VERIFY MY ACCOUNT” within a link which ultimately results in the user posting the same message to all their friends’ walls. The message typically resembles the following one: Scam Signature Message:  In order to PREVENT SPAM, I ask that you VERIFY YOUR ACCOUNT. Click VERIFY MY ACCOUNT right next to comment below to start the process… The result is that thousands of users have seen the message spreading to their profiles in the past hour or so. Our guess is that this message could reach hundreds of thousands of users before it’s shut down (unless Facebook’s security team is up right now). The bottom line is this: don’t click any of the links resembling t...