The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hulk Gets Hacked, Need Help from The Avengers The actor who plays Bruce Banner in smash hit The Avengers had his account taken over and even changed his username from @MRuff221 to @Mark_Ruffalo and proceeded to add some peculiar posts. Sunday the scene-stealing-actor's Twitter was hacked by a horny nerd. His/her first tweet:  " The women of hollywood sure have some great boobs. Here are the top 15! " Marvel's The Avengers took $207.4M at the North American box office over the weekend, higher than the $200,329,000 estimated Sunday morning. The film crossed the $600 million mark globally in just 12 days. Its worldwide cumulative count is now $654.8 million. Another tweet by Hacker ,  " Your account hacked because passwords set very stupid LOL =)) ". Ruffalo is now using @Mark_Ruffalo and told one follower that Twitter will verify the account on Monday. "They have lumped both accounts together. It's one account both names. It has a poe...

' The Hackers Conference 2012 ' to be held in New Delhi The Biggest Hacking Mania has arrived. The Hackers Conference 2012 will be held in New Delhi on July 29. THC 2012 is expected to be the first open gathering of Blackhat hackers in India who will debate latest security issues with the top itelligence echolons in India. The Registrations and Call for papers for the conference are now open. The organizers have deicded to keep the number of seats to limited to ensure quality of the conference. The conference will be held at the India Habitat Center on July 29th. The Hackers Conference will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from government Intelligence agencies will also speak on National Security Issues emerging from Scada Hacking. The conference has sent special invites to Blackhat hackers to come and...

Social game Zynga's YoVille gets hacked Matt Spencer has been an active player of "YoVille" since the Zynga-owned virtual world launched in 2008, but hasn't played the game in about three weeks. He  post a complaint on the gaming company's forum that i n late January, Spencer's " YoVille " account was compromised and he lost much of his collection of virtual items, including millions of virtual coins and a pair of sunglasses that have become a collectors' item. Hackers infiltrate the social game affecting gameplay and stealing users' virtual goods, but private and sensitive data isn't compromised. Zynga is aware of the security problem and is addressing it, said Cadir Lee, the company's chief technology officer. The company first started to get reports about it "a few weeks ago," he said. The company investigated the issue and found that it was due to some "compromised administrative and moderation tools," he ...

Android Malware and Corporate Networks Security A new Android Trojan dubbed " NotCompatible " is being spread through compromised Web sites. This may directly affect Android tablets and smartphones, along with being a potential risk hazard to corporate networks and their security. Kevin Mahaffrey is co-founder and CTO of a San Francisco based firm called Lookout Security. The main focus of the company is Android and during their investigations it was found there was a new malware out there. Called “ NotCompatible ” the Android malware is, according to Mahaffrey, a risk to corporate networks. According to their report, a hacked Web site would contain a hidden iFrame at the bottom of the page. When the Android browser loads the page, it will attempt to load the file in the hidden iFrame. Upon loading the file, the browser would transfer control to the app loader, which would display an application installation screen, with the header com.Security.Update. An unsuspecting us...

ISPA to launch cyber security code of practice in SA South Africa’s Internet Service Providers’ Association (ISPA) has teamed with Australia’s Internet Industry Association to develop a new voluntary industry code of practice to improve cybersecurity for end users. Known as the ‘ icode ’, and developed in conjunction with Australia’s Internet Industry Association, the code will provide a consistent approach for South African ISPs to help inform, educate and protect their customers in relation to cyber security. " The increasing threat of zombied computers - computers which have been essentially hijacked and are under the control of criminals or other third parties - presents a real risk to users. Identity theft, fraud, and increases in spam are all possible consequences of compromised computers. " By following the code, ISPs will contribute to reducing the number of compromised computers in South Africa and enhance the overall security of the South African and internation...

RedKit Exploit Kit : New web malware exploitation pack Trustwave researchers have spotted a new exploit kit called " RedKit Exploit Kit " that  being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits. In actual, The new kit has no official name, so the researchers dubbed it ' Redkit ' due to the red bordering used in the application's panel. " Logging to the admin panel presents you with options which are typically used by other exploit kits. The panel allows you to check the statistics for incoming traffic, upload a payload executable and even scan this payload with no less than 37 different AV’s ," Trustwave reports . To deliver the malware, RedKit exploits two popular bugs: 1.)  The Adobe Acrobat and Reader LibTIFF vulnerability ( CVE-2010-0188 ). 2.)  The Java AtomicReferenceArray vulnerability ( CVE-2012-0507 ), lately used by the criminals behind the massive Fl...