The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Specialized Trojan can stealing credit card details from hotel The next time you check in to a hotel, a cybercriminal could be checking you out. A remote access computer Trojan (RAT) designed to steal credit card details from hotel point-of-sale (PoS) applications is being sold on the underground forums, according to researchers from security firm Trusteer. Trusteer, the world's leading provider of secure web access services, detected these schemes and says hotel poaching is a virile trade in underground and tech forums. Attack codes can be purchased in Visa underground forums for $280 and the spyware cannot be detected by anti-virus software. The package even includes a manual loaded with tips on how the poacher can trick the desk clerk into loading the spyware for them. Malware writers often repackage their malicious installers with new algorithms in order to evade signature-based antivirus detection, said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDef...

Anonymous Hackers target F1 website in Bahrain GP protest Anonymous a collective who have hacked or taken down websites for social comment purposes, have turned their attention to the official Formula 1 website Formula1.com , taking it offline on Friday. The group also attacked F1-racers.net where it posted a message saying the " Formula 1 racing authority was well-aware of the Human Rights situation in Bahrain and still chose to contribute to the regime's oppression of civilians and will be punished. " According to  Statements: "Anonymous has watched with growing alarm the incredible human rights abuses of the Bahrain regime, We have watched this tyrannical government tear gas it's own people literally to death, with over 30 fatalities so far. The occasion of Anonymous re-launching Operation Bahrain will be this despicable Grand Prix Formula One race to be held in Bahrain tomorrow through the 22nd of April." "Beginning tomorrow, and lasting for...

Pastebin Censored ! Anonymous launches AnonPaste -  Uncensored Anonymous and the People's Liberation Front have launched a "totally secure and safe alternative" to Pastebin, the site used by the hacktivist collective to dump data recovered from hacks.  AnonPaste  for people to post uncensored documents and files without compromising their identities. Shared content can be set to expire after 10 minutes, an hour, a day, a month, a year, or never. In addition, the site promises to remain advertising-free and unmoderated, maintain no connection logs, and store only encrypted data. The two groups said AnonPaste offers 256-bit AES encryption at the browser layer. AnonPaste supports a URL shortening feature and allows users to post up to 2MB of text snippets at a time. Users can specify how long they want the text to remain available on the site. AnonPaste , which accepts donations via WePay and BitCoins, was built using the open source ZeroBin software, which doesn...

zDefender - Enterprise smartphone IDS/IPS released by Zimperium Do you recall the security firm Zimperium which came out with ANTI , the killer Android app that allowed even the clueless to hack and pwn like a pentester? Zimperium, an Israeli security start up founded by Zuk Avraham, a world-renowned hacker and security researcher, has debuted its latest product, the zDefender at DEMO in Santa Clara, California. Called zDefender , this product can detect malicious attacks and take proactive measures to reduce threats via automatic preventive traffic filters and a remote management console. With the onslaught of mobile malware, everyone should have antivirus up and running immediately after purchasing a smartphone. You'd think you were protected from various attacks like man in the middle (MITM) attacks ? At DEMO Spring 2012 , Zuk planted 2 Routers, providing 3 Access points, which have claimed about 3,000 mobile device victims so far. zDefender is able to do this by us...

winAUTOPWN v3.0 Released - System vulnerability exploitation Framework The improved GUI extension - WINAUTOPWN ACTIVE SYSTEMS TRANSGRESSOR GUI [ C4 - WAST ] is a Systems and Network Exploitation Framework built on the famous winAUTOPWN as a backend.  C4 - WAST gives users the freedom to select individual exploits and use them. BSDAUTOPWN has been compiled, like always for various flavours and has been upgraded to version 1.8 alongwith all applicable exploits which have been added in this release. Included this time is the bsd_install.sh, which will set chmod on all applicable BSD compiled binaries. WINAUTOPWN requires PERL,PHP,PYTHON,RUBY and its dependencies alongwith a few others' too for smooth working of exploits included in it. winAUTOPWN and bsdAUTOPWN are available at https://winautopwn.co.nr

Rootdabitch version 0.1 - Multithreaded Linux root password Bruteforcer r00tw0rm hacker " th3breacher! "  release   Rootdabitch v0.1  ,which is a Multithreaded Linux/UNIX tool to brute-force cracking local root through su using sucrack. sucrack is a multithreaded Linux/UNIX tool for brute-force cracking local user accounts via su. The main feature of the Rootdabitch is that It's local brute forcer, using 10 passwords in 3 seconds. and works in background so you can leave it , when root is cracked it will email the user using /bin/mail . All for this, you need to have a php shell/reverse shell/ssh access to the target to run thistool and run it as a normal user, Upload this script into it and give it the execution permission and execute the script like:  ~ ./rootdabitch youremail@address.com If the password is cracked you will have a mail with the root password and the password will be stored into password.txt . Try it ! Download Rootdabitch 0.1