The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Nmap 5.61 TEST1 Released This Nmap 5.61TEST1 is an informal test release with all of the latest features from the SVN. Nmap (“Network Mapper”) is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes a...

Radware’s Attack Mitigation System Delivers the First Fully Integrated Solution to Fight Cyber Attacks in Real Time The solution blocks the new breed of sophisticated attacks that target Multiple layers of the IT infrastructure .  Today's point security tools for IT infrastructures are not enough to protect against the new wave of sophisticated cyber attacks. That's why  Radware  (NASDAQ: RDWR), a leading provider of  application delivery  and  application security  solutions for virtual and cloud data centers, today announced Radware Attack Mitigation System (AMS), the industry's first fully integrated IT security strategy and portfolio that protects the application infrastructure in real time against network and application downtime, application vulnerability exploitation, malware spread, information theft, Web service attacks and Web defacement. Additional Resources   ·            ...

iPhone  Skype  XSS Vulnerability Lets Hackers Steal Phonebook [Video] A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says AppSec Consulting security researcher Phil Purviance. The problem is made more exploitable by the way Skype uses the embeddable WebKit browser; Skype developers have set the URI scheme for the embedded browser to "file://". This error allows an attacker to access the file system and read any file that the app would be allowed to read by the iOS application sandbox. One file that every iOS application has access to is the user's SQLlite AddressBook database. In a demonstration of the bugs, Phil Purviance, AppSec Consulting security researcher, showed how it was possible to extract the iPhone address book using the vulnerabilities. Skype is aware of the issue and is working on a fix. “We are working hard to fix this reported i...

Chris Hoff, HacKid.org Leads UNITED Security Summit Award Winners Awards Recognize Outstanding Contributions to Propel the Information Security Industry Forward to Meet Future Challenges San Francisco, CA at the UNITED Security Summit – September 20, 2011 –  The first annual  UNITED Security Summit  included an awards ceremony at the official event party, held at Vessel, San Francisco last night. The UNITED Security Summit Awards focus on recognizing the contributions of individuals and organizations that are propelling the information security industry forward, building the level of preparedness in the face of the changing threat landscape.  Winners at the ceremony were recognized specifically for innovation, collaboration, investment in the future or in the industry in general, and leadership. “As a co-sponsor of the UNITED Security Summit awards and participant in the judging process, it’s exciting to see how innovative and collaborative companies in the secu...

The Europe Championships of the Global CyberLympics has just concluded! It is now time to crown new CHAMPIONS for the Middle East & India Regional ! About the Global CyberLympics: The Global CyberLympics ( www.cyberlympics.org ) is the world’s first international team ethical hacking championships, and will be held from September onwards across six continents. It is endorsed by the U.N.’s cybersecurity executing arm – IMPACT - and the EC-Council is sponsoring over $400,000 worth of prizes. Regional championships will be held in various locations across different continents, and co-hosted with reputable IT/information security conferences and tradeshows, as follows: North America (Eastern) | Hacker Halted USA – Miami, USA North America (Western) | TakeDownCon – Las Vegas, USA South America | H2HC – Sao Paolo, Brazil Europe | Hacktivity – Budapest, Hungary Middle East & India | GITEX – Dubai, UAE Asia Pacific | Hacker Halted APAC – Kuala Lumpur, Malaysia Afric...

FOX Sports website database hacked and leaked by Shad0w One of the Biggest Fox Sports website with world rank 678 and millions of Readers/Day got hacked. Hacker named " Shad0w " release SQL injection Vulnerability on one of the sub domain of Fox Sports and exploit it to extract the database. Leaked database info posted on pastebin by hacker. Vulnerable link is also given in pastebin. Hacker also post the admin password hashes.